undefined | Better HN

0 pointsAfforess3y ago0 comments

Chrome extensions that contain malware aren't written and submitted to the chrome store hoping to sneak past review. Malware authors _purchase_ the intellectual property of fulling functioning, useful extensions, and update them to contain their extra malware payload. I'm not sure where you got the idea that a review would be involved here at all.

0 comments

jsnell3y ago

AFAIK updates go through a review process as well.

Reducing the attack surface has similar benefits for this case. There will be fewer extensions with dangerous permissions around for bad actors to buy, and the the reviews for the remaining legit use cases for those dangerous permissions can be stricter.

j / k navigate · click thread line to collapse

0 pointsAfforess3y ago0 comments

0 comments

jsnell3y ago

AFAIK updates go through a review process as well.

j / k navigate · click thread line to collapse