Silent Update: The Firefox update process will be moved to the background and Windows admin passwords and/or UAC prompts will be removed. Also, users with the rare incompatible extension will have a gentler upgrade process.
Do you think this is a good idea for Windows updates for the big public? If not, how is Firefox different?
Firefox installers are signed (and so are updates), so I don't see any security issues here. On the contrary, removing the need for people to approve all those useless UAC prompts makes it more likely they will actually look at the next one to pop up and see if it is legit.
On the one hand, it's basically an enormous usability win. I don't want to manually manage all of my security updates.
On the other it's a little hard to let go of the fact that I no longer control all of the software on my own diskspace - even if, admittedly, that has been an illusion for many years now.
Is there an issue with mitm attacks at hostile wifi points of access? Dns pointing to a bunk certificate authority maybe? I am not fully versed on this though so I don't know how possible this attack is.
The update payload itself is signed with a private key controlled directly by Mozilla, to avoid vulnerability to CA compromises [1]. The connection to the update server performs additional checks to ensure not only that the SSL certificate is valid, but that it matches one of a small list of known certs or issuers, so that a fraudulent CA can't hijack the connection with a forged certificate [2][3].
(As a side note, the fact that this is necessary points out some of the major risks in the current CA system, which will hopefully be addressed in whatever eventually replaces it...)
Even if possible, all of those would be independent on whether updates install silently or not - they have always been downloaded in the background automatically.
Silent Update: The Firefox update process will be moved to the background and Windows admin passwords and/or UAC prompts will be removed. Also, users with the rare incompatible extension will have a gentler upgrade process.