3

Having learned a bit more about what add-ons/extensions can do in Firefox, I want to minimize my risk and use some safer mechanism to download videos (FLV in particular) for later viewing.

Considering the question What are the security implications of people downloading addons, wrongly thinking that they are safe?, is there any way to trust an (open source?) browser add-on? I can examine the code myself if it's not 100,000 lines of illegible gunk.

The most popular video-downloader add-ons are closed source AFAIK.

Community
  • 1
Marneau
  • 31
  • 1
  • 2
    What kind of risk are you trying to mitigate? – M'vy Aug 05 '11 at 12:55
  • @M'vy have a look at [What are the security implications of people downloading plugins, wrongly thinking that they are safe?](http://security.stackexchange.com/q/5875/665) – Hendrik Brummermann Aug 05 '11 at 14:42
  • 3
    Souce analysis is nice, but it won't keep you safe. Souce analysis is part he software development lifecycle. Design is also a critical step. You may analyze a program's source but if you havn't analyzed the design you could miss a security flaw at a higher level. Likewise you could analyze a design and find it to be secure, but without analyzing the source it could be implemented incorrectly. Even if you miss nothing in the source, you would have to analyze all the libraries it calls, protocols it uses, other software it interacts with, etc. to arrive at a sound conclusion. – this.josh Aug 05 '11 at 16:51
  • 2
    @this.josh, not to mention that you have to be an expert in this technology/language/platform, and an expert in *reviewing code* for that technology/language/platform. – AviD Aug 08 '11 at 10:51

1 Answers1

4

I use the Greasemonkey extension for Firefox. It allows to write small "user scripts" that Greasemonkey injects into the specified websites.

There is a repository of user scripts at http://userscripts.org/ Most of them are really small and easy to understand.

There is a popular script for video downloads from youtube. It is a lot more complex than usual scripts but seems fine on a quick glance. There are many more simpler scripts through.

Hendrik Brummermann
  • 27,118
  • 6
  • 79
  • 121