NiM Chrome Extension is collecting user's email address #28184
Labels
duplicate
Issues and PRs that are duplicates of other issues or PRs.
Comments
joyeecheung
added
the
duplicate
|
Duplicate of #28185 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
NiM Chrome Extension is an option suggested by the Node team in https://nodejs.org/en/docs/guides/debugging-getting-started/
Per the following line of code in the source code of that extension, it collects user's email address and sends that (encrypted with the author's public key to his analytics server.
https://github.com/june07/NiM/blob/master/background.js#L151
Not only does it look suspicious, but probably a great portion of the users are not aware of that. In fact, it's for any debugging or general-tracking purpose of the developer, it could be a randomly generated UUID that gets sent, not the user's email address.
I wouldn't trust this extension and I think Node community should at least mention this in the official docs. (e.g. BTW, this extension is going to collect your email address and send that to the extension publisher.)
The text was updated successfully, but these errors were encountered: