Rather than only doing it via technical means like permissions, I'd be more comfortable with auto-updating but with some kind of human quality assurance. Two systems that manage to pull that off from very different cultural/economic starting points are Apple's app store, and Debian's software repository.
The Google model of an auto-updating but un-QA'd app store doesn't work for me, because it combines two things I really don't see as compatible: 1) low-friction updates; and 2) installation of arbitrary un-reviewed code from the internet. If you're going to do #2, then I want the friction of downloading a new executable. I want to go to a website, see if the company still exists, read the release notes, generally be cautious about installation of random executables off the internet. But if you're going to do #1, then since the updates are supposed to apply without significant review by me, someone else has to be vetting what goes into the repository for at least minimal non-evilness standards.
> Rather than only doing it via technical means like permissions, I'd be more comfortable with auto-updating but with some kind of human quality assurance.
I agree on this.
The best solution for now would be a meta-extension that checks if you have compromised extensions installed and disable them.
The blacklist could be compiled based on the Store feedbacks (ratings dropping sharply? disabled.), a reporting system from the app, and also using automatic testing. For example run the extension on a sandboxed machine and check for requests to known shady domains.
The Google model of an auto-updating but un-QA'd app store doesn't work for me, because it combines two things I really don't see as compatible: 1) low-friction updates; and 2) installation of arbitrary un-reviewed code from the internet. If you're going to do #2, then I want the friction of downloading a new executable. I want to go to a website, see if the company still exists, read the release notes, generally be cautious about installation of random executables off the internet. But if you're going to do #1, then since the updates are supposed to apply without significant review by me, someone else has to be vetting what goes into the repository for at least minimal non-evilness standards.