[RaleyField]

There's slight difference in that in Firefox's case tech journals will be writing about it, everyone else will be talking about it and it will be on front page of HN. In the case of random extension going rogue it will likely get unnoticed for years and when it is finally noticed there's a small chance it will be picked by HN if planets align.

[lisper]

Maybe. Take a look at my exchange with u/LoSboccacc a parallel branch of this thread. If what he claims is correct (I don't know, but he seems pretty confident) then there is already a huge gaping security hole in FF that no one is talking about (AFAICT).

[LoSboccacc]

not only is factual, it comes with linked sources for all the claimed points

https://news.ycombinator.com/item?id=21336440

[lisper]

Don't believe everything you read on the internet.

Yes, the text on that page can be interpreted as supporting your position. Still, "Offer a password manager..." is not quite the same thing as "silently read all of your passwords and do whatever the extension wants with them..." I have a very hard time believing that the latter is the case and that no one has sounded the alarm on this yet.

Also, add-ons have been deprecated in favor of extensions.