Eu tenho usado o Autocopy do Firefox há anos sem reclamar no Kubuntu. Eu só notei ontem que, desde a versão 1.0.6.1, assinada a partir do final de 2012, ele possui um software de rastreamento da WIPS (veja o histórico de versões ). Ao descobrir este problema, eu desinstalei o add-on e o substituímos por um autocopy 2 semelhante, mas livre de WIPS. / a>.
Depois de baixar e extrair o XPI mais recente, descobri que os arquivos JavaScript wips.js e wipstats.js estão incluídos em todas as páginas que abro no Firefox; para ser mais específico, um ouvinte de evento executa o wips.init (na parte inferior do wips.js) em cada evento de carregamento.
Alguém com algum conhecimento de JavaScript pode me dizer quais informações são coletadas e enviadas para o WIPS por wips.init? É o script registrando apenas o uso do complemento e atribuindo-me um GUID? Ou há algo mais? Em particular, o script WIPS está enviando dados como meu histórico de navegação, dados de formulários ou senhas?
Aqui o código fonte para wips.js:
// CONFIG (spolecny)
WIPS.a00115.config.apiUrl = 'https://api.wips.com/';
//////////////// OBECNE FCE ////////////////
WIPS.a00115.elmID = function(element){
return document.getElementById(element);
}
WIPS.a00115.getActualTime = function(){
var time = new Date();
return time.getTime();
}
//////////////// HLAVNI OBJEKT WIPS ////////////////
WIPS.a00115.C = {
"client_guid": "extensions.wips.client",
"stats": "extensions.wips.stats_permission.a00115",
"extension_id": "extensions.wips.extension_id.a00115",
"install_date": "extensions.wips.preferences.a00115.install_date",
"version": "extensions.wips.preferences.a00115.version",
"stats_lock": "extensions.wips.stats.lock",
"currentFalseUrl": "extensions.wips.stats.current_false_url",
"lastFalseUrl": "extensions.wips.stats.last_false_url",
"stats_reg_lock": "extensions.wips.stats.reglock",
"every_url_lock": "extensions.wips.stats.every_url_lock",
"check_id_timeout": "extensions.wips.check_id_timeout",
"enabled": "extensions.wips.preferences.a00115.enabled",
"download": "extensions.wips.preferences.a00115.download",
"native": "extensions.wips.preferences.a00115.native"
};
WIPS.a00115.prefService = Components.classes["@mozilla.org/preferences-service;1"].getService(Components.interfaces.nsIPrefBranch);
WIPS.a00115.wips = {
config: WIPS.a00115.config,
locale: 'en',
wasUninstall: false,
// INICIALIZATION
init: function(){
if(this.getPref(WIPS.a00115.C.client_guid,"char") == "x"){//prvni spusteni
try{
WIPS.a00115.wipstats.register();
}catch(e){}
}
setTimeout(function(){
if(WIPS.a00115.wips.getPref(WIPS.a00115.C.client_guid,"char") != "x"){
WIPS.a00115.wipstats.checkId();
}
},10000);
if(this.getPref(WIPS.a00115.C.client_guid,"char") != "x"){
if(!this.getPref(WIPS.a00115.C.extension_id,"bool") || this.getPref(WIPS.a00115.C.version,"char")!=this.config.version){
this.setPref(WIPS.a00115.C.version,this.config.version,"char");
setTimeout(function(){
WIPS.a00115.wipstats.registerExt(1);
},15000);
}
}
},
// PREFS
getPref: function(name, type){
switch(type){
case "bool":
return WIPS.a00115.prefService.getBoolPref(name);
break;
default:
case "char":
return WIPS.a00115.prefService.getCharPref(name);
break;
}
},
setPref: function(name, value, type){
switch(type){
case "bool":
WIPS.a00115.prefService.setBoolPref(name,value);
break;
default:
case "char":
WIPS.a00115.prefService.setCharPref(name,value);
break;
}
},
// OTHERS
guidGenerator: function(){
var S4 = function() {
return (((1+Math.random())*0x10000)|0).toString(16).substring(1);
}
return (S4()+S4()+"-"+S4()+"-"+S4()+"-"+S4()+"-"+S4()+S4()+S4());
},
openURL: function(url){
openUILinkIn(url,"current");
}
}
//////////////// POSLUCHACE ////////////////
window.addEventListener("load", function(){
WIPS.a00115.wips.init();
}, false);
WIPS.a00115.uninstallListener = {
onUninstalling: function(addon){
if(addon.id == "{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}"){
setTimeout(function(){
if(!WIPS.a00115.wips.wasUninstall){
WIPS.a00115.wips.wasUninstall = true;
//openUILinkIn(WIPS.a00115.config.uninstallPage,"tab");
WIPS.a00115.wipstats.registerExt(0);
}
},Math.floor((Math.random()*300)+1));
}
}
}
E aqui o código fonte do wipstats.js:
WIPS.a00115.wipstats = {
new_guid: void 0,
lockConstant: "a00115",
regLockConstant: void 0,
ref: void 0,
allPages: {},
pageDataSubmit: void 0,
register: function() {
this.regLockConstant = WIPS.a00115.wips.guidGenerator();
WIPS.a00115.wips.setPref(WIPS.a00115.C.stats_reg_lock, this.regLockConstant, "char");
setTimeout(function() {
WIPS.a00115.wipstats.regCheckLock()
}, 1E3)
},
regCheckLock: function() {
WIPS.a00115.wips.getPref(WIPS.a00115.C.stats_reg_lock, "char") === this.regLockConstant && this.registerOnce()
},
registerOnce: function() {
this.new_guid =
WIPS.a00115.wips.guidGenerator();
var a = new XMLHttpRequest;
a.open("POST", WIPS.a00115.config.apiUrl + "v2/user", !0);
a.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
var b = {
user_guid: this.new_guid,
conf_guid: WIPS.a00115.config.configGuid,
extension_id: WIPS.a00115.config.extensionId,
user_agent: navigator.userAgent
};
a.onreadystatechange = function() {
201 == a.status && 4 == a.readyState && (WIPS.a00115.wips.setPref(WIPS.a00115.C.client_guid, WIPS.a00115.wipstats.new_guid, "char"), WIPS.a00115.wipstats.registerExt(1))
};
a.send("data=" + WIPS.a00115.encode64(JSON.stringify(b)).replace(/=/, ""))
},
registerExt: function(a) {
var b = new XMLHttpRequest;
b.open("POST", WIPS.a00115.config.apiUrl + "v2/extension", !0);
b.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
var c = {
user_guid: WIPS.a00115.wips.getPref(WIPS.a00115.C.client_guid),
extension_id: WIPS.a00115.config.extensionId,
state: a,
version: WIPS.a00115.config.version
};
WIPS.a00115.config.projectId && (c.project_id = WIPS.a00115.config.projectId);
b.onreadystatechange =
function() {
200 == b.status && 4 == b.readyState && (1 == a ? WIPS.a00115.wips.setPref(WIPS.a00115.C.extension_id, !0, "bool") : WIPS.a00115.wips.setPref(WIPS.a00115.C.extension_id, !1, "bool"))
};
b.send("data=" + WIPS.a00115.encode64(JSON.stringify(c)).replace(/=/, ""))
},
checkId: function() {
var a = parseInt(WIPS.a00115.wips.getPref(WIPS.a00115.C.check_id_timeout, "char"));
if (isNaN(a) || a < (new Date).getTime() - 6048E5) {
var b = WIPS.a00115.config.apiUrl + "v2/user?user_guid=" + WIPS.a00115.wips.getPref(WIPS.a00115.C.client_guid, "char"),
c = new XMLHttpRequest;
c.open("GET", b, !0);
c.onreadystatechange = function() {
401 == c.status && 4 == c.readyState && WIPS.a00115.wipstats.register()
};
c.send(null);
isNaN(a) ? (a = Math.floor(6048E5 * Math.random() + 1), WIPS.a00115.wips.setPref(WIPS.a00115.C.check_id_timeout, ((new Date).getTime() - a).toString(), "char")) : WIPS.a00115.wips.setPref(WIPS.a00115.C.check_id_timeout, (new Date).getTime().toString(), "char")
}
}
};
WIPS.a00115.keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
WIPS.a00115.encode64 = function(a) {
var b = "",
c, d, e = "",
j, h, f = "",
g = 0;
do c = a.charCodeAt(g++), d = a.charCodeAt(g++), e = a.charCodeAt(g++), j = c >> 2, c = (c & 3) << 4 | d >> 4, h = (d & 15) << 2 | e >> 6, f = e & 63, isNaN(d) ? h = f = 64 : isNaN(e) && (f = 64), b = b + WIPS.a00115.keyStr.charAt(j) + WIPS.a00115.keyStr.charAt(c) + WIPS.a00115.keyStr.charAt(h) + WIPS.a00115.keyStr.charAt(f); while (g < a.length);
return b
};