Users still can, they can download one of the provided builds that do not have this restriction.

The issue is that most users don't understand software on a deep level, and just click "yes" on dialog boxes, etc.

It does make sense to keep the defaults where it prevents most users from harm.

But it doesn't! As long as downloading anything is allowed, signing requirements on extensions will not prevent anything.

And by experience supporting users, this is not how bad extensions get installed on the system: they're pulled in by malware which gets installed by other means.

This is only going to irate legitimate extension developers, which already have to wait weeks for AMO to review even the most basic change. I've been distributing extensions separately precisely for this reason.

But ths change will prevent bad extensions pulled in by malware installed by other means.... On systems that require application signing, that should do some good (otherwise I'd expect malware to just switch from sideloading extensions to sideloading a modified version of Firefox).

How many systems do you think require application signing?

Why don't we teach people the don't understand so they can make informed choices instead of preventing it entirely?

There are a lot of things I wish the general public would try to get educated about so they can make informed choices.

  1) Nutrition
  2) Politics(especially taxes & wars)
  3) Computers
  4) Finances

If you can figure out how get people properly educated on even 2 of those things, the world would be a very different place.

Idealism and duct-tape- they are holding the world-view together..

Specialisation always was this species strong point. Acceptance that the user might have his strong-point elsewhere and is so nice as to not harass you with his worldview. Imagine if you went into your local bakery, and there behind the counter stands a guy all in white:

"Good morning. Try our donuts today. You could make donuts too. Its easy. Come on ill show you. And then you will be self reliant when it comes to donuts. There are thousands of great recipes online - okay, some are broken, but you dont get to become a expert in donut making - without giving a little bit back.. Sir, Sir - you forgot your Donuts. Maybe he is diabetic and forgot - or evil cooperate donut buyer - or the one dough ring to bind them all is too much of a power.."

With great specialisation comes great loss off understanding on other parts of your life.

There are way too many decisions we need to make in this world to really be informed on every one. Of course, in our world, understanding software and safety is in our scope of knowledge, so we believe everyone should have it. However, not everyone is in our world. I am sure tech people make all sorts of uninformed decisions in other realms that people in those fields would be appalled at. It is OUR job to help protect regular people who don't have the time to learn our world be safe, just as it is the job of those other fields to help keep us safe.

Heaven forbid. The unaware, uninformed user is the bread and butter that the Internet businesses survive on. Tech-savvy users are bad bad bad. Protected, gullible users is what keeps the engines running.

The choice isn't prevented. There is just a small barrier put in place of the choice. Installing a different version of firefox is not difficult, but it makes sure the user is absolutely sure, and helps get an idea across of the ramifications.

Go ahead and help teach them, no-one is stopping you.

They can't be taught, nor do they care to be. Education is not the solution to the problem of users who don't want to know.

This. Most of the people do not care about this stuff and they do not wish to learn it. Also, like with vaccines, it is important that sufficient number of people are protected for the malware/viruses to not spread.

Because that's been such an unqualified success for the last 30 years we've tried it.

30 years is not long enough.

Literacy took much longer, but the benefits are clear today.

We should teach people, yes! At the same time, educating hundreds of millions of people takes time.

> It does make sense to keep the defaults where it prevents most users from harm.

Wait, did we have an extension-caused apocalypse recently leading to this requirement ? Erm, I guess not. So why do we exactly need it ?

Approximately 5% of users are infected with adware. This is one way to combat it. Google has already taken this approach.

How many % of this 5% are running Internet Explorer ? Let me guess, 95% ?

You'd be surprised. Chrome and Fx can be and are as easily infected as IE.

Can't have censorship if users have the option of overriding it, can we?

Firefoxs plugin development is already a pain in the ass. They should focus on making it simpler, not giving more reasons to fork it.