Some food for thought to those people, who call for "strong sandboxing" of extensions:
You should remember what extensions do in the first place. Extensions are not just applications seperated from the browser-runtime. They aren't isolated islands. Rather, extensions run INSIDE the browser runtime and have more or less full access to it, so that they can modify the browser however they like. You dont like that? Well, if you remove the ability to modify the browser, then what is left of the idea of firefox extensions?
Ignoring implementation costs and dev resources, the most one could do, is making it so that extensions may not modify each other, but may modify the rest of the browser - but wait, WHERE is an extension? Do you think its the GUI and stuff which you see of them? Nope, thats the parts of the BROWSER which they modified. Strictly spoken, the extension itself, is at most its code and its own datastore... NOT the GUI and things which you see.
So, to get to the point: Even if you sandbox extensions from each other, that changes absolutely nothing about their ability to modify what you see on the screen, however they like. So what did you gain by that sandboxing? I'd say: you protected the extensions own data and code, nothing more. The behaviour of the browser at runtime still is a playground. And it has to be, because as i explained earlier, modifying that "playground" is the whole point of extensions. But you see, a tool is just a tool... not what it is used for. You cannot design a hammer so that it can only be used for building stuff, not for murdering someone.
I can imagine what will be the next question then: "Well, if we cannot make it impossible, then it needs to be forbidden. We need to create policemen (AMO), so that they protect us from the evil men."
Well, while that approach is slightly better, it still isn't efficient. You may be able to reduce potential abuse that way, but all those "it needs to be forbidden"-approaches have one thing in common: They seek a replacement for YOU.
What do i mean with that? Well, when i say "you", then you will first understand this "you" as a "person". But what i mean is actually your consciousness. What does a consciousness do? Well, it receives information, analyzes it, makes decisions and then gets feedback (responsibility) and the cycle begins anew. You may now think that i'm getting carried far away here, and that it has nothing to do with the topic, but i will show you soon, that it is actually the core issue at hand here.
Why is there so much malware out there - even by "credible" vendors - compared to... lets say 1995? You may think that its because of sheer quantity - back then, it wasn't as profitable because there were less users. I answer to this: Well, if this is the case, then why is it that most of nowadays malware wouldn't have had a chance back then - because the USERS would have been mostly resistent to it?
The kind of users of computers nowadays, is different than back then in 1995. Different in which way? Well, to keep it short: Its mostly users who have no interest in having just enough understanding of the tools which they use, so that they can make efficient DECISIONS and take RESPONSIBILITY for those. Rather, they want OTHERS to make decisions for them, and take care of responsibility. Notice the link to calling for the "police"?
But, why are the aspects of personal decision and responsibility so relevant to the malware topic? Well, consider the following which i previously posted in the blog-thread:
The road from fairware to malware, and from mutuality to parasitism:
1. “Hi, i have this and that feature and do it this and that way. If you are looking for something which does this and that, then i can do that. I can however not to this and that and there are better solutions for such cases. Anyways, if what i can do is useful for you, then you can manually download and install me here…”
2. “Hi, i’m really cool, because i can do this and that. Regardless of your actual needs, its certain that you benefit from using my services, because i’m good for ANYBODY. Download and install here…”
3. “Hi, i won all those awards, have a colorful and blinky website and offer these totally awesome features. YOU NEED ME! Click here to install fully-automated!”
4. “Hi, i’m like totally awesome and automatically run as a webapp with access to the operating system. Did i mention already that you should buy me, because i’m like totally awesome, regardless of what you need or want? Oh, and also try our other like totally awesome products, because else you will be a total loser and your computer will explode. DO WHAT I SAY DAMNIT!”
5. “Hi, i’m your new crap-adviser, buy…” “WTF? How did you get installed?” “Shutup, i have just downloaded these like totally great offers, based on your usage-stats, and installed them. Now, click here to register them! No, forget it, you wont remove me. Your decision doesnt matter! Do what i say damnit!”
6. “Hi, i just turned your machine into a remote control which can be commanded however we like. Of course, you wont be able to read this message, because i made sure to integrate into the OS as deep as possible so that i’m not only unremovable but also invisible.”
7. “Can you say ‘Hypervisor-Mode’?”
Notice a trend? The red thread through the above development, is removing the decision and responsibility from someone. It is about stripping an individual from his ability to decide - about taking away what is the job of a consciousness in the first place. It is an invasion.
When you have an entire environment full of people who want others to decide for them, then that is nothing else than a paradise for abusive parasites. Most nowadays PC-Users want to be told what to do and when enough people go into that role, it doesn't take long for abuse to appear, because metaphorically phrased, there is no immune system anymore.
Of course this is something for which there is no "quick fix". Its nothing which can be solved with a handful of applications or app-modifications. Still, i would throw the question into the thread: Would in the mid-term it probably be more efficient, to put more effort into education, rather than creating more replacements and compensations for the lack of user-ability to make educated decisions?