DonationCoder.com Forum
Main Area and Open Discussion => General Software Discussion => Topic started by: J-Mac on October 28, 2011, 09:58 AM
-
Oh well. I have used this extension since I installed my first Firefox beta, way back whenever the heck that was... my initial post at the Mozillazine Firefox forum was in July 2004! But one of my "must have" extensions has finally gone rogue: Download Statusbar.
When I started Firefox today a new tab opened announcing an update to Download Statusbar had been silently installed and, oh yeah - it nonchalantly mentioned in the body of the update notice that there is a "new sponsorship supported" option. But it's not really an option; if you don’t enable it, it enables itself after a few days. It apparently also adds a referrer string to certain URLs plus something to do with Yahoo and YouTube. No explanation; the developer's home page - which had been located on the MozDev web site - is gone without a trace. There is a new home page that is a one-page site with only a link to install the extension; nothing else there. Bad news all around. Better to ditch this extension before you get bit!
Another user posted the following at the Download Statusbar page at Mozilla Add-Ons:
I am not a Javascript expert, but I looked at the source code and
* If you have the sponsorship enabled, it does something with Yahoo and YouTube (couldn't figure out what exactly, looks like displaying ads).
* If you haven't, it will be automatically enabled again after 7 days.
Edit: it also looks like the add-on adds a referrer string to the URLs of certain websites.
I found the following comment in the code:
"Determines if this is the first run of the day, if so the calling function appends the request with a querystring variable." (pluginnetwork/pluginnetwork.js:450)
I don’t understand all of that post, but I get enough of it to know I don’t want any part of Download Statusbar anymore! Gotta find me a safer replacement. Anyone know of one?
Thanks!
Jim
-
Jim, what did Download Statusbar do when it was functioning properly? I'm just curious, since I had never heard of it.
-
It changed the shape of firefox's download manager. Made it more compact.
-
Jim, what did Download Statusbar do when it was functioning properly? I'm just curious, since I had never heard of it.
-cyberdiva
It put the status of current downloads on the status bar. If you look at its extension page (https://addons.mozilla.org/en-US/firefox/addon/download-statusbar/) there is a series of photos that show it.
Jim
EDIT: Here's one pic that shows it well:
[attachimg=#1][/attachimg]
-
Thanks for the heads-up. I updated and it didn't do anything obvious. Not knowing is the scary part. Rolling back and preventing it from updating now.
You could hunt for an older .xpi if you don't find a suitable replacement.
-
Silent update in FF?
Ungood. Double-plus ungood.
No wonder it disappeared (was removed?) from the Mozilla add-on directory.
Oh well..."Boomp-boomp-boomp! Another one bites the dust!" as Freddie would have said.
Shame. That was one of my "must haves." I even contributed. :-\
-
Thanks for posting this, sad to see this happen, it was a good addon.
-
https://addons.mozilla.org/en-US/firefox/addon/download-statusbar/
Apparently the author (or mozilla) decided to remove the version in question due to universally negative feedback.
Now the older one without the unknown sponsor thingie (0.9.8 ) is featured as the version to download.
-
Now the older one without the unknown sponsor thingie (0.9.8 ) is featured as the version to download.
-eleman
It's still 0.9.9 for me. However, I rolled it back to 0.9.8 manually. I looked at the javascript for the new 0.9.9. It does something with Youtube if the download comes from there although I did not waste time trying to figure out what as there was a lot of code. It definitely resets the enable sponsorship setting to true if it has been at least seven days since you disabled it. It looks like it does this silently as well. My opinion of the author of this addin is not printable.
-
Thanks for the heads up; I'll be keeping my current, earlier version.
-
This morning I removed Download Status Bar from all my personal and business PCs. And I'll be issuing an advisory to all my clients recommending they do the same.
While it is possible to reinstall the previous version, I feel any program author has the absolute right to set the terms and conditions (no matter how misguided) for the continued use of their products. And since the current (albeit unspoken) terms for DSB now seem to include acceptance of silent installations and unreported changes to user settings, I want nothing further to do with it. Even if it would be possible to circumvent the changes by reverting to an earlier version.
To be perfectly blunt, I no longer trust this developer. And I am no longer interested in installing anything he may come up with in the future. No matter how useful or 'clean' it is. And that will remain the case even if he/she sees the wrongness in what's been done and removes the offending code from DSB.
I might have felt differently had the developer publicly announced the change. I might not have been happy about it. But at least I could better respect his decision. Especially if he provided a paid version which did not include the nonsense that would come with the free version. While I still would have removed DSB from my machines if a clean version wasn't available, in fairness I would only alert my clients rather than send a strong recommendation for DSB's immediate removal.
So it goes... :-\
Onward! :Thmbsup:
-
The more striking part of the problem is how this version made it through mozilla's review.
A lone cash-strapped misguided developer may choose to act however (s)he likes.
But the question is what does mozilla's review process review, if not self-reverting spyware options?
-
@J-Mac: Many thanks for this heads-up.
Fortunately I still had v0.9.8.
So, I went to Mozilla's site and it said somewhat informatively (NOT):
Download Statusbar no longer hosted here.
Anyway, as a result of reading this thread, and because I am paranoid, I first disabled and then uninstalled the add-on and restarted FF just to be sure.
The more striking part of the problem is how this version made it through mozilla's review.
-eleman
Yes, there's an unspoken potential criticism of Mozilla there - exactly how rigorous is their review process?
I always trusted them as a source, but I shall downgrade that trust now, until they make explanation. If they don't, then I would theink they probably don't properly understand their responsibilities.
-
So is there a valid extension that does similar things around?
-
I'll be investigating DownThemAll (https://addons.mozilla.org/en-US/firefox/addon/downthemall) as an alternative. Been using DSB ever since FF 1.x, so I'm just as disappointed as all the rest in this thread so far. And yup, if I'd meet the DSB author and have a shotgun within hands reach...
-
DTA is a download manager, DSB is not, so it is not an "alternative", right?
-
Correct
-
the new version is 0.9.10
Does any one dare to test it?
-
Firefox already has a download window. And a built-in download manager.
So...since all the pieces are already in place, would it really kill Mozilla to just provide some sort of download meter as part of Firefox?
They're supposedly committed to breaking updating the thing every three months or so.
And I'm sure whatever sweetheart deal they got for making a version of FF with Bing as the default search provider (http://blog.mozilla.com/blog/2011/10/26/offering-a-customized-firefox-experience-for-bing-users/) should be providing enough additional revenue for their coffers that they could do this.
I mean look, some underpaid independent developer managed to do it. So how hard could it be for Mozilla?
Just my 2¢ anyway.
-
Some folks are recommending a similar extension called Download manager Tweak (https://addons.mozilla.org/en-US/firefox/addon/download-manager-tweak/?src=ss), though I haven't taken a good look at it yet. Looks like it just tweaks the UI and functionality of the regular Firefox download manager.
Jim
-
Thanks, Jim, for mentioning Download Manager Tweak. I'm obviously coming very late to the party, having never even heard of Download Statusbar until this thread, but Download Manager Tweak looks quite useful. I don't see a "resume download" option, but it has most of what I've discovered I'd like. :)
-
"Open downloads in a new tab" is alright too. I just don't like window overload. :)
-
"Open downloads in a new tab" is alright too. I just don't like window overload. :)
-Tuxman
+1.
That looks like it's pretty much the only game in town for the time being.
-
I should have mentioned above that, though I had "Download Statusbar", I don't have any dependence on it.
My downloads are handled variously:
- I only occasionally download using the FF downloader.
- I use FlashGot in FF, and that hands download control across to GetRight (downloader), which is can be very fast when files are segmented and the different segments are downloaded in parallel.
- I use DownloadHelper for YouTube downloads, which also hands downloads across to GetRight.
-
I'm very late to this thread. I've used Download Statusbar for years and haven't noticed anything unusual lately. No update information about it going adware, no nothing. I have version 0.9.10 right now. I also have a stylish script that makes downloadstatusbar more minimal. See screenshot. Maybe that blocks the problem? (Seems unlikely though.) I can't find any information about adware/sponsorship stuff in "about" or "options" for the add-on. Maybe the bad version was removed and the original coder gained control back?
[ You are not allowed to view attachments ]
-
Hmm...
It's back up on the Mozilla Add-ons page (good sign) with this updated info:
[ You are not allowed to view attachments ]
Looks like the author changed his/her mind. Nice of them to do so. But I still don't want to use it any more even if I will update my clients on the policy change.
Those of you who do elect to go back, please considering sending the developer a contribution. It will probably go a long way towards not having something like this happen again. :)
-
I think he did remove the "bad" version, though since he tried to sneak that in I won't use anything from him again. Screw me once,,,
Thanks!
Jim
EDIT: It is possible that the revised extension didn't pass Mozilla review; it definitely didn't pass user review!
-
-it is a little tiring to read all those hard words. Download Statusbar was developed and maintained freely by the trustworthy Devon Jensen. By the 20'th of September the addon suddenly belonged to a "C.J."; identity unknown. We don't know what happened, but we do know that shit happens. Get on.
-
-it is a little tiring to read all those hard words. Download Statusbar was developed and maintained freely by the trustworthy Devon Jensen. By the 20'th of September the addon suddenly belonged to a "C.J."; identity unknown. We don't know what happened, but we do know that shit happens. Get on.
-Curt
So, what do you mean by "Get on"? Shouldn’t have notified anyone about the hijacking behavior of the new version that was current then? Why not? I don’t know who Devon Jensen is and I doubt many others do either. He might very well be trustworthy since Download Statusbar was such a great extension for such a long - and I do mean LONG - time. However it went bad sometime yesterday once all users were updated to that crap release!
Did "Devon" sell the extension or hand it over to this "C.J."? What is so trustworthy about that? :-\ Or was it hijacked away from him? Whatever the case, I don’t trust whomever the developer is now after receiving an auto-update of the junk that was installed yesterday.
Jim
-
No longer wonky. Back to normal again Nov. 2, 2011. :Thmbsup:
-
No longer wonky. Back to normal again Nov. 2, 2011. :Thmbsup:
-bobholm
Yeah - but I don’t trust him now.
Jim
-
I think he did remove the "bad" version, though since he tried to sneak that in I won't use anything from him again. Screw me once,,,
-J-Mac
Yeah - but I don’t trust him now.
-J-Mac
+1 from me. :up:
And now FF is in bed with the Corporate psychopath, Microsoft (re Bing).
And after the Google unilateral fiascos and/or removals:
- Google Notebook
- Google WAVE.
- Google SideWiki.
- Google Buzz.
- Google's software package download bundle.
- Google Desktop.
- Google Toolbar for Firefox.
- Google Plus.
- [Insert name of screw-up here]
- I am similarly unimpressed and and am wondering whether it is rational of me to trust Google with my data and/or my email, my Google Groups, my Google Webpages, my Google knol, etc.
I say this because it seems that Google have now clearly indicated that we users really do not matter and that ALL of these things are now uncertain and under consideration and could be taken away by Google at the drop of a hat, regardless of whether you pay for them currently. That's one reason why, for example, I keep my backups under MY control, duplicated on separate hard drives.
-
And after the Google unilateral fiascos and/or removals:
Google Notebook
Google WAVE.
Google SideWiki.
Google Buzz.
Google's software package download bundle.
Google Desktop.
Google Toolbar for Firefox.
Google Plus.
[Insert name of screw-up here]
-IainB
And don't forget Google's Translate Client, which has been free (and better than any other I know) but which will become unavailable after December unless one pays about $40 (they're offering $15 off if one buys it now).
-
Also don’t forget one of my favorites, especially on a cell phone: Goog411, which was a voice recognition information directory. You could call it and it would ask what city; you tell it; then it asks what you are looking for and you tell it. It then returnedwith the name, address and number and asked if you wanted it to connect. Google stated last October that they conceived of that service in order to get as many voice samplings as possible to improve their voice recognition capabilities, and since they had more than enough samples they dropped the damn service. Well, at least they were honest about it, even if only after the fact.
http://googlesystem.blogspot.com/2010/10/google-shuts-down-goog-411.html (http://googlesystem.blogspot.com/2010/10/google-shuts-down-goog-411.html)
Thanks!
Jim
-
Before jumping all over the extension author about silent updates... make sure you know exactly how firerfox itself is configured to update any/all extensions. If FF is set to have extensions auto-update as the default, then *you* have to tell it which extensions you want to be notified of updates before they are install. It's not really his fault if FF did it on your behalf. Personally, I'm glad he backed out the change - whether it was because of the backlash, or because of hijacking. And I have now reverted (again) to manual updates only, for all extensions. (default = no updates, and all extensions reset to default update policy).
-
Before jumping all over the extension author about silent updates... make sure you know exactly how firerfox itself is configured to update any/all extensions. If FF is set to have extensions auto-update as the default, then *you* have to tell it which extensions you want to be notified of updates before they are install. It's not really his fault if FF did it on your behalf. Personally, I'm glad he backed out the change - whether it was because of the backlash, or because of hijacking. And I have now reverted (again) to manual updates only, for all extensions. (default = no updates, and all extensions reset to default update policy).
-perlguy
perlguy,
I was looking at different Firefox extensions and checking DC here for any info and I just noticed your post. FYI, I always have FF set to update manually, but Download Statusbar updated automatically anyway back in October 2011, when I first started this thread. I don’t know how that could happen but that was a big part of why everyone was so upset about that update - and was also the primary reason that the Mozilla Add-ons group removed the extension from the Add-ons site, at least until the author reverted back to the previous features and removed the adware functionality.
Thanks!
Jim