Google Chrome Update Increases User Control Over Extensions

By Alexandra Burlacu email: a.burlacu@mobilenapps.com | Dec 31, 2012 06:42 PM EST

Share This Story

  • Print
  • Email

When Google Chrome reaches version 25, browser extensions installed offline by other applications will no longer be enabled without user permission.

Developers currently have several options to install extensions offline, i.e. without using the browser interface, in Google Chrome for Windows. One of these options entails adding special entries in the Windows registry, telling Chrome that a new extension has been installed and should be enabled.

Follow us

"This feature was originally intended to allow users to opt-in to adding a useful extension to Chrome as part of the installation of another application," Google's product manager of Chrome Extensions Peter Ludwig said in a blog post on Friday, Dec. 28. "Unfortunately, this feature has been widely abused by third parties to silently install extensions into Chrome without proper acknowledgement from users."

Chrome 25 aims to prevent this type of abuse by prompting users to give their permission through a dialog box in the browser interface. In other words, the browser will automatically disable all previously installed "external extensions" and will present users with a one-time dialog box to select which extensions they want to re-enable. All extensions installed through offline methods will be disabled by default, and users will be asked whether they want to enable them when they restart the browser.

Mozilla made a similar move over a year ago, when it implemented such a mechanism in Firefox to ensure extensions installed offline by other programs are not enabled without user confirmation.

Security is a big concern nowadays, especially as many attacks have used malicious browser extensions in the past, including Google Chrome extensions. Back in May, for instance, Wikimedia Foundation issued an alert regarding a Chrome extension that was filling Wikipedia pages with rogue ads. In July, Google decided to stop allowing Chrome extensions to be installed from third-party Web sites, limiting online installations only to extensions found in the official Chrome Web store. At the time, the company also said it would start analyzing all extensions listed in the Chrome Web Store for malicious behavior and remove any offending instance.

While this made it harder for criminals to distribute malicious extensions, it could prevent malware from installing rogue Chrome extensions on already compromised systems using offline methods. The new changes to the upcoming Chrome 25 version aim to address this issue.

Get the Most Popular Mobile&Apps Stories in a Weekly Newsletter

© 2014 Mobile & Apps All rights reserved. Do not reproduce without permission.

Featured Video : Intel Pocket Avatars

Join Our Conversation

Smartphones
Samsung Galaxy Tab 4 NookSamsung, Barnes & Noble officially launch the Galaxy Tab 4 Nook tablet
Verizon to launch its own app store for Android to compete with Google Play
ASUS smartwatch to debut on Sept. 3 at IFA 2014
Sony Xperia M2 Aqua brings waterproof tech on a budget (VIDEO)
Tablet / Laptop / PC
Dell Venue 7 and Venue 8Dell unveils Venue 7 and Venue 8 Android 4.3 Jelly Bean tablets
Retina iPad Mini facing delays, may not launch until early next year
Refurbished 128GB iPad with Retina Display now available on the Apple Online Store
Samsung Galaxy Note 10.1 – 2014 Edition: Pricing and availability now official
Gadgets
Amazon LogoAmazon reportedly to launch ‘Firetube’ set-top box before 2013 holidays
Samsung Galaxy Note 3 and Galaxy Gear India launch: Pricing and availability
Samsung Galaxy Gear Android smartwatch now up for pre-order in Canada
Samsung Galaxy Gear 2 reportedly in the works already, may debut at CES or MWC 2014
OS / Software
HTC LogoHTC reportedly considering Android/Windows Phone dual-booting smartphone as Microsoft pushes for deeper Windows mobile integration
iOS 7 Chrome Incognito mode leaks private searches due to bug
Sprint HTC One Android 4.3 Jelly Bean already rolling out, AT&T, T-Mobile & Verizon to follow
Microsoft Windows 8.1 now available for pre-order
Internet / Social Media
Google DowntimeGoogle blacks out for two minutes, causes 40 percent drop in world’s Internet traffic
Xbox Music web player is live and ready for Xbox Music Pass subscribers
Facebook Android app collected phone numbers even if users never logged in
Firefox 22 brings support for web video calls, 3D gaming, and Unreal Engine 3
What's App
Vine update brings new camera experienceVine gets major update, lets you upload previously-shot videos & more (VIDEO)
BlackBerry Messenger (BBM) finally hits Windows Phone – Available as a free download now
Instagram releases Bolt ephemeral messaging app in select markets to challenge Snapchat
PayPal for iOS update brings loyalty card support, other features and enhancements
Copyright © 2014 Mobile & Apps All rights reserved. mobilenapps
Real Time Analytics