Firefox To Mandate Extension Signing

← Back to Stories (view on slashdot.org)

Firefox To Mandate Extension Signing

Posted by samzenpus on Wednesday February 11, 2015 @10:33AM from the changing-things-up dept.

First time accepted submitter x0ra writes In a recent blog post, Mozilla announced its intention to require extensions to be signed in Firefox, without any possible user override. From the post: "For developers hosting their add-ons on AMO, this means that they will have to either test on Developer Edition, Nightly, or one of the unbranded builds. The rest of the submission and review process will remain unchanged, except that extensions will be automatically signed once they pass review. For other developers, this is a larger change. For testing development versions, they’ll have the same options available as AMO add-on developers. For release versions, however, we’re introducing the required step of uploading the extension file to AMO for signing. For most cases, this step will be automatic, but in cases where the extension doesn’t pass these tests, there will be the option to request a manual code review."

138 of 196 comments (clear)

Min score:

Reason:

Sort:

If only by Anonymous Coward · 2015-02-11 10:37 · Score: 3, Funny

Now if only conception required signing we'd solve all the worlds problems.
Start of th End by JMJimmy · 2015-02-11 10:40 · Score: 4, Interesting

For me this signals the start of the end for Firefox. Before you know it you'll see legal requests to block extensions like Adblock Plus from being signed and with more hurdles to jump through the ecosystem will shrink. What does remain will be spread out as fewer developers bother with AMO and try to drive traffic/revenue to their sites.
1. Re:Start of th End by Anonymous Coward · 2015-02-11 10:48 · Score: 1, Interesting
  
  The beauty of open source is that you can go in, disable the signing requirement, and compile your own binary.
  It looks to me like this is a move to protect regular users from malicious plugins. If you want to use plugins that aren't Mozilla approved, you just have to have a bit of a clue.
2. Re:Start of th End by Dracos · 2015-02-11 11:02 · Score: 1
  
  Did you post this comment from 2010?
3. Re:Start of th End by aaron4801 · 2015-02-11 11:17 · Score: 1
  
  Remember when Firefox was born as the stripped-down next-generation of the Mozilla Suite? When it was all about getting the code base to the bare minimum and letting the user decide which functions and features they wanted, and let them have those via extensions?
  Yeah, me neither. Must have been a dream.
4. Re:Start of th End by epine · 2015-02-11 12:13 · Score: 1
  
  then they jumped ship to deal with Yahoo instead for some ungodly reason
  Considering that Firefox had the power to compel Google to throw giant sums of money at them indefinitely and for all time as per the DOJ's premonic Google anti-trust settlement, it is truly inexplicable that they would turn to a pittance from Yahoo instead.
5. Re:Start of th End by Anonymous+Brave+Guy · 2015-02-11 12:19 · Score: 3, Informative
  
  The beauty of open source is that you can go in, disable the signing requirement, and compile your own binary.
  You can, but 99.999% of Firefox users won't, and probably 99.99% couldn't do it even if they wanted to. Even the geeks who could mostly won't have the time to learn a major OSS code base like Firefox's in order to actually do it.
  I've looked at contributing to this sort of project a few times to see if I could help out. I've then given up when I realised it would take me longer just to set up the development environment and be able to build it than it would take me to write from scratch and give away entire useful software packages of my own, or to chip in a significant amount of extra help to some existing small but useful project on someone's GitHub that they are otherwise trying to maintain alone or with just a couple of regular contributors.
  In practice, that lack of user base then has a direct effect on some add-on developers, and if those developers stop producing or maintaining their add-ons then even users who have compiled their own unlocked version of Firefox won't be able to enjoy them. Killing off part of an ecosystem affects everyone.
  
  --
  If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
6. Re:Start of th End by luvirini · 2015-02-11 12:43 · Score: 1
  
  Not really.
  Firefox has been on the road to nowhere a while. This is just a part of the strategy to piss off people who actually try to do things.
  My personal big problem is the certificate handling where firefox does not allow me to say "yes I know that is a bullshit cert but I do not care" as a surprising number of cheap routers ship with bad certificates and thus cannot be administered with firefox.
7. Re:Start of th End by Anonymous Coward · 2015-02-11 12:55 · Score: 1
  
  Except, you know, Firefox has been trying to move away from Google for years, and people just whine every time they do try to find another revenue stream (ads, switching to Yahoo in North America, etc).
  Also the fact that they NEVER dominated the world. Explorer was ALWAYS the dominating factor until Chrome came out, then Chrome ate IE's lunch, and then started to eat Firefox's lunch too a bit. Now Firefox is a few percent lower than it was at its peak, by most reasonable accounts, and everyone is using Google's browser instead.
  That, and no matter how many times people claim it's turning into Chrome, Firefox is still very distinct unless you simply open the browser and stare at it without using it. So this is the argument of the fool who has no real arguments except "I don't like Chrome, and will not accept it if Firefox does anything like Chrome, even if it's a good thing like sandboxes or per-process tabs... wait, I'm an idiot, aren't I?"
  People just like to hear themselves be negative about Firefox, because that's much easier than helping Mozilla. After all, if you keep pretending they don't listen, don't care, and don't even want to make Firefox anymore, then you won't feel as bad when they finally die because of all your blustering negativity. It's all THEIR fault, after all. Even when Firefox is genuinely better than ever, if you stop bitching and just use the damn thing.
  And I'm a Chrome convert who has tried everything from Opera 3 to Pale Moon, and yet Firefox is the only other browser I feel like switching to. If Mozilla is winning me back, they're doing just fine, no matter how many blowhards on Slashdot want to make up this ridiculous narrative that Mozilla is awful no matter what they do. It's almost enough to make me think that there's a paid campaign to discredit Mozilla on social sites, which wouldn't be necessary if what you said was actually true.
8. Re:Start of th End by bill_mcgonigle · 2015-02-11 13:51 · Score: 1
  
  It looks to me like this is a move to protect regular users from malicious plugins. If you want to use plugins that aren't Mozilla approved, you just have to have a bit of a clue.
  A "bit of a clue" is setting an about:config variable. I'd be totally fine with that (I depend on at least one extension AMO won't host).
  Build-your-own means I won't be getting security updates from Fedora, and hundreds of thousands of people doing the same thing is silly. Sure, somebody will set up a repo, but it's clearly not *just* aimed at keeping novice users from shooting themselves in the foot.
  How much you wanna bet this presages awful Firefox changes that normally an extension would fix but those won't be allowed? Mozilla doesn't have staff to get the essentials done much less tend to a walled garden.
  
  --
  My God, it's Full of Source!
  OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
9. Re:Start of th End by yuhong · 2015-02-11 14:08 · Score: 1
  
  What bad certificates are you talking about?
10. Re:Start of th End by JMJimmy · 2015-02-11 15:30 · Score: 1
  
  Mozilla has been digging their own grave for years. This is more like another nail in the coffin.
  I agree with that entirely. Addons have been its saving grace - every screwup Mozilla made there's been an addon to fix it... or at least manage it. This move is going to gradually erode that imo. Not right away but within a few years I'd wager.
11. Re:Start of th End by Anonymous Coward · 2015-02-11 15:40 · Score: 1
  
  1) Revenue options: voluntary payment from users (most charities with that much exposure don't have a problem) and corporate sponsorship, for a start. Go for the same funding models as other far less widely distributed open source projects. No, they never wanted to switch from Google until Google didn't want them anymore;
  2) As far as browser choice, they most definitely did dominate - IE has always been the default browser, and Firefox has not pushed for opt-out installs, yet five years ago it enjoyed 30% Firefox share vs ~50% IE. Since we're around the 10% mark on Firefox now, you'd have to be high or stupid to say that it's " a few percent lower than it was at its peak";
  3) Firefox is not "very distinct" from the PoV of the average end user who couldn't give a fuck that the extension API is different or that the rendering engine is different. The user's experience of using Firefox has been approaching the experience of using Chrome. No matter how much this annoys you, everybody says it because it's true. Of course Chrome comes with some good security and stability ideas - such a shame Firefox hasn't managed to implement any of them well;
  4) Why would I "help" a duplicitous business disguised as a company? I'll send them money when they revert all their Chrome-like UI changes, rip out the stupid (video conferencing etc.), and stop accepting money from ad brokers. Just as I donated initially, before I understood the extent of their asshat relationship with Google. GIve me a product worth buying;
  5) "Even when Firefox is genuinely better than ever" - you're higher than Benjamin Franklin's kite, sir. Nobody agrees with you - neither those who qualitatively argue about browsers nor the marketshare numbers themselves. You are embarrassing yourself;
  6) OK, so you're coming from the PoV of someone who prefers Chrome. This makes sense, since Firefox has gone from being a good browser to a worse alternative to Chrome for nearly every user;
  7) "If Mozilla is winning me back, they're doing just fine" - lol, you just admitted they haven't won you back. And why they'd be doing "just fine" based on whether they have you alone as a customer is fucking hilarious;
  8) "It's almost enough to make me think there's a paid campaign to discredit Mozilla" - what is the mental deficiency that makes people assume that their twisted opinion must be so right that only a massive conspiracy can explain their beliefs not fitting in with reality?
12. Re:Start of th End by luvirini · 2015-02-11 17:49 · Score: 1
  
  No, it includes a lot of modern small business routers too,
  I did not blame mozilla, I just stopped using it and switched to chrome as that is clearly what mozilla wanted by not allowing me so say "Yes it is a crappy certificate, but the traffic is on a local network so who gives a flying leap" that chrome allows.
  So as said I do not blame mozilla, they just do not want people to use their product so I am not.
13. Re:Start of th End by Zontar+The+Mindless · 2015-02-11 18:06 · Score: 1
  
  Have you ever actually tried to build FF from source? It's horrid.
  When it's as easy to build FF from source as it is, say, MySQL, you can get back to me.
  
  --
  Il n'y a pas de Planet B.
14. Re:Start of th End by Zontar+The+Mindless · 2015-02-11 18:39 · Score: 1
  
  Dracos does not have a particularly low UID, and you seem not to have much of anything resembling manners.
  
  --
  Il n'y a pas de Planet B.
15. Re:Start of th End by Zontar+The+Mindless · 2015-02-11 18:48 · Score: 3, Insightful
  
  I'm still pissed about them moving the tab bar to the top of the UI, thereby throwing the tab paradigm right out the window, and forcing me to go find a hack to get back what was perfectly sensible and should never have been changed like that in the first place.
  I'm forced to hack extensions almost weekly because the default for each new release is simply to declare all existing extensions "outdated/incompatible" when this is obviously not true in the vast majority of cases.
  It's almost as if someone said, "Now that we've lured in all these users, let's see how much abuse they'll take before they leave again."
  
  --
  Il n'y a pas de Planet B.
16. Re:Start of th End by UltraZelda64 · 2015-02-11 20:13 · Score: 1
  
  Meh... Firefox has been on an increasingly-sharp decline to shittiness ever since version 3, which rapidly accelerated with 4 and the rapid-release bullshit schedule as well as all the changes for no good reason. Too bad no one ever forked the last good version (aka. Firefox 2.x), and now we're all stuck with either Chrome or a Chrome rip-off, whether we want Chrome or not. I sure as hell do not, and therefore I am fucked. Hopefully the new browser by the guy who co-founded Opera actually turns out to be good, I always liked Opera... until they, too, shat all over their browser and made it yet another motherfucking Chrome wannabe (only going all-out in this case, literally basing it on Google's Chrome itself).
17. Re:Start of th End by gweihir · 2015-02-11 20:56 · Score: 2
  
  I agree. Making required signing a strongly advised default is fine, but the user _must_ have a fine-grained way to override it. I guess we will just see more FF forks that fix stupidity like this. There are already quite a few that fix the broken user interface.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
18. Re:Start of th End by Anonymous Coward · 2015-02-11 21:01 · Score: 1
  
  Yes, but that was before that they decided that Firefox would be a crappy imitation of Chrome.
  For the last couple of years, they have been removing all the useful features (including half the GUI), but the stuff that they remove keeps coming back as extensions. This allows users to still have an acceptable browsing experience, instead of being forced into the "vision" of Firefox developers.
  With extension signing, they get an easy way to block all those extensions that keep ruining the "vision", thus finally making forcing the rest of us over to Chrome.
19. Re:Start of th End by JMJimmy · 2015-02-11 22:10 · Score: 1
  
  Tabs on top does have some logical sense but following that logic the bookmarks toolbar is out of place, the search bar behaves in a global manner instead of a tab based manner, etc. They just did too many "me too" things without thinking them through fully.
  Most recently they removed the ability to place UI elements in the file bar - I used to keep search there (since it's global) and the address bar below the tabs. It worked really well but of course they want the file bar gone so they have to make sure no one can use it to its full potential.
20. Re:Start of th End by squiggleslash · 2015-02-12 00:29 · Score: 1
  
  If it's bypassable, legally, then there's no issue. My objection to the Apple iWalledgarden (as an example) has always been that it's not bypassable via any legal means, with Apple always scrambling to prevent users from exploiting the latest method to unlock their devices to allow their own apps to run.
  Firefox is offering two major alternatives here for end users: you can choose to use someone else's .exes (including your own if you really want to compile it), or you can use Firefox's developer's build.
  Mozilla is unlikely to accept requests to disable AdBlock+, but if they did, what of it? The reality is that demand for the developer's build would increase, and over time Mozilla would likely seek to contain the damage by, for example, permitting users to install their own extension signing keys in addition to the official Mozilla keys.
  The extension system has always been a pontential vector for security attacks. I think they're right in locking it down for users who aren't savvy enough to know the risks.
  
  --
  You are not alone. This is not normal. None of this is normal.
21. Re:Start of th End by wbo · 2015-02-12 01:50 · Score: 1
  
  If it's bypassable, legally, then there's no issue. My objection to the Apple iWalledgarden (as an example) has always been that it's not bypassable via any legal means, with Apple always scrambling to prevent users from exploiting the latest method to unlock their devices to allow their own apps to run.
  
  This is not strictly true. Pretty much anyone can pay the $99 fee to get a developer certificate and then sign any app that they like and install it on up to 100 iOS devices via sideloading - fully supported by Apple. What Apple doesn't like is those who "jailbreak" their devices so they can install non-appstore apps without purchasing a valid certificate.
  
  They have no problem with people purchasing a developer certificate, signing any app (including 3rd party apps that violate app store guidelines), and installing it on their devices.
22. Re:Start of th End by k8to · 2015-02-12 02:15 · Score: 1
  
  Your point stands, but are you aware of Classic Theme Restorer extension? It undoes most of the australis idiocy.
  
  --
  -josh
23. Re:Start of th End by qvatch · 2015-02-12 03:30 · Score: 1
  
  At this point I'm pretty much running an entire emulated version of old-sane firefox as extensions to current firefox. Lightweight!
24. Re:Start of th End by SCHecklerX · 2015-02-12 04:13 · Score: 1
  
  I migrated to chrome when firefox started to perform really poorly on Linux. I don't know what they did or why they never fixed it, but it's damned near unusable to me.
25. Re:Start of th End by marxmarv · 2015-02-12 10:02 · Score: 2
  
  They jumped the shark when they fired the technical soul of the company because the Other Right Wing had a problem with his lifestyle.
  
  --
  /. -- the Free Republic of technology.
26. Re:Start of th End by Zontar+The+Mindless · 2015-02-12 13:02 · Score: 1
  
  Your point stands, but are you aware of Classic Theme Restorer extension? It undoes most of the australis idiocy.
  Indeed I am.
  And I have it installed. While I still can, it seems.
  
  --
  Il n'y a pas de Planet B.
27. Re:Start of th End by luvirini · 2015-02-12 22:13 · Score: 1
  
  ------------
  Secure Connection Failed
  An error occurred during a connection to 192.168.0.1 Peer's certificate has an invalid signature. (Error code: sec_error_bad_signature)
  The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
  Please contact the website owners to inform them of this problem.
  ------
  and only try again as possible action
28. Re:Start of th End by toddestan · 2015-02-13 13:20 · Score: 1
  
  You get that if you go to a website with a self-signed certificate, or an expired one, and similar. If you remember back a few years, some root CA's got hacked with the end result that any certificate signed by those CA's cannot be trusted and as it may be fraudulent. Other browsers will throw up warnings and big scary dialogs (as they should), but will still let you click through and go to the site if you really want to. Firefox straight up refuses to let you connect in this case. This is a problem as you can still find these certificates on older networking equipment that will likely never see an update, and if you're accessing the device over your LAN it doesn't really matter anyway.
This is a good thing overall... by mlts · 2015-02-11 10:42 · Score: 5, Interesting

One common thing I see [1] is crapware doing two things. The first is creating a proxy daemon that sits on the local computer, then forces all Web browsers to use that. The second thing is to use a Web extension stuffed into IE/FF/Chrome/etc. to reload the settings and/or insert ads even into SSL transactions. Not to mention trying to ensure that a home page and search engine is set and locked to a certain site. Not new stuff (adware has been doing this since the Windows 98 and ME days), but having Web browsers require signed extensions means that it is one less avenue the bad guys to have to throw pop-ups at users who fetch a download from a popular PC download site and forget to uncheck some hidden box among the 10-20 dialog screens.
So, having extensions have to go through some type of gatekeeper process is a good thing. This has kept Apple's ecosystems (both OS X and iOS) quite clean. Similar with Linux repositories.
[1]: I've been shielded from it because I run virtually everything in VMs, use adblocking software, and even in the VMs, I use sandboxes, so it has not been an issue here.
1. Re:This is a good thing overall... by aardvarkjoe · 2015-02-11 11:00 · Score: 4, Insightful
  
  The problem in my eyes is not the default requirement that only signed extensions are allowed; the problem is that they don't even allow users to override it.
  Even if you're only concerned about development of extensions, it's a terrible idea to say that, essentially, developers can't test and develop with release versions of Firefox.
  
  --
  
  How can we continue to believe in a just universe and freedom to eat crackers if we have no ale?
2. Re:This is a good thing overall... by lart2150 · 2015-02-11 11:34 · Score: 1
  
  If you had read the article you would have seen the quote below.
  
  Installation of unsigned extensions will still be possible on Nightly and Developer Edition, as well as special, unbranded builds of Release and Beta that will be available mainly for developers testing their extensions.
3. Re:This is a good thing overall... by aardvarkjoe · 2015-02-11 12:14 · Score: 3, Insightful
  
  Re-read that sentence, specifically the word "special." If it's a special developer build, then it's not the same thing that your users are using.
  
  --
  
  How can we continue to believe in a just universe and freedom to eat crackers if we have no ale?
4. Re:This is a good thing overall... by aardvarkjoe · 2015-02-11 12:24 · Score: 3, Informative
  
  A security feature that can be easily overridden is not a security feature.
  That's just stupid. So passwords are not a security feature if you can disable them? Disabling telnet access by default to a computer is not a security feature? Blocking Flash or Javascript in a browser is not a security feature if you can turn them back on? HTTPS access to a web site is not a security feature if you can access it via HTTP?
  The default should be the one that is right for most people, but that's no reason to cripple your software for those that have other needs.
  
  Chrome did the same thing months(Maybe even more than a year?) ago.
  Chrome allows the user to re-enable installation of unsigned extensions.
  
  --
  
  How can we continue to believe in a just universe and freedom to eat crackers if we have no ale?
5. Re:This is a good thing overall... by Anonymous+Brave+Guy · 2015-02-11 12:26 · Score: 2
  
  A security feature that can be easily overridden is not a security feature.
  And a system so "secure" that the user can no longer use it for its original purpose is a failure. My house would be more secure against intruders if I concreted over all the windows and doors, but it wouldn't be a very useful house any more.
  
  --
  If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
6. Re:This is a good thing overall... by wbr1 · 2015-02-11 12:43 · Score: 1
  
  If you allow user override, then it is a bit that can be flipped by someone or a process other than the user. If you are trying to block malware, allowing a rouge download to override the setting renders it useless. That would be the reason for not allowing users to chose. And, users with knowledge can still choose. Use a nightly or other than stable release.
  
  --
  Silence is a state of mime.
7. Re:This is a good thing overall... by Lehk228 · 2015-02-11 13:16 · Score: 1
  
  what extensions do you use on any regular basis that are not off the mozilla extension archives?
  
  --
  Snowden and Manning are heroes.
8. Re:This is a good thing overall... by Anonymous Coward · 2015-02-11 14:42 · Score: 3, Insightful
  
  "what extensions do you use on any regular basis that are not off the mozilla extension archives"
  oh just a few that interface with our CMS, a few that Mozilla will never see (unless they come work for us), because our extensions are none of their fucking business
9. Re:This is a good thing overall... by Anonymous+Brave+Guy · 2015-02-11 15:02 · Score: 1
  
  I'm late to the party, but since it was me you asked, my answer would have been exactly what the other two responders said: early updates that fix glitches (ask anyone who uses Reddit how long it takes to get RES updates on Firefox these days) and occasionally something proprietary for my/my business's own purposes.
  More generally, I'm getting awfully bored with browsers and plug-ins throwing constant warnings and sometimes outright blocked functionality in the way of doing the work I need to do every day, all in the name of security and stopping me from being exposed to vulnerabilities that never actually seem to have caused me problems in the first place. Google seem to have backtracked on removing NPAPI from Chrome (and therefore completely blocking various plug-ins like Silverlight and Java even for those who do still have legitimate uses for them). Let's hope Mozilla grow a pair and admit they called this one wrong as well.
  
  --
  If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
10. Re:This is a good thing overall... by aardvarkjoe · 2015-02-11 16:08 · Score: 2
  
  If you allow user override, then it is a bit that can be flipped by someone or a process other than the user.
  Only if your software or system is already otherwise either compromised or hopelessly mis-designed. Given that this is Firefox, the latter might be possible, I guess. But overall, the notion that an already-compromised system could be compromised again is not a particularly strong reason to cripple your software.
  
  Use a nightly or other than stable release.
  This is not a good solution for developers who need to test against the stable release builds.
  
  --
  
  How can we continue to believe in a just universe and freedom to eat crackers if we have no ale?
11. Re:This is a good thing overall... by aardvarkjoe · 2015-02-11 16:15 · Score: 1
  
  Nope. I have extensions that are no longer in the official app store, or which can't be accessed due to Google's fancy when you try from "outdated" (banned) versions of Chrome and derivatives.
  There's a big fat message on every single startup when you've side-loaded an extension and clicking is required. The message cannot be turned off and you need to run a developer release.
  This is not true in the stable release for Debian. (Source: using it right now, with extensions that aren't from the Chrome web store.) My understanding is that you have to use a command-line switch to enable it in the Windows version, but it is still there.
  
  --
  
  How can we continue to believe in a just universe and freedom to eat crackers if we have no ale?
12. Re:This is a good thing overall... by aardvarkjoe · 2015-02-11 16:21 · Score: 1
  
  I think the crux of the issue on this point is that if the user can override it, the software that just installed a browser extension can likely override it too.
  If you're installing malware that installs a browser extension, the malware can probably just replace your browser. Or patch it so that it doesn't flag a disallowed extension even without the override turned on. Or any other number of nasty tricks.
  
  --
  
  How can we continue to believe in a just universe and freedom to eat crackers if we have no ale?
13. Re:This is a good thing overall... by Anonymous Coward · 2015-02-11 16:38 · Score: 1
  
  If you allow user override, then it is a bit that can be flipped by someone or a process other than the user. If you are trying to block malware, allowing a rouge download to override the setting renders it useless.
  
  A running process on a system with malicious intent means you've already lost. Most targets on consumer level systems are stored in standard user accessable locations (I.e. C:\Users\\Documents.), or the system resources are the target. (CPU Cycles, Network bandwidth, alternate IP address.)
  If a malicious process is running on one of those systems, it already has access to what it wants. Even as a standard user. (The only execption being data from other users, but then again typical consumer level systems are not secured very well....)
  As for not being able to flip bits if you disallow user override / execution , Nintendo would like a word with you: http://smealum.net/?p=517 (The link is a techincal write up for the 3ds ninjahax exploit.)
  TL:DR Just because you can disable users from being able to EASILY run something, does not mean it's impossible for them to run something, and if the user can, so can any piece of malware.
  Even worse, if you use a locked down system and it gets pwned, you may just find out that the same system used to keep you safe, is being used to keep you exploitable. http://it-beta.slashdot.org/st...
  http://apple-beta.slashdot.org...
  Not allowing a user (or more appropriately the owner) to override a lockout policy is very dangerous. It's the computer equivalent to putting one's fingers in their ears and screaming "lalalalala I CAN'T HEAR YOU!" It only covers up the issue, it does not address it. Any system that uses such security is not secure by definition. Because it's completely reliant on the complete trust of a third party who cannot be expected to have your best interests at heart at all times. Should such a system fail, there is no recource for the users or owners execpt to disable said system to prevent further damage. An act that sadly is becoming more and more difficult while maintaining a modern life style.
  
  And, users with knowledge can still choose. Use a nightly or other than stable release.
  Why should they? Why should someone who wishes to keep the ability to choose, be forced to use an unstable and potentially unsafe product for the privliege?
  Programmers (particularly oss developers) complain about regular users using unstable versions by default and then complaining to them that something does not work as advertised. Despite the fact they are using a clearly labeled (Development / Unstable / Beta / ALPHA / etc.) version.
  Guess now we know why don't we? They get pushed to unstable versions for one reason or another. Removed features from the stable release in this case.
14. Re:This is a good thing overall... by Zontar+The+Mindless · 2015-02-11 18:50 · Score: 1
  
  ...the problem is that they don't even allow users to override it.
  This, this, and again fucking THIS.
  
  --
  Il n'y a pas de Planet B.
15. Re:This is a good thing overall... by Zontar+The+Mindless · 2015-02-11 18:55 · Score: 1
  
  We sure as hell don't use "special developer builds" for testing/QA where I work. We build from exactly the same sources and in exactly the same way as for what we ship.
  
  --
  Il n'y a pas de Planet B.
16. Re:This is a good thing overall... by Zontar+The+Mindless · 2015-02-11 18:58 · Score: 1
  
  This is not a good solution for developers who need to test against the stable release builds.
  I would have said, simply, "This is not a solution."
  
  --
  Il n'y a pas de Planet B.
17. Re:This is a good thing overall... by rastos1 · 2015-02-11 19:09 · Score: 1
  
  Ditto.
18. Re:This is a good thing overall... by gweihir · 2015-02-11 20:58 · Score: 1
  
  I fully agree on the first, and the second is a real problem, especially security-wise. Now developers will probably patch and build FF themselves, and how many are willing and capable to do this?
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
19. Re:This is a good thing overall... by Zontar+The+Mindless · 2015-02-11 21:50 · Score: 1
  
  My point being that this shouldn't be a requirement, hello?
  
  --
  Il n'y a pas de Planet B.
20. Re:This is a good thing overall... by tepples · 2015-02-12 05:48 · Score: 1
  
  Unbranded versions of the stable release builds will not enforce signatures.
21. Re:This is a good thing overall... by jp10558 · 2015-02-13 04:30 · Score: 1
  
  And how is this going to work for CCK builds that push configuration to end users on corporate computers?
  
  --
  Opera, Proxomitron-Grypen,GPG 0x0A1C6EE3
22. Re:This is a good thing overall... by gweihir · 2015-02-13 19:55 · Score: 1
  
  They are screwed. Simple as that.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Drama queen by Anonymous Coward · 2015-02-11 10:46 · Score: 4, Insightful

Then use one of the builds where they will disable this feature. It's not that hard, and unless Mozilla decides to stop open-sourcing Firefox you'll always be able to make your own build without the feature. If you don't even trust them enough to be sensible with this plan, then why do you trust them enough to use their complicated source code in the first place?
1. Re:Drama queen by JMJimmy · 2015-02-11 11:06 · Score: 1
  
  Lets say Adblock gets blocked. Do you really think they're going to continue to develop for a non-mainstream audience?
2. Re:Drama queen by jorgevillalobos · 2015-02-11 11:16 · Score: 1
  
  Signing doesn't change in any way whether AdBlock Plus can be blocked or not. We get complaints about it on occasion and it's still hosted on the official add-ons site.
3. Re:Drama queen by Sir_Substance · 2015-02-11 11:33 · Score: 5, Insightful
  
  I'd like to express my personal dislike to you as a developer for any process where I must acquire your approval in any fashion to develop for your platform.
  I'm doing you a favor mate, the least you can do is not make doing that favor harder than it need be.
4. Re:Drama queen by ne0n · 2015-02-11 11:49 · Score: 1
  
  You'd have a massive revolt if Adblock were to be pulled or disabled. Not gonna happen. Hopefully this move will increase the snr among competitive categories like Youtube downloaders (about 54000 fake pieces of crap and 3 good working addons) etc.
  
  --
  $ :(){ :|:& };:
5. Re:Drama queen by sumdumass · 2015-02-11 12:04 · Score: 3, Insightful
  
  Well, that is until someone accuses mozilla of aiding copyright distribution by signing and allowing the youtube downloader and they eith stop signing them to avoid legal threats or a lawsuit orders it.
  Then it will be 0.
  BTW, concievably, add block can be blocked similarly. Al it would take is someone to claim it alters their copyrighted presentation and removes artistic value like when those fundies were bleeping language and cutting r rated scenes from movies. Even if there is no chance in hell of it winning in court, its questionable if mozilla would spend the money to fight it verses just stop signing the blocking software.
6. Re:Drama queen by yuhong · 2015-02-11 12:07 · Score: 1
  
  You can disable UEFI secure boot on most BIOSes.
7. Re:Drama queen by HBI · 2015-02-11 12:34 · Score: 4, Insightful
  
  They won't have many users at all if they piss off the extension developers sufficiently. The whole reason FF got the uptake it did was because of the very evangelizing users who care about extensions. I know of dozens of people who would not have ever had Firefox but for me.
  The fact that this isn't even realized is sad, but understandable. The reason FF is losing users now can be traced to many things, but any road to recovery is being hindered by pissing off the precise people that got them to where they were.
  
  --
  HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
8. Re:Drama queen by Luckyo · 2015-02-11 14:08 · Score: 1
  
  At this point, Adblock's development is largely irrelevant. As long as adblocking lists are maintained, you as end user are fine. And ablock+ itself has been forked enough times to ensure that someone will keep on developing anyway.
  This is what happened when adblock+ stopped working on Pale Moon for example and adblock+'s creators refused to fix the problem.
9. Re:Drama queen by Luckyo · 2015-02-11 14:10 · Score: 1
  
  To be fair we had several massive revolts so far, with no effect, especially one that came after they gutted FF's UI. A lot of people just left for alternatives.
  None of it had any impact on Mozilla. They just don't give a toss about their userbase.
10. Re:Drama queen by JMJimmy · 2015-02-11 15:13 · Score: 4, Informative
  
  Extensions are what got me to switch away from IE way back in the day. There's a core half dozen of them that are invaluable.
11. Re:Drama queen by JMJimmy · 2015-02-11 15:44 · Score: 2
  
  Adblock is an example addon. Insert the name of any addon.
  Another [i]example[/i] that came to mind almost immediately was FireNES. Never been on AMO due to the content but now will be effectively locked out of the mainstream release of Firefox.
12. Re:Drama queen by JMJimmy · 2015-02-11 15:49 · Score: 1
  
  Signing doesn't change in any way whether AdBlock Plus can be blocked or not. We get complaints about it on occasion and it's still hosted on the official add-ons site.
  If you don't sign an extension it's effectively blocked - that's the entire point of signing. The malware douches will find a way around it easily while the rest of the community suffers the consequences. It's a game of whackamole you know you can't win.
13. Re:Drama queen by tgv · 2015-02-11 18:46 · Score: 1
  
  You are really the kind of idiot that brings open source software down. "It's open source, fix it if you don't like it." How many people can do that? Anonymous Coward indeed.
14. Re:Drama queen by hairyfeet · 2015-02-11 20:41 · Score: 1
  
  Exactly they really just don't seem to give a single fuck if they are even here 5 years from now. I know my entire customer base all had me move them off of FF (for those that weren't wedded to FF I went Secure Chromium, for those that had an extension they couldn't live without Pale Moon) and when everybody complained? All we got from the devs was a collective finger.
  So I'd say they really don't give a toss about desktops anymore, with their burning the bridges I doubt they'll have enough desktop users in 5 years for even Ask to buy their search slot so it looks like its FireFox OS or bust. Damned shame but what can ya do?
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
15. Re:Drama queen by bazorg · 2015-02-11 20:53 · Score: 2
  
  Developers! Developers! Developers! are obviously very important, but end users are also a stakeholder in this conversation. If today there are closed app markets and signatures it is in part because there are enough developers out there capable of producing malware that looks and behaves like something any buyer would download unless warned not to do so. It's an arms race of sorts, and if you're a developer who prefers to remain anonymous and unaccountable, then it's something that users should be warned of when they come across your applications/extensions.
16. Re:Drama queen by squiggleslash · 2015-02-12 00:35 · Score: 1
  
  All of this whittering on about ABP ignores the fact that it's already hosted by Mozilla, has been for years, and Mozilla has never blocked it despite having the option to do so. That's in addition to the fact blocking ABP would simply result in everyone using Firefox Developer Edition.
  
  Slow Down Cowboy! Slashdot requires you to wait between each successful posting of a comment to allow everyone a fair chance at posting a comment. It's been 4 minutes since you last successfully posted a comment Chances are, you're behind a firewall or proxy, or clicked the Back button to accidentally reuse a form. Please try again. If the problem persists, and all other options have been tried, contact the site administrator. Reply to: Re:Drama queen Re:Drama queen (Score:5, Insightful) by sumdumass (711423) Friend of a Friend on 2015-02-11 19:04 (#49034083) Well, that is until someone accuses mozilla of aiding copyright distribution by signing and allowing the youtube downloader and they eith stop signing them to avoid legal threats or a lawsuit orders it. Then it will be 0. BTW, concievably, add block can be blocked similarly. Al it would take is someone to claim it alters their copyrighted presentation and removes artistic value like when those fundies were bleeping language and cutting r rated scenes from movies. Even if there is no chance in hell of it winning in court, its questionable if mozilla would spend the money to fight it verses just stop signing the blocking software. Reply to This Share Flag as Inappropriate Preview Comment Re:Drama queen (Score:?) by squiggleslash (241428) on 2015-02-12 7:33 Homepage Journal All of this whittering on about ABP ignores the fact that it's already hosted by Mozilla, has been for years, and Mozilla has never blocked it despite having the option to do so. -- ." Hello world"
  
  --
  You are not alone. This is not normal. None of this is normal.
17. Re:Drama queen by AmiMoJo · 2015-02-12 00:43 · Score: 3, Insightful
  
  You are being unreasonable. All modern operating systems put restrictions on what software can run on them and what it can do. On mobile operating systems you have to ask for permissions, and even on Linux your app doesn't get automatic root access and the ability to poke into the kernel just because you want it. You will have to build your own platform for that, an no-one will use it because it would be insanely insecure.
  Firefox downloads arbitrary data and code from the internet and renders/executes it. That's pretty dangerous, and despite attempts to sandbox and limit the damage it still leads to severe security vulnerabilities. Even worse, some of the people developing add-ons are malicious.
  Mozilla's actions seem quite reasonable. Require code to be signed after automatic review. Allow a way for in-house and development apps to run, the same way that Chrome does and the same way that Microsoft supports in-house ActiveX arbitrary code execution in the browser process. For 99.999% of users its a massive security win and for 99.999% of developers it won't make the slightest bit of difference.
  The only real danger, and it's way too early to know if it is a real danger or not, is if someone tries to use the courts to stop them signing something like AdBlock or YouTubeDownloader. Attempts have already been made and yet they still host both apps on AMO, so it seems unlikely that merely having to sign the code will change anything. They already have to approve every add-on they most with an automated code review.
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
18. Re:Drama queen by AmiMoJo · 2015-02-12 00:45 · Score: 1
  
  There have already been attempts to get these add-ons removed from AMO. Mozilla already does an automatic code review and automated tests of add-ons on their site. Adding a code signing step does nothing to alter the legal situation. If this were a possible avenue of attack it would have been exploited already.
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
19. Re:Drama queen by wbo · 2015-02-12 01:44 · Score: 2
  
  However, Microsoft requires removing the "press F1 to enter setup" delay, making it rather hard to get in to UEFI setup to disable secure boot. As far as I can Google, the only sanctioned way to disable secure boot is to buy a Windows 8 license, and then select "restart and enter setup" somewhere in control panel. And if you need to pay for Windows 8 anyway, what's the point of disabling secure boot?
  
  While on most UEFI boards there isn't a prompt or delay that waits for you to press a key, every UEFI board that I have encountered so far has had a way to inter UEFI setup without an OS installed.
  
  In the boards I have worked with you simply hold down a key while powering on the system (usually either delete or F10). The UEFI firmware picks up the keypress and enteres the setup menu. It really isn't any harder than traditional BIOS-based systems - especially BIOS-based systems that support Fast Boot.
  
  If you don't have a copy of the manual for the particular motherboard in a system it may require some experimentation to figure out which key is used to enter the UEFI setup but Delete and F10 appear to be the most common so far (although on the Surface Pro tablets you have to hold Volume Down but then again they don't have a built-in keyboard).
20. Re:Drama queen by jorgevillalobos · 2015-02-12 02:01 · Score: 1
  
  Read the blog post. Developers will still be able to distribute their add-ons outside of the official add-ons site. And we've always had the capability of blocking add-ons that are not on the official site.
21. Re:Drama queen by Meneth · 2015-02-12 02:30 · Score: 2
  
  All modern operating systems put restrictions on what software can run on them and what it can do.
  No, they don't. Windows, Linux, the BSDs, OSX, none of those have any mandatory filters. Windows and OSX have some "anti-malware" crap, but those can be disabled.
  
  Even on Linux your app doesn't get automatic root access and the ability to poke into the kernel just because you want it.
  If an app wants root access, it'll pop up a password prompt. If you want it, it can poke anything. :)
22. Re:Drama queen by mrchaotica · 2015-02-12 02:35 · Score: 2
  
  You are being unreasonable. All modern operating systems put restrictions on what software can run on them and what it can do. On mobile operating systems you have to ask for permissions, and even on Linux your app doesn't get automatic root access and the ability to poke into the kernel just because you want it. You will have to build your own platform for that, an no-one will use it because it would be insanely insecure.
  And you are falsely equating user-imposed restrictions with third-party-imposed restrictions, which makes all the difference in the world.
  
  --
  "[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
23. Re:Drama queen by sumdumass · 2015-02-12 02:57 · Score: 1
  
  Right now its not a target but neither was napster for the first couple years. Cleanflicks was in budinedd for a couple years before suing to determine legality (which it lost) because just a threat posted on another site was made.
  Just because now does not mean never. Without sighning, even if mozilla stoppdd hosting, you coild still fine and install. Fire sheep was that way- mozilla stopped hosting but you could still grab it and show pointy headed bosses why https was a good idea. With signing, its just whatever they deem allowable.
24. Re:Drama queen by wolrahnaes · 2015-02-12 03:01 · Score: 1
  
  No it won't. It only needs to be signed, not distributed on AMO. RTFA.
  
  Extension files that aren’t hosted on AMO will have to be submitted to AMO for signing. Developers will need to create accounts and a listing for their extension, which will not be public. These files will go through an automated review process and sent back signed if all checks pass. If an add-on doesn’t pass the automated tests, the developer will have the option to request the add-on to be manually checked by our review team. A full review option will also be available for non-AMO add-ons, explained further ahead.
  
  --
  I used to get high on life, but I developed a tolerance. Now I need something stronger.
25. Re:Drama queen by JMJimmy · 2015-02-12 03:55 · Score: 2
  
  I RTFA. If addons require signing they have to be submitted for review by Mozilla. Mozilla becomes a gatekeeper meaning they can in theory be legally forced or simply themselves choose to not sign specific addons. That would effectively block them from being used by mainstream Firefox users who don't know about various builds/etc.
26. Re:Drama queen by Anonymous Coward · 2015-02-12 08:21 · Score: 1
  
  You definitely got that right... I moved to PaleMoon (because of the UI changes and the google factor) and you can bet they never noticed. But, if enough of us moved on maybe, just maybe, they might ...or not.
  We're seeing a similar problem in the Linux world where the new kids on the block are pushing their version of better into a functioning eco system and mucking it up (I'm looking at you systemd). You either stick or you move on. I've really liked CentOS for servers but they're improving to the point I feel I need to leave for something more sensible.
  And it's not just in the tech field, I've had to move on from a number of products in my life because they've been "improved" to the point where they don't work for me any more.
  New and improved often isn't. ...now get off my lawn!
27. Re:Drama queen by antdude · 2015-02-12 08:40 · Score: 1
  
  How are the extensions in other web browsers? Are there plentiful to replace Mozilla's?
  
  --
  Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
28. Re:Drama queen by JMJimmy · 2015-02-12 10:11 · Score: 1
  
  How are the extensions in other web browsers? Are there plentiful to replace Mozilla's?
  Not sure. I would need replacements for:
  Firebug
  Chatzilla
  AdBlock Plus & Element Hiding Helper
  QuickDrag
  SnapLinks Plus
  TableTools2
  LiveHTTP Headers
  There are a few others that are nice but I could do without, every other addon I have is to fix what Mozilla broke.
29. Re:Drama queen by antdude · 2015-02-12 11:35 · Score: 1
  
  See, too many good addons with Mozilla products. :(
  
  --
  Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
30. Re:Drama queen by JMJimmy · 2015-02-12 12:25 · Score: 1
  
  No, it's that this will do little to affect those crappy addons - they'll find a way around the signing but legitimate/new developers will have more hassles to deal with. It's effectively DRM and we all know how well that whack-a-mole game works.
31. Re:Drama queen by Sir_Substance · 2015-02-12 12:40 · Score: 2
  
  All modern operating systems put restrictions on what software can run on them and what it can do.
  No, they don't.
  For the following platforms, I can write a hello world, compile it and distribute it and it will Just Work:
  Windows 7
  Windows 8.1
  OSX
  POSIX
  Android (with non-market apps ticked)
  For the following platforms, I have to contact the platform owner and get permission before distributing my hello world:
  iOS
  Windows Phone
  Here's the deal: Your platform, without my software, is worthless. I, the developer, expect to be enticed to your platform, in order to add value to it.
  iOS did this successfully back in the day. Windows phone did not. Witness the difference.
  So no, I'm not being unreasonable. Mozilla needs me. I will not beg them for permission to make their platform better. If there is a security problem with their addon system, that I damn well expect them to fix that issue without making it my problem.
  If they make it my problem, I'll develop for Chromium, and leave Mozilla to develop their own damn plugins. See if I give a shit, it's not like I'm selling the thing.
32. Re:Drama queen by arglebargle_xiv · 2015-02-12 14:18 · Score: 1
  
  Extensions are what got me to switch away from IE way back in the day. There's a core half dozen of them that are invaluable.
  Unfortunately in recent years the core half-dozen critical extensions are the ones you need to undo all the crap that's been done with Chromefox and get it back to being Firefox. Only after you've applied those can you start enhancing its functionality.
  Still, without those you'd be stuck with using Chromefox, at which point you may as well just switch to Chrome anyway.
33. Re:Drama queen by Waccoon · 2015-02-12 23:16 · Score: 1
  
  As easy as it is to use something like Seamonkey or Palemoon, there's no substitute for critical mass. If Firefox stagnates, Chrome will take over everything.
34. Re:Drama queen by Luckyo · 2015-02-13 04:26 · Score: 1
  
  Considering that overwhelming majority either left for Chrome once it got the necessary add-ons that initially locked a lot of people into FF or FF forks that avoided breaking functionality and removing functionality like Pale Moon, I would point out that your FUD post is just that - FUD with no basis in reality.
  FF's market share was on a steady climb before fiasco after fiasco started to hit its popularity, at which point it levelled out as people waited, and eventually went down to current figures.
  If your argument was correct, we would have seen the curve go the other way - decline where we see growth (no new "features", old versioning model with less broken things every time new version is out, old UI, etc) and growth once those issues changed.
  Essentially you're trying to argue that historic figures were all wrong and you know better. Which sounds a lot like current people working at Mozilla.
35. Re:Drama queen by Burz · 2015-02-14 02:01 · Score: 1
  
  I'm in favor of signing as a way to protect against MITM attacks when installing or updating addons. And I think Mozilla curating its own AMO site is a good thing. These two practices, implemented together flexibly, would be a boon a Firefox users if Mozilla had the sense to arrive that decision.
  However, the way you're implementing this is cutting across PC culture by giving the user no recourse. That is a big mistake. Whether you intend it or not, a de-facto walled garden is still a walled garden.
  Neither Windows nor OS X completely tie the users' hands when encountering un-signed programs, and there are good reasons for this.
36. Re:Drama queen by Burz · 2015-02-14 02:11 · Score: 1
  
  Signing doesn't change in any way whether AdBlock Plus can be blocked or not. We get complaints about it on occasion and it's still hosted on the official add-ons site.
  Its not the same thing, and I'd hope you would have the sense to realize that.
  Blacklisting an addon requires an action on the part of Mozilla. But now with the way the signing requirement appears to be implemented, the use of new or unusual addons can be stopped by simple neglect on Mozilla's part... LACK OF AN ACTION will now block addons!
  And even that would be OK with me if you gave the user some way to click some extra buttons or context menus to make an exception as is done in Windows and OS X.
  But no..... lets be inspired by iPhones and iPads.
Well, win64 already required nightly by k8to · 2015-02-11 10:54 · Score: 2

I guess I'm happy this won't affect me as their failure to ship a win64 binary has me on nightlies already on windows, and on Linux I end up building my own half the time and can turn this shit off.
That said, I'm starting to tire of firefox's bad decisions of the month.

--
-josh
1. Re:Well, win64 already required nightly by k8to · 2015-02-13 10:20 · Score: 1
  
  Waterfox has already embedded malware in its downloads by choice. Steer clear.
  
  --
  -josh
Depends on whether the extensions I use get signed by Mike+Van+Pelt · 2015-02-11 10:58 · Score: 1

I don't go nuts with extensions, but there are some I really need to use -- LastPass, Tree Style Tab, Certificate Patrol, NoScript. The "big ones", of course, will get signed, but some of these (like Tree Style Tab) seem to be an "individual working in his garage" type plugin. Will it get signed? If not... that's a problem.
Re:Depends on whether the extensions I use get sig by Anonymous Coward · 2015-02-11 11:05 · Score: 1

Based on the fact that they have an auto-signing mechanism, and any decent addon should be on AMO anyhow (thus getting signed as part of the review process), I think it's safe to say you're covered. The risk here is that if the auto-signing isn't good enough, we'll see even more addons languishing in the review queue.
This won't end well. by Bryan+Bytehead · 2015-02-11 11:07 · Score: 4, Insightful

I'm already seeing erosion of extensions just because of the changes that are being made in Firefox, and developers' are getting tired of fixing the breakage. Forecast Fox, a nice weather bar suffered from losing the default status bar. OK, there are ways to get it back, but now you have an extension that requires other extensions to work. Then AccuWeather created some issues, which they have since fixed. Another developer has now taken up to keeping it working, but I can't help think that the original developer is going to smack that version down. Not yet, but then, it hasn't been a week yet. Then there's a theme extension that I used to use, Noia, which has gone through a few iterations. It seems that Mozilla has made it harder for theme authors, and that author has given it up. In fact, the author has already removed it from AMO! Which means that I get left with something that looks very much, too much, like Chrome. I run a desktop, I don't run Firefox on a tablet or a phone, and I rather like how Firefox looked before everything got borked. Trying to force everybody into a phone/tablet/laptop/desktop only one way of doing things, yeah, it's something that I do object to. Strenuously, but it's not like what I have to say means anything.
Throwing another wrench into the path of extension authors isn't going to be helpful. To the end users or the developers.
Yeah, it might cut down on some cruft, but that's why you do your due diligence when installing extensions, both on and off AMO.

--
Bryan
1. Re:This won't end well. by NormAtHome · 2015-02-11 11:15 · Score: 2
  
  I've seen that and agree there's a problem. Like some people here have said, I don't go crazy with extensions but for me the Noia theme is an absolute must as the default theme is god awful. So far as I know, two developers have quit developing it and the last one stated the exact reason that you mention i.e. that fixing the breakage in every new release is just too much.
2. Re:This won't end well. by Zontar+The+Mindless · 2015-02-11 19:06 · Score: 2
  
  Having used both of the weather-related extensions and having given up on them, I can confirm both that I am not a script and that M Bytehead is spot-on.
  And don't get me started about the nauseating and broken default UI and the fact that every time I find a theme that takes care of most of these issues, it's usually just a few weeks before the next FF release declares it "obsolete".
  If I wanted to use Chrome, I'd use Chrome... Opera is no longer distinctive in any meaningful way... Gee, I never thought I'd see the day when I started wishing that Microsoft would port IE to Linux, but I'm starting to think I might start doing so sometime soon.
  
  --
  Il n'y a pas de Planet B.
3. Re:This won't end well. by gigelu · 2015-02-11 19:47 · Score: 1
  
  I had a similar problem with JSView, it stopped working recently. i unzipped it, fixed the bug (in a manner of speaking), zipped it again and now it works.
  With the signing I will not be able to do this again and that's a bummer.
4. Re:This won't end well. by slacker001 · 2015-02-12 03:23 · Score: 1
  
  The Forecastfox (fix version) on Firefox actually brought me back to using the browser because that extension is just so much better than every other weather extension. I'll keep using Firefox, even though it's noticeably slower then Chrome in some areas and tends to lock up for a couple seconds at times, just for the extensions it offers. That's how much those extensions mean to some users. If those disappear I don't see any reason to keep using Firefox, unfortunately.
5. Re:This won't end well. by Bryan+Bytehead · 2015-02-12 07:54 · Score: 1
  
  Yeah. I've been using ForecastFox for some time. Even when others were having issues, I didn't seem to have them, and I run Nightly as my daily browser. I did morn the lose of the status bar, but an extension to fix that appeared, and I was still good. Up until the need for the ForecastFox Fix version, which happened recently. I was looking at the extension to see what I could fix when that version was released. I'm glad I didn't sink much time into it, the new author has done a great job. But it's still a derivative work that could be taken down by the original author, and who knows how long this author will stick around.
  What Mozilla is doing, I see a logic to. I just don't agree with that logic. A desktop user is totally different than a mobile user. Even the original status bar could be toggled by a keystroke, and with the 1080p monitors out there, you can't say that we are exactly in a crunch for monitor real estate, and with 4K monitors coming out, it really becomes a WTF. Trying to be both to both worlds is just insanity. You're pissing off the desktop user, and I'm not too sure what the mobile user gets out of it. I run Android on my phone, and it's just been easier for me to go the Google route and use Google's apps instead of Samsung's. Yeah, I could run Firefox, but I don't run Sync, because I have issues with what extensions work with what versions, and besides Nightly (64-bit and 32-bit!), I run Release, Beta and Developer's. And I don't want to think how many extensions would get loaded on my phone then.
  When they decide that e10s WILL be the default, it will be another culling of available extensions, as a bunch of those refuse to work in an e10s window. I suspect that even if an extension works otherwise, it won't be signed, and it won't be possible to run it, regardless if e10s is optional or not. Considering I can't get a static HTML page to load under e10s under my usual profile tells me plenty. At least Nightly has now stopped trying to set it on by default, I can upgrade without worrying if I can even get a working page up on it. And now I know about it instead of being a "Surprise!" and finding out that I'd be hosed if I turned it on.
  
  --
  Bryan
How about sandboxing and processes per tab? by Billly+Gates · 2015-02-11 11:24 · Score: 3, Informative

This is not 2008 anymore.
Even IE 8 no really IE 8 has sandboxing and processes per tab starting with Windows 7 back in 2009??!
Until then Firefox is too insecure for me and can't scale my hyperthreaded i7 like IE or Chrome can.
Mozilla adding signing really does help but only those who are dumb and put in any extension without reviewing it at first.

--
http://saveie6.com/
1. Re:How about sandboxing and processes per tab? by Anonymous Coward · 2015-02-11 12:03 · Score: 1
  
  This has nothing to do with sandboxing. Firefox is internally sandboxed, which is why its still hard to hack. Also, multiprocess won't be released until next year.
2. Re:How about sandboxing and processes per tab? by Blaskowicz · 2015-02-11 12:24 · Score: 1
  
  That must be why sometimes gets firefox to use 107%, perhaps up to 112% CPU. That's the good old model of one thread does everything, many little threads spend their time doing nothing or take care of a few crumbles.
3. Re:How about sandboxing and processes per tab? by hairyfeet · 2015-02-11 22:43 · Score: 1
  
  Hear hear! While the lack of low rights mode (which frankly is a must for any consumer browser, running with user credentials is just insanity) made me stop giving it to customers seeing my C2Q at the shop have 1 core slam to the firewall while FF just sat there and spun was what had me uninstalling the damned thing. It got to the point that on some sites I literally could fire up Secure Chromium, load the page, log in and be on my way before FF had gotten its shit together and stopped bitchslapping that single core. Its 2015 and it still does 90%+ on a single core?
  Frankly I'd bitch about the FF devs ignoring everything they promised when FF was first released, all that "a more lightweight standards compliant" browser crap but I think we can all agree that the devs have no fucks to give on the desktop anymore so what would be the point? They just better hope they can carve a profitable niche with FF-OS because in less than 5 years FF is gonna be down there with Kmeleon and SWIron in the "other" category, they have run off so many users the past few years its just pitiful!
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
From the post... by yuhong · 2015-02-11 11:32 · Score: 3, Informative

"Extensions that change the homepage and search settings without user consent have become very common, just like extensions that inject advertisements into Web pages or even inject malicious scripts into social media sites. To combat this, we created a set of add-on guidelines all add-on makers must follow, and we have been enforcing them via blocklisting (remote disabling of misbehaving extensions). However, extensions that violate these guidelines are distributed almost exclusively outside of AMO and tracking them all down has become increasingly impractical. Furthermore, malicious developers have devised ways to make their extensions harder to discover and harder to blocklist, making our jobs more difficult."
1. Re:From the post... by sumdumass · 2015-02-11 12:22 · Score: 1
  
  Then just build in a malwarebytes button and let the people who do that for a living do it for you.
  You don't need to reinvent the wheel or lock everybody out.
2. Re:From the post... by Anonymous Coward · 2015-02-11 12:58 · Score: 1
  
  It's not about security. It's about control.
  Just like the "health reports" aren't actually about debugging, they're about collecting a unique identifier and some additional information then selling that to a data-mining company like Google. Or Yahoo, apparently.
3. Re:From the post... by yuhong · 2015-02-11 13:37 · Score: 1
  
  I don't think Mozilla is that bad.
4. Re:From the post... by sumdumass · 2015-02-11 22:16 · Score: 2
  
  Yes, people would want to trust a company they already trust verses having their options taken away in the name of protecting them.
  This is especially true given their insistance on other changes the people do not like and ignoring the user's input so many times for reasons that do not appear legitimate to most. The trust in mozzila has been dropping for a long time now. It dropped really fast for me when they persecuted someone for political speech and when they dropped google while initially making it dificult to switch back.
5. Re:From the post... by yuhong · 2015-02-12 09:33 · Score: 1
  
  More importantly, Malwarebytes was designed for fighting malware like this and has the expertise.
This is needed by ericlondaits · 2015-02-11 11:34 · Score: 4, Interesting

This is needed because people don't realize how much exposure to malware extensions give them. Three examples:
1) "Trustworthy" extensions that get sold (with no clue to users) to shady third parties which then update the extension with adware, malware, etc. taking advantage of the userbase. Which extensions can you trust not to do this?
2) I live in Argentina, where a LOT of people use extensions to avoid regional locks of websites (Hulu, BBC) or to access the american version of sites like Netflix, which feature different shows. These extensions, AFAIK, intercept connections to certain sites and route them transparently to a proxy. This is a BIG deal, because it willingly exposes you to MiM attacks. This is something no user should opt-in into. Also, some of these extensions are funded by injecting ads into sites you access, which opens you up to vulnerabilities and exploits.
3) Some years ago there was a crazy popular site here in Argentina called Cuevana, which was a sort of free Netflix. They had a big movie and tv series database hooked to a video player that played videos stored in file lockers. This site required a browser extension to run. The extension was not installed through the Firefox / Chrome site, but rather directly from the site... still this didn't discourage anyone. I downloaded the extension and checked its source code to see what it did... it was a single include of a javascript file stored in Cuevana's web server... basically a blank check to run whatever code was there in the privileged context that extensions run in: absolute craziness.

--
As a Slashdot discussion grows longer, the probability of an analogy involving cars approaches one.
1. Re:This is needed by iggymanz · 2015-02-11 13:53 · Score: 1
  
  Plenty of "legitimate" software has done such things over the years too. The solution is NOT to dictate to me what I run on my machine and NOT to put my blind faith and trust in Mozilla's vendor vetting processes.
2. Re:This is needed by ericlondaits · 2015-02-11 14:15 · Score: 1
  
  It's not blind faith since there's at least a process. You can distrust the process and that's acceptable as well... ... but web browsing security is based on a number of sandboxing and scripting restrictions which extensions can bypass. If you can't trust your browser not to perform MiM, key logging and other forms of data stealing you shouldn't use it for anything important either. Trusting the web browser is as vital as trusting the OS... Pages can be adversarial so you depend on the security brought by your browser just like software can be adversarial and you depend on the security provided by your OS. If you don't run everything as root/Admin you shouldn't use unsafe extensions either.
  
  --
  As a Slashdot discussion grows longer, the probability of an analogy involving cars approaches one.
3. Re:This is needed by bluegutang · 2015-02-11 23:31 · Score: 1
  
  1) "Trustworthy" extensions that get sold (with no clue to users) to shady third parties which then update the extension with adware, malware, etc. taking advantage of the userbase. Which extensions can you trust not to do this?
  How would signing prevent this? The shady third party would buy the certificate as well as the extension.
4. Re:This is needed by ericlondaits · 2015-02-12 00:38 · Score: 1
  
  Javascript COULD have vulnerabilities that a site exploits allowing it to do some bad stuff... but extensions CAN do bad stuff even if there are no vulnerabilities. It's like a buffer overflow exploit vs running a program as root.
  
  --
  As a Slashdot discussion grows longer, the probability of an analogy involving cars approaches one.
5. Re:This is needed by ericlondaits · 2015-02-12 00:41 · Score: 1
  
  The extensions are signed by Mozilla after passing a review, you don't sign them yourself. If a shady third party modifies the extension and submits a new malware version it won't pass review when submitted.
  
  --
  As a Slashdot discussion grows longer, the probability of an analogy involving cars approaches one.
Lol by The+MAZZTer · 2015-02-11 11:52 · Score: 1

This reminds me of the time Chrome did this, and a bunch of Chrome users threatened to switch to Firefox... I almost feel bad for them now.
Better signal/noise good, but zero tolerance? by Anonymous+Brave+Guy · 2015-02-11 12:08 · Score: 1

Better signal-to-noise ratios in widely used package manager/app store systems is often helpful. As you say, we don't need thousands of copies of the same trivial tool, and we certainly don't need many of them to be substandard implementations or outright malware.
However, you can achieve that through some sort of endorsement or prioritisation process, without adopting a zero tolerance attitude. The words "without any possible user override" should make anyone nervous about the future of a software ecosystem, because the words "so anything the user wants to do is subject to approval by a gatekeeper with their own best interests at heart" implicitly follow.
The state of the browser world is not a happy one at the moment, at Google/Chrome is already almost established as the new Microsoft/IE from the first big browser wars, and now both Mozilla and Microsoft seem determined to chase Google instead of staying true to the different, distinctive, but still widely valued principles and policies they followed a few years ago. If Chrome want to go killing off useful but older technologies and adding bleeding edge features every few weeks, let them, some people will enjoy it. But let Microsoft continue to focus on things like stability, quality of implementation and large deployments over pushing bleeding edge developments, and let Mozilla continue to provide an independent competing browser and an open ecosystem with a solid basic product and the flexibility to install or even write plug-ins to enhance it as each user wanted.
There's plenty of room for everyone, and there's a certain hypocrisy in arguing for locking down the plug-in ecosystem to prevent the proliferation of substandard clones at a time when both the IE and Firefox teams seem obsessed with chasing Chrome instead of playing to their own strengths and innovating in other ways.

--
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
This absolutely sucks by emiliano.heyns · 2015-02-11 12:11 · Score: 2

I maintain a plugin which I don't host on AMO, because the review process is *glacial*. This nice security measure is going to make sure it will take weeks to get a ten-minute fix to my users.
1. Re:This absolutely sucks by emiliano.heyns · 2015-02-11 12:14 · Score: 2
  
  Ah never mind, it's only signing, not AMO-enforcement. Still a major PITA; I had my release process automated.
No developer mode in "stable" build, really? by kav2k · 2015-02-11 12:13 · Score: 2

[...] they will have to either test on Developer Edition, Nightly, or one of the unbranded builds [...]
Yes, there was much outcry when Chrome killed non-signed extensions installs, but at least it allows to load a development ("unpacked") version of any extension in the stable version. This is essential for testing, after all, to ensure it works and you can debug it on the platform most users actually run.
If FF does not allow it, well, nuts.
Could be a good move by blackpaw · 2015-02-11 13:05 · Score: 1

You place a lot of trust in extensions. This won't exactly stop malcious code, but it will provide a level of accountability.
And it does not seem all that different from the requirement to sign packages for distro repositores, and we all accept that.
Impact for small developers? by Anonymous Coward · 2015-02-11 13:18 · Score: 1

Does this mean that I will no longer be able to develop a Firefox extension and place it on my website for the public to download and install? Instead, I have to submit it to AMO, and pray to god that Mozilla approves of my extension and what it does? That they don't disagree with its purpose for some political or philosophical reason, and that Mozilla aren't pressured by a corporate sponsor into not signing my extension?
Suppose I've built an extension that cleans up the Yahoo Search interface, for example. Yahoo, from whom Firefox now gets funding, would never condone it. At present, anyone who wants my extension can get it from my website. Now it will simply be silenced? Sorry, bub, if your extension doesn't pass our official Corporate Muster, you're shit out of luck?
If so, to hell with that and to hell with Mozilla. Firefox was a great experiment while it lasted; thanks for a few years of fun.
Someone should write an extension... by rHBa · 2015-02-11 15:12 · Score: 2

...to disable extension signature checking. I'm only half joking

I understand the reasons for doing this, it's too easy for (l)users to be tricked into installing dodgy addons, but if there is a single SIGNED extension that disables this feature then you at least know the user has seen all the warning messages and (presumable) knows what they are doing.

Having said that, I don't understand why they couldn't have a user setting similar to what you get when you edit about:config...
My top extensions are former Firefox features by Flexagon · 2015-02-11 17:44 · Score: 2

The top extensions that I use are for features that used to be directly in the Firefox UI or even about:config but aren't now. So from my point of view, they've brought this bad situation on themselves.
1. Re:My top extensions are former Firefox features by Anonymous Coward · 2015-02-11 21:16 · Score: 2, Interesting
  
  They present you this glorified vision of how you will use Firefox. How dare you go install extensions to ruin their vision?
  How do you not see that people like you are the real reason for this change? You will use Firefox as the developers intended, or you will move to Chrome*, where you will get exactly the same bare bones experience.
  If not for people like you, they wouldn't need to be able to block such shady extensions as Classic Theme Restorer and Tabs On Bottom.
  * Which just happens to be written by the same company that paid for most of the implementation of this vision).
Re:Extensions are a dumb idea anyway by Zontar+The+Mindless · 2015-02-11 19:13 · Score: 2

Just because you can't think of other use cases for extensions doesn't mean there aren't any.

--
Il n'y a pas de Planet B.
Re:Extensions are a dumb idea anyway by topologicalanomaly47 · 2015-02-11 19:27 · Score: 1

Sure dumb-ass,
What about firebug, passifox, user agent switcher, autoauth? What do you set in your hosts file for that functionality?
what would fail? by gl4ss · 2015-02-11 19:32 · Score: 1

well _someone_ is pushing for this..
so what addons would _fail_ the extension signing?
who lobbied for this, the devs for the top 10 extensions?

--
world was created 5 seconds before this post as it is.
AMO... by wonkey_monkey · 2015-02-11 20:22 · Score: 2

...is addons.mozilla.org, in case you were wondering.

--
systemd is Roko's Basilisk.
Should have happened YEARS ago by DrXym · 2015-02-11 21:48 · Score: 1

Extension signing should be the way it is in Android - roll a key, register the key and then continue to sign the extension with that key. It means that when a new version of the extension is uploaded the signature can be verified to ensure the extension is a) not tampered with, b) reasonably likely from the same origin.
That's lunacy. by AbRASiON · 2015-02-11 23:33 · Score: 1

I use several addons which are old as heck and not updated, which (god knows how) continue to work in newer versions, example "Tabs menu" for firefox fixes an incredibly stupid omission (like many) in the Firefox UI.
Hopefully this decision is reversed.
When you have control, you have liability by mlwmohawk · 2015-02-12 00:02 · Score: 3, Interesting

Just saying, "anyone can write code, be careful" gets you out of a lot of trouble. Saying "We've checked these and they are good" buys you a lot of headaches. That's the first problem. Who's going to test the extensions? Who's going to be liable when a "tested" extension is malware? It WILL happen, you know it. Who is going to maintain the cert?
No user work-around? That's pure insanity. What happens when a vendor says "This is too much trouble, we can afford to support firefox anymore," their customers will have to switch browsers.
Lastly, having any group of people dictating what others can do is against the whole notion of free and open source software. I have absolutely no problem popping up a dialog that says, "This extension has not been tested by the Mozilla Organization, Proceed at your own risk," but not even having that option is totally and completely bogus.
Time to fork.
BS by Anonymous Coward · 2015-02-12 02:45 · Score: 1

“Extensions that change the homepage and search settings without user consent have become very common, just like extensions that inject advertisements into Web pages or even inject malicious scripts into social media sites.”
Extension signing would do NOTHING to prevent this. Your stated reason for not allowing an about:config setting to disable the “feature” is that “malicious add-ons and applications can easily manipulate those settings” that means malicious applications can easily manipulate the homepage and search settings, too! In other words, the first two use cases you listed are moot.
Also, unless you plan to also require signing of all userscripts for extensions like Greasemonkey, a malicious application could simply install the (signed) Greasemonkey extension and then enable their own malicious userscript, allowing them to inject advertisements into Web pages and malicious scripts into social media sites, your second two use cases.
None of your use cases have been addressed. This is BS.
I have non-public personal extensions that I want to continue using. I don’t want to have to provide my code to Mozilla just so that I can continue using it.
And lose all your apps after 365 days by tepples · 2015-02-12 04:17 · Score: 1

Pretty much anyone can pay the $99 fee to get a developer certificate

Plus a $650 Mac on which to install it. Plus $99 for each additional year after it expires.
They are the same by tepples · 2015-02-12 05:14 · Score: 1

If "unbranded builds" are what I understand them to be, they are built from exactly the same sources in the same way, except for sources containing the Firefox name and logo.
It's only a matter of time... by marxmarv · 2015-02-12 10:12 · Score: 1

before Mozilla and FDF combine in some way. They're made for each other.
Of course, the blame should be laid entirely at the feet of the SJWs who were willing to trade anyone else's community for the gracious permission of the elites to join white society and kick down as a married couple...

--
/. -- the Free Republic of technology.
so I can't customize other extensions to my liking by Gunstick · 2015-02-15 11:38 · Score: 1

It heppens that an extension does not install because the firefox version does not match.
The only thing not OK is the developer not having submitted a new file where the version is changed.
I usually unpack the extension, change the firefox version and repack it again.
And it works flawlessy.
Now, with signing, this will probably be impossible.
Pinning firefox in apt ...

--
Atari rules... ermm... ruled.