Firefox 1.0PR’s software installation UI

Security: Given the current prevalence of phishing attacks and spyware infestations, designing a good user interface that protects naive users against malware is now more urgent than ever.

Firefox is, of course, widely touted as more secure than MSIE. This is by and large true, due partly to MS’ emphasis in their UIs on one-step ‘easy’ installation and confirmation-dialog reduction (in my opinion) — but also due to the fact that spyware companies don’t yet see Firefox as a target to the same extent.

This changed recently — spyware ‘toolbars’ started to appear for Firefox as well. It was quite a surprise to see a dialog pop up when accessing an otherwise normal-looking (though advertising-heavy) page, using my Linux desktop, prompting me to install some ‘toolbar’ .xpi file!

Firefox 1.0PR now includes code to deal with this. Here’s how it works.

If a site I’m viewing attempts to install an XPI file, I get this prompt:

Note that it’s NOT a dialog. This is pretty handy, because it means that I won’t get annoying dialogs all the time if I do accidentally go to a unscrupulous site; it just appears like the part of the page. In the clueless user case, they may not even notice that they’ve been protected, which reduces the risk that they’ll install the extension anyway.

(However, I would have extended it by using an icon or look-and-feel that indicated that this was a ‘trustworthy’ part of the UI, rather than possibly part of the page.)

If I hit the ‘Edit Options…’ button, I get this:

A simple-enough dialog containing the list of sites permitted to install extensions. is in there by default, and I’ve added so I can install from their more extensive list of older extensions. The address of the current site has been dropped in automatically.

To permit the site, I have to hit ‘Allow’, then ‘OK’. So I do that, and hit the ‘install’ link on the webpage again:

And there’s the Software Installation dialog. Note the red Unsigned warning, the proportion of text that is a warning about installing bad stuff (fully half!), and — this is interesting — a greyed-out ‘Install’ button.

The button is on a timer — it becomes clickable after 2 seconds. This, presumably, is to ensure that people read the dialog! Reportedly, users no longer read dialogs, instead hitting OK on every dialog that appears. In my opinion, this is arguably due to ‘the boy who cried wolf’ syndrome: by default, MSIE and older Mozilla versions will ask all sorts of stupid questions about ‘are you sure you want to send stuff on the intarweb?‘ whenever you use Google. If anything is guaranteed to induce dialog fatigue, it’s that feature.

(Update: actually, that’s not the reason. Reportedly, it’s a workaround for a couple of social-engineering attacks, whereby an attacker could persuade the user to type a word ending in ‘Y’, and time the dialog to appear just before ‘Y’ is typed — causing the keyboard shortcut for ‘Yes’ to take effect; or persuade the user to double-click in the right spot, and similarly time the dialog to appear in the right place, in time for the second click. Still, I maintain the measure is useful to deal with the ‘dialog fatigue’ issue too. ;) Thanks to Smyler and Rod for pointing this out.)

I would have gone further:

  • the ‘a software install was blocked’ page element should have an indication that it’s ‘trustworthy content’
  • both dialogs should default to ‘Cancel’, to avoid users deliberately pressing ‘OK’
  • I would possibly require a ‘yes, I read this’ tickbox to be ticked before the software is installed.

Interesting though. This is the way internet-facing UIs are going to have to develop, in my opinion.

This entry was posted in Uncategorized and tagged , , , , , , , , , , . Bookmark the permalink. Both comments and trackbacks are currently closed.


  1. Posted August 28, 2006 at 03:13 | Permalink

    I agree with the checkbox suggestion, but disagree with using a defaulted cancel button. I like the new warning pane/sheet/whatever they’re calling it too.

    Now, the real reason I’m leaving a quote: You’ve got some great music in your sidebar. I’ve been a big Eno and Roxy music fan for a long time. Bring on the Warm Jets is pretty decent. Have you heard the newly reissued “My Life in the Bush of Ghosts” with David Byrne? Great stuff.

    One last comment: What desktop theme are you using? I like the buttons.


  2. Posted August 28, 2006 at 10:32 | Permalink

    hi Rob —

    thanks for the comment! I haven’t heard “My Life in the Bush of Ghosts” yet, I’ll have to seek that out.

    I think the theme was H2O-Gtk-Emerald — I can’t seem to find it now, due to link-rot, but two related themes are H2O-Gtk2 and H2O-Gtk2-Ruby… they’re still very pretty ;)