I love the idea of browser extensions but they don’t appear to be worth the security/privacy risk for my use cases. I wonder how many others are like me and too paranoid to risk extensions at all?
Correct, none. I use Pihole for blocking. But the bigger point I think is that security conscious users are hesitant to employ extensions in general, even if some folks are ok with a couple select extensions they are still spooked by the general field.
DNS blocking has not been effective for probably close to a decade, with domain-fronting, L7 adware/spyware, fingerprinting and other trickery. Parent comment correctly characterized the lack of UBO as a net security/privacy loss.
I honestly can't imagine not using extensions. I'm 39 and have been on the web since Netscape etc in the early 90s and I honestly care more about the extensions than I do anything the browser actually does. Like, if there were no extensions I don't think I'd care at all if I used Firefox, Chrome, Opera, etc. But Chrome and Firefox have this massive, massive ecosystem of productitivy improving extensions.
I'll give an example since I'm tooting so loudly about this, my job entails a lot of R&D and distributing knowledge to other engineers in a concise manner. I use an app called hypothesis- https://web.hypothes.is/ which is very popular in research groups.
What it does is it lets me essentially annotate websites. So for instance I have an application with a front end UI, instead of writing readmes with no interaction to the front end UI I can actually annotate each page like a how-to, or a help doc. You go to that specific URL and get notified that there's a hypothesis doc on it to read.
When I used to work at a k8s distro company I used it to help teach people how to deploy clusters, etc.
Another one is Dark Reader that makes every single website dark mode.. Ublock I can't even remember a time of my life not using to block ads.. I do have null stuff via cloudflare dns as well but still use ublock everywhere since it's also a massive security improvement blocking chaotic javascript.
Hello. I used to use Dark Reader but then some it changed hands and a very questionable update appeared and freaked many people out, so I uninstalled. IIRC the changes were removed, or the additional code was not correctly activated, maybe both. Anyway, you may wish to check the status of that particular extension. I use some flag in config now to do approximately the same thing, it’s not as effective, but it’s close.
I’ve had a search around and cannot find a single thing about it.
This is quite strange to me as I was very upset to uninstall it, and distinctly recall reading about the security concerns on this very website. But, whatever it was, I must infer that it was a flash in the pan about nothing.
So this is another social network, on top of the web. Another walled garden.
From the terms of service:
> Our services evolve constantly. As such, the services may change from time to time, at our discretion. We may stop (permanently or temporarily) providing the services or any features within the services to you or to users generally. We also retain the right to create limits on use and storage at our sole discretion at any time. We may also remove or refuse to distribute any content on the services, suspend or terminate users, and reclaim usernames without liability to you.
Your paranoia is warranted. Like i replied in another thread up, there are a couple thing you can do. Use multiple browser/profiles. Keep a separate profile or two with no extensions for banking, shopping, email and other important stuff. You can be install a couple addons in your 'general browsing' profile. In general install only 'recommended' and security-reviewed addons with firefox.
