Search the Community
Showing results for tags 'add-ons'.
Found 3 results
Has Mozilla created a two-tier add-ons system? "This extension isn't monitored by Mozilla. Make sure you trust the extension before you install it." is displayed on the Firefox Browser add-ons website when users open all but some of the add-on pages on the official repository. About 100 extensions are listed on the official add-ons repository without the notification, and all of these are so-called recommended extensions. Mozilla unveiled the Recommended Extensions program for Firefox in April 2019 officially as a way to highlight and promote certain extensions for the web browser. These extensions undergo rigorous auditing before they are accepted into the program and whenever they are updated, unlike all other extensions, as these are reviewed after they have been made available. Additionally, Mozilla requires that developers show commitment and that the extensions need to offer an "exceptional user experience" and be relevant. Developers get the "recommended extension" stamp in return and their extension promoted on Mozilla's AMO website and also in the Firefox web browser as part of the integrated recommendation program. Firefox users who open the extensions hub on the Mozilla website may browse extensions in multiple ways. Mozilla displays categories at the top and then a list of recommended, top rated, and trending extensions. A click on the last three links lists only extensions that are recommended by Mozilla; the categories link and search list recommended and regular extensions. It is possible to uncheck the option to only display recommended extensions to include regular extensions in the listing of add-ons but users are, for the most part, exposed to recommended extensions first. That's not a bad thing considering that these are of high-quality and audited before they are published. The decision to create the program has an impact on the majority of extensions for the Firefox web browser however. The two main issues are decreased visibility because recommended extensions are displayed exclusively in many of the listings, and the -- rather scary -- warning that Mozilla displays whenever the page of an extension is opened that is not recommended. The latter suggests that there may be a risk involved in installing these extensions. Most Firefox users won't be able to go through the source code of the extension to determine that it is safe to use. Mozilla's "learn more" link that is displayed next to the warning tries to explain the risks of installing non-Recommended extensions. There are thousands of extensions and the vast majority are built with honest intent to provide people with useful tools and features. But even extensions built with the best intentions may inadvertently expose or otherwise compromise sensitive data. Also, unfortunately, there are a few bad actors out there intent on stealing user data. One method of mining information can be through tricking users into installing malicious extensions. (Here are tips for assessing the safety of an extension.) Due to the curated nature of Recommended extensions, each extension undergoes a thorough technical security review to ensure it adheres to Mozilla’s add-on policies. The information, while honest, may sound scary to users and it is quite plausible that a percentage will not install "non-Recommended" extensions because of it. It needs to be noted that Chrome extensions face the exact same risks as non-Recommended extensions for Firefox. Google does not highlight this at all on the Chrome Web Store; Mozilla is open about the potential dangers of extensions for the browser. On the other hand, Mozilla did audit all extensions in the past before they were made available on the Firefox AMO extensions store. Has Mozilla created a two-tier add-ons system? The short answer is yes and the system has very likely an impact on non-recommended extensions on Mozilla AMO and the extensions that Firefox users install. It could reduce the impact that malicious or problematic extensions have but it may also lead to less extensions being developed or maintained for Firefox because of it. Source: Has Mozilla created a two-tier add-ons system? (gHacks - Martin Brinkmann)
Firefox 68 features a new Add-ons Manager Firefox's Add-ons Manager is one of the core components of the web browser, at least for Firefox users who install browser extensions, themes, or language packs. Mozilla plans to launch a redesigned Add-ons Manager in Firefox 68 that does away with older technologies that Mozilla used in the past in Firefox. Mozilla implemented some changes to Firefox's Add-ons Manager in Firefox 64; it was clear back then that this was just a first step for the organization and that the bulk of changes would follow at a later point. The design of the Add-on's Manager was switched to a Cards design in that release. The Add-ons Manager in Firefox 68, out July 9, 2019 according to the Firefox release schedule, does not rely on legacy technologies such as XUL anymore and introduces the bulk of the changes. The new about:addons design of Firefox 68 looks similar to the Firefox 64 design but there are notable differences. Mozilla replaced the action buttons that Firefox attached to each of the extensions with a menu. One of the effects of the change is that there is more room for the extension's description, another that it takes an extra click to disable or remove extensions. A click on the extension's card opens the details view. The same view is also available when you click on the menu and select options. Details view separates information into tabs. Details contains the description of the extension, its verison and rating, and settings that are valid for all extensions, e.g. to change automatic updates behavior for that extension or allow or disallow it to run in private windows. The permissions tab lists all requested permissions by the extension. Release notes and Preferences are additional tabs that may be displayed for some extensions. The display depends on each individual extension. The main Add-ons Manager menu displays the new report option. Firefox users may report extensions to Mozilla by selecting one of the available categories, e.g. creates spam or advertising, damages my computer and data, or doesn't work, breaks websites, or slows Firefox down. The main "Manage your Extensions" page lists recommended extensions by default. Mozilla introduced the new Recommended Extensions Program for Firefox some time ago and launched a preview version in Firefox Nightly. The organization maintains a list of extensions that meet certain requirements and uses the list to recommend extensions to Firefox users. Firefox users who don't want the feature can turn extension recommendations off easily. Source: Firefox 68 features a new Add-ons Manager (gHacks - Martin Brinkmann)
Karlston posted a topic in Software NewsGood news for Firefox users who run older versions of the web browser that are not supported anymore officially by Mozilla. Mozilla plans to release updates for these web browsers and also a standalone extension to address the add-on signing issue that caused browser add-ons to fail in all versions of the web browser. Mozilla will release an automatic update that fixes the issue for the Firefox versions 52 through 60. Firefox users who run version 61 to 65 may install a browser extension instead to resolve the issue on their end. Last Friday, Firefox users from around the world noticed that the Firefox browser would deactivate all installed browser add-ons. Firefox would display the notification "One or more installed add-ons cannot be verified and have been disabled" to users of the browser. All browser extensions were deactivated in the browser, and it was impossible to enable them again or download extensions from the Mozilla Add-ons website. Mozilla has yet to publish details on how something like this could happened; from what we know, it was a certificate that expired. Since it expired, it could not be used anymore to verify add-on signatures. Mozilla reacted and released a fix through the Firefox browser's Shield studies system at first. The organization pushed out Firefox 66.0.4 and 66.0.5 to the Stable channel, and updates for other Firefox channels as well to resolve the issue. While that took care of supported Firefox installations, it ignored Firefox installations that were not on the most recent version of the browser. Mozilla updated the blog post that it released on May 4, 2019 several times. Yesterday's update highlights that a fix will be released for older versions of the Firefox web browser that are not supported officially anymore. For users who cannot update to the latest version of Firefox or Firefox ESR, we plan to distribute an update that automatically applies the fix to versions 52 through 60. This fix will also be available as a user-installable extension. For anyone still experiencing issues in versions 61 through 65, we plan to distribute a fix through a user-installable extension. These extensions will not require users to enable Studies, and we’ll provide an update when they are available. (May 8. 19:28 EDT) It is unclear how the update for Firefox 52 to 60 will be released. Do users have to search for the update (and risk being updated to a new version of Firefox), or is there another way to push an update to Firefox installations. Mozilla revealed that it would not use the Shield service for that. The organization promised that information will be provided once the update is available. Mozilla plans to release a browser extension for Firefox 61 to 65 that fixes the issue as well. A link will be provided when it becomes available. Closing Words The decision to release updates for older versions of Firefox should please users who are still on that older version, and it should put the (conspiracy) theory to rest that Mozilla broke the system deliberately to force users to update to the latest version of the browser. Something like this should never have happened; it showed how fragile enforced systems can be and how big of an impact simple things can have. It will be interesting to see how Mozilla plans to make sure that something like this won't happen again in the future. Still, it is a good move by Mozilla to release updates for earlier versions. Whether that is the cause for the one-week release delay for the coming Firefox 67 release is unclear at this point. Source: Mozilla will fix add-on signing issue for older Firefox versions (gHacks - Martin Brinkmann)