[ocdtrekkie]

Google's security is as good as they cover their own rear on it. For instance, Google Chrome is hailed as being incredible at security, but they allow extensions which can read and modify the contents of every website you visit with little to no scrutiny. Malware is rampant and distributed directly from Google's extension market, but Chrome is "secure", because by definition, Chrome permits the extensions to be malicious, so it isn't a break in Chrome's definition of security.

In this case, they just blame you for installing an extension that behaves badly.

[cromwellian]

Firefox extensions can be malicious too, but this has nothing at all to do with backend data security, a red herring.

If you create an open system that allows users to do anything to their systems, you create footguns. I don’t see you whining that this is universally true for desktop computers as well.

[ocdtrekkie]

The issue is that Google fails to vet those extensions. At all. Google has decided it is better to serve malware and blame the user than invest a modicum of expense on scrutinizing code that has the capability to capture all of a user's personal data.

It's reckless and it's irresponsible. And it's unique to Google.

EDIT: Also, re: desktop computers, if you check out my Reddit comments, you'll find I've been actively advocating for developers to support UWP sandboxing on Windows, and mostly telling off their excuses why their apps need full system access.

[icebraining]

I agree with you, though it should be noted that Mozilla does review the addons submitted to AMO, including - if this hasn't changed in the past few years - reviewing the code. I don't know how effective those are in preventing malware, though.

[UncleMeat]

Human reviewers are not fabulous at detecting make are sight unseen. This is also wildly unscalable.

[ocdtrekkie]

Extensions do not come in at the volume of YouTube videos. Not only is the scale orders of magnitude smaller: But there's little to gain from an endless supply of browser extensions.

Unreviewed browser extensions should not be permitted, full stop. Microsoft has (finally) figured this out: There's a few dozen Edge extensions which Microsoft has vetted, and that's it.

Additionally, scrutiny for extensions can be filtered by their capabilities. In my given example, the issue is the ability to read and modify content on all websites you view: This permission should only be granted after extreme scrutiny, whereas an extension which can only access a single domain and does a simple thing needs only a cursory glance.

[vatueil]

> Extensions do not come in at the volume of YouTube videos.

Unfortunately, reviewers who can vet extensions for malicious code also come in lesser volume than reviewers who can watch YouTube videos.

> But there's little to gain from an endless supply of browser extensions.

Debatable. Every move by Mozilla and Google in the past to restrict add-ons has been met by criticism from developers. I doubt many here would share the love for the Windows Store.

> Microsoft has (finally) figured this out: There's a few dozen Edge extensions which Microsoft has vetted, and that's it.

I'm sure Microsoft's gatekeeping has kept many shoddy extensions out of the store, but the fact that Microsoft introduced support for Edge extensions only recently compared to Firefox and Chrome and that Edge has relatively low marketshare probably also factor into the low number of extensions available.

> In my given example, the issue is the ability to read and modify content on all websites you view: This permission should only be granted after extreme scrutiny, whereas an extension which can only access a single domain and does a simple thing needs only a cursory glance.

The add-ons I use that can be restricted to a limited number of domains already do so, but most of the add-ons I use must be able to access any given site in order to function: password managers, tab organizers, etc.

It's true the permission is powerful, but if you're going to ask for "extreme" vetting of extensions which use it you might as well ask for extreme vetting of all extensions since legitimate use cases are not exactly a small category.