I'd also note that all this spam is via the public email address you're forced to add to your extension listing by Google. I don't think I've ever had a single legitimate email sent to it. So yeh, thanks Google.

[1] https://chromewebstore.google.com/detail/old-reddit-redirect...

I want to block ads, block trackers, auto-deny tracking, download videos, customize websites, keep videos playing in the background, change all instances of "car" to "cat" [1], and a whole bunch of weird stuff that probably shouldn't be included in the browser by default. Just because the browser extension system is broken it doesn't mean that extensions themselves are a problem - if anything, I wish people would install more extensions, not less.

[1] https://xkcd.com/1288/

Looking at my own installed extensions, I have a password manager, Privacy Badger and Firefox Multi-Account Containers, which I suppose is the three I really need. Then I have one that puts the RSS icon back in the address bar, because Mozilla feels that RSS is less important than having the address bar show me special dates, and two that removes very specific things: One for cookie popups and one for removing sign in with Google.

The only one of these I feel should actually be a plugin is my password manager. Privacy management (including cookies), RSS and containers could just be baked into Firefox. All of those seems more relevant to me than AI.

Maybe adding a GreaseMonkey lite could fix the rest of my problem, using code I write and control.

How far does your principle extend? To your web browser too? Google Chrome itself is partly but not entirely open source. Your operating system? Only Linux? Mac and Windows include closed source.

"Dont trust google" imo is the wrong response here. We are at the mercy of our institutions, and if they are failing us we need mechanisms to keep them in check.

Seems someone decided it was a good idea to make the scrollbar tiny and basically the same colour as the background:

    scrollbar-width: thin;
    scrollbar-color: rgb(219,219,219) rgb(255,255,255);

I guess I shouldnt be surprised on how many use "LibreOffice" or other legit company names to lend legitimacy to themselves. I'm wondering if companies like Zoom don't audit the extension store for copyright claims

I for sure used to use Video Downloader PLUS when I still used chrome (and before youtube-dl)

https://news.ycombinator.com/item?id=17447816

I'd assumed most people would have jumped ship to Stylus [1] after that, but most people probably never heard anything about what Stylish was/is doing.

[1] https://chromewebstore.google.com/detail/stylus/clngdbkpkpee...

You know, a lot of consumer cybersecurity focuses on malware, browser security, LAN services, but I propose that the new frontier of breaches involves browser extensions, "cloud integrations", and "app access" granted from accounts.

If I gave permission for Joe Random Developer's app to read, write, and delete everything in Gmail and Google Drive, that just set me up for ransomware or worse. Without a trace on any local OS. A virus scanner will never catch such attacks. The "Security Checkup" processes are slow and arduous. I often find myself laboriously revoking access and signing out obsolete sessions, one by one by one. There has got to be a better way.

What a mensch! I wonder how many other people your payday hurt.