[HTTPS-Everywhere] Reconsider putting HTTPS Everywhere on addons.mozilla.org - Legal opinions and rant

Maxim Nazarenko nz.phone at mail.ru
Fri Aug 12 12:47:00 PDT 2011 

Hello,

Is it possible to publish the extension at addons.mozilla.org and make
it autoupdate from eff.org?

Best regards,
Maxim Nazarenko

On 12 August 2011 11:37, Peter Eckersley <pde at eff.org> wrote:
> (Removing the -rules list.  Let's not spam everyone).
>
> I'm on the fence at the moment about submitting HTTPS Everywhere 1.x to
> addons.mozilla.org
>
> In favour:
>
>  - more people will install the extension
>  - the privacy policy there has improved -- log retention there is down from
>   "indefinite" to six months
>
> Against:
>
>  - the privacy policy is still not as good as eff.org's
>  - the lag time for pushing updates into AMO is ~2 weeks, which means that we
>   can't fix bugs quickly.  I also keep seeing AMO addons get disabled because
>   Mozilla won't let them declare compatibility with future firefox versions
>   early enough.
>  - there will be a whole extra path to deal with for publishing and managing updates
>
> On Thu, Aug 11, 2011 at 11:20:39PM -0700, Victor Garin wrote:
>> **** Forgot to add Tor Talk Mailing list to cc. (they have some good
>> people with legal smarts there who may not bother to check our mailing
>> lists) --- Please use this thread (subject) for further replies and
>> please cc to <tor-talk at lists.torproject.org>,
>> <https-everywhere at eff.org>, <https-everywhere-rules at eff.org>,***
>>
>> "Q. Why isn't HTTPS Everywhere available for download from
>> addons.mozilla.org like most other Firefox add-ons?
>>
>> A. We felt that the Mozilla privacy policy that applies to downloads
>> from addons.mozilla.org is somewhat less protective than the privacy
>> policies of the organizations that develop HTTPS Everywhere, and we
>> prefer for HTTPS Everywhere users to be protected by our privacy
>> policy. This decision could change in the future as Mozilla's privacy
>> practices evolve or as we re-examine the details of the current
>> Mozilla policy."
>>
>>
>> I want to ask the devs to reconsider putting HTTPS Everywhere on
>> addons.mozilla.org.
>>
>> A few reasons:
>>
>> 1. Trust: Many people trust that add-ons posted on addons.mozilla.org
>> has been reviewed by the Mozilla team. I mean people download many
>> add-ons from there, including many unknown ones.
>>
>> 2. More Users == Less False positives as there is a higher chance of a
>> False positive being reported because more sites will be tested. Also
>> most people comment on the Add-on page itself, rather than going
>> through the hoops of Mailing List or IRC.
>>
>> ==========================
>>
>> I am not sure exactly how Mozilla privacy policy affects HTTPS
>> Everywhere. The Add-on code will be the same no? Or is it that the
>> developers and or ruleset contributors could be held liable for
>> submitting rules? I was thinking laws regarding, unauthorized use of
>> computer network or equipment? It is in the Criminal Code in Canada
>> which means Extradition to the US, per the Mutual legal assistance
>> treaty, which happens when both countries consider a crime to be a
>> crime, even if the minimum sentence is less in one country. Oh and the
>> Extradition process in Canada is just a Rubber Stamp process. I looked
>> up the Court Records, 99.9% of the accused were extradited (or
>> committed in legal speak). They don't evaluate the merit of the
>> evidence, basically it is Guilty until proven Innocent by a court of a
>> foreign jurisdiction, with a cruel and unusual punishment of being
>> deported to another country for the trial. Well if that isn't enough,
>> we have Internet Surveillance and warrantless wiretapping legislation
>> coming soon as part of our Conservative Government's Crime and
>> Punishment agenda. Hell, they did not even keep it a secret during the
>> May election, and they won a majority in the Parliament, see:
>> https://secure.wikimedia.org/wikipedia/en/wiki/Canadian_federal_election,_2011#Internet_surveillance_and_warrant-less_wiretapping
>>
>> Damn! I should have used TOR when I submitted all those rulesets for
>> the last few months....
>> _______________________________________________
>> HTTPS-everywhere mailing list
>> HTTPS-everywhere at mail1.eff.org
>> https://mail1.eff.org/mailman/listinfo/https-everywhere
>
> --
> Peter Eckersley                            pde at eff.org
> Technology Projects Director      Tel  +1 415 436 9333 x131
> Electronic Frontier Foundation    Fax  +1 415 436 9993
> _______________________________________________
> HTTPS-everywhere mailing list
> HTTPS-everywhere at mail1.eff.org
> https://mail1.eff.org/mailman/listinfo/https-everywhere
>

More information about the HTTPS-everywhere mailing list