|
|
|
|
|
|
by DaiPlusPlus
990 days ago
|
|
|
Good point - hijacked Chrome extensions are a huge, huge security risk, especially because auto-update is on by-default. It's entirely possible every time you login to LinkedIn some dodgy code in your browser is harvesting your cookies to pass to some bots who then scrape LinkedIn. Auto-updating extensions, and software in general, is a huge risk that people still seem unconcerned about: popular extension authors get approached by scummy ads/data/"analytics" companies all the time to inject spyware or adware into their software (even me: I have a couple of Chrome extensions with only about 20k regular users and I get an email to Chrome Developer Dashboard address every couple of months, asking me to add a small bit of JS which in-turn loads in other arbitrary JS which could be doing anything to my users' browsers - I'm proud to say that I reply to each and every of those e-mails with feigned interest, as the only morally correct course of action here is to waste their time. |
|
|