Many of us have probably wondered why there is a three second wait time you have to go through before installing extensions. The folks at the Download Squad have an answer.
Most users (self included) assume that it’s just to make users read the dialog. It turns out that’s not the case–Jesse Ruderman explains that it’s actually a security feature to keep people from unwittingly installing malicious code. He describes an ingenious exploit in which a user is presented, for example, a security (CAPTCHA) image to type in. JavaScript is used to initiate an extension installation when the user starts typing, and when the user types ‘y’ or enter, it triggers the ‘Accept’ or ‘Install’ button, allowing the malicious software to be installed.
So now, you can either read more about why it is there, or you can read here to find out how to turn it off.
