Open source internet browser Firefox is about to become a little less open: its parent foundation, Mozilla, has promised to require security signatures before any add-ons can be grafted onto the programme.
The company says the move should help sideline security problems that have cropped up in some of the helper programmes designed by enthusiasts.
Under the new system, add-ons can only be installed if they have a digital signature from the foundation, which means they must be presented to Mozilla before they can be distributed and cleared for addition.
An automated process will check to see if the proposed add-on sets off any processes that could be dangerous for the browser or a computer.
Popular with home programmers as well as professional designers, the Firefox add-ons are a central part of the browser, providing extra options. But they have also caused problems, such as changing users' homepages, pulling up ads or recording user data.
They also, at times, force the browser's search settings to change without first getting user permission. The security certificate procedure is designed to end that.
Mozilla says the security signatures will start in the second quarter.
After three months, unverified add-ons will be blocked from beta and finished versions of Firefox. However, there will continue to be exceptions for the Nightly and developer versions of the browser.
Other Mozilla products, such as its email client, Thunderbird, or its internet package, SeaMonkey, will not have a signature requirement for now.
Comments
Comments are closed.