Reviews for Session Boss
Session Boss by William Wng
Review by LCS
Rated 1 out of 5
by LCS, 6 years agoI cannot rate higher than one star if the code is not available for review in github somewhere. I would not recommend anyone use this extension with the code being available for review. From time to time there are extensions that are pulled because they contain malicious code. That's after so many users have been using them for some time. I am not saying that this extension contains any malicious code. Only that as a community we cannot ascertain whether it does or not until the source code is publicly available for review.
Developer response
posted 6 years agoI really take exception to this unfair review comment and its insinuation.
- First of all, I would encourage anyone not to use an extension if there's any doubt about it, including this one.
- Second, Mozilla has put in place a very rigorous review process to prevent malicious extensions. I went through it and it's no joke.
- Third, people underestimate how strong the new extension framework , the permission system, and the extension digital signing process Mozilla has put in place to prevent malicious attack since Firefox 57. I encourage you to look into the extension development process and see how things work.
- If people think some source code they review on Github would be the same as the extension installed on their machines, they're at best naive and at worst misleading others with a false sense of security. I really doubt their ability to do a proper security audit.
- All source code of all Firefox extensions are publicly available for review. And they are digitally signed to prevent tampering. If one has some basic knowledge about Firefox extension, one can start reviewing the code right the way.
- Github's purpose is for sharing source code and managing project development.
- I developed this extension mainly for my own use and thought others might find it useful so I shared it. I would care less about the rating. If you think a low rating would force me to put the source code on Github, you are sadly mistaken. I will never put the source code on it.
- In fact, the source used to have a GPL license. I've just changed it to closed source because of this review.
- First of all, I would encourage anyone not to use an extension if there's any doubt about it, including this one.
- Second, Mozilla has put in place a very rigorous review process to prevent malicious extensions. I went through it and it's no joke.
- Third, people underestimate how strong the new extension framework , the permission system, and the extension digital signing process Mozilla has put in place to prevent malicious attack since Firefox 57. I encourage you to look into the extension development process and see how things work.
- If people think some source code they review on Github would be the same as the extension installed on their machines, they're at best naive and at worst misleading others with a false sense of security. I really doubt their ability to do a proper security audit.
- All source code of all Firefox extensions are publicly available for review. And they are digitally signed to prevent tampering. If one has some basic knowledge about Firefox extension, one can start reviewing the code right the way.
- Github's purpose is for sharing source code and managing project development.
- I developed this extension mainly for my own use and thought others might find it useful so I shared it. I would care less about the rating. If you think a low rating would force me to put the source code on Github, you are sadly mistaken. I will never put the source code on it.
- In fact, the source used to have a GPL license. I've just changed it to closed source because of this review.