• macniel
    link
    fedilink
    English
    391 year ago

    Silently, but with a huuuuge Banner that notifies you that the extensions were disabled; not really silent then?

    • foobarOP
      link
      fedilink
      English
      151 year ago

      You would have to be looking for it:

      Note that the warning appears in the Extensions popup rather than on the Extensions icon, so you wouldn’t know that StopTheMadness was disabled on YouTube unless you opened the popup (or unless you saw the autoplaying videos on YouTube that StopTheMadness would otherwise stop.)

      What happens, though, if you pin the extensions to the toolbar for easy access to their settings?

      It turns out that when you pin an extension to the toolbar, it no longer appears in the Extensions popup! Consequently, the quarantined domains warning no longer appears in the Extensions popup either. In fact, there’s no longer an Extensions popup: clicking the Extensions toolbar icon simply opens the about:addons page, which doesn’t show the quarantined domains warning anywhere.

      • macniel
        link
        fedilink
        English
        11 year ago

        I would like to see a link to that setting even with a security banner in front of it where you have to agree that everything that happens from now on is on you and not firefox.

  • @[email protected]
    link
    fedilink
    English
    191 year ago

    This does feel like something you should be able to toggle off. I can understand their security concerns, but I didn’t switch to Firefox because I wanted less control/trust from my browser.

      • @axtualdave
        link
        English
        21 year ago

        The intent behind the feature is obviously to keep a list of known-bad domains there, to disable extensions Mozilla hasn’t vetted as safe on said malicious domains.

        If I had to guess, I’d say it’ll be set to "" by default, unless you crank up some security setting to extra-paranoid, or, obviously, set it yourself.

  • @fubo
    link
    English
    121 year ago

    It’s unclear exactly what’s going on here. It could be a good idea or a bad idea.

    Good idea: When accessing the login page for an important service, the user should be warned before low-trust extensions are enabled, to reduce the chance of hostile extensions stealing user credentials.

    Bad idea: Allowing web site operators to dictate what extensions users may use on those sites.

    • @skullone
      link
      English
      21 year ago

      "And now, it’s time for another good idea and bad idea… "

      • @fubo
        link
        English
        31 year ago

        Wheel of Morality, turn turn turn …

  • @[email protected]
    link
    fedilink
    English
    111 year ago

    I wish I could have extensions default to off and be able to turn them on selectively on sites. For things like darkreader I don’t want to use it 90% of the time so it shouldn’t need to have at access to site data.

    By the way, I don’t like the title of this article, how is it done “remotely”, it’s just a list in about:config, no? Sounds clickbaity.

    • AnyOldName3
      link
      English
      51 year ago

      Most people leave those settings alone. If you’ve never changed the value, whenever Mozilla change the default, you’ll be updated to the new default when you update your browser. That’s a remote change to which websites remain unaffected by extensions, except for the minority of users who’ve done something about it.

    • @where_am_i
      link
      English
      01 year ago

      extensions are already disabled on Firefox help website. No dark reader will work there. They probably extended that capability into an actual backdoor.

  • @AProfessional
    link
    English
    51 year ago

    Access to literally every website is a very scary permission that is too common. I’m not sure the best approach but limiting this, with some user input, is a good move.

  • @[email protected]
    link
    fedilink
    English
    51 year ago

    i could imagine putting a banking site on that list to make sure no banking data can be leaked to an extension. two edged sword tho

  • ArkyonVeil
    link
    English
    31 year ago

    Can confirm. I just upgraded to 115, and tried out my own extension Obliterate Curves, which is similarly not monitored by mozilla due to how tiny it is. If the current domain is a “Quarantined Domain.”, all extensions which aren’t monitored will get downright disabled.

    Do note, the list was empty by default. 100% troubling but hard to say where they’ll go with it. Might end up as a “tick this website as secure” box later, though I’d personally prefer control over which sites an extension is allowed to run in.

  • @[email protected]
    link
    fedilink
    English
    1
    edit-2
    1 year ago

    Yet another reason to use mullvad-browser instead of vanilla Firefox.

    Removing user agency is a big deal, to do it silently is a massive red flag. Even if the intentions are good paternalistic behavior removes agency from users.

  • db2
    link
    fedilink
    English
    -681 year ago

    fiReFox iS So much BEtTer tHan ChrOme foR PrivACY