The extension does turn Fx into a pdf handler - local files as well as web ones.
So at ideal development of this extension, Fx would become all the pdf handler a general web user's system will need.
I can use an axe to cut my steak as well as to chop down trees, but just a knife does fine for the steak, and with less risk.
I suppose one could also add extensions or native support that would turn Firefox into a reader and editor of .txt and .rtf documents on the HD, but why?
"Do one thing and do it well" -- Don't know the original author, but Giorgio Maone has said that about adding non-security-related functions to NoScript. It's a security tool, and adding the capability to cook your breakfast dilutes that value and invites vulns and bugs.
For my money, having battled against the huge tide of security vulnerabilities in third-party closed-source dlls like Acrobat, bloat is way down on the list when I'm considering installing a pdf handler.
Clearly, you don't understand some of the most important basic principles of safe coding, including the principle of "attack surface". Greater minds than mine have observed that on average, there is about one coding error for every 1000 lines of code written. Some are harmless. Some are bugs. Some are exploitable.
If Adobe has 100x the lines of code of Foxit, then it's expected that Adobe will have
at least 100x the number of coding errors (given that greater complexity creates more paths of interaction, and also makes review more difficult). And in fact, Adobe Reader has been the subject of numerous documented attacks for quite a while. Look in their security updates and changelogs, and compare them to Foxit's. Bloat is directly correlated to that difference.
Another greater mind said, "One man's feature is another man's exploit."
*Every* new feature added to *anything* - browser, pdf reader, etc. -- creates more possible security vulns.
Has Firefox been immune from security vulnerabilities? OSS helps, but if it were perfect, there'd be no need for security updates. Clearly, I find Firefox to be the best choice of available browsers, but is there really any reason to believe that this *new* feature must of necessity be flawless? Have the browsers been?
Adobe's mistake is trying to do too much. Foxit does one thing and does it well, with incremental improvements over time. Firefox should be a web browser, and continue to concentrate on doing it well, rather than being a do-it-all tool.
I note that Foxit is closed source and I would indeed go along with your disclaimer and caution anybody against taking your recommendation as anything except one that will reduce install-bloat on a system.
It's not just HD space, or wasted RAM and clock cycles, though those can add up pretty quickly if you have a machine full of bloatware. It's what's said above: it's easier to secure a small cave than a 100-room mansion with windows (no pun intended) in every room.
Speaking of Windows, it appears that you still use XP, as I do. Perhaps you have different reasons, but I like the fact that it's been around long enough to mature. Didn't get it until after SP 2, -- "never buy the first version of anything". I heard the bad buzz about Vista, and it proved to be valid. Terrible disaster for MS, dropped fairly quickly in favor of 7. So Vista never got a chance to mature. (poor design to begin with.) Now Win 8 was previewed last month (Sep. 2011), and although a statement of release in 2012 was later retracted, it would be in line with MS's typical 3-year release schedule. (Vista made it for only 2 1/2 years.) But XP is still supported
ten years after release, the longest for any MS OS ever, including DOS. And if you look at the monthly security bulletins, the number affecting the core XP OS (i. e., not Office, Media Player, etc.) has indeed been declining over time.
So, why do *you* still stick with XP? Just a matter of money? -- certainly a valid reason. But the above are all true, regardless of whether you choose to acknowledge them.
Also, why do you choose a closed-source product like Windows when there are open-source Linux-based OSs to be had for the taking? -- and they are *not* free of security issues, either.
Back from that hijack,
You asked for opinions on a proposed new feature. How is questioning the necessity of the feature a hijack?
I'm on the support team of the world's best browser security tool, donating my time as do all of the rest of the unpaid volunteers who make up the
support team. I think I can post my opinion about what is the safest course without that being regarded as a hijack. Others are free to disagree with my opinion (and yours).
But If the new feature isn't necessary,
then any further discussion becomes moot. Which saves a lot of time, decision-making, and possible future security issues for those who decide for themselves that my opinion is valid.
So, no further discussion from this writer - you may have the last word, should you like.
And for those who *do* think that their browser needs to become a Swiss Army Knife that can do everything already done by other tools, do please feel free to respond to the OP's question about pitfalls, which in itself implies the possbility, if not probability, of same.
Cheers.