Hacker News new | past | comments | ask | show | jobs | submit login

“It’s not arbitrary JS, it needs to be reviewed by the Chrome Web Store team, unless it’s a userscript or we miss it in our review process!”

https://groups.google.com/a/chromium.org/g/chromium-extensio...

It’s the equivalent of an airport security policy - as I mentioned before, to reduce risk. Which, both in that analogy and here, can indeed be part of a defense-in-depth. But such a policy is not without tradeoffs, and it cannot be evaluated in a vacuum.




I bet far more people got scammed by malicious ads than people deciding to install malicious extension.


Well, you’d need to compare the number of people pwned by ads that couldn’t be blocked by MV3-style adblocking rather than all ads.

Static rule based adblocking works just fine for me on iOS so I’m not going to assume that’s going to be a large number of people.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: