The point is that under offering users the ability to have all network requests altered is not secure. The user needs to authorize it and there are valid reasons to do so, but there are also bad actors, that will misuse that. I am pretty security conscious, but I can’t tell you which extensions have which permissions on which devices I use, between Firefox, chrome, safari on windows 10,11, android, iOS and opensuse. Placing all the responsibility on the user just removes it from where it should be, which is privacy focused code.
uBlock Origin is open source and can be freely audited by everyone. https://github.com/gorhill/uBlock
Does anyone check that updated versions pushed to the extension store, match the available source, and have no extra “features” included?
uBlock (not Origin) was also open source, then it got sold to AdBlock, which also had been sold, to a company that charges advertisers to bypass it.
uBO is in Firefox’ “recommended add-ons” list which are reviewed after every update.
You can check their criteria here:
https://support.mozilla.org/en-US/kb/recommended-extensions-program
Yes, but other extensions are not and can access the same permissions. They can even steal the unlock origin source code to do so.
They could but only after you installed them and explicitly gave them the permission to do so. i don’t get your point.
The point is that under offering users the ability to have all network requests altered is not secure. The user needs to authorize it and there are valid reasons to do so, but there are also bad actors, that will misuse that. I am pretty security conscious, but I can’t tell you which extensions have which permissions on which devices I use, between Firefox, chrome, safari on windows 10,11, android, iOS and opensuse. Placing all the responsibility on the user just removes it from where it should be, which is privacy focused code.