HACKER Q&A
📣 linklock

Would you trust a new browser security extension in 2025?


I'm considering building a privacy-first browser security extension and want to validate the idea with HN's community before committing months to it.

The hypothesis: Current browser security is fragmented. You need multiple extensions (uBlock, Privacy Badger, HTTPS Everywhere) plus something for phishing protection. Most all-in-one options are bloated (Norton, Avira) or have privacy concerns.

What I'm considering: - Zero data collection (no accounts, no telemetry) - Open-source (MIT license) - Phishing detection (local + Safe Browsing API) - HTTPS enforcement - Cookie auto-delete - Pop-up blocking

Questions for HN:

1. Is there actually a gap here? Or is the current extension ecosystem already perfect?

2. What would make you trust a NEW security extension in 2025? Open source alone doesn't seem sufficient - there are sketchy OS extensions too.

3. Would you ever pay for browser security ($3-5/month)? Or should everything be donation-supported?

4. Is Manifest V3's limitations (30k rules, webRequest restrictions) a dealbreaker even for security-focused extensions?

I put together a survey to gather structured feedback: https://forms.gle/CrxiWDFM23wvHT7g9

But honestly more interested in the discussion here. Talk me out of this if it's a bad idea.

  👤 ghostwords Accepted Answer ✓
>You need multiple extensions

(I develop Privacy Badger.) There are significant benefits to adding PB or uBO to a browser that doesn't already ship with a real built-in ad blocker. While PB and uBO work well together and you may want to use both for various reasons, I wouldn't say you need both. Either one is enough by itself for most people.

>HTTPS Everywhere

HTTPS Everywhere has been deprecated and eventually removed from extension stores a few years ago: https://www.eff.org/deeplinks/2021/09/https-actually-everywh...

>Phishing detection

Why isn't what's built into browsers enough?

>Cookie auto-delete

Why bother when blocking trackers and ads?

>Pop-up blocking

Is that the same as the various "annoyances" ad blocker lists?

👤 JohnFen
> What would make you trust a NEW security extension in 2025?

Time. I wouldn't trust it while it's new. I'd develop trust in it over time as I've observed the results of other people using and examining it.

> Would you ever pay for browser security ($3-5/month)?

I don't rent software, so I wouldn't pay a recurring fee. A one-time fee isn't out of the question, though.

> Is Manifest V3's limitations (30k rules, webRequest restrictions) a dealbreaker even for security-focused extensions?

Pretty much, in that I wouldn't be using a browser with that limitation in the first place.