Comment on The bizarre secrets I found investigating corrupt Winamp skins
LainTrain@lemmy.dbzer0.com 5 months agoI’m an cybersec MSc and an infosec professional.
You obviously shouldn’t install closed source or otherwise shady extensions from dodgy authors you don’t know, but on the whole there is very little they can do that you should worry about.
Most “advice” comes from people who want to sell you something and the infosec industry is mostly a scam to drain B2B procurement budgets plus a few gay furry researchers at defcon and actual malware authors who do something, unless they just write crappy .NET junk.
Worrying about stuff like this in browser is akin to using a VPN on public WiFi to avoid MITM attacks, there’s nothing wrong with it but there’s basically nothing to actually worry about there.
Plopp@lemmy.world 5 months ago
Sorry if I’m nitpicky or confused here. You just said it’s obvious that you shouldn’t install closed sourced or otherwise shady extensions. Do you think a normie knows and cares if an extension is open source? And how do they know if an extension is “shady”? And what about legit extensions that get bought by shady people and turned into shady ones long after they’ve been installed and the user base trusts it?