
CrossFire: An Analysis of Firefox Extension-Reuse Vulnerabilities [pdf] - javajosh
http://www.buyukkayhan.com/publications/ndss2016crossfire.pdf
======
javajosh
So if one add-on gets special permissions, then they actually ALL get that
permission. Well, it could be worse. I'd hate to scare people away from
installing add-ons. I mean, it's already scary and hard enough.

------
dang
Url changed from
[http://www.pcworld.com/article/3053889/security/researchers-...](http://www.pcworld.com/article/3053889/security/researchers-
attackers-could-use-holes-in-firefox-add-ons-to-target-your-
pc.html?google_editors_picks=true), which points to this.

~~~
javajosh
I was actually impressed that pcworld covered this story, which is part of why
I used their link. I didn't see it anywhere else! Is there an official HN
policy on what the "canonical link" is for a thing?

~~~
dang
Not a strict policy, but if the article points to a more substantive source
and the audience is capable of absorbing it (i.e. not too highly specialized
and/or in a field that is widely understood here), we tend to swap for that.

