Comment on The bizarre secrets I found investigating corrupt Winamp skins
Plopp@lemmy.world 1 month agoYou live by that and I’ll live by the advice I’ve seen from infosec professionals that recommend as few add-ons as possible due to security concerns. But yes, browsers are getting more secure over time and that’s good.
LainTrain@lemmy.dbzer0.com 1 month ago
I’m an cybersec MSc and an infosec professional.
You obviously shouldn’t install closed source or otherwise shady extensions from dodgy authors you don’t know, but on the whole there is very little they can do that you should worry about.
Most “advice” comes from people who want to sell you something and the infosec industry is mostly a scam to drain B2B procurement budgets plus a few gay furry researchers at defcon and actual malware authors who do something, unless they just write crappy .NET junk.
Worrying about stuff like this in browser is akin to using a VPN on public WiFi to avoid MITM attacks, there’s nothing wrong with it but there’s basically nothing to actually worry about there.
Plopp@lemmy.world 1 month ago
Sorry if I’m nitpicky or confused here. You just said it’s obvious that you shouldn’t install closed sourced or otherwise shady extensions. Do you think a normie knows and cares if an extension is open source? And how do they know if an extension is “shady”? And what about legit extensions that get bought by shady people and turned into shady ones long after they’ve been installed and the user base trusts it?