Mozilla should remove add-on signing from Firefox.

Add-on signing is a glorified backdoor that lets Mozilla remotely terminate any extensions the user has installed in their Firefox web browser.

Even if Mozilla promises to "never abuse this", a fascist government could force Mozilla in the future to remotely censor extensions they don't like.

In addition, when Firefox contacts Mozilla servers to verify if Mozilla approved each extension, it discloses to Mozilla which extensions are in use. So in addition to being a backdoor by definition, it is a severe privacy violation as well. This comes from an organization that perpetually claims to champion user freedom and privacy.

Of course, there was a certain accident on May 3rd, 2019. Don't you think we'd forget about that so easily. This was a terrible day across offices all around the world. It cost millions of working hours, just because Mozilla deliberately added a vulnerability to Firefox that makes it dependent on Mozilla servers for extensions to work.

Add-on signing wasn't always there. It was only added in Firefox 40, but without terminating unsigned extensions. As anything evil, it expands if not stopped at an early stage. From Firefox 43 to 47, it was activated by default but flipping the switch at the "xpinstall.signatures.required" property in about:config allowed turning this nonsense off. But with Firefox 48 came the mandatory add-on signing. 

Of course, the argument for this technofascist anti-feature is to "protect the user", but it does far more damage than good. It takes much more protection away than it gives. It makes the user vulnerable to intrusions by Mozilla or by a government that might force Mozilla to censor unwanted extensions.

Add-on signing very closely resembles malware. It needs to go.