(bugzilla.mozilla.org)

1318 points xvector | 1 comments | 04 May 19 01:31 UTC | HN request time: 0.228s | source

Show context

Wowfunhappy ◴[04 May 19 02:12 UTC] No.19823890[source]▶

>>19823701 (OP) #

This is why users need to be in control of their own computers. Why can't I tell my copy of Firefox to ignore the certificate? Why can't I sign my own extensions?

Mistakes happen, it's okay. But users should be empowered to work around them.

replies(9): >>19823918 #>>19823919 #>>19823921 #>>19823930 #>>19824013 #>>19824265 #>>19824275 #>>19824334 #>>19824438 #

ehsankia ◴[04 May 19 02:19 UTC] No.19823919[source]▶

>>19823890 #

> Why can't I tell my copy of Firefox to ignore the certificate? Why can't I sign my own extensions?

The issue is that if you leave any sort of lever that reduces security, it will be abused by bad actors. This is why browsers are having ever decreasing ways to bypass security and have full access. It is annoying, but at the end of the day, protecting 99.999% of the users trumps what us power users want.

replies(4): >>19823956 #>>19823992 #>>19824076 #>>19825643 #

1. ◴[04 May 19 02:35 UTC] No.19823992[source]▶

>>19823919 #

↑

All extensions disabled due to expiration of intermediate signing cert