Yes, and that same issue stands for extensions that are essential for making the browser usable. Who uses Firefox without uBlock? I won't use a browser that lacks a feature rich vertical tabs solution and that requires me to use sidebery with Firefox. That essentially forces me to trust a host of extension creators that I know nothing about. Yes, source can be reviewed, but I don't have the chops to do it and it doesn't seem like there is a non-profit organization that is taking that on (why doesn't EFF?)
Personally I do try to limit the amount of them I run, stick with recommended and take at least a glance at the source from time to time, but it would not defend against version updates or good efforts to obfuscate bad code.
I do feel at least somewhat confident that for recommended extensions with substantial usage the internet would surface funny business quite quickly.
But yes, I would love for some independent third party to have some review program! Unfortunately it's not clear how it would be funded.
Not only that, trustworthy extensions normally have serious well-known developers behind them which decreases the risk of stumbling into something malicious.
To this date not a single extension which has been marked as recommended by Mozilla was found to contain malware.
Google on the other hand while being 1000 times richer has none of it.
Yes, and that same issue stands for extensions that are essential for making the browser usable. Who uses Firefox without uBlock? I won't use a browser that lacks a feature rich vertical tabs solution and that requires me to use sidebery with Firefox. That essentially forces me to trust a host of extension creators that I know nothing about. Yes, source can be reviewed, but I don't have the chops to do it and it doesn't seem like there is a non-profit organization that is taking that on (why doesn't EFF?)