The Source Code for Web Of Trust hasn't been updated since 2015. WTH how can they call it open source if they don't show us the source code? I mean unless there trying to stop people from abusing the source code like what happened to Ad-Block Plus. But are they trying to hide something or are trying to protect themselves from copycats? https://github.com/mywot/
While I had long depended on privacy, security and content ratings and commentary by crabbyblabby42 and zippitydoo101, I finally had to forgo WOT due to that privacy scandal.
Well I'm kinda blind without it. I mean FlagFox and All Tabs Helper ask about the same if not more information then WOT.
AFAIK Flagfox doesn't monetise your info though. Well, at least if they do they're careful not to get caught.
Why not? NoScript helps block JavaScript which may have malicious code in it, very useful when surfing the web.
Like any crowd-sourced opinion site WOT has issues, but the privacy scandal was blown out of proportion. They never hid the fact they sell anonymised data. The problem was a flaw in the way they anonymised data, and once reported it was fixed. During the vulnerable period it was taken down from the extension stores, and once fixed and tested it was put back. Back on sites that also collect and sell anonymised user data. Things to note if opting to use it. When you install the extension you are prompted to login to an account, but there is no requirement to do so unless you want to contribute. This is why other extensions also offer WOT ratings. If there is a new way to de-anonymise the WOT data then researchers are keeping quiet.
Maybe because it's not really an open source project anymore? The original founders left 2014 In February 2016 WOT Services changed it name to TOW Software (cute) and the company has stopped in 2018 23rd January. So my theory is that the original founders intention was all good and that (truly open source). But after 2015 the project was grabbed by money hungry scumbags who sold their users browsing history to left and right. And now the company has stopped existing. Classic grab and run scam. Maybe that's the reason
Well it was originally licensed under GPL v3 and apparently it still is just look right here: https://addons.mozilla.org/en-US/firefox/addon/wot-safe-browsing-tool/ So if they did change it to proprietary license not only would they be violating the copy left nature of the GPL but it would also say on the Mozilla add-on site as well. I kinda remember hearing that WOT is hiding their source code now, even though its open source.
Maybe, I really don't know. All I know that it was originally Finnish company started around 2006 or so, original founders left (or so it say in wikipedia) 2014, 2016 name changed and company stopped existing in 2018. So if there still is new version of WOT I don't know who is making it .... EDIT: I see that last version is from 2020. So you are right they are violating the GPL if they don't provide access to code. AFAIK, GPL does not mean that you have to publicly give the code (like for example github) but it *does* mean that company developing it must provide source code if user so ask and wants it. I probably digg little bit deeper of this current situation with WOT .... EDIT2: Their homepage IP address is 52.35.181.203 According to whois database it belongs to Amazon USA So probably the original founders sold the company to Amazon Domain Name: MYWOT.COM Registry Domain ID: 554737953_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.registrar.amazon.com Registrar URL: http://registrar.amazon.com Updated Date: 2019-07-11T23:50:34Z Creation Date: 2006-08-14T20:00:03Z Registry Expiry Date: 2020-08-14T20:00:03Z Registrar: Amazon Registrar, Inc. Registrar IANA ID: 468 Registrar Abuse Contact Email: Registrar Abuse Contact Phone: NetRange: 52.32.0.0 - 52.63.255.255 CIDR: 52.32.0.0/11 NetName: AT-88-Z NetHandle: NET-52-32-0-0-1 Parent: NET52 (NET-52-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Amazon Technologies Inc. (AT-88-Z) RegDate: 2015-09-02 Updated: 2015-09-02 Ref: https://rdap.arin.net/registry/ip/52.32.0.0 OrgName: Amazon Technologies Inc. OrgId: AT-88-Z Address: 410 Terry Ave N. City: Seattle StateProv: WA PostalCode: 98109 Country: US RegDate: 2011-12-08 Updated: 2019-07-25 Comment: All abuse reports MUST include: Comment: * src IP Comment: * dest IP (your IP) Comment: * dest port Comment: * Accurate date/timestamp and timezone of activity Comment: * Intensity/frequency (short log extracts) Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time. Ref: https://rdap.arin.net/registry/entity/AT-88-Z OrgNOCHandle: AANO1-ARIN OrgNOCName: Amazon AWS Network Operations OrgNOCPhone: +1-206-266-4064 OrgNOCEmail: amzn-noc-contact@amazon.com OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN Also the mywot.com SSL certificate is provided by Amazon EDIT3: From: https://www.mywot.com/terms Any violations of will be handled in New York court so it's 100% clear now that it's not Finnish company anymore EDIT4: And finally their "privacy" policy https://www.mywot.com/privacy Pretty standard corporate stuff, reserve all rights to track and use your info anyway they like.
And many kind of web threats are OS-independent. Those who seriously seek for web security need any kind of default-deny, e.g. NoScript or uMatrix or uBO or ScriptSafe. Even that may not be enough, given most WordPress plugins, which has been one of the main attack vector, are implemented as first-party resouces you need to allow for the site to work. Yet most ppl on security forums don't take counter measures and instead prefer playing LARP security w/ heavy-tank-like security tools. Needless to say, WoT also doesn't help, it at most warn you for some scam sites - it does not reliably block or prevent malicious script by design (I mean, when the popup appears it is too late). Aside from that - I know one similar case that is Free Download Manager. This once became open source but since v5.0 returned back to closed source. IDK why WoT still keeps GPL license and the link to Github on their page. Not quite correct, other developers can use WoT API only if they registered. I don't trust anyone who don't use mathematically guaranteed deanonymisation such as differential privacy.