If you look at the request made, then it seems to check the category of the site, for whatever reason. I don't know that extensions, so I don't know if this is a legit use, sloppy use or harmful. I'm also not saying they found nothing at all. But looking through what they found, they seem to have not even thought much about whether those cases are legit and in the excepted and necessary realm of actions the add-on is supposed to do, or if it's really harmful behaviour. I also don't see anything about how often the request was made. Was it on every url-change, or just once/occasionally?

This whole article is a bit too superficial for me.

▲

useragent42 3 hours ago | parent [-]

This other research points to this type of pattern (sending all URLs to a server to allegedly provide functionality) being used under false pretenses: https://palant.info/2025/01/13/biscience-collecting-browsing...

In particular, look for the diagram provided by a data vendor showing this in action.

As with safebrowsing and adblocking extensions, there is no need to send data to servers.

Many groups of smart people have developed client-side and/or privacy-preserving implementations that have worked with high effectiveness for decades.

Unfortunately, many other groups have also financial incentives to not care about user privacy, so they go the route shown in the research.

	▲	PurpleRamen 2 hours ago \| parent [-]
		> being used under false pretenses Yes, obviously is that possible, but the least that one should do then is looking up what's really happening. These are browser addons, the source code is available. But instead they are looking from the outside and calling alarm on something they don't understand. That's just poor behaviour and harmful in today's climate.