this post was submitted on 14 Jan 2024
2684 points (99.0% liked)

Memes

45753 readers
948 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] danielf@aussie.zone 11 points 10 months ago (1 children)

It's FOSS. You can verify that the code doesn't make any malicious requests. The only requests it should make are to GitHub/Codeberg to update the list of instances.

[–] __matthew__@lemmy.world 5 points 10 months ago (1 children)

Yeah, but that doesn't prevent the author from selling their extension to an untrusted buyer like in the case of Nano Adblocker.

[–] danielf@aussie.zone 1 points 10 months ago

Wow, didn't think something like that had happened. That is a valid concern. However, it could be mitigated by disabling auto update and subscribing to the GitHub releases via RSS. Then you can either manually check for malicious commits, or if the extension is more popular, wait a bit for any bad news to come out about the update. Obviously, this isn't possible for everyone and every extension, so I can understand why people would be cautious of more extensions, but I think Libredirect is a big enough extension that you would hear about it, like the case with Nano Adblocker.