Upcoming Chrome Web Store Changes Will Help Protect You From Malicious Extensions

Anil Ganti
download chrome 73 chrome 82

Google Chrome extensions, like all things on the internet, are inherently useful but a few bad apples here and there muddy the waters. Thankfully, Google is aware of the issue and has been working to make Chrome extensions safer. They no longer allow users to install extensions from outside the Chrome Web Store, which might seem tad overkill, but necessary. Additionally, they even removed extensions that were using cryptocurrency mining scripts.

Related StoryFurqan Shahid
Chrome Incognito Tab on Android Now Requires Your Fingerprint to Access

Today, they are announcing even more changes. In their present state, extensions can automatically read and change data on any website you visit. The scope of such power is extremely useful but can be malicious at times. Google wants to gives users more control over these powers. Google is announcing the following changes to make extensions more secure:

  1. User controls for host permissions: Beginning in Chrome 70, users will have the choice to restrict extension host access to a custom list of sites, or to
    configure extensions to require a click to gain access to the current page.
  2. Changes to the extensions review process: Going forward, extensions that request powerful permissions will be subject to additional compliance review.
  3. New code readability requirements: Starting today, Chrome Web Store will no longer accept new extensions that contain obfuscated JavaScript files,
    including any external code or resource fetched by the extension package
  4. Required 2-step verification: In 2019, enrollment in 2-Step Verification will be required for Chrome Web Store developer accounts.
  5. Manifest v3: In 2019, we will introduce the next version of the extensions platform.

Google says there are now over 180,000 extensions in the Chrome Web Store. For most desktop users, the Chrome Web Store is an integral part of their browsing experience. A seemingly innocuous extension hiding something malicious could slip by the untrained eye and it is essential that there are measures in place that prevent this.

News Source: XDA developers

Share this story