Why using plugins with software is dangerous ?

Sunday, January 27, 2008

We all use plugins with softwares and we love it too, Plugins make the normal application very powerful very customizable and also makes our work easier.

A few examples of plugins can be Grease Monkey scripts to change colours in gmail, Firebug for firefox to tamper with javascripts, We use plugins with winamp to control the playlist from a web browser, We use bluetooth applications to control our mouse moments on pc's, We use our bluetooth enabled phone to change the slide during the presentation, Infact I personally use bluetooth on my laptop to lock my computer when my cellphone is out of range.

There are multiple benefits of using a plugin but now let us come to the bad part, first of all they eat up your computer memory because all the people who program in their free time don't optimize their plugins well, extra plugins cause your machine to slow down, they are not checked for security issues and vulnerabilties, they crash your applications and hell of other things that are out of scope of this post.

Recently, I got a computer on my network that had a webserver running on it and just out of curiosity I went ahead to see whats running and viola there was a web based interface to control a media player application, You can add songs, delete songs, change playlists and also start streaming videos.

The person who was using this application was an average user without any knowledge of computer security, Now lets come to the fun part, I went ahead and added a stream of a porn video into his media player application and it started playing porn.. I dont know if the person was sitting on his computer or not but that kept on running till a like 15 mins and then it changed and meanwhile the user was so smart that he had used some other plugins which used to display the current running file name on his Yahoo! Messenger and Google Talk and It was fun because people usually have their family and friends added to messenger lists, I am quite sure all those who were online at that point of time had seen what he watching on his media player..

So save yourself from embarrassment and use plugins responsibly because it can hurt your reputation.



