Why can't we? Do I really need that popup saying that 'developer mode' plugins are ZOMG HARMING ME? Because I installed ad nauseam that they removed because of the political BS?

Don't get me wrong, my beloved firefox is not better. It wants me to install dev edition to be able to install anything.

We made a mistake somewhere along the way.

Both of those things (unsigned plugins causing permanent warnings and/or only being enabled for a developer edition) happen because not doing them means leaking open the one last (huge) hole malware can infect computers through

The modern browser 1. is its own OS, but 2. doesn't have any concept of a privilege-level separation. That means any random program running as user X is free to install an extension into user X's Chrome or Firefox profile without needing to ask permission. And then said extension can harvest your social-network profiles, replace ads with their own, etc.

> Both of those things (unsigned plugins causing permanent warnings and/or only being enabled for a developer edition) happen because not doing them means leaking open the one last (huge) hole malware can infect computers through

Modern operating systems have a concept of users, groups of users and dedicating one of these to the role of administrator. I see no problem in not enforcing signing rule for the extensions installed by administrator (at system-wide locations, not user profile) - they are read only for the rest of the users anyway, so they couldn't be installed by drive-by malware. Power users are happy, naive users are protected.

If there is a malware that looks like installed by administrator, you have much bigger problems anyway. That malware could patch the firefox binary in the same way as it could deploy the extension, so you gained exactly nothing.

But the current situation just makes power users unhappy. This policy killed some extensions that were shipped by Linux distributions.

> But the current situation just makes power users unhappy. This policy killed some extensions that were shipped by Linux distributions.

I though this change was only about Windows? Chrome on Linux lets me load unsigned extensions just fine.

Sorry, I don't know about Chrome, I was talking about Firefox. AFAIK only Firefox extensions were shipped by distributions.

Fedora uses a patch to allow system installed addons.

Any random program running as user X, if malicious, can do far worse things to the user than install plugins into the browser.

Apparently the major browser vendors' solution to the problem of things running as users breaking the browser is to remove the ability for users to do things. This is a bogus solution.

See: Firefox's chrome-ification of the plugin system.

The mistake was made by companies abusing external plugin support to install plugins that make the browser vulnerable, slow or unstable.

The browser vendors then get to take all the "credit" for that. Their decision to remove support for external plugins is absolutely reasonable.

> Do I really need that popup saying that 'developer mode' plugins are ZOMG HARMING ME?

The feature was actively abused my malware so I guess this does makes sense.

I get why both browsers require signed plugins unless you are using the developer branch, on Windows 7 a huge vector of attack was malicious files loading unsigned plugins in Chrome in particular (also saw it in Firefox, but rarer) that would create popups, inject ads onto sites that didn't have ads, steal passwords, etc.

That being said, I wish there was a way I could use unsigned plugins easily, without reinstalling firefox.

Because flash, silverlight, java applets....