⇄ Σ = Mᄃ² ⇆
Follow

look what just popped up on my radar

users now have a way to guard against the threat of extension subversion, that is, if they don't mind installing yet another browser extension.

Matt Frisbie, a software developer and programming book author, has released a Chrome add-on called Under New Management to alert users when installed extensions have changed owners.

/nosanitize

chromewebstore.google.com/deta

· 1· 0· 0
⇄ Σ = Mᄃ² ⇆  

"Extension developers are constantly getting offers to buy their extensions," Frisbie says. "In nearly every case, the people buying these extensions want to rip off the existing users.

github.com/extesy/hoverzoom/di

Frisbie said that he's a Google Developer Expert on Browser Extensions and thus has access to the Chrome team and has been working with them to shape the Chrome Extensions platform.

1
⇄ Σ = Mᄃ² ⇆  

In the GitHub repo for Under New Management, Frisbie explains why this may be useful. Basically: Extensions can be developed for entirely innocent, useful purposes, but when they are sold or hand over to others, those new owners can – and have – sneakily adjusted the code so that it turns against the user, stealing their info or injecting ads. This kind of hijacking can affect millions of netizens at a time.

Source: github.com/classvsoftware/unde

1
⇄ Σ = Mᄃ² ⇆  

Frisbie said he's building an extension promotion platform called ExBoost to improve the extension ecosystem and make it safer Under New Management relies on an ExBoost API server to handle the checking of developer information due to Cross Origin Resource Sharing rules limiting access to data related to extension domains.

Thanks for Frisbie's work, Google may be open to implementing an official API to detect ownership changes

1
⇄ Σ = Mᄃ² ⇆  

"I'm pleased to say that, as a result of the attention this has received, the Chrome team is already entertaining changes to the web extensions API that would allow for this sort of detection," he said.

Changes of ownership are particularly problematic for browser extensions

Anyone with sizable audience in this surveillance economy is invited to stuff their add-ons with tracking and ads

theregister.com/2023/08/11/chr

1
⇄ Σ = Mᄃ² ⇆  

personally i have had a few extensions that i used that had then been sold to others and ended with all sorts of backlash

example - i don't care about cookies extension was sold which just helps with allowing all cookies on sites and skips they pop-ups(i also have an extension that deletes all cookies from sites after i close tab 😉)

I still don't care about cookies became the new kid on the block though

1
⇄ Σ = Mᄃ² ⇆  

BUT some chromium browsers still use the one that purchased like Vivaldi browser

counter.social/@ecksmc/1110960

which is problematic imo when browsers add stuff to their settings pages and don't tell users that they settings you are switching on actually uses something that questionable from a 3rd party

1
⇄ Σ = Mᄃ² ⇆  

and in case you are wondering "why would toggling a setting on in a browser really matter"

well here is why Avast took over the "i don't care about cookies" extension and well ICYMI Avast ain't trustworthy

counter.social/@ecksmc/1119802

especially now after the whole extension-gate thing with them and it was not long after they were caught selling folks data via their own extension that they then purchased the "i don't care about cookies" extension

0
Sign in to participate in the conversation

CounterSocial is the first Social Network Platform to take a zero-tolerance stance to hostile nations, bot accounts and trolls who are weaponizing OUR social media platforms and freedoms to engage in influence operations against us. And we're here to counter it.

Resources

Developers

What is CounterSocial?

Created by potrace 1.15, written by Peter Selinger 2001-2017

counter.social

More…