Web of Trust: Security Extension Used by Millions Caught Selling User Data

What happens when a product with “trust” in its name turns out to be the opposite?

Web of Trust is a browser extension which rates websites on their degrees of trustworthiness. It shows whether the site is:

  • Trustworthy – rated green,
  • Somewhat ok – rated yellow
  • Untrustworthy and loaded with viruses and malware – rated red.

Not So Trustworthy Anymore

Turns out the company behind Web of Trust was siphoning the user’s browser histories and selling them to third party companies. Following the revelation, Web of Trust was pulled from Mozilla Firefox, Google Chrome and Opera.

A German news website’s investigation revealed that Web of Trust was collecting and selling their user’s browser history. Web of Trust said that it was anonymising the data, it was still deemed traceable. The German site could identify 50 different individuals from their browser histories from sample data. It contained private information which included sexually explicit sites they visited, the police investigations they had open and the stores they shopped at.

The investigators said that Web of Trust was not even asking for their user’s consent before gathering or selling the data.

Making Amends

Web of Trust is now reexamining their privacy policy and will be offering an opt out option for sharing their browser history with the extension. They think their approach was not exactly sufficient in making the data anonymous according to a spokesperson.

Web of Trust also said that Mozilla was the only one that pulled the extension on their own. Web of Trust took down the extension on Opera and Chrome themselves to make “appropriate changes” to it.

Uninstall It Now

For now, uninstall the extension from your browser if you haven’t done so already. Web of Trust will be re-releasing their extension in the next few weeks.

After this incident they will need to ensure to include an opt-out option for those who don’t want to share their data and to make sure that they encrypt the browser histories they do take so that they are untraceable back to the end user.

However, it remains to be seen if users of WoT will ever trust them again, following their attempts at selling personal data to third parties.

A techie, Overwatch and Street Fighter enthusiast, and Editor at ProPakistani.

  • I am very old and active (Platinum) user of that plugin.
    I will ask this from their community mod.

  • Ltd feature videos

    Watch more at LTD