Click to play, the next big problem for many smaller, companies

Jesse Ruderman jruderman at gmail.com
Tue Sep 10 03:26:22 UTC 2013


On Mon, Sep 9, 2013 at 3:47 PM, Larissa Co <lco at mozilla.com> wrote:
> We are planning on distinguishing between regular plugins
> like yours, and plugins we believe are particularly vulnerable. For those
> plugins, we'll make it harder for the user to allow the plugin long term.

Perhaps Firefox could also consider whether the plugin was loaded by
the main page or by a third-party iframe. Stealthy attacks involving
ad networks are likely to be the latter.



More information about the firefox-dev mailing list