zlacker

  > What they want is to get rid of apps like YouTube Vanced

I think it is also very telling where they're rolling out first. Brazil, Indonesia, Thailand, and Singapore.

It felt weird that the official press release was quoting entities from these countries, as if it should give confidence to the rest of the world. I can't imagine what these countries would want with apps that can be traced back to a government id...

Vanced and such is more of a First World/Western issue. I don't think you're wrong but I got a strong gut feeling there's other pressures in the works. Just something doesn't smell right...

>>godels+(OP)
Vance is just as big if not bigger problem there.

>>godels+(OP)
Hm, not sure about that. I know from browser add-ons that markets like Brazil do suffer from increased scams, especially banking scams. I could see that this is also an issue for scam apps.

Firefox for instance does not allow you to install unsigned extensions. You don't need to list them on their storefront, but they want to perform automated tests and have the ability to block extensions through this signing requirement.

So in principle I can see them wanting to address a legitimate issue, but the way they are going about this is way to centralized. IMO they should do something like we have for web certificates, where vendors can add more root authorities than just the one from Google, and users should be able to add their own root certificates if they want to side load apps.

>>godels+(OP)
>Vanced and such is more of a First World/Western issue

What? I'm from Brazil and Vanced is as big, if not bigger here. In fact, most of my 'first world' friends just pay for YouTube Premium (or whatever it is called), and these kinds of workarounds are mostly used in countries with less purchasing power.

>>Yaina+xe1

  > I could see that this is also an issue for scam apps.

I don't deny that it can be used to reduce scams, but I think there are far better ways to solve this that don't give authoritarian countries extra powers. Thing is, signing doesn't actually address the problem. It is a way to track the problem, not prevent the problem. Don't confuse the two.

  > Firefox for instance does not allow you to install unsigned extensions.

That's absolutely not true[0]. You need to sign the extension to publish it to their app store but you don't need it to install. Btw, the Playstore already does this too. Which I'm totally okay with!

[0] https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/Web...

  For other people to use your extension, you need ***to package it and submit it to Mozilla*** for signing.

>>joaoha+9j2
I'm talking about a different kind of problem. Ask the next question (and maybe a few more) about why this is the situation.

>>godels+1J2
It is true, and what you quoted does not contradict this.

https://extensionworkshop.com/documentation/publish/signing-...

You can temporarily install extensions in about:debugging, but everything permanent needs to be signed.

> Add-ons need to be signed before they can be installed into release and beta versions of Firefox. This signing process takes place through addons.mozilla.org (AMO), whether you choose to distribute your add-on through AMO or to do it yourself.

>>Yaina+KJ3
What you are saying now is different than what you said before. This exact distinction is identical to the conversation of Google too.

I mean test it out. Write that short example extension in Firefox. Doesn't matter if you need to open up about:debugging (just as you need to do extra things on your android). It'll stay.

The signing is for distribution.

>>DobarD+cF
Sorry, I replied to a sibling comment that was nearly identical[0]. Luck(?) would have it, said other problem was made more explicit[1]

[0] >>45033035

[1] >>45035699