"In terms of implementation, the most interesting one is “Іron Wаllеt” (the I, a, and e are Cyrillic). Three seconds after install, it fetches the phishing page’s URL from the first record of a NocoDB spreadsheet and opens it [...] The API key had write access, so I wiped the spreadsheet."
I'm laughing so hard at the video, I imagine this is what browsing the web is like for the elderly that barely know how to use a computer. Can someone do this in Chrome?
> I did some research to find why this took so long. 13 years ago, extensions.json used to be extensions.sqlite. Nowadays, extensions.json is serialized and rewritten in full on every write debounced to 20 ms, which works fine for 15 extensions but not 84,194.
This is probably a good example of the opposite. It would be a mistake to design for the fleetingly rare case. If you’re dealing with a handful of extensions, a json file that’s rewritten is fine.
In an ideal world, software with 100 million users would be optimised for energy usage. It all adds up. This does pale in comparison to everything else, though.
The icing on the cake is the discovery of a potential performance bug in one or more of the about: pages, that's definitely worthy of following up.
I geel this on a deep personal level.
On addons.mozilla.org, but you can distribute Firefox extensions without posting on addons.mozilla.org. I do.
Occasionally, databases are useful. ;)