It is adware, not malware!<p>The original post on productforums.google.com is complete <i>BS</i> and the extension was NOT suspended because of that, but because it failed to make it clear, in the context of the ads, which extension enabled the EcoLinks. This is not the first, nor last, piece of software that uses ads in order to support its development.<p>Also, the extension never logged anything from the users. All the "keylogger" stuff is just rumors started by people who are either incapable of reading a sentence from start to end or are knowingly lying about it.<p>It didn't alter the search results either. Those were exactly what Google returned for your search, nothing more, nothing less.<p>There was no malicious intent whatsoever. The whole purpose was to support further development of the extension through some form of advertising which you could disable at any point. The disable option was not even hidden among the other options; it had a dedicated page with a link in the main menu that only consisted of a checkbox - it was that simple and obvious.<p>Another false rumor is that the setting would enable itself automatically. No, it didn't! The only way that it would re-enable itself was to remove the extension and then install it right back. On uninstall all settings are lost and it fallbacks to the defaults.<p>The source code is plain HTML & JavaScript and it has always been available for anyone to review. Anyone could download the .CRX file and unzip it (it's just a <i>special</i> ZIP file) or take a look in the /%USER_FOLDER%/<PATH_TO_CHROME>/Extensions/kkelicaakdanhinjdeammmilcgefonfh folder (this varies based on your operating system) where the installed extension is. The source code has also been available at <a href="http://ionut-botizan.net" rel="nofollow">http://ionut-botizan.net</a><p>If you don't know JavaScript, you don't have to take my word for it; there is this prominent person in the web industry that, although he does not endorse this extension, has reviewed the code and confirmed there was no keylogger there: <a href="https://news.ycombinator.com/item?id=7048156#up_7056031" rel="nofollow">https://news.ycombinator.com/item?id=7048156#up_7056031</a><p>Another false accusation is that I bragged about how "I could sell your personal data and it wouldn't matter to me".<p>What I actually said is that "I could sell MY EXTENSION (as in transfer all rights and ownership to someone else) and it shouldn't matter to me (from a legal standpoint) what the buyer would do with it, be it collecting your private data or whatever". That claim was made just to point out that in fact I do care about the users' privacy and I chose not to sell the extension, even though I received plenty of offers. Some people asked "how could I even think of that"? Well, the extension is my property and receiving all those offers put me in the position where I had to think about it, whether I liked it or not.<p>In conclusion, yes, I admit the opt-out pattern is not the friendliest one and the whole thing could have been handled in some other way, but the reality is far from all these claims that I sneakily added malware to the extension, logged your keys and private data and sell all that to third parties or whatever.<p>The reality is I took your Google search results and converted them to sponsored links, plain and simple. All data that was transmitted when you clicked a search result was about the same that is sent whenever you click on any other ad or banner, which can not, in any circumstances, be used to identify you personally.<p>I am the developer and this is my answer; no excuses, just stating the facts. Learn what you want from it.