undefined | Better HN

0 pointsjosteink2y ago0 comments

> Like apps, extensions have an all-or-nothing attitude to permissions

Browser extensions needs to declare their permissions. With Manifest V3 we’re seeing even more need to declare permissions.

Any extension cannot do anything not explicitly granted to it by the user upon installation.

0 comments

actionablefiber2y ago

The issue is those extensions can withhold valuable functionality needlessly.

If I download $usefulWikipediaCompanionExtension whose functionality only depends on access to *.wikipedia.org but whose manifest demands permission on all sites, I'd like to be able to tell my browser "if I'm not really on Wikipedia, only show the extension a blank page."

hgsgm2y ago

That's a lot more work than saying "No" to using the malware.

actionablefiber2y ago

It's common for various counterparties, including software, to ask for much more information than they need and possibly be doing untrustworthy things with it while also providing legitimate value to the end user.

I've lied about my birthday while signing up for websites before. I've also made ad-hoc email addresses with forwarding to conceal my main email address. I've given fictitious phone numbers and I've used the names of fictional characters. I do this because I benefit from the service but I don't trust the provider to use my information responsibly.

Not a logical leap to go from there to feeding fake data to extensions when they request data that the user deems unnecessary for their functionality.

saurik2y ago

Yeah: while declaring permissions sounds cool and tries to fit into the narrative of helping protect end users who don't know how to manage anything themselves, at the end of the day it first requires an extremely opinionated central entity in charge of listings which takes a role in attempting to mediate the incentive incompatibilities (something which should raise serious ethical red flags and begs the question of conflicts of interest with respect to that player and the market that they get to fully control) but then still not only doesn't work to prevent users from getting abused, it will never work: "this app has requested access to your birthday" might be easy for end users, but (if this must be an API; but like, to the extent to which birthday is a bad example, this generalizes to every other thing that people currently must grant as "permissions") the only actually-correct solution is to always provide a concrete random date to every app by default and then allow the user to go out of their way--and this must not, under any circumstance, be something the app is allowed to prompt for or have any visibility into: this must be something the user has to initiate through external UI--to say "I grant this app access to my real birthday" (which, to the app, would have to look like the user merely changed the setting on their birthday to some other random date, as opposed to "the user finally gave us permission to see the same date that they can share to every other app").

josteinkOP2y ago

> It's common for various counterparties, including software, to ask for much more information than they need

I believe if you ask for very wide permissions, at least when publihsing a browser-extension in the Google Chrome-store, you will have to justify why those are needed (from a user-facing POV), and your extension will be subject for additional review.

The same also applies when creating other Google-related apps which uses APIs which Google deems sensitive or restricted: You will have to justify their usage and be prepared for a review.

It's not bullet-proof, but it's more than nothing.

iudqnolq2y ago

Yes but this extension needs to send the content of webpages you visit to APIs. You're gonna give it explicit permission to effectively do whatever the hell it wants.

j / k navigate · click thread line to collapse

0 comments

actionablefiber2y ago

The issue is those extensions can withhold valuable functionality needlessly.

hgsgm2y ago

That's a lot more work than saying "No" to using the malware.

actionablefiber2y ago

Not a logical leap to go from there to feeding fake data to extensions when they request data that the user deems unnecessary for their functionality.

saurik2y ago

josteinkOP2y ago

> It's common for various counterparties, including software, to ask for much more information than they need

The same also applies when creating other Google-related apps which uses APIs which Google deems sensitive or restricted: You will have to justify their usage and be prepared for a review.

It's not bullet-proof, but it's more than nothing.

iudqnolq2y ago

Yes but this extension needs to send the content of webpages you visit to APIs. You're gonna give it explicit permission to effectively do whatever the hell it wants.

j / k navigate · click thread line to collapse