I don't want to know how many browsers do not verify #XPI signatures anymore... Like zombies, walking around
If you disabled xpinstall.signatures.required make sure you reenable it now!
And pass this reminder on to your peers and channels
@absturztaube since version 66.0.4 on Desktop and Android, and version 60.6.2 for ESR
@dwardoric upgrade to 66.0.4 (or 60.6.2 for ESR) and it should be fixed..?
@Wraptile @martin @raichoo Simple: A true secure private browsing mode. In Opera not even tabs could "see" each other and related data (cookies etc.) in private mode. I hadn't expected to miss it actually but I do on an almost daily basis. Although the "multi account containers" plugin for firefox looks promising.
@martin it isn't like having xpinstall.signatures.required set to false exposes you to danger if you don't run Windows
the reason why the feature came to be was because windows share/ad/spyware kept installing toolbars and other unwelcome things into Firefox locally without Mozilla being able to remotely keep those away and the browser free
if you're using a package manager and don't install random shit from the internet, this isn't really a threat vector for you
@martin Firefox warns you using a doorhanger popup, when you try to install extensions from another site than addons.mozilla.org.
@martin Nice reminder how waterfox allows this by default, oh, and they also allow NPAPI plugins, which are a security disaster. Atleast its not as bad as palemoon:
Mozilla: Gives Firefox multi processing and tab sandboxing, finally giving firefox on par browser security like a modern chromium based browser.
Moonchild: Nah, I dont need this.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!