Google Cracks Down On Browser Scams

John Lister's picture

Google is taking several more steps to make browser extensions safer. It's giving users more control and cracking down on some common rogue practices.

The changes are to Chrome's extensions. Also known as add-ons with some browsers, extensions are third-party tools designed to improve the online experience using a web browser. For example, an Amazon extension lets users send text on a web page (such as a lengthy article) straight to their Kindle e-reader as a document with one click.

By nature, extensions need some degree of access to and control over Chrome itself, which sometimes means the access is abused. Google does vet extensions before they appear in the store, but these aren't always fail proof.

More Permission Options

The next edition of Chrome, which rolls out in mid-October 2018, will change the permissions system that governs exactly what an extension can do on a computer. One change is that users won't just have to let the extension work with any website.

Instead they will have three options: let the extension work anywhere; let it work only on a specific list of named sites; or let the user say yes or no every time the extension tries to run. (Source: arstechnica.com)

The other changes are to the review process. Google says it will now increase scrutiny for extensions that ask for the most powerful levels of access, particularly those which run code that's hosted remotely, rather than built into the extension itself.

Confusing Code Banned

There's also going to be a flat-out ban on any extension where the code is written in a confusing way that could disguise what it's actually meant to do.

Another change comes next year with developers required to use two-step verification on their accounts, meaning that they can't simply rely on a password. That's designed to reduce the risk of scammers getting access to the account of a popular developer and spreading malware by taking advantage of the trust built up among web users and Google itself. (Source: theregister.co.uk)

What's Your Opinion?

Do you use browser extensions? What if any steps do you take to make sure they are trustworthy and safe? Would you bother changing settings for permissions or is this too much hassle to worry about?

Rate this article: 
Average: 5 (7 votes)

Comments

Focused100's picture

I use a number of extensions and would like more control over them.
I would take advantage of on off switches if they were easy to use.