Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment Re:Add ins (Score 1) 530

For the record, I said:

do not install plugins and extensions in Firefox from sites other than addons.mozilla.org

but I should have said:

do not install extensions in Firefox from sites other than addons.mozilla.org

Plug-ins are different from extensions. Plug-ins come from a variety of sources, such as Adobe (Flash), Sun (Java) and so on. Sorry for any cornfusion.

Comment Re:Add ins (Score 4, Interesting) 530

When any goof startup can create social-network connectors or picture-browsing extensions, Firefox abdicates a good part of its inherent security advantages. Use these at your own risk.

Any goof can create them, but *not* any goof can *publish* them on the Mozilla site. Mozilla has over the last couple years instituted a number of strict review guidelines and tests that an add-on must pass before it's published by Mozilla. Every add-on and add-on update is code-inspected line-by-line by a human editor. Mozilla has staffed up specifically in support of the add-ons site, and the number of code reviewers has grown dramatically in recent months. Reviewers keep a sharp eye out for remote code execution, violations of user expectations of privacy, and anything that detracts from user experience. Additionally, automated red-flag detection tools are now in the works.

Bottom line: do not install plugins and extensions in Firefox from sites other than addons.mozilla.org. With AMO, every single extension and extension update is inspected and reviewed before being published on the site. It's the only way to be sure.

Slashdot Top Deals

"Show me a good loser, and I'll show you a loser." -- Vince Lombardi, football coach