> Even if it is benign now, there is no telling when it might be sold and new owners may have more nefarious intentions.
I'll never betray the trust of my users, and anyway it's not going to be sold. Nobody has ever made me an offer, and it's unlikely that anyone could afford to acquire it. The extension is worth more to me as an indie dev than it would be worth to anyone else.
This is your thoughts right now. If a real tangible offer came through for 10s of millions of dollars, would you still feel that way? What about when you die or become permanently offline for some other reason? Will your family sell it to the lowest bidder, delist it, or just leave it to bit rot?
These are things everyone has to/should consider when granting software unfettered access to their machine.
You could just ask me questions without associating yourself with Satan. ;-)
> If a real tangible offer came through for 10s of millions of dollars, would you still feel that way?
I would definitely sell for 10s of millions of dollars! Indeed, I would sell for 1 million dollars. But nobody is going to offer me that LOL.
> Will your family sell it to the lowest bidder, delist it, or just leave it to bit rot?
They would have to leave it to "bit rot", because my source code is encrypted, and nobody else has my passwords. (The extension has no server component and should continue working fine indefinitely with no updates.)
Presumably if lots of people trust your extension with access to their banking website, a nefarious actor could make steal more money to make that price worthwhile.
Well, assuming they can transfer money out of people's accounts and get away with it, which obviously requires additional effort.
To be clear, I wouldn't sell to [unknown criminal] for any amount of money, because I'm not a criminal myself, and I can't be turned into a criminal.
I would sell to [known BigCo] for a million dollars. But BigCos aren't interested in my software, so that's a non-issue.
If a criminal offered me millions of dollars, I would report them to the FBI. And I think this whole discussion is just ultra-paranoia.
withinboredom claims but refuses to name a supposed malware extension with millions of users. Not sure I believe this astounding story.
I don't even aspire to be rich, or even to retire. That sounds pretty boring to me. I'd rather work on something socially useful. But financial security would be nice.
One of my friends got offered 8 million for an extension a few years ago. The new owners put malware in it. Meanwhile, he’s still sailing around the Mediterranean on his yacht with his family…
This is exactly the kind of thing people are worried about.
I’ve been asked not to share the name. It wasn’t a big extension though, only a few million installs.
FWIW, they put it up for sale as a lark, not intending to actually sell it, on some business sales/acquisitions/mergers site and got more than their asking price.
Asked by whom? Your (hopefully former?) friend who sold out millions of people for malware? Are those millions of people aware that they were infected with malware? Not sure how this can be a secret.
> It wasn’t a big extension though, only a few million installs.
I'll never betray the trust of my users, and anyway it's not going to be sold. Nobody has ever made me an offer, and it's unlikely that anyone could afford to acquire it. The extension is worth more to me as an indie dev than it would be worth to anyone else.