Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I really have to emphasize that browser extensions are a terrible security nightmare and generally speaking, should be avoided at all costs. I understand they're fun and convenient, but it's one of those things that really doesn't age well into our modern cybersecurity issues.


Running a browser without an adblock extension is an even worse cybersecurity issue, since tracking online is so extensive. I live in a country where the government routinely buys surveillance data from data collection companies to spy on us. But even if you don’t live in the US, it’s still a good thing to protect your privacy.


This sort of used to be true and mostly isn't today. Firefox and Edge both have reasonably good tracking prevention features. They rival Privacy Badger in effectiveness (it's largely moot these days), and the only thing between tracking prevention and ad blocking is that the latter also focuses on protecting your poor innocent eyes from advertising, which I mostly couldn't care less about if the tracking is being defeated.

I think if you are extremely narrowly scoping well-trusted ad blockers, you may be okay, as long as you understand you are trusting the ad blocker with your banking info. But it would be far better for a browser to include capabilities in first-party and eradicate extensions altogether.

A Pihole is also far safer than an adblock extension, because it can't see your decrypted your web traffic the way a browser extension can.


PB is another layer of protection on top of Firefox and Edge. Totally different list generation approach, widget replacement, etc.

Installing PB is easier (and more powerful) than configuring the browser for better protection. For example, Firefox doesn't block much by default.

https://privacybadger.org/#Is-Privacy-Badger-compatible-with...


Do you have an opinion or information that using ublock/ublock origin isn't safe or is a security issue?


No strong opinion on it specifically, but you are trusting the author of that extension to never abuse access to your banking info, so as long as you trust them with all your money, you're golden!

Any extension with post-decryption ability to read and modify everything on all websites could, if they choose, see any sensitive info you do, and subtly even change it without your knowledge.

And I'm not saying uBlock would, or that as a super popular extension it likely wouldn't be discovered quickly, but arguably they can because you've given the extension the ability to see and rewrite your entire reality.


I only stick with the "recommended" extensions that are reviewed by Firefox.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: