Hacker News new | past | comments | ask | show | jobs | submit login

What this is:

• Preventing malware and enterprises from silently installing unremovable extensions through a special mechanism

What this is not:

• Preventing users from installing extensions without using the Internet (they can just load an xpi file like always)

• Preventing power users from installing unsigned extensions (already not possible in standard Firefox except non-persistently for development, but Mozilla provide unbranded builds which let you use extensions)

Why this is being done:

• Preventing adware adding itself to your browser without your consent and making itself difficult to remove

Not why this is being done:

• Mozilla hates users / the open Internet / freedom (their foremost concern is protecting users from malware nonconsensually installing extensions, they have always provided versions of Firefox allowing you to do whatever you want if you want that, and indeed standard Firefox does let you load unsigned extensions temporarily)




I do hope that Debian will start patching out these nanny features, though, including the ones we've already had for a while (like no unsigned extensions). Maybe it's time for a revival of Iceweasel.

If malware gains enough access to my system to put extensions in the sideloading folder I have bigger problems than Mozilla can protect me from.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: