When I first registered the domain, I used exclusively firstname.lastname@example.org, but nobody ever got the joke. “Who's lesser?” I eventually switched to using email@example.com which made even less sense and still garnered weird looks.
Content Security Policy (CSP) is one of the most important steps a website can take to reduce its vulnerability profile. Implemented properly, it can reduce the risk of cross-site scripting (XSS) attacks to near zero.
AMO is one of the highest profile sites both at Mozilla and on the internet at large. An XSS attack against it could lead millions of Firefox users to unwittingly install addon exploits. After six years of hard work, the Mozilla Infosec team and the AMO team successfully implemented CSP.