Why Do They Think It Is OK Response
If you follow Asa's weblog over at Mozilla you may have noticed the latest post why do they think this is OK (no longer available).
It addresses the well known problem of unauthorized plugin and extension installations in Firefox.
Asa is asking companies to ask the user whether a new plugin or extension should be installed in the browser and not just do it without user permission.
And while that is a very sound thing do request, it should raise the question why companies are allowed to install plugins and extensions without user authorization in the first place.
Why is there no security module in place in the browser for this kind of installations? A simple check to see if there are new extensions or plugins since the last use of the web browser, and a prompt that asks the user what to do with those extensions or plugins (install or remove come to mind).
It is all nice and fair to appeal to companies to play by the rules and give users a choice, but my gripe with the situation is that companies have shown in the past that they prefer to bypass the user occasionally.
And Mozilla should have reacted on that a long time ago by blocking those installations natively, giving the user the choice to install or block the extensions and plugins.
Instead of saying that this practice is not okay Mozilla should step in after years of monitoring the situation passively and start protecting their users from this behavior. Then it is no longer a question of ethics because the issue is back in the hand of the people that are affected: The Firefox users.
So please Mozilla it is really simple: Ask first! (before allowing new extensions or plugins that magically appear after starting Firefox)
Update: A lot has changed since 2010 and the most important change from a user perspective is the removal of support for pretty much any plugin in Firefox (except for Flash).
Now Read: How to block new plugin or extension installations in FirefoxAdvertisement
“So please Mozilla it is really simple: Ask first! (before allowing new extensions or plugins that magically appear after starting Firefox)”
Else give control to user for uninstalling that crap, instead of grey out the option.
Or simply use Chrome …
Yes! Every time a new extension shows up, show a dialog and after closing the dialo show which extensions are currently installed. Perhaps also team up with Soluto to get data (windows platform) on which extensions typically misbehave.
A secure Web browser should be Mozilla’s first and foremost concern. Security is what made Firefox popular, years ago, and allowed for the resurgence of the Firefox browser. The ppl at Mozilla should NOT take they eyes off the ball on this issue, or they will once again find Gecko in the gutter.
Thanks Martin for bringing this topic up again!
For me, it is the ONE THING that annoys me the most (in the context of Firefox).
“Then it is no longer a question of ethics because the issue is back in the hand of the people that are affected: The Firefox users.”
No, sir. No matter where the control resides, a question of ethics is *always* a question of ethics. Changing control to the user does not obviate the arrogation of right(s) assumed by any third party.
Martin, while I usually appreciate your writings, I cannot help but think you’ve missed the point on this one. Putting control in the hands of the user(s) is laudable, but it ignores the arrogance of the developer(s) who assume they may do whatever they wish.
Barney so you prefer to appeal to companies to do the right thing over giving users the ability to decide whether they want to install those contents or not? I do agree that it does not change the ethics of the companies involved, but it gives the user the power to react. And Mozilla should prefer that over appealing to the companies to “do no evil”.
Don’t put words in my mouth.
My quarrel is with your casual dismissal of the ethics situation, not the proposed solution.
However, in regard to that solution, remember, “What Tech can make, Tech can break.” So you make the users believe they have control … then these tech giants employ new means to circumvent that control. That will be all the more nefarious, since the users will _think_ they have control.
There is no resolution to this problem, save adherence to ethical procedures and standards. Admittedly, that’s unlikely, but tech cannot cure the problem for more than a brief moment..
Berney reminds me of Sheldon Cooper :)
That seems to be the rationale and its not far off from spyware makers:
You don’t own your computer. If you install MY software, you submit to whatever behavior I think your computer should do. If my program has a poisonous impact on the registry or other programs or breaks/changes other programs, that’s my prerogative. If you don’t want that, don’t install my software. I’ll tell you what I’m doing inside really lengthy and confusing legal statements, but not give you a yes/no dialog.
Its a very upsetting attitude.
That’s not far from true/happening. I’ve been following the techdirt blog (http://www.techdirt.com) lately. Seems there was a guy _taken to court_ for modding an Xbox … he was accused of violating the DMCA, even though, for normal considerations, he should be allowed to do whatever he chooses to the device that he purchased and owns. The judge was rather scathing of the accusers, and the suit was dropped, to the best of my knowledge.
Then there’s the iPhone/iPad business, where only Apple can decide what software you may install on _their_ device, even though you’re the one who paid for it.
It’s not a great reach from there for exactly the scenario you describe. Disgusting, but well within the realm of possibility.
And very, very frightening.