To add to the blog post, if you use user scripts, utilize your manager’s blacklist and learn REGEX.
If needed, use Group Policy, Regedit or .plists on macOS to blacklist domains to prevent an extension from running on them. As an example, I use Shutup.css to block comments online, but on something like Lemmy, I want to see comments as that’s primarily how content is created and adding it to my extension domain blacklist prevents the extension from running on the website or any lemmy domains.
redditReallySucks@lemmy.dbzer0.com 1 year ago
Or maybe only install extensions from trusted sources.
2Xtreme21@lemmy.world 1 year ago
I think the point is that even if an extension comes from a trusted source, the developer could fairly easily push out an update that turns the extension into malware. Check the GitHub link in another comment below where the developer posts the solicitation emails he gets on a regular basis offering to monetize his extension. He isn’t selling out, but maybe not every dev is as willing as he is to forgo a potentially lucrative offer.
TheEntity@kbin.social 1 year ago
To be specific: from trusted developers. Installing them only from the official repository (is it still possible to reasonably install them any other way?) won't help if a dev sells such an addon. On the other hand I cannot imagine someone like Raymond Hill (the uBlock Origin dev) doing it, considering his track record.
redditReallySucks@lemmy.dbzer0.com 1 year ago
Yeah, that’s what I meant.