Is uBlock the only corporate safe ad-on?

Question

i use mozilla at work. i had ABP, Privacy badger,HTTPS everywhere and no-script ad-on. i know, it's overload. Few months back, sys admin for corporate took out all add-on except ublock with reasonsing ad-on could lead to security breach. i tried to install those ad-on again, obviously could not and ublock remains.

twunde · Accepted Answer

The issue with browser extensions is that the main way to monetize them is to steal data or inject adware/malware[1]. The extensions themselves request a lot of permissions, there's minimal security scanning (the only one I know of is https://crxcavator.io/) and often people with successful browser extensions end up selling them to someone who then modifies them to be malicious[2], which means even trustworthy extensions may become malicious at any point. That said, no ublock is not the only safe add-on. The ones you mentioned are safe, but there's probably not enough people asking security/IT about them. What might be an effective approach to get your preferred extensions added to the allowlist is to request the process to add new extensions to that list, and to point them to the risk scores in https://crxcavator.io/
[1] https://www.tomsguide.com/news/28-bad-browser-extensions
[2] https://www.labnol.org/internet/sold-chrome-extension/28377/

PaulHoule · Answer

Circa 2000 I would go visit relatives and find that their internet explorer typically had 20+ toolbars installed, maybe they could see 100 pixels of content at the bottom of a 640 x 480 screens, all the rest was toolbars.
What was strange about this was that they all thought this was normal.
I feel the same way about browser add-ons today. All they can do is slow down your browser, add bugs, and violate your privacy. Most of them don't do anything of value that you can't just do on a web site.