Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Этот сайт имеет ограниченную функциональность, пока мы проводим техническое обслуживание для улучшения его работы. Если какая-либо статья не решила вашу проблему и вы хотите задать вопрос, наше сообщество поддержки ждёт вас: @FirefoxSupport в Твиттере и /r/firefox на Reddit.

Поиск в Поддержке

Избегайте мошенников, выдающих себя за службу поддержки. Мы никогда не попросим вас позвонить, отправить текстовое сообщение или поделиться личной информацией. Сообщайте о подозрительной активности, используя функцию «Пожаловаться».

Подробнее

How does Add-on signing increase security when everyone will be turning it off to get existing add-ons to continue working when they update?

  • 4 ответа
  • 2 имеют эту проблему
  • 6 просмотров
  • Последний ответ от richardflack

more options

I have several issues with the introduction of mandatory add-on signing. Given that it is INEVITABLE that there will be many useful / important add-ons that are not signed (eg Kaspersky security, iCloud, IKEA 3-D viewer) users are being forced to either - not update FF / revert to earlier version* - turn off add-on checking, which afik can NOT be done selectively but can only be done globally, for all add-ons - stop using FF

So how does this improve security exactly?

And, could someone please tell me how to roll back the update - windows restore point?

I have several issues with the introduction of mandatory add-on signing. Given that it is INEVITABLE that there will be many useful / important add-ons that are not signed (eg Kaspersky security, iCloud, IKEA 3-D viewer) users are being forced to either - not update FF / revert to earlier version* - turn off add-on checking, which afik can NOT be done selectively but can only be done globally, for all add-ons - stop using FF So how does this improve security exactly? And, could someone please tell me how to roll back the update - windows restore point?

Все ответы (4)

more options
more options

FredMcD said

“Currently targeting Signing with no pref to turn off in Firefox 47”

Moving that from Firefox 44 to Firefox 47 - might be a wise decision considering the slow rate of conformance thus far.

richard, Not advisable to "roll back" a Firefox version via a Windows restore point. Better off using the xpinstall.signatures.required pref to disable that feature or re-install Firefox 42. https://support.mozilla.org/en-US/kb/install-older-version-of-firefox

more options

the-edmeister said

Moving that from Firefox 44 to Firefox 47 - might be a wise decision

Some risk, yes. But many fine, useful add-ons are still not signed.

more options

i find this quite interesting. I'm a user not a dev, in case that wasnt obvious!

i havent yet seen an explanation of why there cannot be an add-on specific override, versus global which is obviously a vulnerability.

Are there any stats as to the % of users with add-ins that have turned signing off?

For something as major as this should there not have been an organised program to educate users?

it is beyond ironic that the main reason I have had to turn this off is my internet Security suite!

Thanks for the advice on how to roll back the update. I guess im actually not sure which is better, roll back to 42 or stay on 43 with add-on signing turned off