Google Chrome Update Increases User Control Over Extensions

By Alexandra Burlacu email: | Dec 31, 2012 06:42 PM EST

Share This Story

  • Print
  • Email

When Google Chrome reaches version 25, browser extensions installed offline by other applications will no longer be enabled without user permission.

Developers currently have several options to install extensions offline, i.e. without using the browser interface, in Google Chrome for Windows. One of these options entails adding special entries in the Windows registry, telling Chrome that a new extension has been installed and should be enabled.

Follow us

"This feature was originally intended to allow users to opt-in to adding a useful extension to Chrome as part of the installation of another application," Google's product manager of Chrome Extensions Peter Ludwig said in a blog post on Friday, Dec. 28. "Unfortunately, this feature has been widely abused by third parties to silently install extensions into Chrome without proper acknowledgement from users."

Chrome 25 aims to prevent this type of abuse by prompting users to give their permission through a dialog box in the browser interface. In other words, the browser will automatically disable all previously installed "external extensions" and will present users with a one-time dialog box to select which extensions they want to re-enable. All extensions installed through offline methods will be disabled by default, and users will be asked whether they want to enable them when they restart the browser.

Mozilla made a similar move over a year ago, when it implemented such a mechanism in Firefox to ensure extensions installed offline by other programs are not enabled without user confirmation.

Security is a big concern nowadays, especially as many attacks have used malicious browser extensions in the past, including Google Chrome extensions. Back in May, for instance, Wikimedia Foundation issued an alert regarding a Chrome extension that was filling Wikipedia pages with rogue ads. In July, Google decided to stop allowing Chrome extensions to be installed from third-party Web sites, limiting online installations only to extensions found in the official Chrome Web store. At the time, the company also said it would start analyzing all extensions listed in the Chrome Web Store for malicious behavior and remove any offending instance.

While this made it harder for criminals to distribute malicious extensions, it could prevent malware from installing rogue Chrome extensions on already compromised systems using offline methods. The new changes to the upcoming Chrome 25 version aim to address this issue.

Get the Most Popular Mobile&Apps Stories in a Weekly Newsletter

Join Our Conversation

Verizon HTC One M8 gets Android 5.0 Lollipop Verizon HTC One M8 finally gets Android 5.0 Lollipop – OTA rolling out now
Here’s how Windows 10 Spartan web browser allegedly works with Cortana (VIDEO)
Microsoft Lumia 640, Lumia 640 XL break cover at MWC 2015 (VIDEOS)
MWC 2015: Meet the sleek and powerful Sony Xperia Z4 Tablet (VIDEO)
Tablet / Laptop / PC
Dell Venue 7 and Venue 8 Dell unveils Venue 7 and Venue 8 Android 4.3 Jelly Bean tablets
Retina iPad Mini facing delays, may not launch until early next year
Refurbished 128GB iPad with Retina Display now available on the Apple Online Store
Samsung Galaxy Note 10.1 – 2014 Edition: Pricing and availability now official
Amazon Logo Amazon reportedly to launch ‘Firetube’ set-top box before 2013 holidays
Samsung Galaxy Note 3 and Galaxy Gear India launch: Pricing and availability
Samsung Galaxy Gear Android smartwatch now up for pre-order in Canada
Samsung Galaxy Gear 2 reportedly in the works already, may debut at CES or MWC 2014
OS / Software
HTC Logo HTC reportedly considering Android/Windows Phone dual-booting smartphone as Microsoft pushes for deeper Windows mobile integration
iOS 7 Chrome Incognito mode leaks private searches due to bug
Sprint HTC One Android 4.3 Jelly Bean already rolling out, AT&T, T-Mobile & Verizon to follow
Microsoft Windows 8.1 now available for pre-order
Internet / Social Media
Google Downtime Google blacks out for two minutes, causes 40 percent drop in world’s Internet traffic
Xbox Music web player is live and ready for Xbox Music Pass subscribers
Facebook Android app collected phone numbers even if users never logged in
Firefox 22 brings support for web video calls, 3D gaming, and Unreal Engine 3
What's App
Amazon Prime Now Amazon Prime Now service rocks NYC, offers fast deliveries within the hour
Flipboard for Windows Phone finally available, but requires 1GB of RAM (VIDEO)
Vine gets major update, lets you upload previously-shot videos & more (VIDEO)
BlackBerry Messenger (BBM) finally hits Windows Phone – Available as a free download now

Most Popular

Copyright © 2015 Mobile & Apps All rights reserved. mobilenapps
Real Time Analytics