|
|
|
|
|
|
by mehrdada
4505 days ago
|
|
|
Yeah, I'm sure you can construct very specific scenarios in which it would be a roadbump; I don't deny that (in your scenario, for example, you can just replace Chrome with the latest dev channel binary instead of a random patched binary.) I remain unconvinced about it as a "reasonable" threat model. Having native app access is a much greater security risk in an of itself. I wouldn't begin to worry about invalid browser extensions if I knew I have a rouge binary running. I think it is obvious what their real motivation is. |
|
|