The new Java 0Day examined (The H)
Posted Aug 30, 2012 18:19 UTC (Thu) by dashesy
In reply to: The new Java 0Day examined (The H)
Parent article: The new Java 0Day examined (The H)
I agree it does not seem to be straight forward. However if the setting is something user visible in a menu (as opposed to some obscure about:config), and another setting warns about possible outsider intrusions, the user will notice it, and will require bolder plugin developers to sneak in with their installers (and subdue the warning).
As a rule of thumb, any plugin that does not have an easy "uninstall" or "update" should be blacklisted with a big warning (e.g. "Firefox is tainted by ...") somewhere visible (maybe in the caption title) until disabled by user, or fixed by developer.
to post comments)