[kwlug-disc] Firefox plug-ins: a bad idea?

Paul Nijjar paul_nijjar at yahoo.ca
Mon Mar 1 21:58:27 EST 2010


While I am being a Debbie Downer, I'll pass on this article defending
IE: 

http://www.theregister.co.uk/2010/03/01/software_security_mot/

I have to say that I don't find the arguments in favour of Internet
Explorer that convincing (you want my users to run IE in a DMZ?
Really?) but one point that struck me were the vulnerabilities caused
by lousy Firefox add-ons.

At this point you are no doubt saying "Well, don't install lousy
Firefox add-ons!" In a world where people STILL click sketchy
attachments and open up .exe files in their e-mail, I am having
trouble seeing the feasibility of this advice. Also, from time to time
add-ons mysteriously appear in my Firefox list (.NET, anyone?) and I
don't stop them. 

Please convince me that add-ons are not a security nightmare waiting
to happen. I mean, I like add-ons. I understand that people can
compile and run code in their home directories. But I really hope that
Firefox add-ons don't become the Word attachments of the future. 

- Paul

-- 
http://pnijjar.freeshell.org





More information about the kwlug-disc mailing list