kmaglione/stdin

## stdin
I'm sorry but this is disturbing... Rated 1 out of 5 stars

by Atavachron on October 28, 2011 #

While this add-on appears to have been rolled-back to the previous version, we are still all left scratching our heads as to what just happened. It looks as if we are going to have to scour the code of every updated Mozilla add-on in the future to make sure nothing shady has been added. But, I don't know how that is even possible.

We have no explanation as to what occurred or what the new code in this add-on actually did or if it had any lasting effects, and no guarantee that the version that is now on this page is really what it purports to be, namely the last available version before the one in question.

What if someone updates their add-on with suspicious code and simply doesn't announce it? I realize that new add-ons must be approved, but the security door seems to be wide-open with regard to updated add-ons in general.

It is not my intention to dump on Mozilla or Firefox with this review, I love both, but this incident needs to be investigated, reported upon, and some kind of structure needs to be put in place to either ensure the security of updated add-ons or to warn users that they update add-ons at their own risk.

It's really sad that one add-on author can call into question the security and privacy of the entire add-on updating process in this way, but I suppose it was bound to happen, and perhaps it's for the best that it did.
	I'm sorry but this is disturbing... Rated 1 out of 5 stars

	by Atavachron on October 28, 2011 #

	While this add-on appears to have been rolled-back to the previous version, we are still all left scratching our heads as to what just happened. It looks as if we are going to have to scour the code of every updated Mozilla add-on in the future to make sure nothing shady has been added. But, I don't know how that is even possible.

	We have no explanation as to what occurred or what the new code in this add-on actually did or if it had any lasting effects, and no guarantee that the version that is now on this page is really what it purports to be, namely the last available version before the one in question.

	What if someone updates their add-on with suspicious code and simply doesn't announce it? I realize that new add-ons must be approved, but the security door seems to be wide-open with regard to updated add-ons in general.

	It is not my intention to dump on Mozilla or Firefox with this review, I love both, but this incident needs to be investigated, reported upon, and some kind of structure needs to be put in place to either ensure the security of updated add-ons or to warn users that they update add-ons at their own risk.

	It's really sad that one add-on author can call into question the security and privacy of the entire add-on updating process in this way, but I suppose it was bound to happen, and perhaps it's for the best that it did.