Which is a huge part of what makes various "privacy policy" terms so damned useless.
There is a ton of software on my computer that "has access" to my "data" and "network traffic": the kernel, network stack, clients, filesystem drivers, etc.
What they don't do is go tattling all this crap back to some mothership (or at least they'd better damned well not be).
Where Android / iPhone apps and Chrome extensions start freaking the living crap out of me is where they say they "require" this access ... and I don't (short of setting up some network traffic instrumentation) know off-hand whether this is staying local to the app or getting broadcast to the world. Or some big brotherly subset of the world.
My point is that what the extension requests access to is necessary for it to work, which you were disputing in your earlier message.
Sure you have to trust it, and you are generally right to be paranoid about Chrome extensions, but on the positive side, the extensions are somewhat more limited in the bad things they can do compared to non-sandboxed native desktop apps, and the source code is always available (although at times obfuscated and can be updated automatically) since they are written in JavaScript.
Well yes. That was exactly my point. Nobody should have to do that. On the tail end just because it's unnecessary tedium. On the fat end because it's hard to do.
There is a ton of software on my computer that "has access" to my "data" and "network traffic": the kernel, network stack, clients, filesystem drivers, etc.
What they don't do is go tattling all this crap back to some mothership (or at least they'd better damned well not be).
Where Android / iPhone apps and Chrome extensions start freaking the living crap out of me is where they say they "require" this access ... and I don't (short of setting up some network traffic instrumentation) know off-hand whether this is staying local to the app or getting broadcast to the world. Or some big brotherly subset of the world.