Like I said, it's not effective. If malware wants to futz with your browser executable, it's just going to patch the executable, not conveniently go through the plugin interface around which you've designed some forgeable security token.