August 2017:

  • I don’t use Internet Explorer because I run on Mac and Windows, and there is no IE for Mac.
  • I used to avoid Safari because it didn’t pin tabs. Safari now pins tabs. I hate that it creates a ‘favicon’ which is just the first letter of the domain name, but I can learn to live with that.
  • I used to use Chrome instead of Firefox because the Chrome edition of AdBlock was better, but that’s no longer the case.
  • Chrome now prevents blocking of HTML5 video auto-play. There is an extension called Disable HTML5 Autoplay, but it doesn’t block sites such as https://www.usatoday.com/story/news/politics/onpolitics/2017/07/11/majority-republicans-say-colleges-have-negative-impact-country-poll-says/468869001/.
  • Chrome consumes way too much Mac battery.
  • Important: Firefox and Safari let you disable extension auto-update. Chrome does not.
  • This works to disable auto-play of video in Safari. I still get lots of video auto-playing in Chrome, even with disable-auto-play extension(s).
  • Safari Problem: LastPass export doesn’t work in Safari (Sept 1, 2017). It silently fails after re-entering my password to enale export. No prompt for export filename or download-starting message. It doesn’t work in Firefox either. Right now, the only way I can export LastPass is via Chrome.
  • Fluid.app is a clever idea, but Wunderground behaves poorly (intermittently), Nirvana suddenly closes item-edits while I’m entering valid data. I don’t need another source of weirdness to debug.

I’ve become concerned about extension security. At a minimum, I am cutting way back on my use of browser extensions.

There have been cases where a Chrome extension developer lost control of his account and a bad guy pushed an unauthorized update to an extension. Every extension in Chrome means I have to trust its developer’s staff not to be tricked by phishing. Every extension on any browser weakens the browser’s security by adding any of the extension’s vulnerabilities to the browser footprint. Malware authors are now targeting extension vulnerabilities.

Extension List:

  • Adblock: I used to really value AdBlock (the getadblock.com one). I now get so much “we won’t show you content because you are blocking ads” that it is almost worthless.
  • Lastpass: I really need a password manager. I need to be able to share passwords with my wife and I need to share between PC, Mac, and Android. Do I need it to be integrated into my browser?
  • Authy: I need Authy. Do I need it integrated into my browser?
  • Session Buddy: I need bullet-proof session restore.
  • Stop Video/Animation: I don’t want movies to auto-play. I need them to be quiet if I can’t block them.
  • Amazon Wish List: Handy to be able to add non-Amazon stuff to my wishlist, but hardly indispensable.
  • Copy All URLS: Handy. It is really slow if I have to copy 99 URLs, one at a time.
  • Pushbullet. Handy. I can live without it, if doing so increases my security.
  • Stylish. Ow. I really like to restyle some sites, but Stylish has had some significant vulnerabilities.