Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

But that represents how people consider trust when choosing addons. It's trusting the code and company at the time of install, not at an arbitrary later time. Sure, if the cert expires and there's an update then the user wants to know.


You cannot rely on “check at install time.” An extension could be installed by a crapware installer behind FF’s back. You can’t go and remember the trust state at install time either, because that memory would need to be kept locally and could be modified by a crapware installer. So the only solution that prevents circumventing the check is to check the signature when the extension is loaded.


The main trust check is at installation time, but it's possible for problems to be discovered later, and Mozilla needs to be able to do something about it. Certificate non-renewal is the only robust avenue of revocation.


There's already an extension banlist.

See profile/blocklist-addons.json

Not sure how not renewing a certificate and letting everything get disabled is useful. It's only useful if cert key leaks.


> Mozilla needs to be able to do something about it.

No, they do not need to. They decided that they want to. Remember that there was a time before certificate signing.

And now the decision to be able protect those who install crapware is also harming those who never had those issues.


They should absolutely have asked extra permission to implement a system where they could choose to alter my browser install, in an unexpected way, at their behest without seeking further authorisation, not even a modal???

It's exceedingly poor ethics.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: