Plugin overwrites default browser search #26
Comments
|
Yep, version from Play Store hijacks search engine and this behavior can't be disabled. Crappy workaround: install version 2.0 from GitHub manually. Instructions are described in https://github.com/cprcrack/WAToolkit/blob/master/README.md GitHub version seems to work just fine, and it doesn't require additional rights to change search engine. And as a bonus: it won't update automatically to malware-like Play Store version. |
|
I reported it to google. Maybe it helps... |
|
@cprcrack The repo isn't updated but the chrome version does seem to be malicious. What's going on??? |
|
Welp. Nothing is stopping us from making a fork and mirror on the store. |
|
Hey, sorry for that! This repository was mostly unattended and I'm no longer the owner of the Chrome Web Store listing. I have added a clarification warning about the change of ownership. I don't own the domain watoolkit.com either. This extension originally requested the most restrictive permissions possible to work in order to protect its users. Apparently the new owners have added new permission requests including "Change your search settings to: site.watoolkit.com". I would not recommend accepting this new permission, could any of you confirm if you had to manually accept those new permissions or if it was automatic? My plan is to change the name of this repo and release a new version with that new name with some overdue fixes. In any case I understand that this comment is going to get a lot of dislikes, so at least I wanted to apologise for the situation, and I will keep the original clean code with the very restrictive permissions on this repo so that as @olivierverwoerd mentioned a fork can easily be done. |
|
Unexpected answer. To answer your question: So it's a good thing to add that warning. And a fork won't be necessary if this is your plan. I guess i really like the extension, maybe i can help add some features sometime in the new repo. And of course we are not going to dislike your post. |
|
Thank you @cprcrack! I also think there is no reason to dislike your comment. It includes helpful information, showed your immediate action and a promising solution for the future. It however makes me curious to know the reason behind the change of ownership of the CWS listing, just in case you feel inclined to explain this any further. The new permission was not added automatically, but as @olivierverwoerd said, i also immediately clicked okay, assuming it would be a new feature to search through messages on web.whatsapp.com. This of course has to do with the trust we put in your project. I only got alerted when i saw all my search queries went to a new host. Do you think there is any chance of getting back ownership by contacting CWS support? I feel like this is an important thing to consider, as thousands of users will propably not even notice something has changed, but all their search queries will possibly be tracked by the new plugin owner without their knowlege. |
|
The worst part is it reroutes the searches through another URL before redirecting to bing. The new owner can do whatever they want with the data. Please revert this if you can. Also, can you alert people about this? Like a warning below the ownership notice and/or chrome alert. I don't want the extension removed from the web store 😫 |
|
Thank you for maintaining this extension as long as you did! I'm looking forward to it being republished. |
|
The new owner is in clear violation of its privacy declaration ("This publisher declares that your data is not being used or transferred for purposes that are unrelated to the item's core functionality") and everyone should report it to Google to get it removed. I'm surprise that Google has taken no action here. |
|
For anybody interested I have fork and uploaded the extension to the Chrome Store, I'm planning to continue working on it and update it since there are a lot of issues in this repo that hasn't been updated in years. Of course without any analytics or tracking or anything shady. Any help is welcome, I'll be as active as I can ;D |
|
@Albermonte Thank you. I'll see if i can help you out. |
|
Thank you! |
|
@Albermonte Thank you for this! |
Since the last update WAToolkit redirects my search queries to site.watoolkit.com which then redirects the query to bing. This shouldnt be a feature and is not included in this recent commit history, could you please check that only you have access to your webstore account and nobody compromised it? Proxying and propably logging all search queries is a big privacy concern and seems malicious. Also it opens up the question what else this version of the plugin logs.
Version
2.3
Updated
14. Dezember 2021
The text was updated successfully, but these errors were encountered: