![]() ![]() inject browser data into a webpage with a specific/arbitrary URLīy separating permissions for what requests extensions can make, what data can be included in requests, what webpages they can affect, and what behaviours they can trigger, it should be very easy to see what an extension is/could be doing. include webpage data in a request to one of the above types include data a user has provided to a webpage in a request to one of the above types include some kind of browser information in a request to one of the above types open tabs/make requests/load images/etc. with URLs found in/derived from webpage URLs (in the same origin) ![]() This combination gives Vimium full permission to harvest data and send it to arbitrary URLs, open tabs to random spammy URLs, and generally invade the user's privacy in any way that an extension possibly could, if it so desired.Īs an alternative, it would be nice to have some kind of data source marker (user-provided to extension, user-provided to webpage, webpage data, browser data, hardcoded data) and then flow permissions around these, so you can have permissions like: so that commands for opening these work correctly. A data-flow permissions model would go a long way to improving privacy when using extensions.įor example, Vimium (which I've worked on in the past) needs access to every page so it can add its key bindings, most browser functionality so it can trigger it when the appropriate key is pressed, and history, tabs, etc. I've always thought the permissions model of Chrome/Firefox/Edge extensions is a bit upside-down: extensions need permissions to access data, perform actions in the browser, and modify/contact specific or arbitrary URLs, but there are no permissions to prevent them from being abused in combination. Maybe enforcing is a bit strict but apps not following the spirit of the OS architecture and requiring more permissions than needed should be ranked lower in app store rating and search results. Many apps request full contact list, camera and full file system permission when they could use Intents for all their use cases. While we are on the topic, app store reviews should also be much stricter on enforcing usage of standard Intents. Like the ones that exist for contacts, picking photos or sharing links.įor parking meter apps i only want to give location access when i press the "find closest parking" button, never else. It's amazing neither iOS nor Android has a location picker/Intent that can be launched by the OS to give an app a one time location. If you need that service, you’re giving up your privacy. > Of course some of these apps, like the ones that you NEED to use for certain parking meters, are especially evil because there is an any choice. I imagine a lot of these apps are doing things that already violate the App Store guidelines. I wish Apple would crack down on this stuff. Of course some of these apps, like the ones that you NEED to use for certain parking meters, are especially evil because there is an any choice. It’s amazing how much better your experience is if you just avoid free apps when possible. There are so many good apps on the store made by good developers. You better let us track everything you do otherwise you might die! Then you get scareware stuff like the earthquake notification app. Of course WeatherBug on desktops was adware/malware for a very long time. The NOAA one isn’t made by the government, seems like using that name should be some kind of copyright infringement. Instead people go for these weird free apps covered in ads with terrible UIs. There are plenty of high-quality third-party apps. The built in Apple app is fine for basic information. Seems to be such an incredibly scummy category. No surprise to see a number of weather apps on here. ![]()
0 Comments
Leave a Reply. |