This article was published on July 15, 2012

Google beefs up security for Chrome browser extensions


Google beefs up security for Chrome browser extensions

Google has moved to shore up security around its Chrome browser after the company added a setting to prevent extensions that are not hosted in the Chrome Web Store from installing in browsers automatically, while it has also begun monitoring submissions to the store.

Now, in the latest version of Chrome, users must explicitly verify that they want to download third party ‘inline’ extensions by adding them through the dedicated extensions page.

Google allows Web Store extensions to be installed inline but it is unable to exert any control over third party creations that sit outside of the store. This move is the company’s next best option to protecting users from ‘malicious’ extensions which may be set up to perform any manner of unscrupulous activities, as it explains:

Unfortunately, we don’t have the ability to take down malicious items promoted on other websites. For instance, online hackers may create websites that automatically trigger the installation of malicious extensions. Their extensions are often designed to secretly track the information you enter on the web, which the hackers can then reuse for other ill-intended purposes.

As well as focusing on unaccountable third parties, Google has put its own house into order after it initiated a program to analyse every extension uploaded to the Web Store. Those entries that are found to be suspect or malicious will be taken down to prevent security issues for users.

It’s hard to believe that Google was not already monitoring the Web Store, but the introduction of this program — and the additional level of security for third party extensions — is all the more important considering that Chrome overtook Internet Explorer as the Web’s most used browser in May, according to Statcounter.

The <3 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

The new security measures come with yet another reminder that developers are encouraged to submit extensions to the Web Store, and Google has been working hard to built a locally appealing ecosystem with the launch of country-specific Web Stores in a number of markets worldwide.

Developers are also set to be able to monetise extensions by placing apps inside them, as was revealed at the beginning of the month.

Google recently revealed that Chrome is now serving 310 million active users, after significant growth saw that figure double during the last year. The browser has since launched for Apple’s iOS mobile platform.

Image via Flickr / Casasroger

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with