Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Normies don't know what the "addon" is and likely would have IT to install them anyway.


It's not IT. It's the "potentially unwanted software" installers they download. There's no way to distinguish a user installing an unsigned addon vs some malware doing so.


If you're already running an unverified third-party installer, your system is gone. There's nothing Firefox addon signing can do to save you at that moment. You are already at the "running arbitrary code" stage.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: