AMO plagued by (another) wave of malware extensions
- Date: Wed, 29 May 2019 09:22:14 -0500
- From: »Q« <boxcars@xxxxxxx>
- Subject: AMO plagued by (another) wave of malware extensions
Mozilla will remove the extensions once it notices them. The problem
here is that this happens after the fact. The spam extensions may
turn up in user searches and they also turn up when you sort by
Mozilla switched from a "review first, publish second" to a "publish
first, review second" model in 2017. Any extension uploaded to Mozilla
AMO that passes automated checks is published first….
The recent extension certificate fiasco would be a little easier to
take if the signatures were actually keeping people safer. I didn't
realize until now that Mozilla had adopted Google's "sign and publish
almost everything" policy.
general mailing list