wruza 4 hours ago

Why extensions can disable other extensions, google boy? Weren’t you overconcerned with user security when pushing for mv3?

You can’t seriously talk security if you make such noob mistakes.

Semaphor 5 hours ago

Probably AI generated spam of the original [0]. And there

> 8. This triggers the polymorphic extension to:

> Temporarily disable 1Password, removing it from the pinned tab

Uhm. I guess temporarily disabling a completely different extension is left as an exercise to the reader?

> Furthermore, based on Chrome’s permission classification system, all the APIs used in this attack — namely activeTab, scripting and chrome.management are classified as medium risk. In fact, the very same permissions are commonly used by popular extensions such as page stylers, ad blockers and even password managers themselves.

One of those APIs is not like the other…

I guess they needed to come up with something to advertise their "Browser Detection and Response" product.

[0]: https://labs.sqrx.com/polymorphic-extensions-dd2310006e04

Havoc 3 hours ago

Extensions in general seem to be becoming more of a risk. Both browser and on say vscode they seem to have significant ability to do harm if the author decides to

neuroelectron 6 hours ago

Google would have to know this is possible, right?