>Studies do send telemetry which is not quite the same as being spyware.
How is software whose sole purpose is to send my information to a third party not spyware?
>The "remote code execution" thing is already there, it is called JavaScript. Almost every browser has it. Add-ons use it all the time.
JS on any webpage can't do whatever it wants, since it's restrained to the webpage itself. otoh I'm sure this "studies" thing can change my browser configuration (including my certificates, making me vulnerable to MITM) and probably even execute any command with my current user privileges.
I'm a privacy conscious person so I disabled all spyware that Firefox included. But I went to check, studies was enabled, probably because it was included and enabled by default in the last years and I didn't notice. So how long until Firefox adds something else to have remote code execution rights on my machine?
You knock, explain the problem, ask if they've installed new electronics lately, especially remote controlled/domotics stuff. Repeat until you get a satisfactory answer. Chances that you will get one are very high.
In the context of this article, having eight houses to check is soooo much better than having absolutely no clue. If it's not a malicious actor, you'll find out what's emitting the signal in a matter of an hour tops. Being able to do that using a $10 device from ebay is fantastic.
The way I understand it is: certificate revocation is handled by checking OCSP servers, and OCSP servers can be programmed so they give different answers depending on the IP address of whomever is asking. In other words, it should be possible to disable all addons for a selected user by targeting him by IP address.
How is software whose sole purpose is to send my information to a third party not spyware?
>The "remote code execution" thing is already there, it is called JavaScript. Almost every browser has it. Add-ons use it all the time.
JS on any webpage can't do whatever it wants, since it's restrained to the webpage itself. otoh I'm sure this "studies" thing can change my browser configuration (including my certificates, making me vulnerable to MITM) and probably even execute any command with my current user privileges.