Security → Re: Chrome's security alert re extensions

I am still a bit baffled and unsure how to evaluate that threat. It sounds quite bad if some extension can follow me to my bank site and capture my passwords (if this is what they mean) - on the other hand adblock as an example is one of the most popular extensions in FF and Chrome - i would have expected this to be an issue in this case but apparently it is not.

I think this is like a proxy - it has to do some filtering in this behavior. While I understand what you are saying, you have 2 choices, use or do not use.
If there is an exploit of the add-ons or extensions here, then it theoretically wouldn't be much different to any other exploit.
Except of course the browser is the door to the world, where-as your localized photo-editing tool doesn't carry so much weight with it.

Good question though, who's vetting the extensions? As there has been a lot of controversy over plug-ins for other software of late, so concern here should be warranted. But as the the end user, there is that 50-50 option - use or don't use. It does really answer your question though I'm afraid.

Well as already noted an extension is just another part of the browser so it can access data.

That said many popular extensions, for FF anyway, are open-source so the chance of them being malicious is reduced (although not eliminated).

I guess it comes down to trust. I haven't heard of any major extension being malicious but you might not find out until its too late.

Reminds me of Sieur Clubin in Victor Hugo's Toilers of the Sea. He was considered extremely honest and trustworthy until the day he disappeared with all the loot.