thegreatsuspender VS brotab

Happened in (2021)[https://github.com/greatsuspender/thegreatsuspender/issues/1...], and then a few others have forked the extension and tried to revive it, only to eventually sell to nefarious owners or sell user data themselves

I went to github and downloaded the last known "good version, installed it manually."

You want someone to die for disabling a potentially malicious extension that is unmantained since 2020?

Also if you want to read up on the removal of the app and the malware issues this post goes over it as well as other recovery options

Similar code projects have had issues like this before, like the open source Great Suspender.

What can happen after a project changes hands - https://github.com/greatsuspender/thegreatsuspender/issues/1263

Better link https://github.com/greatsuspender/thegreatsuspender/issues/1...

> TLDR: The old maintainer appears to have sold the extension to parties unknown, who have malicious intent to exploit the users of this extension in advertising fraud, tracking, and more. In v7.1.8 of the extension (published to the web store but NOT to GitHub), arbitrary code was executed from a remote server, which appeared to be used to commit a variety of tracking and fraud actions. After Microsoft removed it from Edge for malware, v7.1.9 was created without this code: that has been the code distributed by the web store since November, and it does not appear to load the compromised script. However, the malicious maintainer remains in control, however, and can introduce an update at any time. It further appears that, while v7.1.9 was what was listed on the store, those who had the hostile v7.1.8 installed did NOT automatically receive the malware-removing update, and continued running the hostile code until Google force-disabled the extension.

For what it is worth, you may have heard of the Great Suspender incident (https://github.com/greatsuspender/thegreatsuspender/issues/1263). It was used by millions, and was also open source on GitHub, but it could still end up becoming malicious.

Long ass comment: That is not true for the most part. While the increased amount of individuals working of an OSS project may lead to better vulnerability detection according to both parties of the closed-source/proprietary debate, it doesn't lead to a massively more secure software overall. Not all reviewers have the similar experience or expertise and, because of it, not everyone will be able to review, identify or patch any flaws or vulnerability of a specific software since it may require other skills beyond just basic programming skills such as network or cryptographic skills. [1] Some even suggested that the large number of users contributing to the project can lead people "into a false sense of security." [2] Overall, some papers conclude that being an open source software or a proprietary software isn't an important factor for security and suggest considering other factors, such as the particular vendor/maintainer that controls the entire process. [3] After all, what if the maintainer decides to sabotage their own code? What if the project was sold to another maintainer for its own shaddy needs?

If you're referring to The Great Suspender, that extension was bought by an advertising company earlier this year. I'm using the last good version (github) though.

I have a thousand github tabs open, that I'm not sure how to file. I use sideberry and other extensions to manage tabs and close them when I need to. Sideberry is the only somewhat efficient(fast) way to quickly search and close tabs. I'm been waiting for the v5 release for a long time. There was something I needed from it, but I don't remember right now.

One thing I wish sideberry would do is simplify keyboard navitation. I.e. the moment you start typing it should type things in the search and then should should be able to navigate the result without mouse.

Maybe someone here can tell me how I can quickly select tabs if I use container tab groups. The address bar only selects open tabs from the right tab group so it's completely useless to me. For a while I used rofi tab switcher[1] but that magically stopped working so I made a custom rofi script that parses brotab[2] output.

[1] https://github.com/blackhole89/rofi-tab-switcher

[2] https://github.com/balta2ar/brotab

sounds like a feature request you could open here: https://github.com/balta2ar/brotab/issues

Found BroTab, very close to what I want