Firefox Send had a known malware problem for awhile but when it was used to successfully target a NGO the pressure forced Mozilla to pull the plug. At least that’s the version that’s publicly available.
If Firefox had used something other than firefox.com the brand trust could be decoupled from the service but by offering it for free they received PR. Catch 22 I think.
The nature of Mozilla not having access to the files eliminated any sort of scanning/vetting and malicious actors quickly exploited it.
If Firefox had decided to charge for send I’m sure fraudulent payments would have been used to procure accounts intended for malware. That could have helped expire out malicious links before unsuspecting users clicked them
but it wouldn’t have completely addressed the issue.
I think paras 2&3 were also the curse: firefox.com was a “good neighbourhood”, which made it convenient/accessible, but that’s good for the whole spectrum of actors.
I guess this is why most no-account file hosting is on sketchy sites.
If Firefox had used something other than firefox.com the brand trust could be decoupled from the service but by offering it for free they received PR. Catch 22 I think.
The nature of Mozilla not having access to the files eliminated any sort of scanning/vetting and malicious actors quickly exploited it.
If Firefox had decided to charge for send I’m sure fraudulent payments would have been used to procure accounts intended for malware. That could have helped expire out malicious links before unsuspecting users clicked them but it wouldn’t have completely addressed the issue.