- Jul 3, 2015
- 8,153
I have a few chrome extensions that I have been using and trusting for a long time.
Now I am wondering whether they might be harvesting login credentials or other sensitive info, or perhaps they are being exploited by third party actors for that purpose.
For instance, I have an extension called Disable HTML5 Autoplay
It has permissions like this: read and change all your data on the websites you visit.
The dev seems to have a respectable presence on Github, but how do I know whether he uses the right security measures?
I have another extension, for Gmail, called Gmelius
It has similar permissions, but limited to certain google domains.
I don't really care if someone finds out what I am planning on buying my wife for her birthday, but I don't want them to finance their own purchases from my banking account...
Now I am wondering whether they might be harvesting login credentials or other sensitive info, or perhaps they are being exploited by third party actors for that purpose.
For instance, I have an extension called Disable HTML5 Autoplay
It has permissions like this: read and change all your data on the websites you visit.
The dev seems to have a respectable presence on Github, but how do I know whether he uses the right security measures?
I have another extension, for Gmail, called Gmelius
It has similar permissions, but limited to certain google domains.
I don't really care if someone finds out what I am planning on buying my wife for her birthday, but I don't want them to finance their own purchases from my banking account...