On Thu, Nov 30, 2017 at 10:33:03AM -0800, Gerald B. Cox wrote: > On Thu, Nov 30, 2017 at 9:54 AM, Richard Z <rz@xxxxxxxxxxxxxx> wrote: > > > > > the only thing they implemented is a crappy way of doing it by forcing > > users to download untrusted binaries which the original thread was about. > > > > The binary is open source and the code is available to inspect. More > information can > be obtained by reading the FAQ for Fx here: > https://www.downloadhelper.net/q_and_a_firefox yes, downloadhelper is good in this respect. But once users get used to addons asking them to download some binaries from somewhere I expect it will be abused very quickly. It is beyond me why Firefox requires strict signing of addons but ecnourages downloading unverified third party binaries. Richard -- Name and OpenPGP keys available from pgp key servers _______________________________________________ kde mailing list -- kde@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to kde-leave@xxxxxxxxxxxxxxxxxxxxxxx
