[raverbashing]

Do you know what would be a great way to prevent this?

Every data send by an extension should be user viewable.

Here's the json file (or maybe something better) that we are posting, press Agree to send it

[byuu]

They would just start obfuscating the data (with ciphers, word replacements, encoding, minification, etc.)

They'd then claim it was for your security/privacy/protection. You know, like how Microsoft encrypts your Windows 10 usage data it sends them.

At least you could use the presence of such obfuscation as a sign there's probably something bad afoot. Presuming only a tiny number of extensions try to encode the data they send.

[yuhong]

This extension already does in fact, with double base64 (see btoa in source).

[jlgaddis]

> ... you could use the presence of such obfuscation as a sign there's probably something bad afoot.

So, that "if you have nothing to hide..." argument, basically?

[singold]

Similar but not the same, one thing is hiding your own information, but another very different is you taking my information and hiding it from me

[blub]

No, the only thing that will work is to pummel guilty companies into the ground with fines.

But you can bet GooBookSoft will lobby against that like their lives depended on abusing customer data. And they do depend on it.

[codedokode]

I do not think collecting data on users is necessary. You still can show ads in search results even if you don't know anything about a user. And you don't need user's browsing history to sell him an airplane ticket.

[commentzorro]

Nope. I'm going for FaceGooSoft or FaceGleSoft. First writes better. Second sounds better. But you can have the copyrite because all are fun.

[mootothemax]

>Nope. I'm going for FaceGooSoft or FaceGleSoft. First writes better. Second sounds better.

With much regret, MiFaceGoo is rarely appropriate in the professional world.

[codedokode]

You cannot make a technical solution to this. Now every company tries to collect as much information as they can. Only laws can help.

> Every data send by an extension should be user viewable.

You can start Wireshark and get that data. But it would be too complicated for an average Joe.

[GTP]

Most people would just press "Agree" without reading it, but giving the possibility to read the data only when you want would give to expert users the way to occasionally check what the addons are doing.