thegreatsuspender
thegreatsuspender copied to clipboard
greatsuspender
What actions should those of us unaware of TGS' shady status take now that it's gone?
So I, like many others, was taken by surprise today when Chrome removed TGS from my browser saying it's malware. Looking further into it, I find... a lot. Dating back a while. Suffices to say I've been using the shady version of the extension for a while blissfully unaware of any problems.
What actions, if any, should I now take to ensure that I and my online presence isn't compromised by the actions of this extension? I don't fully understand all the effects it could have had, in all honesty.
@deanoemcke and others have been integrating a closed-source library that tracks user information going all the way back to May of last year -- https://github.com/greatsuspender/thegreatsuspender/issues/1147
I am hearing rumblings that the developer is being paid by a third party to integrate a closed-source library that tracks user data in the latest release, hence the intrusive "UPDATE NOW" push. I'll be removing this extension post-haste.
So I, like many others, was taken by surprise today when Chrome removed TGS from my browser saying it's malware. Looking further into it, I find... a lot. Dating back a while. Suffices to say I've been using the shady version of the extension for a while blissfully unaware of any problems.
What actions, if any, should I now take to ensure that I and my online presence isn't compromised by the actions of this extension? I don't fully understand all the effects it could have had, in all honesty.
Your worries are the same as mine
@deanoemcke and others have been integrating a closed-source library that tracks user information going all the way back to May of last year -- #1147
I am hearing rumblings that the developer is being paid by a third party to integrate a closed-source library that tracks user data in the latest release, hence the intrusive "UPDATE NOW" push. I'll be removing this extension post-haste.
Does anyone know for certainty what "tracks user information" means? Like browser URL's, tracking information, etc? Or like actual user-input? User input, passwords, and PII sending back would actually be Illegal so it makes a difference. Thanks.
I installed the 7.2.6 from this Github and was wondering if anyone will be maintaining this version, or extending it based on the Open Source license? It is a great tool however, and would be ultimately lame if we let it expire. I am not really a programmer, but would contribute just like a lot of us would. Can you imagine if 25% of the users donated $5 ? Let us know.
It looks like people have created "The Marvelous Suspender", which is supposed to be the latest stable version of The Great Suspender without tracking. It won't automatically restore The Great Suspender's suspended tabs, but some workarounds have been mentioned in other issue threads: https://chrome.google.com/webstore/detail/the-marvellous-suspender/noogafoofpebimajpfpamcfhoaifemoa/
@rhawk301 AFAIK, there are two forks around: The Marvellous Suspender and The Great Suspender No Track.
Meanwhile - as for stolen information, I'd be keen to know from experts too.
Aren't passwords encrypted in the browser, what about keystrokes? Is it possible for malware in TGS to record these?
I don't have 2FA on everything, but most things. However, do we now need to consider changing passwords on everything ?
I have no concrete proof that the two are related, but you may find my recent security breach to be of interest. I wrote about it here: https://github.com/greatsuspender/thegreatsuspender/issues/1307#issuecomment-773700055
@TomasHurtz Regarding whether The Great Suspender has access to password stored in the browser, someone who is familiar with Chrome extension development gave a convincing analysis in this link.
In essence, he/she believes extension can't access Chrome's password storage system without authentication, but it's possible for extension that is granted the "Allow this extension to read and change all your data on websites you visit" right to steal your password when you have the browser auto-filling credentials in web forms.