Browsers, extensions, and trust

[av8ta]

Browser extensions have a lot of access to the page and so must be trusted by users to not invade their privacy or steal tokens etc. Many users don't have technical understanding and so blindly install anything and thereby giving up data without awareness or true consent.

I personally am very wary of the code I run so only install open source software and yet I also got caught out by a browser extension called the great suspender which got removed from the chrome store due to malware. But not for ages after the breach occurred.

It was a great extension before that, and kept me going on my beloved old ibm thinkpad long after it didn't really have enough ram for the time. Being an open source extension on github I figured I was safe, but it appears at some stage that the dev sold it to some unknown party who promptly made changes to spy on users. First I knew was when google finally did something about it after a lot of complaints.

I built an ssb based app platform that allowed apps to be installed, and rather than seek user permissions, I figured the only real solution to the problem of nefarious apps would be for devs to post messages to say if they approved or disapproved of an app. The app would only load if it had enough approval. I do think only devs can make that assessment about code. However nowadays there is another solution.

Webassembly with its sandboxing is perfect for plugin systems. Perhaps some functionality a user wants really does need complete access to a page to do good for the user. For instance, privacy badger and ublock origin. But many other user requirements could be fulfilled by a plugin system that had tight controls over what it could access and wasm is perfect for that.

@RangerMauve I have no idea what this would look like at this stage, but keen to hear your thoughts. I do think with agregore being in the p2p space and helmed by a team who does think about ethics in the information age that there is an opportunity here to do exploration on alternative solutions that more mainstream browser can't or won't do.

[RangerMauve]

Yeah, trusting extensions (or any web content) is kinda hard.

WASM might be a useful way to experiment with loading third party code dynamically, but it probably isn't something that should be part of Agregore at that point.

Regarding trust, I was thinking it'd be useful to have some sort of social trust rating. Where folks could "bookmark/trust" pages, or "block / distrust" other pages, and then use something like TrustNet for subjectively seeing if you should trust a page or not.

This could be paired with the ability to install an extension by downloading a crx from a page which could leave the trust layer to whether you trust the page you're installing from rather than having a centrally moderated "store" or "registry".

People could then have smaller more focused registries if they wanted. E.g. we could have a list of "verified" extensions made by Agregore contributors or something and ways for folks to fork the registry for themselves.

Do you think such an extension would help with the trust concerns you've had?

I think outside of that we'd also need to have an "install this extension" prompt integrated somewhere. 😁