But hey! The extension-files are X509-signed and served over HTTPS with a green location-bar from a known good domain so we all know it’s secure, right?
Oh wait. I guess forcing everyone to use HTTPS and signing everywhere means HTTPS and signing can no longer be used to distinguish serious actors from even plain malware-vendors.
Oh wait. I guess forcing everyone to use HTTPS and signing everywhere means HTTPS and signing can no longer be used to distinguish serious actors from even plain malware-vendors.
Thanks Google.