Ancestors

Written by Gabriel N on 2024-11-02 at 12:49

Ugh, the #chrome #extension ecosystem is exactly as bad as I'd expect.

And the fact extension is still up claiming not to collect any data even if it has been called out in one of the biggest security newsletters shows how much Google care about this (not much). The only thing they care about is pretending to ship AI features to detect malicious extensions. Because that's how you get promoted.

I mean is it even possible to report a suspicious or bad extension? I don't see anywhere

Great research by @WPalant and @c0m4r

And @campuscodi for putting the spotlight on it.

=> View attached media | View attached media

=> More informations about this toot | More toots from gnyman@infosec.exchange

Written by David on 2024-11-02 at 15:06

@gnyman @WPalant @c0m4r @campuscodi if you install an extension (in a new profile in this case) and then uninstall it, there's a checkbox for reporting malware. Certainly not the most discoverable setup, and it requires that install.

=> More informations about this toot | More toots from david42@mastodon.online

Toot

Written by Yellow Flag on 2024-11-02 at 19:25

@david42 @gnyman Have you ever heard of an extension being taken down after this? I suspect that it’s the same thing as https://support.google.com/chrome_webstore/answer/7508032?hl=en that various people pointed me to. You flag but you cannot even explain the issue. I don’t know what happens to the reports then, but I’ve never seen this do anything.

=> More informations about this toot | More toots from WPalant@infosec.exchange

Descendants

Written by David on 2024-11-03 at 01:38

@WPalant @gnyman I have no idea what happens to the reports or when. I'm sure something is done with them, eventually, given how Google operates internally.

=> More informations about this toot | More toots from david42@mastodon.online

Written by David on 2024-11-03 at 01:41

@WPalant @gnyman that support page describes several other ways to report several kinds of issues. They are probably all better than the checkmark I described. I'm confident Google looks at all the reports, eventually, but may or may not be moved to take action.

=> More informations about this toot | More toots from david42@mastodon.online

Proxy Information

Original URL: gemini://mastogem.picasoft.net/thread/113414996417980944
Status Code: Success (20)
Meta: text/gemini
Capsule Response Time: 280.155238 milliseconds
Gemini-to-HTML Time: 1.806397 milliseconds

This content has been proxied by September (ba2dc).