Firefox will disable extensions in private mode if you want to
I think i remember a post not to far back with a similar topic. Not sure if it was from the developer of the hooverzoom extension itself, but it definitly referenced some offers they collected.
edit: just noticed, that the article also references the offers (ref. https://github.com/extesy/hoverzoom/discussions/670 )
I love the offer of almost $15k to then say they can bargain if the users are active, like if it’s worth that much without active users then that’s definitely shady.
To add to the blog post, if you use user scripts, utilize your manager’s blacklist and learn REGEX.
If needed, use Group Policy, Regedit or .plists on macOS to blacklist domains to prevent an extension from running on them. As an example, I use Shutup.css to block comments online, but on something like Lemmy, I want to see comments as that’s primarily how content is created and adding it to my extension domain blacklist prevents the extension from running on the website or any lemmy domains.
It’s interesting to read as I never thought about the vulnerability these extensions are.
I guess you should limit the number of extensions you have.
Exactly why most enterprise organizations disable them. You should too if you’re doing anything sensitive data.
That’s why on my work PC I use a completely vanilla Firefox, gotta live with the ads. But I’m not risking giving full access to website content to any extension
deleted by creator
deleted by creator
I thought my ISP already had this data and is selling it. Should I go make sure all my extensions are 100% kosher?
Your ISP cannot read https data in transit. Extensions can because the page is now rendered on your local browser.
Thank you!