• Knusper@feddit.de
    link
    fedilink
    arrow-up
    31
    ·
    1 year ago

    Mozilla prohibits connections to the internet, which aren’t necessary for the advertised functionality of an extension. So, these are rather “Chrome extensions” we’re talking about…

  • off_brand_@beehaw.org
    link
    fedilink
    arrow-up
    11
    ·
    1 year ago

    I wonder how easy it would be to make an extension and fake it’s popularity? Make make it intentionally broken or something, so users immediately uninstall it too.

    Sounds like an easy $10k, assuming the scammers would actually pay.

  • Cynber@lemmy.ca
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    1 year ago

    Don’t extensions get reviewed by the various stores? I’d imagine an automated check could catch malicious integrations like that.

    Maybe not right away, but once they catch wind of one shady extension they could just search the store for any other ones.

      • Cynber@lemmy.ca
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        I guess so, it would still be a problem. Once one extension is caught, it should be simpler to catch the rest.

        It’s harder to quickly switch stuff up when you need to send the devs new code to put in