Google to Start Locking Down Chrome Extensions

[Guest]

Google revealed a slew of changes that will make Chrome extensions more secure going forward.

Google to Start Locking Down Chrome Extensions : Read more

 

[shrapnel_indie]

The company also plans to subject extensions using remote code to "ongoing monitoring."

There goes some performance. How much depends on how deeply the monitor and the algorithms used.

Google also said that extension developers wold be required to enable two-factor authentication starting in 2019.

shouldn't would be spelled with a u?

It just means that Chrome probably could use the goodwill.

Chrome can use all the goodwill it can get. Google threw out the "do no evil" mantra... Google has been known to sell our data themselves. That means that this can also be seen as a possible snuff the competition as well... yeah it's an extreme take admittedly, but not completely out of the question.

 

[alan_rave]

Two-factor authentication.That s another way to collect users data.

 

[beoza]

Browser, security is only as strong as the end user. Lets face it people are stupid, not the average Toms reader but the general population out there. Hackers and those with malicious intent will find ways around the security. Google can design a better mouse trap while those with bad intentions are building a better mouse; which has always been the case throughout history.

On a side note I stopped using Chrome months ago after it kept telling me sites were not reachable or had some other issue. I tried multiple solutions found around he web but none worked. The same sites it couldn't reach worked fine in Firefox, Edge, IE 11 and Opera.

 

[Peter Martin]

lol, yeah, this will only build better hackers and bigger idiots.

 

[Christopher1]

BEOZA, it might be good to post the names of the actual sites in question so that Chrome devs can fix the issue or inform them that "Hey, these websites are not working anymore!"

 

[secretxax]

None of this matters anymore, Google. You screwed up the browser with the sign-in crap, and noone smart will continue to use it.

 

[velocityg4]

"While host permissions have enabled thousands of powerful and creative extension use cases, they have also led to a broad range of misuse - both malicious and unintentional - because they allow extensions to automatically read and change data on websites. Our aim is to improve user transparency and control over when extensions are able to access site data. In subsequent milestones, we’ll continue to optimize the user experience toward this goal while improving usability."

Does this concern anyone? This could easily be interpreted as. Adblockers and script blockers won't work as well. Especially if they try to block Google Ads.

 

[cryoburner]

"While host permissions have enabled thousands of powerful and creative extension use cases, they have also led to a broad range of misuse - both malicious and unintentional - because they allow extensions to automatically read and change data on websites. Our aim is to improve user transparency and control over when extensions are able to access site data. In subsequent milestones, we’ll continue to optimize the user experience toward this goal while improving usability."

Does this concern anyone? This could easily be interpreted as. Adblockers and script blockers won't work as well. Especially if they try to block Google Ads.

This was the first thing I thought of as well. It seems like not so much a security feature as an attempt by one of the largest online advertising corporations to discourage people from blocking their ads and tracking scripts by spamming them with an endless stream of popup dialogs as extensions are required to "request access to the current page". Maybe these kinds of annoyances will encourage people to move on to better browsers that are not run by companies with such questionable motives. Chrome is arguably worse for user privacy than IE ever was, and has successfully taken its place as the most widely used garbage browser that people probably shouldn't be using.