So the user can be trusted to allow arbitrary websites raw access to potentially sensitive USB devices but cannot be trusted to give extensions the required access to fully block ads?