Hacker News new | past | comments | ask | show | jobs | submit login

How secure is it to use these types of extensions? Are they able to sniff all my logins etc?

If you are worried if the installed-through-the-store version is the same so you could just unpack it and compare with the code release. Or pack that yourself and install it, but updates through the store should at least prompt you when the extension asks for more permissions than it currently has.

The current permissions can be seen in the manifest: https://github.com/hharnisc/tabbie/blob/master/manifest.json

The extension can store data (synced if you are logged in to chrome), get metadata about and manipulate your tabs (including the URL, which might be security-relevant), and can call Google Analytics.

Thank you! Exactly the type of answer I was looking for.

Dude, it is a open source project. You can have a look at the code.

Doesn't say anything about the compiled product that I download from the Chrome store?

actually, you can still inspect the code for the "compiled product" you download from the store- your chrome path contains a directory containing all extensions, finding them is a little bit hard, because they use their keys as foldernames but you can actually still inspect the source


Cant it be compiled and installed manually? Or downloaded and verified?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact