[lolinder]

> To me this injection crosses a line of interfering with content that isn't yours.

Sincere question from someone who doesn't understand why we're freaking out: Why is this different to you than a password manager doing the exact same thing with password fields?

Here's what I see: someone installed the DuckDuckGo extension, which now has a new feature. That feature is best implemented by having a little widget that allows creating a new alias. Users who haven't seen the widget before wouldn't know how to use it, so DuckDuckGo added an explanation for people who click on it without having set it up yet.

Where was the line crossed? Do you object to having a widget at all? Is the problem having an inline explanation introducing the feature? Is it the phrasing of the pop-up?

I see a lot of visceral reactions and condemnations, but I don't see anyone explaining what makes this an ad and not onboarding.

[SimonPStevens]

For me it's about purpose and expectations. If I installed a password manager who's purpose is to inject my passwords into password fields that's what I expect it to do. That's fine. I'm explicitly giving it permission to inject such content.

If I installed a browser extension to remove trackers from sites, I'd be surprised to find it adding in email onboarding buttons to every email entry form.

It may not be clear, but the email privacy thing is a new feature. I just checked back on the chrome store and it does now make it reasonably clear that it's part of the extension now. Fair enough. But for those who had installed before, this would have come as a surprise when it suddenly started happening. The change of purpose is surprising. This reduces trust for a brand who's entire reason to exist is built on trust from a user base who are more than the average amount of paranoid.

If I installed a speech synthesis extension who's purpose was to read out the content of a web page, I would be equally annoyed if it after an update it started verbalising extra words trying to encourage me to try out their braille books everytime I browsed Amazon. Braille books might be just what the average user of a speech extension might want. But it's still a breach of trust to start modifying other websites content for a reason you weren't explicitly given permission for.

[wink]

If the password manager injected anything else than a "paste password" button, for example anything that is a different product by the password manager authors... yes, same thing.

[lolinder]

DuckDuckGo has made it very clear over the last few years that they don't have multiple products—they have an all-in-one solution. You can dislike their bundling and wish you could pick and choose the component parts, but that isn't what they're offering and it's reasonable of them to view this as a tutorial instead of an ad.