knerkin2
9 years agoFreshman
FYI: 'Web Of Trust' Browser Add-On Caught Selling Users' Data — Uninstall It Now
An investigation by German television channel NDR (Norddeutscher Rundfunk) has discovered a series of privacy breaches by Web Of Trust (WOT) – one of the top privacy and security browser extensions used by more than 140 Million online users to help keep them safe online.
Web of Trust has been offering a "Safe Web Search & Browsing" service since 2007. The WOT browser extension, which is available for both Firefox and Chrome, uses crowdsourcing to rate websites based on trustworthiness and child safety.
However, it turns out that the Web of Trust service collects extensive data about netizens' web browsing habits via its browser add-on and then sells them off to various third party companies.
What's extremely worrying? Web of Trust did not properly anonymize the data it collects on its users, which means it is easy to expose your real identity and every detail about you.
The WOT Privacy Policy states that your IP address, geo-location, the type of device, operating system, and browser you use, the date and time, Web addresses, and browser usage are all collected, but they are in "non-identifiable" format.
However, NDR found that it was very easy to link the anonymized data to its individual users.
The reporters focused on just a small data sample of around 50 WOT users, and were able to retrieve a lot of data, which included:
[reproduced from The Hacker News]
Web of Trust has been offering a "Safe Web Search & Browsing" service since 2007. The WOT browser extension, which is available for both Firefox and Chrome, uses crowdsourcing to rate websites based on trustworthiness and child safety.
However, it turns out that the Web of Trust service collects extensive data about netizens' web browsing habits via its browser add-on and then sells them off to various third party companies.
What's extremely worrying? Web of Trust did not properly anonymize the data it collects on its users, which means it is easy to expose your real identity and every detail about you.
The WOT Privacy Policy states that your IP address, geo-location, the type of device, operating system, and browser you use, the date and time, Web addresses, and browser usage are all collected, but they are in "non-identifiable" format.
However, NDR found that it was very easy to link the anonymized data to its individual users.
The reporters focused on just a small data sample of around 50 WOT users, and were able to retrieve a lot of data, which included:
- Account name
- Mailing address
- Shopping habits
- Travel plans
- Possible illnesses
- Sexual preferences
- Drug consumption
- Confidential company information
- Ongoing police investigations
- Browser surfing activity including all sites visited
[reproduced from The Hacker News]