Hacker News new | past | comments | ask | show | jobs | submit login

A better example of how this could be done is iOS keyboards. They’re run in a sandbox (by default), and they have no internet access. An ad blocker could be sandboxed like this. Sure, such a sandbox can be bypassed by intentionally leaking bits through keyboard input or, in the case of an ad blocker, exactly which requests are blocked, but that would be very obvious nefarious behavior.

I like that idea, but it would be hard to pull off. The extension API, for example, allows for messaging between background scripts and content scripts. So you could make a proxy of sorts. And messaging is not the only hole you can poke. They would essentially have to redesign the whole extension API. To the point where no interesting extensions would be possible.

Surely there could be a content blocker script that simply can’t send messages anywhere. It gets access to web requests and to IndexedDB or something similar. It can receive messages from other extension scripts for updates, perhaps.

that's the big issue with extensions : most of those that are interesting (to me at least) are also huge privacy holes.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact