[zukerpie]

The whole point is to actually have installed locally so you don't share any data with the developer of the extension. The problem with extensions is that in many cases the access that you give them is way too broad. If you install it by yourself, you control everything. The only thing that I thought about is maybe some kind of configurator that would allow you to pick some already existing rules that the users would share through github.

[croes]

There isn't really a special protection if you install a extension in developer mode.

More the opposite because you have to totally trust the source.

Web stores search for certain malware patterns and get at leat some.

[rpdillon]

Thanks for pointing this out. The whole discussion around "the developer doesn't see my data" confused me, as the question of whether the code is malicious is orthogonal to installation method.

Given that uBlock Origin can do this, I'd recommend that route. uBlock Origin is probably the most trustworthy extension I've ever run across, and Gorhill has proven that he is trustworthy over many years.

[RheingoldRiver]

You're not wrong, but in this case the total source code is like 30 lines long so it's not hard to verify what it's doing yourself

[croes]

But that is independent from the way you install an extension.

You gain no security from an unpacked extension.