> Browser vendors really need to change their attitude towards extensions, as they basically allow users to install malware/spyware in their browsers without performing any real certification / auditing.
That's something I hear a lot in context of the WOT issue, but how should that work?
There are thousands (maybe millions) of extensions with new versions all the time. I see only one way: Shut down extensions and only allow a few selected ones that get audited by the browsers.
However do we really want this?
> At the very least there should be a way for users to see a full audit log of the information that an extension sends to remote servers, as this is usually already enough to tell if the extension is sending more data than it should.
That helps experts analyze extensions, but it doesn't fix the problem of thousands of users installing some shady extension nobody looked at. WOT was even open source, yet nobody seemed to have bothered to look into it until recently.
No, it is not necessary to shut down all extensions, you just need a better security model. Today, one click is sufficient to grant an extension unlimited access to all your request data (including form data) together with the ability to send that data anywhere. In addition, most of the problematic extensions try to trick the user by either not informing him/her at all about the data collection, or by misnoming it as anonymized collection of "usage statistics" (which is often a blatant lie).
Of course it's fine to argue that it's the users problem, but then I don't see why on one hand we're trying to harden browsers against all kinds of sophisticated attack vectors while at the same time giving malicious actors privileged access to all the users data via the App Store. And again, restricting the kind of access that an extension has to the users data would be a first step to amend the problem. Allowing users to report abuse in an effective way would be a second step. Being more strict with violators would be a third one, as today most extensions simply reapply for access after being deleted and often get included again (just wait and see, WOT will also make a reappearance).
That's something I hear a lot in context of the WOT issue, but how should that work? There are thousands (maybe millions) of extensions with new versions all the time. I see only one way: Shut down extensions and only allow a few selected ones that get audited by the browsers.
However do we really want this?
> At the very least there should be a way for users to see a full audit log of the information that an extension sends to remote servers, as this is usually already enough to tell if the extension is sending more data than it should.
That helps experts analyze extensions, but it doesn't fix the problem of thousands of users installing some shady extension nobody looked at. WOT was even open source, yet nobody seemed to have bothered to look into it until recently.