| ▲ | PurpleRamen 7 hours ago |
| I don't really understand the complaint here. It seems for most of those extensions have it in their literal purpose to send the active URL and get additional information back, for doing something locally with it. And why does this site has no scrollbar?? WTF, is Webdsign finally that broken? |
|
| ▲ | moebrowne 6 hours ago | parent | next [-] |
| > And why does this site has no scrollbar Seems someone decided it was a good idea to make the scrollbar tiny and basically the same colour as the background: scrollbar-width: thin;
scrollbar-color: rgb(219,219,219) rgb(255,255,255);
|
| |
| ▲ | PurpleRamen 4 hours ago | parent [-] | | Oh, thanks! It's working when you just hit the right pixel somewhere around the left border. |
|
|
| ▲ | qcontinuum1 5 hours ago | parent | prev [-] |
| We beg to differ. Consider for example "BlockSite Block Websites and Stay Focused" why would you need to send browsing data to remote server if your job is only to block selected domains? |
| |
| ▲ | PurpleRamen 4 hours ago | parent [-] | | If you look at the request made, then it seems to check the category of the site, for whatever reason. I don't know that extensions, so I don't know if this is a legit use, sloppy use or harmful. I'm also not saying they found nothing at all. But looking through what they found, they seem to have not even thought much about whether those cases are legit and in the excepted and necessary realm of actions the add-on is supposed to do, or if it's really harmful behaviour. I also don't see anything about how often the request was made. Was it on every url-change, or just once/occasionally? This whole article is a bit too superficial for me. | | |
| ▲ | useragent42 3 hours ago | parent [-] | | This other research points to this type of pattern (sending all URLs to a server to allegedly provide functionality) being used under false pretenses: https://palant.info/2025/01/13/biscience-collecting-browsing... In particular, look for the diagram provided by a data vendor showing this in action. As with safebrowsing and adblocking extensions, there is no need to send data to servers. Many groups of smart people have developed client-side and/or privacy-preserving implementations that have worked with high effectiveness for decades. Unfortunately, many other groups have also financial incentives to not care about user privacy, so they go the route shown in the research. | | |
| ▲ | PurpleRamen 2 hours ago | parent [-] | | > being used under false pretenses Yes, obviously is that possible, but the least that one should do then is looking up what's really happening. These are browser addons, the source code is available. But instead they are looking from the outside and calling alarm on something they don't understand. That's just poor behaviour and harmful in today's climate. |
|
|
|
