Comment by atraac
9 hours ago
Your users don't have to use those extensions, so I don't understand how that's relevant? People who do, should be made aware of risks and that's it. This is not a good argument against taking away their option to have that customization.
I'm having a hard time finding a thread where people don't complain about npm when the real issue is packages being compromised.
Swap packages for extensions in the above and let me know how that's different
But what's your argument? That phone-based extensions are more vulnerable somehow than desktop extensions?
If anything, wouldn't a phone extension be more sandboxed than most desktop environments?