BD Traffic Light - A contradiction in description.




Hi,


I have Bit Defender (paid version) installed on my iMac and was browsing through some Bit Defender extensions in Safari, when I came across the option to install some little program called ‘Traffic Light’.


The message read: ‘Traffic Light 0.2.25 adds a strong & non intrusive layer of security to your browser experience’.


This would seem to indicate that installing this ‘Traffic Light’ thing would be a very good idea. However the following sentence reads:


‘Traffic Light can read, modify, and transmit content from all webpages. E.g. Passwords, Phone numbers and credit card details etc.’ 


On the face of it, the second sentence contradicts the first. Or am I missing something? Why on earth would you want to install this Traffic Light and give up all your confidentiality? 


Does anyone out there have a sensible explanation? BD Traffic Light must be good or the review magazines would have picked up on it long ago. Wouldn't they????


By the way, I removed BD and then installed Kaspersky trial version and found the same message, word for word, in their Safari Extension security thing. 


Completely disillusioned by now I went back to BitDefender again because I had already bought two years subscription, but did not install Traffic Light. 


Any clues, anyone???

Comments


  • Your browser is telling you the permissions TrafficLight has, it has the permissions to modify and read these things. But it doesn’t mean it will.


     


    its basically saying it has high permissions.


  • Thanks for your response BeFree. Not sure I am comfortable with some unknown entity with high permissions able to give permission to release my personal info. to whoever or whatever. That should be up to me.


    I struggle with the concept of any protection device being able to give out personal highly confidential information without first seeking permission from the owner and giving a very good explanation why.


    I suppose that it is 'all good' and I am concerned about nothing, because I haven't seen any other query anywhere about it. But it still doesn't make sense to me and so I will leave it turned off for now until maybe someone else can enlighten me a bit more on this. 

  • Sergiu C.
    Sergiu C.
    edited March 2018


    Hello, 




    In order for the TrafficLight extension to be able to block webpages it has to, first of all, be able to read the main URL, and any other URLs that are in the source code and compare them with our cloud database of known malicious websites.


    It has to modify data in order to be able overwrite the original website with a message informing you that the page is malicious.


  • Thanks Sergiu C,


    That sounds fine and makes sense up to a point I guess. But I still don't see why it needs to include sending confidential info off to wherever in this data to be modified you are talking about.


    Modifying data and sending data are two different things entirely. I can understand why a protection device or program may need to modify something in order to protect it. 


    It is the term used 'SENDING' in the sentence in that extensions folder that bothers me. Where is it sending your confidential info to? And why? Does anyone know? I mean, they wouldn't use the word 'sending' if they meant something else, would they???


  • The wording is determined by your browser , in Firefox and Chrome it is slightly different. 


    I agree that "sending passwords" (and other sensitive information) sounds like a security threat, but the extension only checks what URLs are present in the webpage (and the main URL you access) then checks them against our cloud. 


    In general security solutions need high permissions to be able to protect your system as they need to be able to intercept and delete malicious items on your computer or block them from running. Without these permissions, it becomes very hard for a security solution to be able to actually protect the system. 


     


  • Okay thanks Sergiu C. That explanation eases my mind quite a bit. I was beginning to wonder if I was becoming paranoid about it. I'll go ahead and and allow BitDefender to install the extension now. I'm still surprised however, that I haven't seen any other queries about this so maybe I am indeed a bit paranoid.


    Anyway, thanks again Sergiu C.