which news reader do you use...?

A pretty thorough web search reveals nothing relating Mozilla to key-logging; a Google search of mozilla.org shows nothing either. If there WERE such an activity, it seems likely that one of the Mozilla haters -- there are plenty -- would have made much of it. I conjecture that Ed's perhaps mis-remembering which software had the problem, or which problem it had. My colleagues (I teach in a computer science dept. with several folks interested in security) who care about such things seem pretty happy with Mozilla. But if you're not, or if anti-spyware that you like happens to report a problem, there are certainly other alternatives.

--John Hughes

Ed,

Just a thought. Sometimes antispyware turns up a false positive. My antivirus does this at times and some antispyware is wound just a little tight causing false positives. I don't know about Kopersky's but some antispyware also purposely give false positives in their demo to induce you to buy the full version. I am not saying Kopersky does this, just that it does happen. Also, do you remember the website that you used to ask about Mozilla? I ask this because I spent the better part of 2 hours on Mozilla's website

and even went into the blogs to try and find a reference to an included keylogger. The only thing I could find that was close was for use on Bugzilla when the program crashes. It was optional and only was initiated if the program crashed. Similar to sending a crash report to MS. I am also wondering if you downloaded the Mozilla install file from Mozilla direct or an intermediary like C-NET. C-Net is reputable and I have never heard any complaints about tainted downloads from them but there are other 3rd party mirrors that may have been hacked or are run by less than scrupulous managers. I really don't think that Mozilla would include malware with their software as most "experts" recommend their stuff to avoid malware. It is also possible that someone wrote the keyogger to infect Mozilla and then faked the website. A bit far fetched on the fake website but these days, anything is possible. Sorry for the ramble but I am a Mozilla fan. That and you scared me for a bit while I did my own scans.

That was kinda my take, as well, John. If Mozilla had ever had a keylogger, the stink on Stashdot would have been memorable, don'tcha think?

My anti-spy (still believed to be Kasperskys) had an option on which I clicked. I was then directed to Mozilla's apologetic website. It happened. I wasn't dreaming. And I have no bone to pick with Mozilla. I just thought it strange that they would even admit to such a thing.

If they had not admitted to it, I would have thought that the key logger came from elsewhere too.

That's all I can give you folks, but I don't think that I am misremembering. The whole thing was rather strange as I had never seen an organization explaining their use of such a device before. This is not to say that someone could have gone to a lot of trouble creating a hoax just to warp someone's head. It worked. But I was already warped.

I like Firefox, but it is slow and it gets weird after running it a while. I don't think much of their mail reader, Thunderbird. It's okay, but I run Outlook Express with tons of software keeping track of what comes in and goes out, plus I turn off anything other than ASCII text, or keeping it to very limited HTML.

So far, over ten years on the net, I've only been bitten a couple of times. Once catastrophically and once that was not of much consequence.

Truthfully, if I had it to do again (mentioning this incident), I wouldn't.

Ed Cregger

So then we come down to either I'm lying, or I'm hallucinating. Neither happened, Gentlemen. I can't explain. Then again, why should I? I am not responsible for the deed. Next time I'll just keep my mouth shut and let you find it yourselves.

Ed Cregger

Maybe they should test it for themselves before writing. :D Your detailed description of the problem sounds plausible at least.

Cut from the Mozilla web page: "Find as you type gives you another way to navigate a page. Just start typing to jump from link to link or to find a word or phrase within a page."

Could a spyware program interpret this as keylogging?

I'm using Thunderbird right now in writing this to you. Been using it and Firefox (both free) for a year or so. No problems so far. Ed's just a curmudgeon. ;^)

CR

Gig wrote:

As I said, I'm not expert on such matters. To me, anything is possible.

I decided later on that the Mozilla folks were not the heavies that I had first conjured up in my imagination.

Ed Cregger

That we can both agree upon, CR.

Ed Cregger

Third option: misinterpreting. No sin in that. There's no doubt in my mind that you experienced it; just whether it was exactly what you thought it was. As was mentioned earlier, discovery of a keylogger in Mozilla would have created a huge, persistent trail of unhappy posts, something a Web/Usenet search would turn up.

You know how a Google Web or Usenet search for even the most obscure item usually turns up a surprisingly large number of references? Those searches (total of four) on Google turn up the following:

Your search - "keylogger in mozilla" - did not match any documents. Your search - "key logger in mozilla" - did not match any documents.

It's actually remarkable that it's not been mentioned, even speculatively. At this point, I wish someone *would* turn up something in a search, just to shed light on what it was you saw.

Now, now...

On Wed, 26 Oct 2005 11:00:02 GMT, "St. John Smythe" wrote in :

Fourth option: infected by a Mozilla virus or malware.

Googling "mozilla spyware" brings up some pages talking about Mozilla-specific attacks that have happened.

Marty

He may be a curmudgeon (by his own admission), but it's clear he knows a heck of a lot about model planes, and some other stuff as well. Although he and I may disagree on some things, I always read his postings with the expectation of learning something new. That's why I took the time to investigate the key-logging thing. Given the evidence (Ed's memory vs the net's memory), I'm betting that there *isn't* a key-logger in Mozilla, and never was; but that doesn't mean I'm gonna stop reading what Ed has to say ... not for a minute! It just means I'm going to trust what he has to say about model planes (which is clearly an area of expertise for him) more than I trust what he says about computers and software (which is an area of expertise for me).

--John

I have a similar problem. When I start FireFox, it immediately tries to access 207.126.111.225:HTTP (as alerted by ZoneAlarm). If I Deny this access, then FireFox will not allow me to access the internet.

This looks like 'phoning home' to me...

Dick

I just searched google for "mozilla keylogger" and got 302,000 hits. There are plenty of references to a keylogger and mozilla. Ed's not imagining anything.

LIsten to Ed, guys. He has invited you to follow the trail that he followed. Instead of conjecturing, I suggest you do so or let it drop.

CR

St. John Smythe wrote:

One thing Firefox does is "phone home" to look for updates. Lots of other browsers do that too. Could it be that's what you're seeing?

CR

CR,

Thanks for the reply. No, I have the Automatically check for updates & extensions turned off. I also have live bookmarks disabled.

Dick

Alas, Vance, actually, you didn't. If you had, you would have gotten

1,450 hits. What you searched for instead was:

mozilla keylogger

without the quotes, which merely returns all the (302,000) pages containing both mozilla and keylogger. Pretty meaningless, I'm afraid. Even those 1,450 hits are still apropos of little to nothing but discussion of trojans, rather than a keylogger produced by and delivered with Mozilla.

Again, the *phrases* "keylogger in mozilla" "key logger in mozilla" return zero hits. If there were ever been even a suspicion of such in the clued-in community, something would have come up.

...something with which I earlier said I agreed, without ruling out the possibility of a misapprehension, which we all have from time to time.