15 Jul 2008

Firefox Extension As A Ddos Agent

Popular Firefox extensions get installed well in excess of a million systems. A lot of them also request information from various sites for their operation.

That makes them potential DDoS agents. What if a massively popular extension turns rogue, and releases an update which requests info from the target site ? Requests from a million systems, most of them not even aware of it, could easily cripple all but the biggest sites.

This is perhaps one of the reasons why Firefox phones home daily to disable rogue extensions.