How Google Made Chrome Extensions More Secure Just By A Single Rule Change For Developers?

Must Read

Free Netflix in India: A Result of Slow Growth In Q3 2020?

Netflix is testing a new strategy that could lead to free Netflix in India. The online streaming...

Jio Pages: The Indian Browser Reliance Is Betting On Now!

Looks like Reliance wants to establish Jio as a synonym of technology. After launching a fleet of...

Reliance Future Group Deal In The Soup: SIAC Orders To Put The Deal On Hold

When Reliance agreed to acquire Future Group for $3.4 billion, recently, the share of Reliance Industries Limited...

Google, owned by Alphabet Inc. (NASDAQ: GOOGL), recently announced a series of changes looming here!

Google’s Chrome browser will handle extensions, seeking way too many permissions in an efficient way. Additionally, the company will slate new requirements for developers who want to publish extensions in the Chrome Web Store.

Not under wraps anymore, extensions have been that major point of compass for malicious developers to gain private data, irrespective of whatever browser is used. However, on a preventive note, Google has kept eagle-eyes over the detection of malicious extensions that may hamper smooth functioning, before it gains entry into the store.


Now that Google has already made extensive changes in its browser to maintain the efficacy of the same, the recent changes are like taking up the fight a notch higher.

Google Chrome Extensions: No More Obfuscated Codes!

As of Monday, developers are barred from submitting extensions that include complicated codes. According to Google, over 70% of malicious and policy-violating extension lurks behind such obfuscated codes.

Obfuscation is an act of deliberately creating intricate, puzzled source codes which are baffling, and at the same time, difficult for human comprehension.

Given the fact that code obfuscation leads to the performance hit, argument surfaces the corner that there’s no use of code obfuscation at all. Hence, Google argues that the reason to ban such extensions altogether holds just right.  January 1st has been deemed as a deadline for developers to get rid of any such obfuscated codes from their extensions and update the same with easily accessible codes.

Per-site Permissions

Another change in the slate of changes is that the company will provide liberty to users to restrict an extension’s permission for data or service manipulation on a per-site basis. When a Chrome extension is given the permission to alter any website data in the history, the extension could also manipulate this permission across other sites. This doesn’t just sound harmful but in fact proves to be one too!


Again, when it comes to permissions, Google is also looking forward to introducing new tools and better scope APIs which will reduce the need for broader permissions or authentications. Additionally, this will keep users at the driver seat while granting access to any such extensions.

Google also plans at introducing a stringent measure to look up at ‘powerful permission’ extension requests and will monitor remotely hosted codes.

Two Step Verification to be Mandated

To be ushered-in in 2019, Google will require two-factor authentication for access to Chrome Web Store.  With this change, a malicious actor can’t take over a developer’s account and publish a hacked extension.

This rule is not for extensions but only applicable for extension developers. Google will mandate the use of this two-step verification for all extensions developers.

With two-step verification, Google aims at preventing phishing cases where hackers can masquerade in as a developer, and worse, hack into one in order to legitimate Chrome extensions. This will damage both the extension as well as the site’s credibility.

Will It Be Extra Work For Developers?

“We recognise that some of the changes announced today may require effort in the future, depending on your extension. But we believe the collective result will be worth that effort for all users, developers, and for the long term health of the Chrome extensions ecosystem.”

Herein, “Oh No – Extra work! ” stands true if you’re a developer and, Google won’t even deny this disclaimer.

However, for serious extension developers – this shouldn’t be much of a headache. It comes quite obvious, that dedicated developers will want to protect their users alike Google.



Please enter your comment!
Please enter your name here

Latest News

Happy Birthday Ma Huateng: The Man Who Owns Facebook, WhatsApp Of China

The winning horse of the Chinese internet market and one among the Chinese billionaires, though not started...

Reliance Jio And Airtel Both Grab Top Spot In Customer Experience [Study]

What do winning brands have in common that the less successful ones don’t? It’s merely the fact that they adhere to the...

Huawei All Set To Bid Adieu To Smartphone Market?

The effects of the US ban on Huawei, along with a few other Chinese companies, have started appearing. Last week we reported...

Tata Group To Acquire 50% Stake In BigBasket: A Winning Edge Against JioMart?

The Tata Group has apparently found its winning edge against Ambani's JioMart and might add this newfound opportunity to their shopping list...

Amazon Locks Head With The Music Industry: Twitch Letting Streamers Use Unlicensed Music!

The global e-commerce giant, Inc. (NASDAQ:AMZN) has upset the biggies of the music industry as one of its acquisitions have been...

Mobile Internet Speed In India: From Bad To Worse [REPORT]

Languishing. And la…g…g…i…n…g. The sorry state of the desi internet in India. In a rather sad turn of events,...

In-Depth: Dprime

Will ‘TikTok By Microsoft’ Be A Winner?

For the last two years, TikTok has been in the public eye for all sorts of reasons. First, it was the exploded...

Facebook Subscription Model: Looking Beyond Ad Dollars?

Seldom do job listings create a stir this gripping. However, when the job listing in question is a stealth post from Twitter,...

Will The Online Food Delivery Market in India End Up Becoming A Two-Horse Race?

It's pretty much evident that the food delivery space in India is all set to get riled up soon enough as one...

More Articles Like This