A simple addon could do this automatically very quickly and easily, by downloading the latest addons at semi random intervals, and comparing hashes; if the hashes are not already available on firefoxes own addons page.
Today I had noticed the user interface in disconnect totally changed in my firefox browser. It had a clean vertical column listing only google, facebook, twitter, and a few other websites; Each was like a rectangular button. Nothing else was visible. It was completely different than the original. I should have took a screenshot and backed up the extension but failed to do so. I uninstalled the addon and re-installed it from firefox's website; The UI immediately went back to normal. I confirm signature checks were in fact enabled. I'm curious what kind of security firefox implements. I know its supposed to only allow signed addons, but does it go one step further and do regular hash checks to ensure it has not been modified or replaced with malware? I believe this will be a necessary step in order to mitigate against many zero day threats or vulnerabilities within browser signature verification systems. _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
