YouTube Best Video Downloader use of fileserve.xyz and thrillingos.herokuapp.com

Hi,

I like your addon, but have noticed that since a recent update, the sites: fileserve.xyz and thrillingos.herokuapp.com have started showing up in my NoScript filter list.

Initially I was very concerned, thinking I had inadvertently contracted some sort of malware. It took me a little while to discover that they were linked to your addon. I generally block any sites I’m not familiar with and don’t like sites that excessively use external sites to deliver core functionality. There are enough trackers out there already.

Can you please explain what these sites are for and why they are needed? Do they collect information about my downloads?

Since I didn’t know how to contact you directly, I’m posting this question in this forum. I suppose your answer will also be helpful to others who may share my initial concerns.

Cheers,
Nap

If you mean Youtube Best Video Downloader 2 - MP3 MP4 1080P, I just had to reject the add-on.

I rejected many video downloaders here because they want too much information from me & my computer.
They want to access ALL my data for ALL websites, they want to exchange messages with programs other than Firefox, they want to input data to clipboard, they want to display notifications to me, they want to access my browser tabs & access browsing activity during navigation!!!
NO WAY JOSE!
Why do they want so dam much information? IT’S NONE OF THEIR BUSINESS WHAT I SEE, WRITE, THINK OR READ!!

Actually, those notices are general notices and they may or may not give you the full picture.

Some of them are harmless, and some may not be used to infringe users privacy but are needed for the add-on to work.

There are also some add-ons that do things that they shouldn’t.

Unfortunately, without inspecting the add-on code, it is not possible to see what they actually do.

It was also discussed in Understanding Extension Permission Requests .

I’m OK with them knowing who I am, where I am & what I use their downloader for & what web page I’m on when I use their downloader but I don’t think they need to know everything I’m doing on the web, what’s in my browsers history access my tabs etc.
Your information, links & their information has been a great help.
I know we don’t have privacy on the web & I’m glad that Firefox has a private browsing feature IF I would remember to use it.
It does seem that many video downloading extensions want more info than is needed. I don’t download movies or porn, not interested in that, I prefer to add to my knowledge not to be just entertained.

Thank you very much for the information & your help!

That is where there is not enough data in the notice.

For example … “history”
I have an add-on that deletes history item to keep history slim.

Another add-on may go through history and collect data and send them to 3rd party.

The notice doesn’t tell you which one it is and what the add-on does. It only tells you that add-on has access to history.

For example … “bookmarks”
I have an add-on that lets you bookmark multiple tabs in one action. That is all.

There may be other add-ons that do a lot more with bookmarks.

Once again, the notice doesn’t tell you which one it is and what the add-on does. It only tells you that add-on has access to your bookmarks.

IMHO, the best practice is to find out about developers and ask them on their support site about what the add-on does, read reviews and feedbacks in order to decide which add-on would be best suited.

You can also ask someone to inspect the code to make sure.

I used to love this addon, but some pages wouldn’t even show until I hit the Stop button, & every page was slowed way down. After noticing fileserve.xyz & gigaltics.space transferring info I was convinced I had Malware. Disabling/Uninstalling Youtube Best Video Downloader 2, got everything sped back up again. I’m not sure it’s malware exactly, but I don’t trust it anymore, & would recommend others stay away from it.

I think it’s fair to use the word “malware” when an extension injects a coin mining script into web content. See also: https://support.mozilla.org/questions/1210834

Has Mozilla looked into this, & is this the right place to report it?
I’ve use Firefox almost exclusively for decades, but if they allow trash like this, I’m going to have to take a closer look at Chrome.

The Add-ons site took down the extension, so they are aware of the problem. However, where it is already installed, it would need to be added to the extension block list to be disabled. That isn’t done very often but it’s part of the policy:

This add-on is just a malware container which inject ads scripts into your browser, stay away from it.

I had this addon installed for a couple of month and only just recently noticed that it modified my google search results (added Ads and redirected me to Bing.com).
Now I see that it has been removed for those reasons. There seems to be lacking a mechanism to inform users who still have the addon installed that they have spyware!