How Google Made Chrome Extensions More Secure Just By A Single Rule Change For Developers?

Must Read

Apple is Being Evil For 1.5 Billion iPhone, iPad Users Worldwide

Last year when Apple Inc. (NASDAQ:AAPL) was accused of recording everything that iPhone users were talking through...

Uber India Layoffs 25% Workforce Citing Tough Market Conditions

After laying off thousands of employees in the US, Uber is scaling down its operations in India...

Is Bill Gates Developing Covid-19 Vaccine To Track Billions Of Users Worldwide?

Bill Gates is once again at the centre stage of controversy related to novel Coronavirus.

Google, owned by Alphabet Inc. (NASDAQ: GOOGL), recently announced a series of changes looming here!

Google’s Chrome browser will handle extensions, seeking way too many permissions in an efficient way. Additionally, the company will slate new requirements for developers who want to publish extensions in the Chrome Web Store.

Not under wraps anymore, extensions have been that major point of compass for malicious developers to gain private data, irrespective of whatever browser is used. However, on a preventive note, Google has kept eagle-eyes over the detection of malicious extensions that may hamper smooth functioning, before it gains entry into the store.

Advertisements

Now that Google has already made extensive changes in its browser to maintain the efficacy of the same, the recent changes are like taking up the fight a notch higher.

Google Chrome Extensions: No More Obfuscated Codes!

As of Monday, developers are barred from submitting extensions that include complicated codes. According to Google, over 70% of malicious and policy-violating extension lurks behind such obfuscated codes.

Obfuscation is an act of deliberately creating intricate, puzzled source codes which are baffling, and at the same time, difficult for human comprehension.

Given the fact that code obfuscation leads to the performance hit, argument surfaces the corner that there’s no use of code obfuscation at all. Hence, Google argues that the reason to ban such extensions altogether holds just right.  January 1st has been deemed as a deadline for developers to get rid of any such obfuscated codes from their extensions and update the same with easily accessible codes.

Per-site Permissions

Another change in the slate of changes is that the company will provide liberty to users to restrict an extension’s permission for data or service manipulation on a per-site basis. When a Chrome extension is given the permission to alter any website data in the history, the extension could also manipulate this permission across other sites. This doesn’t just sound harmful but in fact proves to be one too!

Advertisements

Again, when it comes to permissions, Google is also looking forward to introducing new tools and better scope APIs which will reduce the need for broader permissions or authentications. Additionally, this will keep users at the driver seat while granting access to any such extensions.

Google also plans at introducing a stringent measure to look up at ‘powerful permission’ extension requests and will monitor remotely hosted codes.

Two Step Verification to be Mandated

To be ushered-in in 2019, Google will require two-factor authentication for access to Chrome Web Store.  With this change, a malicious actor can’t take over a developer’s account and publish a hacked extension.

This rule is not for extensions but only applicable for extension developers. Google will mandate the use of this two-step verification for all extensions developers.

With two-step verification, Google aims at preventing phishing cases where hackers can masquerade in as a developer, and worse, hack into one in order to legitimate Chrome extensions. This will damage both the extension as well as the site’s credibility.

Will It Be Extra Work For Developers?

“We recognise that some of the changes announced today may require effort in the future, depending on your extension. But we believe the collective result will be worth that effort for all users, developers, and for the long term health of the Chrome extensions ecosystem.”

Herein, “Oh No – Extra work! ” stands true if you’re a developer and, Google won’t even deny this disclaimer.

However, for serious extension developers – this shouldn’t be much of a headache. It comes quite obvious, that dedicated developers will want to protect their users alike Google.

SourceGoogle

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

Uber India Layoffs 25% Workforce Citing Tough Market Conditions

After laying off thousands of employees in the US, Uber is scaling down its operations in India...

Apple is Being Evil For 1.5 Billion iPhone, iPad Users Worldwide

Last year when Apple Inc. (NASDAQ:AAPL) was accused of recording everything that iPhone users were talking through Siri, the company was quick...

Is Bill Gates Developing Covid-19 Vaccine To Track Billions Of Users Worldwide?

Bill Gates is once again at the centre stage of controversy related to novel Coronavirus. Battling falsehood and paranoid...

Darkest Before Dawn: Can India Survive Its Worst Ever Recession?

Bolt your doors, batter down your hatches, brace yourselves. Recession is about to make landfall. According to Goldman Sachs, a...

Crisis Of Trust: The Glue Between Brands, Customers And Employees!

The COVID-19 crisis, which shows no sign of stopping any time soon, has left no life untouched in terms of impact. It...

WeWork Valuation: $2.9 Billion, Way Below Than Estimated $47 Billion 6 Month Ago

If you are thinking it is some kind of clickbait, you are highly mistaken. The debate on the valuation of WeWork once...

In-Depth: Dprime

Fantastic 4: Four Day Work Week A Flashpoint Of Innovation?

It has been an idea that has been mooted by many, perhaps also somewhat sceptically. From being a dark horse to becoming...

TikTok Is Facing The Wrath Of People Who Love It The Most

Ever since the popular social media app TikTok entered India, it has been growing very aggressively in terms of users. Within a...

Facebook Shops: Looking Beyond Ad Dollars!

Amid this global pandemic, when companies are struggling to find new verticals to pivot towards in order to maintain their revenue and...

More Articles Like This