Its on firefox addon store and have 4.5+ rating

  • umami_wasabi@lemmy.ml
    link
    fedilink
    arrow-up
    0
    ·
    edit-2
    4 months ago

    I’m not going to tell you what to use instead, but how you make the judgement for yourself: audit the code yourself

    The source code is linked right there, and you don’t need trusting someone to make the call. You’re making the call. Mind you, the actual add-on installed from Mozilla Add-Ons might contains different code then what shown in the repo. I never release any add-ons so that is just a wild guess and a hint possibility this could happen.

    To give you an head start: look for URLs and any encoded strings in all files, be it Base64 or something else. And follow them to find out why there it is there, how is it triggered, etc. Same goes for encoded strings with the added question: what was encoded within.

    Still, that is just the basic, and I’m not too into JavaScript but there could be other ways of hiding information, like in an image file via steganography.

      • umami_wasabi@lemmy.ml
        link
        fedilink
        arrow-up
        0
        ·
        edit-2
        4 months ago

        Yes, but we are not auditing security or cryptography implementation.

        Instead, the goal is get a sense how it works, and look for suspicious codes or have some parts hidden (encoded) and doesn’t want people to know. That’s relatively way easier than a serious audit.

        • fluckx@lemmy.world
          link
          fedilink
          arrow-up
          0
          ·
          4 months ago

          I think you greatly overestimate the average person’s ability to understand even the most basic code. Let alone in multiple languages.

    • Alb087@lemmy.mlOP
      link
      fedilink
      English
      arrow-up
      0
      ·
      4 months ago

      I know. But i need to know is this addon safe or not as it have more users and rating. Don’t know it based on which adblocker syntax.

      • TheSun@slrpnk.net
        link
        fedilink
        arrow-up
        0
        ·
        edit-2
        4 months ago

        Okay you asked the question, got the answer, and are clearly not listening to what people are saying and still trying to get people to agree this one is just as good…

        Scrap this shitty freemium copycat add on and just use ublock origin.

        It seriously is not that complicated.

      • lucasmz ∞@hachyderm.io
        link
        fedilink
        arrow-up
        0
        ·
        4 months ago

        @Alb087 i don’t see it having more users, or ratings? ublock origin has 7m users, this has 1m. Plus, the websites to this ad blocker you mention seem like commercial. non-open-source software, I wouldn’t doubt that this is spyware.

  • TFO Winder@lemmy.ml
    link
    fedilink
    arrow-up
    0
    ·
    4 months ago

    Check the licence.

    If it’s not any open source licence then fundamentally not trustable.

  • tavu@sopuli.xyz
    link
    fedilink
    arrow-up
    0
    ·
    4 months ago

    If you’re using Mozilla’s level of endorsement as a metric, note this prominent disclaimer on the addon’s page:

    ⚠️ This add-on is not actively monitored for security by Mozilla. Make sure you trust it before installing.

    • Alb087@lemmy.mlOP
      link
      fedilink
      English
      arrow-up
      0
      ·
      4 months ago

      Localcdn, I still don’t care about cookies like addons have this warning too…

      • lucasmz ∞@hachyderm.io
        link
        fedilink
        arrow-up
        0
        ·
        4 months ago

        @Alb087 @tavu yes, it doesn’t automatically mean it’s unsafe, but this is shady software none the less.

        I use a few extensions which also have this warning but I do because I trust them

        Pretty much everyone here is just recommending ublock origin, so just use that.