Feedback on add-ons listed so far...

[Moonchild]

Please write your feedback on add-ons listed so far.

If you would like to have a new Add-On added to the Useful Add-Ons by Pale Moon Community please post in that thread and follow the rules posted there! For other discussions you might use the topic General discussion on Add-Ons.

My 2 cents:

You might want to cull the "need to have" list a little and put more on the "nice to have" list. - not everyone is security paranoid
I'd suggest moving the following items to "nice to have":

• RequestPolicy
• CertificateWatch
• SSL Blacklist

And remove the following items altogether:

• Trackerwatcher (too many bad reviews, doesn't work half the time)
• Perspectives (Doesn't seem to be updated to work with later versions of FF code)
• TorButton (NOT something you can use by itself, and people using TOR tend to use a bundle that already includes it, and are already pointed to the add-on through TOR itself)
• FireFound: This is a security risk! It calls home to a central server which constantly records your location (and profiles you), which is not behavior I want to promote. A browser is also the wrong application to build something like this into, if you need this kind of theft protection, you need something low-level in the system. Also, the service is in the process of being shut down.

Also, check your URLs, change German localization references to English, please.

[diNovoM]

- Well i would say Request Policy should stay at need to have, it's really security essential!
- I agree, I'll move the bad ones to dismissed.
- When i got time, i'll create posts for each add-on like the recommendation, there will be links for en and de! Just was a quick solution with links i already got.
- There will also come much more like in useability and also more nice to haves, as i said it's a first impression for most required ones.

[Moonchild]

I disagree with requestpolicy - it is not essential, and in fact not desired for general browsing:

With RequestPolicy, the default for any cross-site request is to deny it.

This will break MANY sites, unless you go in specifically for every page you visit and allow requests. e.g. You visit a site that embeds youtube videos and externally hosted images - all perfectly legit requests. But it will be blocked by this add-on, it's too paranoid a thing to have in the need to have option, even debatable if it's nice to have - I certainly wouldn't like to have to go in constantly to allow requests to have a page work the way it's supposed to. Hell, if you use a payment processor on an external site, or "verified by visa" etc, it would block that too -- breaking an order process.

[diNovoM]

I actually have a quite long white-list for such things. But it was a long way to got there and allow everything first before it works. But it is still really of it's own class and the only way to sometimes prevent things before they happen, still it might seem a bit paranoid. I'll move it to "nice to have" but "highly recommend it if you want real security", ok?

[Moonchild]

But it was a long way to got there and allow everything first before it works.

Which is exactly my point.. and it would be an ongoing chore to keep up with that if you browse a lot and not just the same sites.

highly recommend it if you want real security

So, you're saying Pale Moon without it doesn't have real security?

[Moonchild]

By the way, why restrict discussions about add-ons to a single thread? Use the forum as a whole, people! That's what it's for!

(Note: topic split off)

[diNovoM]

But it was a long way to got there and allow everything first before it works.

Which is exactly my point.. and it would be an ongoing chore to keep up with that if you browse a lot and not just the same sites.

Still this would be something the user has to decide, even "needed to have" add-ons aren't required to be installed, that's why i have put it under needed to have!

highly recommend it if you want real security

So, you're saying Pale Moon without it doesn't have real security?

No, i wouldn't even have the heart to say/write something like that. Here we have to decide the level of security. Pale Moon (with or without other add-ons) is quite secure, still sometimes only request policy can prevent something before it happens.

EDIT: Sure people can create new topics for add-ons. Just about recommendations this topic should- and may on other topics this one can- be used. About the spit: is the other topic about general discussion even needed? Also yet there would be an introducing line at this one be missing. I would recommend: move it back, rename old topic (and may create a new one with general disc.)

[Moonchild]

Still this would be something the user has to decide, even "needed to have" add-ons aren't required to be installed, that's why i have put it under needed to have!

"Need to have" suggests that "every user would do wise to consider it strongly" -- which is definitely not the case for this one.

So, you're saying Pale Moon without it doesn't have real security?

No, i wouldn't even have the heart to say/write something like that. Here we have to decide the level of security. Pale Moon (with or without other add-ons) is quite secure, still sometimes only request policy can prevent something before it happens.

So, really, what incredibly dangerous situation have you, in practice, encountered where it would be a big issue if the add-on hadn't been installed?
Seriously, you can't hope to prevent everything, that is being incredibly paranoid.

Browsing should be enjoyable, not a chore. Any add-on that makes it a chore should not be listed, IMO.
The Mozilla Firefox code base is already very security-heavy, and I think we don't need to hammer the browser shut with even more. Considering that, I'd put NoScript under "nice to have" as well, as it follows the same approach that you have to specifically allow every site you visit.

[diNovoM]

I agree moving request policy to nice to have. But i would draw the line here. At NoScript (instead of request policy) you can configure websites normally to be allowed/white-listed and just block the ones you need, and this is a good feature for all, not really a chore. Also it's not only providing script-block but other useful options.

EDIT: Sure people can create new topics for add-ons. Just about recommendations this topic should- and may on other topics this one can- be used. About the spit: is the other topic about general discussion even needed? Also yet there would be an introducing line at this one be missing. I would recommend: move it back, rename old topic (and may create a new one with general disc.)

[Moonchild]

95% of the websites out on the web require javascript to work as intended.
You can't ignore the fact that you are crippling things with NoScript if you block that by default.
-> moved it to nice to have.

[diNovoM]

You got what i wrote? Simply go to Options\general: set "Scripts Globally Allowed" or set this in "Status-Bar Icon Context Menu" and you won't have problems with 98% of websites (2% may use XSS, Site-crossing). Still you can block sites and use NoScripts other security options!

And why you would like to have "Adblock Plus Pop-up Addon" as nice to have? Btw. please don't change something in that topic - instead inform me - i have a local text copy i use for editing and paste it afterwards.

[Moonchild]

If you use "scripts globally allowed" you are in effect not using the add-on... So it's pointless

[diNovoM]

Still you can block sites and use NoScripts other security options!

And why you would like to have "Adblock Plus Pop-up Addon" as nice to have? Btw. please don't change something in that topic - instead inform me - i have a local text copy i use for editing and paste it afterwards.

I would write the tip about Global Allow in recommended config and with it's other options i would say it's still "need to have".

[Moonchild]

No!
What part of "If you allow scripts globally you are in effect not using the add-on" is so hard to understand? We don't "need to have" an add-on that does basically nothing.
I know it's a popular add-on, but that doesn't necessarily make it a "need to have" one, especially if you're going to just have it sit there eating resources XD

The adblockplus pop-up add-on is a nice to have since adblockplus by itself already kills requests for ad popups - It's additional functionality that only adds something marginal to a different add-on. an option.

Just like I'd say pale moon is a need to have, but the migration tool is nice to have.

[diNovoM]

Ok, i somehow see your point (also acc. to pm) - switched them to nice.

I also made some new design in the listing and added 3 dismissed add-ons - you agree?

[diNovoM]

FireShot - nice one! I was just about to add Print Edit to review List, but that's even much better! Just going to restart and test it out. Also changed naming of links, better now?

But still there is much to do like for: Compatibility Detector, FlagFox (makes WorldIP obsolet?), FoxLingo, Memory Fox (might not be need from FF7.X on anymore?), SearchMenue, Send Mail in Browser, TabMixPlus, WebMail Notifier, Lazarus, SSLPersonas, Redirect Remover, All-in-One Sidebar, FlashGot, IE Tab Plus, Forecastfox Weather, Download Flash and Video, FireGestures, Linkification, MR Tech Toolkit (if it would work above FF3.7), QuickFox Notes, Read It Later, Mobile Barcoder, Greasemonkey, Firebug with Page Speed, AutoCopy, URL Fixer, Mozilla Labs - Ubiquity, Babe of the Day (hehe) maybe even PriceBlink, Window Shopper, Sparwelt Gutschein Alarm but some are quite security leaks and i have to check which should be recommended, where and so on. Also i found 2 other good add-on list i yet have to sort-out.