Jump to content

Has Mozilla created a two-tier add-ons system?


Recommended Posts

Has Mozilla created a two-tier add-ons system?

"This extension isn't monitored by Mozilla. Make sure you trust the extension before you install it." is displayed on the Firefox Browser add-ons website when users open all but some of the add-on pages on the official repository.




About 100 extensions are listed on the official add-ons repository without the notification, and all of these are so-called recommended extensions.


Mozilla unveiled the Recommended Extensions program for Firefox in April 2019 officially as a way to highlight and promote certain extensions for the web browser. These extensions undergo rigorous auditing before they are accepted into the program and whenever they are updated, unlike all other extensions, as these are reviewed after they have been made available.




Additionally, Mozilla requires that developers show commitment and that the extensions need to offer an "exceptional user experience" and be relevant.


Developers get the "recommended extension" stamp in return and their extension promoted on Mozilla's AMO website and also in the Firefox web browser as part of the integrated recommendation program.


Firefox users who open the extensions hub on the Mozilla website may browse extensions in multiple ways. Mozilla displays categories at the top and then a list of recommended, top rated, and trending extensions.


A click on the last three links lists only extensions that are recommended by Mozilla; the categories link and search list recommended and regular extensions.


It is possible to uncheck the option to only display recommended extensions to include regular extensions in the listing of add-ons but users are, for the most part, exposed to recommended extensions first.


That's not a bad thing considering that these are of high-quality and audited before they are published. The decision to create the program has an impact on the majority of extensions for the Firefox web browser however.


The two main issues are decreased visibility because recommended extensions are displayed exclusively in many of the listings, and the -- rather scary -- warning that Mozilla displays whenever the page of an extension is opened that is not recommended.


The latter suggests that there may be a risk involved in installing these extensions. Most Firefox users won't be able to go through the source code of the extension to determine that it is safe to use. Mozilla's "learn more" link that is displayed next to the warning tries to explain the risks of installing non-Recommended extensions.

There are thousands of extensions and the vast majority are built with honest intent to provide people with useful tools and features. But even extensions built with the best intentions may inadvertently expose or otherwise compromise sensitive data.


Also, unfortunately, there are a few bad actors out there intent on stealing user data. One method of mining information can be through tricking users into installing malicious extensions. (Here are tips for assessing the safety of an extension.)


Due to the curated nature of Recommended extensions, each extension undergoes a thorough technical security review to ensure it adheres to Mozilla’s add-on policies.

The information, while honest, may sound scary to users and it is quite plausible that a percentage will not install "non-Recommended" extensions because of it. It needs to be noted that Chrome extensions face the exact same risks as non-Recommended extensions for Firefox. Google does not highlight this at all on the Chrome Web Store; Mozilla is open about the potential dangers of extensions for the browser.


On the other hand, Mozilla did audit all extensions in the past before they were made available on the Firefox AMO extensions store.


Has Mozilla created a two-tier add-ons system?


The short answer is yes and the system has very likely an impact on non-recommended extensions on Mozilla AMO and the extensions that Firefox users install. It could reduce the impact that malicious or problematic extensions have but it may also lead to less extensions being developed or maintained for Firefox because of it.



Source: Has Mozilla created a two-tier add-ons system? (gHacks - Martin Brinkmann)

  • Like 3
Link to post
Share on other sites
  • Replies 1
  • Created
  • Last Reply

Top Posters In This Topic

  • Karlston


  • stylemessiah2


Top Posters In This Topic

Popular Posts

Has Mozilla created a two-tier add-ons system? "This extension isn't monitored by Mozilla. Make sure you trust the extension before you install it." is displayed on the Firefox Browser add-ons

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...