franze 2 days ago

I found it more trustworthy to code my own extensions via ChatGPT. These are the last 2 ones. I pretty much dont care if people use them, as the mostly fulfill my own usecases.

https://chromewebstore.google.com/detail/comparative-chatgpt...

https://thisismy.franzai.com/

The cost of (small) software is fast approaching 0, and it can be faster now to code your own solution, instead of looking for one that nearly mostly fulfills your usecases.

  • richrichardsson 2 days ago

    > I found it more trustworthy to code my own extensions

    I used to have a ton of little single use extensions that I barely ever used but thought at the time of installation, ”that could be useful one day". Then I started noticing I was liking really random shit on Facebook. That immediately ceased when I uninstalled all but Bitwarden, Leechblock and uBlock Origin. I will never install another random 3rd party extension again

    • collinvandyck76 2 days ago

      Which of your single use extensions was causing you to like things on Facebook?

      • aragonite 2 days ago

        Not the GP, but just last week Google automatically removed a single use extension (https://readermode.io) from my browser after flagging it as malware (as I recall the extension updated itself a day before the removal). The extension has also been taken down from the Chrome web store (https://chromewebstore.google.com/detail/reader-mode/llimhhc...) though Google hasn't provided any details about what it was doing that led to the removal.

        • nomilk 2 days ago

          I think the asymmetry in payoffs explains this, since a bad actor who baits and switches their extension could do massive damage to users. So google try to catch this behaviour and inevitably have some false positives (extensions labelled malware that actually aren't). The cost of a false positive is annoyance. The cost of real malware getting through could be your bank balance.

          • hackinthebochs 2 days ago

            Automatic extension updates is a stupid practice. The attack surface for a legit extension is minimal, while being huge for a malware update. I'm against almost all automatic software updates in general, but browser extensions take the cake for having an obscene cost/benefit ratio. Chrome won't even let you turn it off. Personally I extract and load all my extensions in developer mode.

      • richrichardsson a day ago

        I can't answer that question I'm afraid. I disabled somewhere in the region of 5-10 extensions and it would have required more effort than I cared to exert to figure out which was the culprit. This means that I can't categorically state an extension was to blame, but there was a strong correlation between my removing them and the spurious likes stopping.

      • cynicalsecurity 2 days ago

        Tons of them. Custom download page, to avoid seeing the old ugly Chrome'a download shelf at the bottom of the screen.

        • JadeNB 2 days ago

          > Tons of them. Custom download page, to avoid seeing the old ugly Chrome'a download shelf at the bottom of the screen.

          Just to make sure—you seem to be replying to https://news.ycombinator.com/item?id=42493152, which currently says:

          > Which of your single use extensions was causing you to like things on Facebook?

          Are you saying tons of your single-use extensions caused this Facebook liking, and a custom download page was one of them? Or was this meant to be a response to https://news.ycombinator.com/item?id=42492881?

          (Or maybe something's wrong with parent links today. For me, on the main page, they are now turning into anchored links that don't seem to go where intended, which wasn't happening yesterday.)

    • antihero 9 hours ago

      I remember this happening when an extension got sold and then stole my Instagram cookies. Absolutely tonnes of likes of weird shit.

  • adamredwoods 12 hours ago

    Interesting that extensions are not seen as trustworthy. I installed a third-party one for work, and it kept opening up the developers website which was blocked by our firewall. Why try to do a web action the user didn't request? It devolves trust.

  • polotics 2 days ago

    Haha exactly! Except I didnt bother to publish mine on chromewebstore, it's just on gitlab: https://gitlab.com/natural_aliens/geminiwrap_plugin ...it makes Gemini-Chat voice dictation a bit more useful.

    My other one, the remove-youtube-shorts, is almost an one-liner, so I didnt even publish it it's too trivial I think. Everyone just make your own!

    • franze 2 days ago

      Yeah, creating the marketing screenshots and filling out the publishing form takes longer nowadays then coding the actual extension.

      • polotics 2 days ago

        Also if anyone wants to uses an extension I would much rather they make the minuscule effort to create a local folder, put the files in there, and load the extension's folder with the chrome extension mgr. Maybe even they can peek at the source code... I really don't see why I'd have to push my name, address, email etc on some google storefront and submit myself to spam reviews at the big "google-internet" party in the cloud.

      • oefrha 2 days ago

        I was updating my Chrome Web Store extensions to MV3 the other day. Had to fill a fair bit of new stuff. Then one dead simple extension I haven’t touched in a decade got its update rejected due to “description provided is insufficient to understand the functionality of the item”, even though anyone who bothered to seek it out absolutely would have no trouble understanding what it does (according to analytics on the dashboard, there are a grand total of ~20 active users and a couple hundred throughout its lifetime), never mind what those lay reviewers think. The review process is really dumb.

    • dsauerbrun 2 days ago

      I'm gonna need the remove youtube shorts one

    • 77pt77 2 days ago

      But did you "code" them with chatgpt also?

  • amelius 2 days ago

    I'm too scared to download extensions, so I use bookmarklets (on Firefox).

    But I like your suggestion of using ChatGPT to write extensions.

    • RustySpottedCat 2 days ago

      Tampermonkey scripts with chatgpt is even faster. Adding a functionality to a website just by pasting the site's html in chatgpt and in 2min I get what I need.

      • DaSHacka 2 days ago

        Making a simple tool for a site or two is the perfect use case for a userscript manager like TamperMonkey/ViolentMonkey (FOSS alternative), I think making your own extension is somewhat overkill

        Easier to share with others, too

  • croes 2 days ago

    Your cost but not the cost.

seanwilson 2 days ago

For what it's worth, if you create a new profile for Chrome extensions, they won't have access to your regular browser profile.

I do this for web developer extensions that typically need a lot of powerful permissions. So I have a Chrome profile that's full of web developer extensions, so they're isolated from private and security sensitive stuff like email and banking.

Similarly, you can do this by installing Chrome Beta or Chrome Canary for use with different extensions you don't want to take a risk with.

  • nomilk a day ago

    I've often wondered what chrome extensions have access to. Is it completely safe to install untrustworthy extensions so long as the user profile is a new one?

    Also, I have a wonderful one-liner [1] aliased in ~/.zshrc (opens chrome with a new user profile with one command)

        open -n -a "Google Chrome" --args --user-data-dir=$(mktemp -d)
    
    
    [1] https://superuser.com/a/1652648/928461
dizhn 2 days ago

Not a good day to have Honey in the list :)

  • nomilk 2 days ago

    Was curious so just searched. Apparently Honey would try to get the best coupon codes on the web, but they started partnering with businesses to give (say) 10% off via a Honey-specific discount code (e.g. HONEY10), but Honey would ignore other (possibly greater) discounts, thus lulling users into a false sense of security that they were getting the best deal when they often weren't.

    • shreddit 2 days ago

      It’s even worse. They steal from other promoters. Say you watch a LTT video and use one of their affiliate links. If you have honey installed they will replace the link with their own affiliate link and cash the promotion bonus without any promotion by themselves.

      • CodesInChaos 2 days ago

        Of the three bad things they've been accused of, I'd consider that by far the least. Selling tracking data is an invasion of privacy. Deliberately not showing better discounts violates their core value proposition. Replacing deferral links doesn't hurt the user, and isn't much different from blocking ads.

        • 369548684892826 2 days ago

          As a user that might use referral links to support the youtube channel, I do feel in an indirect way this does hurt the user

    • microbass 2 days ago

      And, they highjacked referral links, ensuring they got referral commission, not the original referrer.

    • firtoz 2 days ago

      Sigh, and I was just thinking about installing it. Time to find another one, or perhaps it will also fall to Goodhart’s Law.

      • shreddit 2 days ago

        I’d really like to know what exactly you are looking for? There is no such thing as “free” and no browser extension will give you something for free. You are paying, one way or the other…

        • andelink 2 days ago

          My thoughts as well. Given their business model, any Honey replacement will be engaging in the same sort of behavior. Never seemed worth it to me.

        • firtoz 2 days ago

          I want to see and/or collect discount codes for things

        • JadeNB 2 days ago

          > I’d really like to know what exactly you are looking for? There is no such thing as “free” and no browser extension will give you something for free. You are paying, one way or the other…

          Sometimes there are really-free things. Old-style open-source software is a collection of such things. Extensions, at their beginning, were too, and some of them still are. As far as I know, for example, there's no 'gotcha' in uBlock Origin (although there is the 'gotcha' of knowing to look for them instead of the myriad other solutions that are non-free).

    • handsclean 2 days ago

      Before the rest of these abuses, Honey was blatantly tracking users and selling that data, which I think is a good example of how privacy abuse is often a canary of generally immoral behavior.

  • shreddit 2 days ago

    I’m actually impressed by honey. They could have either just sold the user data, or only switched the referral links, or just showed their users the “best” coupons.

    But they went for all of it. I’d have wanted to be in the room when the higher ups chose this path.

vermayash8 2 days ago

Interesting, I find it useful. A couple of features you could think about:

1. Is there a feature to create a "pull request" to the collection maintainer to propose adding some extensions to their collection? Otherwise, there would be several public shared collections for the same use-case and it may become scattered.

2. I'd like to be able to favorite / like / star a collection, and that to be used as a signal to search results ranking.

Another adjacent domain to expand could be Tampermonkey scripts.

  • trungpv1601 2 days ago

    Thank you for the feedback. I will add it to the roadmap.

popoxdev a day ago

Nice work I find it useful since I like to use a few extensions for development. Do you have any insights over the market share for extensions between Chrome and Firefox. I'm developing an extension and I don't know if it's worth to maintain both versions?

  • trungpv1601 a day ago

    For me, your Focus Chrome extension is enough. No need to overthink about making both versions. Chromium has huge opportunities including Chrome, Brave, Opera...

anonymous344 2 days ago

I used to use extensions in the chrome, but then I noticed that my dev server private urls were being botted. Only way for them to get leaked was virus, google or some extension. For me it seemed like the Window Resizer -addon was leaking every url I visited. And it's not the only addon that seem to use google analytics. wtf?

sneak a day ago

Browser extensions are a major security risk and you should not install any that you wouldn’t trust with your login cookies on every site you visit.

bl4kers a day ago

Userscripts > extensions

ned99 2 days ago

I like the UI. Neat.

2Gkashmiri 2 days ago

Please promote Firefox extensions. Chrome and Google are on a dangerous trajectoryin ruining peoples lives.

Please dont be part of the problem in promoting chrome / chromium

  • JadeNB 2 days ago

    > Please promote Firefox extensions. Chrome and Google are on a dangerous trajectoryin ruining peoples lives.

    Unfortunately, Firefox is on a trajectory of "imitate what Chrome's doing." I certainly no longer trust Mozilla as I once did. They're probably better than Google, but they've made it clear they're going to make decisions for market share over respecting their historical ideals.