If you're running ESR, you will continue to have that option for the foreseeable future. If you're not, I believe this thread is well off topic for this list.
On Tue, Feb 2, 2016 at 9:39 AM, Tanstaafl <[email protected]> wrote: > I didn't say it never happens. > > I said it is not nearly the problem that you or Mozilla would have us > believe. > > But that is irrelevant, because, as I already pointed out, it has been > proven that enforced signing *will not protect anyone* - all it does is > provide a *false* security blanket. > > I have no problem with making enforced signing the default. I just want > the ability to disable it without having to resort to running an > unbranded version. > > On 2/2/2016 10:56 AM, Wolf, Daniel <[email protected]> wrote: > > You don't get infected with an add-in. Your user runs malware that > installs it. > > Companies with whitelisting will obviously not have this problem. Nor is > there a central way to get a listing of add-ins, you would only know if you > looked in Firefox on every machine. > > > > AdwCleaner, a tool designed to remove browser hijacking, has been > downloaded over 38 million times. > http://www.bleepingcomputer.com/download/adwcleaner/ > > > > Here are blog posts about malicious add-ins from just the last few months > > > https://blog.malwarebytes.org/security-threat/2016/01/yontoo-pups-with-two-faces/ > > > https://blog.malwarebytes.org/security-threat/2015/11/framefox-nominated-for-the-most-aggressive-eula/ > > > https://blog.malwarebytes.org/security-threat/2015/11/dynamicpricer-pup-disables-browser-updates/ > > > > > > This is a major issue that users deal with. If you don't believe me, > you're welcome to ask Mozilla, who are the developers of Firefox. > > > > Daniel Wolf > > > > -----Original Message----- > > From: Enterprise [mailto:[email protected]] On Behalf Of > Timo Pietilä > > Sent: Tuesday, February 2, 2016 12:04 AM > > To: [email protected] > > Subject: Re: [Mozilla Enterprise] Add-on Signing in ESR > > > > On 1.2.2016 17:32, Tanstaafl wrote: > > > >> I have been managing a smallish (50-80 over the years) install base of > >> both Firefox and Thunderbird since before Firefox 1.0 was released, > >> and *not once* have I encountered a user who got infected with a > >> malicious Addon. > > > > I got a bit larger user base: I distribute FF and TB for University with > about 50k students and around 7000 staff and have been working here for > about 15 years now. Not one case of malicious add-on at that time. > > > > Timo Pietilä > > _______________________________________________ > Enterprise mailing list > [email protected] > https://mail.mozilla.org/listinfo/enterprise > > To unsubscribe from this list, please visit > https://mail.mozilla.org/listinfo/enterprise or send an email to > [email protected] with a subject of "unsubscribe" >
_______________________________________________ Enterprise mailing list [email protected] https://mail.mozilla.org/listinfo/enterprise To unsubscribe from this list, please visit https://mail.mozilla.org/listinfo/enterprise or send an email to [email protected] with a subject of "unsubscribe"
