You are viewing a single comment's thread from:
RE: RandoAwake, the @randowhale Google Chrome browser extension!
Be advised that any Chrome extension that you permit to run javascript on steemit.com has full access to your keys and money. Any security vulnerabilities introduced by the author intentionally or by accident (or via the use of the author's credentials by a third party) can potentially steal your money.
Be careful.
While this is completely true, RandoAwake only has permissions to display notifications.
Take another Extension like Tab Limiter that needs to read data in other contexts. It requires more permission and those permissions are displayed when you install it.
When making a Chrome extension you have to select permissions, and I selected the least amount I needed.
There is no way I can get out of the sandbox without additional permissions, and when you do they will be listed. For example, another plugin called Facebook "AdBlocker" it has permission to read data on all sites, not only just Facebook.
@themarkymark, nice short explanation of chrome permissions in this context. Helps many others, including myself, to become more aware of the availability of subtle permissions. Cheers.
Thankfully the code has been reviewed by multiple devs. Thank you for your opinion and fear-mongering.
There were no opinions in my comment.