[Project_owners] InstallTrigger (was: XPI install still vulnerable to MITM attacks on mozdev.org)

eric.jung at yahoo.com eric.jung at yahoo.com
Fri Jul 20 07:26:07 PDT 2007

There's great documentation on InstallTrigger here:
Short of implementing a file release system like SourceForge, I'm not sure how mozdev could enforce each project-owner into publishing their download page with InstallTrigger.


----- Original Message ----
From: Douglas E. Warner <silfreed at silfreed.net>
To: project_owners at mozdev.org
Sent: Friday, July 20, 2007 7:35:26 AM
Subject: Re: [Project_owners] XPI install still vulnerable to MITM attacks on mozdev.org

On Friday 20 July 2007, Mook wrote:
> I'd like to point out that, for the (hopefully typical) case of a
> Firefox user clicking on a Install link and immediately installing
> (and not downloading first then install, as is the case with
> Thunderbird &c), AMO's install buttons use InstallTrigger with a hash.
>  This means that the mirror doesn't have to be secure (since the hash
> was transmitted over https, along with the page the user was seeing).
> Of course that still only protects a portion of the users...
> This may or may not have any bearing on what mozdev wishes to do :p


Thanks for providing that information; I wasn't aware that there was any 
install-time security on AMO.  I'll take a look to see if it's something that 
Mozdev could implement as well.  It sounds very similar to the 
link-fingerprinting that Michael was suggesting, as well.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mozdev.org/pipermail/project_owners/attachments/20070720/d49b878c/attachment.html 

More information about the Project_owners mailing list