Become a fan of Slashdot on Facebook


Forgot your password?
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: Re:Add ins (Score 1) 530 530

For the record, I said:

do not install plugins and extensions in Firefox from sites other than

but I should have said:

do not install extensions in Firefox from sites other than

Plug-ins are different from extensions. Plug-ins come from a variety of sources, such as Adobe (Flash), Sun (Java) and so on. Sorry for any cornfusion.

Comment: Re:Add ins (Score 4, Interesting) 530 530

When any goof startup can create social-network connectors or picture-browsing extensions, Firefox abdicates a good part of its inherent security advantages. Use these at your own risk.

Any goof can create them, but *not* any goof can *publish* them on the Mozilla site. Mozilla has over the last couple years instituted a number of strict review guidelines and tests that an add-on must pass before it's published by Mozilla. Every add-on and add-on update is code-inspected line-by-line by a human editor. Mozilla has staffed up specifically in support of the add-ons site, and the number of code reviewers has grown dramatically in recent months. Reviewers keep a sharp eye out for remote code execution, violations of user expectations of privacy, and anything that detracts from user experience. Additionally, automated red-flag detection tools are now in the works.

Bottom line: do not install plugins and extensions in Firefox from sites other than With AMO, every single extension and extension update is inspected and reviewed before being published on the site. It's the only way to be sure.

I have not yet begun to byte!