The plugin that is inspected in this article is now delisted in the Eclipse Marketplace. You can't download it from there anymore (Checked with STS 3.9.0.RELEASE). A new fork without the ad related code as been publish and you can inspect the code on https://github.com/ecd-plugin/ecd .
It's nice to see the community stepping in to "fix" the situation.
I'm still a little confused as to what the code was doing, though. It gathers statistics about your user machine (none of which seemed too personal - basically IP, OS, country, etc).
But then what is it doing? Opening a virtual browser or simulating clicks to some ad network?
Seems to me that it is indeed running a hidden browser on a background thread, loading ads, and simulating views/clicks. That is in addition to collecting and sending user and system information (possibly also for ad-serving or information sales or some other nefarious skulduggery).
Guess author of the plugin is pretty smart but not smart enough to encrypt the traffic back home or obscure his/her nasty secrets.
I guess it might be keeping the black stuff for some cool down time just after installation. Many malware seem to do there days. We might have got true clicks targeted.
While this was a popular plugin for Eclipse - I'm sure there are plugins for other editors, IDEs and browsers which do the same (or worse).
Yet, we often try a multitude of plugins without a single thought about any unwanted features bundled with the main features.
guildan|8 years ago
It's nice to see the community stepping in to "fix" the situation.
philbarr|8 years ago
Anyone who does not like it, please uninstall this plugin.
I will not explain it anymore.
I'm not interested in stealing your privacy.
[0] https://github.com/cnfree/Eclipse-Class-Decompiler/issues/30
contravariant|8 years ago
Any other scenario means that they intentionally and secretly included code into their compiled binaries which posed a security and privacy risk.
philbarr|8 years ago
http://marketplace.eclipse.org/content/enhanced-class-decomp...
hiram112|8 years ago
I'm still a little confused as to what the code was doing, though. It gathers statistics about your user machine (none of which seemed too personal - basically IP, OS, country, etc).
But then what is it doing? Opening a virtual browser or simulating clicks to some ad network?
jjjensen90|8 years ago
ramshanker|8 years ago
I guess it might be keeping the black stuff for some cool down time just after installation. Many malware seem to do there days. We might have got true clicks targeted.
mseebach|8 years ago
nallerooth|8 years ago
moocowtruck|8 years ago
zaphirplane|8 years ago