Argh! There's no security model for Firefox extensions like there is for, say, Java, where the external host (i.e. Firefox) limits what an extension can do. The fact the extension claims to handle a banking site doesn't make it a more or less likely vector of attack; its ability to access your bank is no more than any "innocent" extension's (e.g. an extension that shows a cute puppy in your toolbar).
In other words, you're checking Effie's extension for entirely wrong reasons. There's no wrong in checking it, but don't get a false sense of security that it's worth more than checking all those other extensions you have. On 12/8/06, Zvi Har'El <[EMAIL PROTECTED]> wrote:
I install extensions, but check what they do... Of course, with popular extensions you can rely on the fact that somebody else checked them, but when it goes to your bank account, you cannot be too careful.
================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
