this post was submitted on 02 Sep 2023
163 points (90.1% liked)

Technology

59207 readers
3037 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 45 points 1 year ago* (last edited 1 year ago) (4 children)

Or maybe only install extensions from trusted ~~sources~~ developers.

[–] [email protected] 31 points 1 year ago (1 children)

I think the point is that even if an extension comes from a trusted source, the developer could fairly easily push out an update that turns the extension into malware. Check the GitHub link in another comment below where the developer posts the solicitation emails he gets on a regular basis offering to monetize his extension. He isn’t selling out, but maybe not every dev is as willing as he is to forgo a potentially lucrative offer.

[–] [email protected] 10 points 1 year ago* (last edited 1 year ago)

And there are cases where this has already happened: https://www.bleepingcomputer.com/news/security/-particle-chrome-extension-sold-to-new-dev-who-immediately-turns-it-into-adware/ There are probably more recent cases too, but this was the first one I could find.

load more comments (2 replies)