We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

How do I report a suspicious update notice for the Privacy Badger add-on?

  • 3 replies
  • 7 have this problem
  • 2 views
  • Last reply by NotFromHere

more options

For several days, I have been receiving a NOTIFICATION in Firefox that states:

"Privacy Badger has been updated. You must approve new permissions before the updated version will install. Choosing 'Cancel' will maintain your current add-on version.

"It requires your permission to:

"* Store unlimited amount of client-side data

"| [ -Cancel(button)- ] | [ -Update(button)- ] |"

The NOTIFICATION bears the Privacy Badger logo. However, it arrives not through the Privacy Badger icon/UI in the Firefox address bar, nor as a tab launch to an EFF website, but rather through the Firefox menu icon, followed by a tab launch into the Firefox "about:addons" page (for addons.mozilla.org). This seems odd, suspicious -- and unprecedented in my experience.

Moreover, requesting (and granting) permission to store UNLIMITED amounts of client-side data seems privacy-invasive and extremely risky to me. It also seems NOT to be in keeping with the principles or usual methods of operation of either Mozilla (Firefox) or Electronic Frontier Foundation (Privacy Badger).

How can I report this suspicious-looking NOTIFICATION and find out if it is legitimate or fraudulent?

I would like to receive CONFIRMATION for the following:

1. whether this notification comes from EFF, Mozilla, or another party (SPECIFY); 2. specifically WHAT client-side data will be stored; 3. specifically WHERE this client-side data will be stored (ALL locations); 4. specifically WHO will have access to this client-side data; 5. specifically HOW access to this client-side data will be achieved; and 6. specifically WHEN this client-side data will be stored or accessed.

Until now, I have had high confidence 1) in Firefox, for its built-in online privacy & security features, and 2) in Mozilla, for providing the premier source (addons.mozilla.org) for quality privacy & security tools -- tools like AdBlock Plus, Ghostery, Privacy Badger, and so forth. This latest NOTIFICATION has begun to shake that confidence.

Because the NOTIFICATION appears to be coming though the Firefox Menu UI, and in light of the privacy policies of both Mozilla https://www.mozilla.org/en-US/privacy/ and Electronic Frontier Foundation https://www.eff.org/code/privacy/policy, I will also be attempting to contact EFF with a request similar to this one. Nevertheless, I am hoping that this Mozilla Support Forum can provide the clear and meaningful information I need to answer my initial "How-To-Report?" question and settle my privacy and security concerns.

For reference, I am currently running Privacy Badger version 2017.9.12.1 in Firefox 56.0 with the 'Update Add-ons Automatically' feature in "about:addons" tools checked (i.e., turned on). A screenshot of the NOTIFICATION has been uploaded with this submission.

I look forward to your helpful replies. Thank you.

For several days, I have been receiving a NOTIFICATION in Firefox that states: "Privacy Badger has been updated. You must approve new permissions before the updated version will install. Choosing 'Cancel' will maintain your current add-on version. "It requires your permission to: "* Store unlimited amount of client-side data "| [ -Cancel(button)- ] | [ -Update(button)- ] |" The NOTIFICATION bears the Privacy Badger logo. However, it arrives not through the Privacy Badger icon/UI in the Firefox address bar, nor as a tab launch to an EFF website, but rather through the Firefox menu icon, followed by a tab launch into the Firefox "about:addons" page (for addons.mozilla.org). This seems odd, suspicious -- and unprecedented in my experience. Moreover, requesting (and granting) permission to store UNLIMITED amounts of client-side data seems privacy-invasive and extremely risky to me. It also seems NOT to be in keeping with the principles or usual methods of operation of either Mozilla (Firefox) or Electronic Frontier Foundation (Privacy Badger). How can I report this suspicious-looking NOTIFICATION and find out if it is legitimate or fraudulent? I would like to receive CONFIRMATION for the following: 1. whether this notification comes from EFF, Mozilla, or another party (SPECIFY); 2. specifically WHAT client-side data will be stored; 3. specifically WHERE this client-side data will be stored (ALL locations); 4. specifically WHO will have access to this client-side data; 5. specifically HOW access to this client-side data will be achieved; and 6. specifically WHEN this client-side data will be stored or accessed. Until now, I have had high confidence 1) in Firefox, for its built-in online privacy & security features, and 2) in Mozilla, for providing the premier source (addons.mozilla.org) for quality privacy & security tools -- tools like AdBlock Plus, Ghostery, Privacy Badger, and so forth. This latest NOTIFICATION has begun to shake that confidence. Because the NOTIFICATION appears to be coming though the Firefox Menu UI, and in light of the privacy policies of both Mozilla [https://www.mozilla.org/en-US/privacy/] and Electronic Frontier Foundation [https://www.eff.org/code/privacy/policy], I will also be attempting to contact EFF with a request similar to this one. Nevertheless, I am hoping that this Mozilla Support Forum can provide the clear and meaningful information I need to answer my initial "How-To-Report?" question and settle my privacy and security concerns. For reference, I am currently running Privacy Badger version 2017.9.12.1 in Firefox 56.0 with the 'Update Add-ons Automatically' feature in "about:addons" tools checked (i.e., turned on). A screenshot of the NOTIFICATION has been uploaded with this submission. I look forward to your helpful replies. Thank you.
Attached screenshots

Chosen solution

That is probably because the Privacy Badger add-on is now a WebExtension (57+ compatible). WebExtensions may require special permissions in order to work properly.

You can click the Permissions button on its extension's page to see what permissions are needed.

See also this article about the permission model used in Google Chrome WebExtensions:

Read this answer in context 👍 1

All Replies (3)

more options

You should check with Privacy Badger support.

more options

Chosen Solution

That is probably because the Privacy Badger add-on is now a WebExtension (57+ compatible). WebExtensions may require special permissions in order to work properly.

You can click the Permissions button on its extension's page to see what permissions are needed.

See also this article about the permission model used in Google Chrome WebExtensions:

more options

My thanks to cor-el. Accessing your first recommended link

https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/

sent me back to GitHub (I'd been there earlier)

https://github.com/EFForg/privacybadger/issues/1745

where I discovered that unlimited storage permissions for update is currently an open, unresolved issue (#1745) for Privacy Badger. I'd have to join GitHub to participate in the ongoing discussion there, and I am loathe to do so now. (Joining Mozilla Support Forum was enough for me for one day, thank-you-very-much.) Perhaps patience will prove a virtue once more -- here's hoping! Again, my thanks.