* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Sunday, June 22, 2025
Earth-News
  • Home
  • Business
  • Entertainment
    Netflix unveils Dallas immersive venue for fans of hit shows like ‘Squid Game,’ ‘Stranger Things’ – Houston Chronicle

    Step Inside Netflix’s New Dallas Immersive Experience Featuring Hits Like ‘Squid Game’ and ‘Stranger Things

    ‘Puttin’ on the Ritz’: Civic Players bring ‘Young Frankenstein’ to life – Yahoo

    Civic Players Deliver a Hilarious and Unforgettable Performance of ‘Young Frankenstein

    ‘Wheel of Fortune’: Amputee Wins $60,000 After Breaking Incredible ‘Curse’ – Hastings Tribune

    Wheel of Fortune’ Amputee Breaks Incredible ‘Curse’ to Win $60,000!

    North Star Sports & Entertainment Network: Coming soon – KTTC News

    North Star Sports & Entertainment Network: Coming soon – KTTC News

    Safety concerns in Deep Ellum create apprehension as the entertainment district gains visitors – CBS News

    Safety Concerns Surge Amid Deep Ellum’s Booming Popularity and Growing Crowds

    Elisabeth Moss’ ‘Handmaid’s Tale’ Emmy chances, by the numbers – Yahoo

    Elisabeth Moss’ ‘Handmaid’s Tale’ Emmy chances, by the numbers – Yahoo

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    How AI can help make cities work better for residents – MIT Technology Review

    How AI can help make cities work better for residents – MIT Technology Review

    Tech Champions with Leo Bletnitsky of Healthy Technology Solutions – Buzz Media Group

    Meet Tech Champion Leo Bletnitsky of Healthy Technology Solutions

    Crypto’s true revolution is about humanity, not technology – Cointelegraph

    Crypto’s Real Revolution: Transforming Humanity Beyond Technology

    $1 Billion Problem: New Technology Could Save Your Daily Cup of Coffee – SciTechDaily

    The $1 Billion Challenge: How New Technology Could Rescue Your Daily Cup of Coffee

    Canada’s construction industry gets serious about investing in technology as pressure mounts to do more with less – Yahoo Finance

    Canada’s Construction Industry Accelerates Tech Investments to Overcome Growing Challenges and Boost Efficiency

    Workforce Technology Eases Staffing Shortages in Rural Health Care – AJMC

    Workforce Technology Eases Staffing Shortages in Rural Health Care – AJMC

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    Netflix unveils Dallas immersive venue for fans of hit shows like ‘Squid Game,’ ‘Stranger Things’ – Houston Chronicle

    Step Inside Netflix’s New Dallas Immersive Experience Featuring Hits Like ‘Squid Game’ and ‘Stranger Things

    ‘Puttin’ on the Ritz’: Civic Players bring ‘Young Frankenstein’ to life – Yahoo

    Civic Players Deliver a Hilarious and Unforgettable Performance of ‘Young Frankenstein

    ‘Wheel of Fortune’: Amputee Wins $60,000 After Breaking Incredible ‘Curse’ – Hastings Tribune

    Wheel of Fortune’ Amputee Breaks Incredible ‘Curse’ to Win $60,000!

    North Star Sports & Entertainment Network: Coming soon – KTTC News

    North Star Sports & Entertainment Network: Coming soon – KTTC News

    Safety concerns in Deep Ellum create apprehension as the entertainment district gains visitors – CBS News

    Safety Concerns Surge Amid Deep Ellum’s Booming Popularity and Growing Crowds

    Elisabeth Moss’ ‘Handmaid’s Tale’ Emmy chances, by the numbers – Yahoo

    Elisabeth Moss’ ‘Handmaid’s Tale’ Emmy chances, by the numbers – Yahoo

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    How AI can help make cities work better for residents – MIT Technology Review

    How AI can help make cities work better for residents – MIT Technology Review

    Tech Champions with Leo Bletnitsky of Healthy Technology Solutions – Buzz Media Group

    Meet Tech Champion Leo Bletnitsky of Healthy Technology Solutions

    Crypto’s true revolution is about humanity, not technology – Cointelegraph

    Crypto’s Real Revolution: Transforming Humanity Beyond Technology

    $1 Billion Problem: New Technology Could Save Your Daily Cup of Coffee – SciTechDaily

    The $1 Billion Challenge: How New Technology Could Rescue Your Daily Cup of Coffee

    Canada’s construction industry gets serious about investing in technology as pressure mounts to do more with less – Yahoo Finance

    Canada’s Construction Industry Accelerates Tech Investments to Overcome Growing Challenges and Boost Efficiency

    Workforce Technology Eases Staffing Shortages in Rural Health Care – AJMC

    Workforce Technology Eases Staffing Shortages in Rural Health Care – AJMC

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Technology

Chrome users – get an alert when extensions are in danger of falling into wrong hands

March 7, 2024
in Technology
Chrome users – get an alert when extensions are in danger of falling into wrong hands
Share on FacebookShare on Twitter

Millions of Chrome users now have a way to guard against the threat of extension subversion, that is, if they don’t mind installing yet another browser extension.

Matt Frisbie, a software developer and programming book author, has released a Chrome add-on called Under New Management to alert users when installed extensions have changed owners.

In the GitHub repo for Under New Management, Frisbie explains why this may be useful. Basically: Extensions can be developed for entirely innocent, useful purposes, but when they are sold or hand over to others, those new owners can – and have – sneakily adjusted the code so that it turns against the user, stealing their info or injecting ads. This kind of hijacking can affect millions of netizens at a time.

“Extension developers are constantly getting offers to buy their extensions,” Frisbie says. “In nearly every case, the people buying these extensions want to rip off the existing users.

The users of these extensions have no idea an installed extension has changed hands, and may now be compromised

“The users of these extensions have no idea an installed extension has changed hands, and may now be compromised.

“Under New Management gives users notice of the change of ownership, giving them a chance to make an informed decision about the software they’re using.”

As we reported last August, those who develop Chrome extensions that become popular often receive solicitations to sell their code or to partner with a third-party in order for the new owner or partner to insert dubious, scammy, or malicious code in the extension.

The idea is that the browser extension, which has been altered to collect or steal data, or to present ads or to execute some other monetizable function like cryptomining, can be updated automatically without alarming those who have installed it — perhaps without being caught by Google’s automated scanning.

Google’s focus has been on detecting malicious code and in that respect Frisbie believes Google has been successful. “Their automatic package analysis tools are sophisticated at detecting malicious extensions,” Frisbie explained in an email to The Register. “A primary goal of the Manifest v3 push was to disable the more problematic attack vectors (e.g. remove code execution). All indications are that these efforts have been largely successful.”

Malicious Chrome extensions are bad. But what about nice ones that can be hijacked? This new tool spots them

ALSO SEE

“When an acquisition goes through, and the new publisher tries to abuse the existing user base, the Chrome team usually is able to detect if the new publisher sends out a malicious update, but this is the only line of defense,” he said. “What’s more, this doesn’t account for cases where the new update isn’t necessarily malicious, but might export and abuse a user’s data, inject ads, or use it in a way that they did not intend when they installed the extension.”

One such request cited by a Chrome extension developer on the Chrome Extensions mailing list sought the modification of the user’s search provider in order to capture all the search terms the user enters into the browser’s omnibox.

Schemes of this sort are common elsewhere and have been seen by those developing software packages distributed through package registries. Web publishers also get solicitations to replace broken links with a functioning link to some other website seeking the search ranking benefit of association with an authoritative source.

But these sorts of offers are particularly pernicious when they involve code due to the amount of sensitive data that extensions may be able to see. And they can affect a lot of people: Chrome is used by something like 2-3 billion people worldwide. While the majority of that usage nowadays occurs on mobile devices – where, on iOS devices at least, Chrome extensions aren’t currently an option – many desktop and Android-based Chrome users have extensions installed. The last time Google offered an official number was in 2010, when a third of Chrome users were said to have at least one extension installed.

Avast shells out $17M to shoo away claims it peddled people’s personal data

Mozilla slams Microsoft for using dark patterns to drive Windows users toward Edge

YouTube video lag wrongly blamed on its ad-blocking animus

Google bins integrity API that looked more than a bit like horrible DRM for websites

Frisbie said that he’s a Google Developer Expert on Browser Extensions and thus has access to the Chrome team and has been working with them to shape the Chrome Extensions platform.

Changes of ownership are particularly problematic for browser extensions, Frisbie explained, because of a confluence of factors: they’re more powerful than most people realize; they’re difficult to monetize; the Chrome Web Store doesn’t disclose a lot of details about extension developers; extensions tend to be installed for a long time and get automatic updates; and transferring ownership is easy and done without meaningful oversight.

“This combination of factors brought the ecosystem to where it is today,” he said. “Extensions with lots of users get lots of acquisition offers, usually from individuals who can’t be easily identified and don’t disclose what their intentions are.

The Chrome team is entertaining changes that would allow for this sort of detection

“If the user was notified of a change of ownership, they could potentially avoid all this.”

Frisbie said he’s building an extension promotion platform called ExBoost to improve the extension ecosystem and make it safer. Under New Management relies on an ExBoost API server to handle the checking of developer information due to Cross Origin Resource Sharing rules limiting access to data related to extension domains.

Thanks for Frisbie’s work, Google may be open to implementing an official API to detect ownership changes. “I’m pleased to say that, as a result of the attention this has received, the Chrome team is already entertaining changes to the web extensions API that would allow for this sort of detection,” he said.

Google’s Chrome team, we’re told, is aware of Frisbie’s extension and thinks it’s interesting, and has encouraged him to discuss it with members of the W3C’s WebExtensions Community Group. ®

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : The Register – https://go.theregister.com/feed/www.theregister.com/2024/03/07/chrome_extension_changes/

Tags: Chrometechnologyusers
Previous Post

Possible China link to Change Healthcare ransomware attack

Next Post

Windows 10 failing to patch properly? You are most definitely not alone

How AI can help make cities work better for residents – MIT Technology Review

How AI can help make cities work better for residents – MIT Technology Review

June 22, 2025
Angel Reese Has No Words After Another Blowout Loss – Yahoo Sports

Angel Reese Left Speechless After Another Crushing Defeat

June 22, 2025

When Technology Meets Ecology: Charting a Bold Path for Our Planet’s Future

June 21, 2025
‘Jaws’ at 50: Scientists Are Still Studying the Mysteries of Sharks – The New York Times

Jaws at 50: Exploring the Timeless Mysteries of Sharks

June 21, 2025
A Cracked Piece of Metal Self-Healed in Experiment That Stunned Scientists – ScienceAlert

Self-Healing Metal: The Revolutionary Experiment That Amazed Scientists

June 21, 2025
How leading Bollywood actresses are adopting one transformative lifestyle shift – Times of India

How Leading Bollywood Actresses Are Fearlessly Embracing a Bold New Lifestyle Transformation

June 21, 2025
Muskego mom breaks world record in planking – WISN

Muskego mom breaks world record in planking – WISN

June 21, 2025
Russian Minister Warns of Recession as Officials Spar on Economy – Bloomberg

Russian Minister Issues Recession Warning Amid Heated Economic Debate

June 21, 2025
Netflix unveils Dallas immersive venue for fans of hit shows like ‘Squid Game,’ ‘Stranger Things’ – Houston Chronicle

Step Inside Netflix’s New Dallas Immersive Experience Featuring Hits Like ‘Squid Game’ and ‘Stranger Things

June 21, 2025
Breakfast key to meeting daily fiber needs amid American ‘health crisis’ – Fox News

How Breakfast Can Help You Crush Your Daily Fiber Goals During America’s Health Crisis

June 21, 2025

Categories

Archives

June 2025
MTWTFSS
 1
2345678
9101112131415
16171819202122
23242526272829
30 
« May    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (696)
  • Economy (710)
  • Entertainment (21,611)
  • General (15,501)
  • Health (9,751)
  • Lifestyle (715)
  • News (22,149)
  • People (713)
  • Politics (717)
  • Science (15,930)
  • Sports (21,207)
  • Technology (15,696)
  • World (690)

Recent News

How AI can help make cities work better for residents – MIT Technology Review

How AI can help make cities work better for residents – MIT Technology Review

June 22, 2025
Angel Reese Has No Words After Another Blowout Loss – Yahoo Sports

Angel Reese Left Speechless After Another Crushing Defeat

June 22, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version