* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Sunday, June 1, 2025
Earth-News
  • Home
  • Business
  • Entertainment

    Unveiling the Enigmatic: First Looks at Destruction and Puck in ‘The Sandman

    Jackie Chan Reveals This Family Member ‘Never Watched’ The Whole Of Any Of His Movies – Yahoo

    Jackie Chan Reveals This Family Member ‘Never Watched’ The Whole Of Any Of His Movies – Yahoo

    Mavs CEO holds firm on new arena, entertainment district in Dallas – Dallas News

    Mavs CEO Stands Strong on Vision for New Arena and Entertainment District in Dallas

    Entertainment: On Your Marks, Get Set, Beer Run! – Urban Milwaukee

    Get Ready to Race: The Ultimate Beer Run Experience Awaits!

    Rachel Guttman Launches Entertainment Law Firm Gutt Law, PLLC [Exclusive] – MusicRow.com

    Rachel Guttman Unveils Exciting New Entertainment Law Firm: Gutt Law, PLLC!

    HYBE Cashes In: Offloads Final Stake in K-Pop Rival SM Entertainment for $177 Million!

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Bajeed Pattan Joins Forbes Technology Council as Innovation Leader – PRWeb

    Bajeed Pattan Takes the Helm as Innovation Leader at Forbes Technology Council!

    Lafayette Regional Technology Council – Tech Leadership That’s Homegrown and Future-Focused – Discover Lafayette

    Lafayette Regional Technology Council – Tech Leadership That’s Homegrown and Future-Focused – Discover Lafayette

    Drone technology demo in Cambria County showcases future of lifesaving medical deliveries – local21news.com

    Revolutionizing Healthcare: Drone Technology Takes Flight for Lifesaving Medical Deliveries in Cambria County

    Revolutionary Harvesting Technology Promises to Slash CAR-T Manufacturing Costs!

    Stop the Machines: The Rise of Anti-Technology Extremism – International Centre for Counter-Terrorism – ICCT

    Unplugged: The Surge of Anti-Technology Extremism

    Finland to head EU’s quantum defense technology project – Latest news from Azerbaijan

    Finland Takes the Lead in Pioneering EU’s Quantum Defense Technology Initiative!

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment

    Unveiling the Enigmatic: First Looks at Destruction and Puck in ‘The Sandman

    Jackie Chan Reveals This Family Member ‘Never Watched’ The Whole Of Any Of His Movies – Yahoo

    Jackie Chan Reveals This Family Member ‘Never Watched’ The Whole Of Any Of His Movies – Yahoo

    Mavs CEO holds firm on new arena, entertainment district in Dallas – Dallas News

    Mavs CEO Stands Strong on Vision for New Arena and Entertainment District in Dallas

    Entertainment: On Your Marks, Get Set, Beer Run! – Urban Milwaukee

    Get Ready to Race: The Ultimate Beer Run Experience Awaits!

    Rachel Guttman Launches Entertainment Law Firm Gutt Law, PLLC [Exclusive] – MusicRow.com

    Rachel Guttman Unveils Exciting New Entertainment Law Firm: Gutt Law, PLLC!

    HYBE Cashes In: Offloads Final Stake in K-Pop Rival SM Entertainment for $177 Million!

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Bajeed Pattan Joins Forbes Technology Council as Innovation Leader – PRWeb

    Bajeed Pattan Takes the Helm as Innovation Leader at Forbes Technology Council!

    Lafayette Regional Technology Council – Tech Leadership That’s Homegrown and Future-Focused – Discover Lafayette

    Lafayette Regional Technology Council – Tech Leadership That’s Homegrown and Future-Focused – Discover Lafayette

    Drone technology demo in Cambria County showcases future of lifesaving medical deliveries – local21news.com

    Revolutionizing Healthcare: Drone Technology Takes Flight for Lifesaving Medical Deliveries in Cambria County

    Revolutionary Harvesting Technology Promises to Slash CAR-T Manufacturing Costs!

    Stop the Machines: The Rise of Anti-Technology Extremism – International Centre for Counter-Terrorism – ICCT

    Unplugged: The Surge of Anti-Technology Extremism

    Finland to head EU’s quantum defense technology project – Latest news from Azerbaijan

    Finland Takes the Lead in Pioneering EU’s Quantum Defense Technology Initiative!

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Technology

Chrome users – get an alert when extensions are in danger of falling into wrong hands

March 7, 2024
in Technology
Chrome users – get an alert when extensions are in danger of falling into wrong hands
Share on FacebookShare on Twitter

Millions of Chrome users now have a way to guard against the threat of extension subversion, that is, if they don’t mind installing yet another browser extension.

Matt Frisbie, a software developer and programming book author, has released a Chrome add-on called Under New Management to alert users when installed extensions have changed owners.

In the GitHub repo for Under New Management, Frisbie explains why this may be useful. Basically: Extensions can be developed for entirely innocent, useful purposes, but when they are sold or hand over to others, those new owners can – and have – sneakily adjusted the code so that it turns against the user, stealing their info or injecting ads. This kind of hijacking can affect millions of netizens at a time.

“Extension developers are constantly getting offers to buy their extensions,” Frisbie says. “In nearly every case, the people buying these extensions want to rip off the existing users.

The users of these extensions have no idea an installed extension has changed hands, and may now be compromised

“The users of these extensions have no idea an installed extension has changed hands, and may now be compromised.

“Under New Management gives users notice of the change of ownership, giving them a chance to make an informed decision about the software they’re using.”

As we reported last August, those who develop Chrome extensions that become popular often receive solicitations to sell their code or to partner with a third-party in order for the new owner or partner to insert dubious, scammy, or malicious code in the extension.

The idea is that the browser extension, which has been altered to collect or steal data, or to present ads or to execute some other monetizable function like cryptomining, can be updated automatically without alarming those who have installed it — perhaps without being caught by Google’s automated scanning.

Google’s focus has been on detecting malicious code and in that respect Frisbie believes Google has been successful. “Their automatic package analysis tools are sophisticated at detecting malicious extensions,” Frisbie explained in an email to The Register. “A primary goal of the Manifest v3 push was to disable the more problematic attack vectors (e.g. remove code execution). All indications are that these efforts have been largely successful.”

Malicious Chrome extensions are bad. But what about nice ones that can be hijacked? This new tool spots them

ALSO SEE

“When an acquisition goes through, and the new publisher tries to abuse the existing user base, the Chrome team usually is able to detect if the new publisher sends out a malicious update, but this is the only line of defense,” he said. “What’s more, this doesn’t account for cases where the new update isn’t necessarily malicious, but might export and abuse a user’s data, inject ads, or use it in a way that they did not intend when they installed the extension.”

One such request cited by a Chrome extension developer on the Chrome Extensions mailing list sought the modification of the user’s search provider in order to capture all the search terms the user enters into the browser’s omnibox.

Schemes of this sort are common elsewhere and have been seen by those developing software packages distributed through package registries. Web publishers also get solicitations to replace broken links with a functioning link to some other website seeking the search ranking benefit of association with an authoritative source.

But these sorts of offers are particularly pernicious when they involve code due to the amount of sensitive data that extensions may be able to see. And they can affect a lot of people: Chrome is used by something like 2-3 billion people worldwide. While the majority of that usage nowadays occurs on mobile devices – where, on iOS devices at least, Chrome extensions aren’t currently an option – many desktop and Android-based Chrome users have extensions installed. The last time Google offered an official number was in 2010, when a third of Chrome users were said to have at least one extension installed.

Avast shells out $17M to shoo away claims it peddled people’s personal data

Mozilla slams Microsoft for using dark patterns to drive Windows users toward Edge

YouTube video lag wrongly blamed on its ad-blocking animus

Google bins integrity API that looked more than a bit like horrible DRM for websites

Frisbie said that he’s a Google Developer Expert on Browser Extensions and thus has access to the Chrome team and has been working with them to shape the Chrome Extensions platform.

Changes of ownership are particularly problematic for browser extensions, Frisbie explained, because of a confluence of factors: they’re more powerful than most people realize; they’re difficult to monetize; the Chrome Web Store doesn’t disclose a lot of details about extension developers; extensions tend to be installed for a long time and get automatic updates; and transferring ownership is easy and done without meaningful oversight.

“This combination of factors brought the ecosystem to where it is today,” he said. “Extensions with lots of users get lots of acquisition offers, usually from individuals who can’t be easily identified and don’t disclose what their intentions are.

The Chrome team is entertaining changes that would allow for this sort of detection

“If the user was notified of a change of ownership, they could potentially avoid all this.”

Frisbie said he’s building an extension promotion platform called ExBoost to improve the extension ecosystem and make it safer. Under New Management relies on an ExBoost API server to handle the checking of developer information due to Cross Origin Resource Sharing rules limiting access to data related to extension domains.

Thanks for Frisbie’s work, Google may be open to implementing an official API to detect ownership changes. “I’m pleased to say that, as a result of the attention this has received, the Chrome team is already entertaining changes to the web extensions API that would allow for this sort of detection,” he said.

Google’s Chrome team, we’re told, is aware of Frisbie’s extension and thinks it’s interesting, and has encouraged him to discuss it with members of the W3C’s WebExtensions Community Group. ®

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : The Register – https://go.theregister.com/feed/www.theregister.com/2024/03/07/chrome_extension_changes/

Tags: Chrometechnologyusers
Previous Post

Possible China link to Change Healthcare ransomware attack

Next Post

Windows 10 failing to patch properly? You are most definitely not alone

Some birds are left behind in a race to beat the heat – Nature

Some birds are left behind in a race to beat the heat – Nature

June 1, 2025
A passing star could fling Earth out of orbit – Science News

A passing star could fling Earth out of orbit – Science News

June 1, 2025
John Hancock Multimanager Lifestyle Moderate Portfolio Q1 2025 Commentary (JALMX) – Seeking Alpha

Unlocking Potential: Insights from the John Hancock Multimanager Lifestyle Moderate Portfolio Q1 2025

June 1, 2025
Editorial: The world promised by AI isn’t necessarily a better one – Pittsburgh Post-Gazette

Editorial: The world promised by AI isn’t necessarily a better one – Pittsburgh Post-Gazette

June 1, 2025
Little Rock economy growing faster than other similarly-sized cities, study shows – thv11.com

Little Rock’s Economy Outpaces Peers: A Promising Growth Story!

June 1, 2025

Unveiling the Enigmatic: First Looks at Destruction and Puck in ‘The Sandman

June 1, 2025
Why Gen Z Will Demand Crypto-Enabled Health Systems – Forbes

How Gen Z is Shaping the Future of Crypto-Enabled Health Systems

June 1, 2025
State Sen. Skoufis declares war on en­ter­tainment ticketing practices in closing days of session – Spectrum News

State Senator Skoufis Takes a Stand Against Unfair Ticketing Practices in Final Session Push!

June 1, 2025
Bajeed Pattan Joins Forbes Technology Council as Innovation Leader – PRWeb

Bajeed Pattan Takes the Helm as Innovation Leader at Forbes Technology Council!

June 1, 2025
With college sports in limbo and key issues coming to a head, the spotlight is on the SEC: ‘It’s going to get heated’ – Yahoo Sports

SEC Showdown: Tensions Rise as College Sports Face Uncertain Future

June 1, 2025

Categories

Archives

June 2025
MTWTFSS
 1
2345678
9101112131415
16171819202122
23242526272829
30 
« May    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (656)
  • Economy (671)
  • Entertainment (21,577)
  • General (15,254)
  • Health (9,713)
  • Lifestyle (673)
  • News (22,149)
  • People (672)
  • Politics (679)
  • Science (15,891)
  • Sports (21,175)
  • Technology (15,658)
  • World (659)

Recent News

Some birds are left behind in a race to beat the heat – Nature

Some birds are left behind in a race to beat the heat – Nature

June 1, 2025
A passing star could fling Earth out of orbit – Science News

A passing star could fling Earth out of orbit – Science News

June 1, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version