[AndreSegers]

I admire Firefox for what it's accomplished, but Chrome has stolen my heart. I had to use Firefox today actually to test something, and discovered a Bing bar that I'm pretty sure I didn't consent to, taking up valuable real-estate.

[ootachi]

Whatever that bar is, it's not Mozilla official. Some other software on your computer put it there.

[AndreSegers]

That very well may be, but my point was basically that it's not something I have to worry about in Chrome either.

[mbrubeck]

You will, once the toolbar/adware/malware makers start targeting Chrome more. (Google can try to stop them, but it will be an arms race.)

[Raphael]

It doesn't have bars really, only buttons that open floating views. Although I suppose you could inject a bar into the web page.

[GHFigs]

Some other software on your computer put it there.

Why does Firefox allow this?

[amalcon]

Technically, your operating system's security model allows this. There's little Firefox could do to prevent it.

This is a historical accident; only toy and mobile OSes have any sort of application-level access control.

[HelloBeautiful]

>> There's little Firefox could do to prevent it.

Wrong, they can just add DRM.

[ootachi]

There is work to give the user more control over this that unfortunately didn't make it into Firefox 4 [1], but ultimately it's a battle that can't be won; on the desktop, apps can modify other apps. I suspect that this will happen to Chrome too.

[1]: https://bugzilla.mozilla.org/show_bug.cgi?id=596343

[digdug]

Heck, since Chrome has to put itself into the users AppData folder in order to do silent updates, is there anything preventing malware from just screwing with the Chrome libraries themselves?

[sp332]

Even though you can't uninstall it, you can disable the extension on a per-user basis. Firefox looks in both per-user and system-wide locations to find installed addons. Only per-user addons can be removed by the user, in the addons dialog. System-wide extensions can be disabled per-user, but not uninstalled (disabling is almost the same thing). To uninstall a system-wide extension, hopfully the publisher has an unistall script, but worst-case, you can just delete the extension folder from the system-wide location. e.g. C:\Users\All Users\Mozilla\something on Windows.

[barredo]

It's an addon

[sid0]

It's not a question of Firefox allowing this -- if you run any program on your computer it'll have access to your data (and hence to your Firefox profile), and one of the principles behind Firefox is extensibility.

[aboodman]

Chrome has taken the same approach Firefox did:

We can't prevent this from happening so we try to provide a good way for other software to do it, so they don't do it in terrible ways:

http://code.google.com/chrome/extensions/external_extensions...