|
|
|
|
|
|
by tzs
4136 days ago
|
|
|
From the Mozilla add-ons blog, which is linked to in the article: Extensions that change the homepage and search
settings without user consent have become very
common, just like extensions that inject
advertisements into Web pages or even inject
malicious scripts into social media sites. To combat
this, we created a set of add-on guidelines all
add-on makers must follow, and we have been
enforcing them via blocklisting (remote disabling of
misbehaving extensions). However, extensions that
violate these guidelines are distributed almost
exclusively outside of AMO and tracking them all
down has become increasingly impractical.
Furthermore, malicious developers have devised ways
to make their extensions harder to discover and
harder to blocklist, making our jobs more difficult.
We’re responsible for our add-ons ecosystem and we
can’t sit idle as our users suffer due to bad
add-ons. An easy solution would be to force all
developers to distribute their extensions through
AMO, like what Google does for Chrome extensions.
However, we believe that forcing all installs
through our distribution channel is an unnecessary
constraint. To keep this balance, we have come up
with extension signing, which will give us better
oversight on the add-ons ecosystem while not forcing
AMO to be the only add-on distribution channel.
|
|
|