I stopped using apps from companies or projects I don't know some time ago. Which left basically small local companies, the big global ones and FOSS-projects. This of course is not perfect but at least leaves some sort of accountability.
All my employees use a JSON formatter on Chrome. Such apps require permissions to view all sites...
I require them to create 2 profiles in Chrome (and a 3rd for personal purposes), one for dev and one for official purposes, but I know that, in remote work, they get less serious.
It’s a major security problem. I’m wondering whether I should purchase the Chrome extension’s source code and deploy it myself on the store.
