Closed Bug 1603731 Opened 5 years ago Closed 5 years ago

Extension block request: Add-ons using obfuscated code

Categories

(Toolkit :: Blocklist Policy Requests, task)

Product:
Toolkit
Component:
Blocklist Policy Requests
Type:
task
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: TheOne, Assigned: TheOne)

Details

(Whiteboard: [extension])

Extension name Add-ons using obfuscated code
Extension versions affected <all versions>
Platforms affected <all platforms>
Block severity hard

Reason

I’ve reviewed the add-ons and found they use obfuscated code.

Extension GUIDs

{a4b95555-755a-4a3f-bc64-f6999377963d}
djamol@webdownloader
{b23e59ff-5491-40f4-adb2-577d31d8778a}
{90e41842-755d-40e0-9136-8129df55a644}
{8e0ccf87-6ea4-4985-b07f-4d503f105d91}
{69d0ae35-7d39-4c41-b455-4d751117317e}
{df0dfe82-78a9-456e-9dc1-c832a94d43a7}
{7bbd26d9-d245-48d3-b3a6-5e19948dfa14}
{3d9109d8-463e-4dde-9416-d25c6ea995df}
{2726adf8-c1f9-4ed9-baf1-9a3c1742b659}
{bfc40cf5-a085-4f0b-a3ef-5e124f2e445e}
{37927c18-d5a5-4187-9e6e-6a787364bd9f}

The block has been pushed.

Group: blocklist-requests
Status: ASSIGNED → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED

Hello Mozilla Team,

This is Sebastian, the CTO of snapADDY.

I am contacting you regarding the blacklist of firefox addons, that was introduced in the last firefox update: https://bugzilla.mozilla.org/show_bug.cgi?id=1603731
We assumed this would only apply for addons released in the official store, not for self-hosted extensions.

The code review process we remember from our time we released the app in the addon store would not be suiteable to us.
For one that our code base is now way more complex and as I remember it often took over a month till our addon got approved (we release a new version every 2 weeks)

Is there at least a way to disable the blacklist in the firefox config or something like that?
Is there an alternative way to establish the trust to not put our addon on the blacklist? The intention of our addon is not to spread malicious software or malware.
Our customers pay us directly for the use of the software and we are not secretly collecting data or selling ads.

We are a B2B SaaS application and a lot of our customers actually prefer firefox over chrome, with this new rule we will no longer be able to support those customers.

Best regards,
Sebastian Metzger

Flags: needinfo?(awagner)

Thank you, we will reply to the email you sent us.

Flags: needinfo?(awagner)
You need to log in before you can comment on or make changes to this bug.