Neither does including anti-Microsoft code in your product. (it doesn't protect against shadier players because those don't care about having friends.)
Like I said, it's not effective. If malware wants to futz with your browser executable, it's just going to patch the executable, not conveniently go through the plugin interface around which you've designed some forgeable security token.
