palmfacehn
7 months ago
Functionality that is available in the CSS inspector on most browsers. I've never used browser add-ons. The security model is non-existent. Sure, you trust the publisher today, but who is to say that the developer isn't exploited? They might sell their app to a less scrupulous actor. I'm sure posters here can think of other possibilities as well.
eviks
7 months ago
Yes, the other possibility is copy the extension code locally to block updates, then you don't trust the future exploits
Also, for most mentioned extensions functionality isn't available in browsers
bingo-bongo
7 months ago
But then you’ll no longer receive any future security fixes by the publisher.
It’s a hard problem to fix, when we can’t trust any publishers in the future :(