Browser plugins can read SSL pages no problem. So why did Superfish not just present itself like a browser plugin? Then it's just normal bloatware and probably pulls in the same profit. Some people might uninstall it is the only reason I can think why they didn't go this route. They could have pre-bundled Chrome and FF to avoid having users ok the plugin installation.
> So why did Superfish not just present itself like a browser plugin
They did this for years, actually. They paid add-on developers to bundle their shopping app with the developer's app. I remember this going on ~2010/2011 at least.
You can write anywhere to disk where user has privileges (at least in FF). Not sure if that's enough.
But I don't think you need a CA at all since plugins can see the full DOM (whether SSL or not). Like if you "inspect element", view source, or run firebug.
What am I missing here? What makes this addon so bad? It looks like it injects buttons/overlays to show "lower" prices of items you are already viewing. While I have zero desire to install this addon I'm failing to see what it's doing that makes it deserving of being pulled.
> SimilarProducts is a monetization platform that uses Superfish technology to help users find and discover products visually. The technology instantly analyzes images on the web and presents identical and similar product offers.
The company is scum, as has been proven the last couple of days. I don't know why anyone (Mozillas Add-On place included) should support them and carry their software.