Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Chrome Privacy Firefox Safari

Browser Extensions Are Undermining Privacy (vortex.com) 82

pizzutz writes: Chrome's popular Web Developer plugin was briefly hijacked on Wednesday when an attacker gained control of the author's Google account and released a new version (0.49) which injected ads into web pages of more than a million users who downloaded the update. The version was quickly replaced with an uncompromised version (0.5) and all users are urged to update immediately.
Lauren Weinstein has a broader warning: While the browser firms work extensively to build top-notch security and privacy controls into the browsers themselves, the unfortunate fact is that these can be undermined by add-ons, some of which are downright crooked, many more of which are sloppily written and poorly maintained. Ironically, some of these add-on extensions and apps claim to be providing more security, while actually undermining the intrinsic security of the browsers themselves. Others (and this is an extremely common scenario) claim to be providing additional search or shopping functionalities, while actually only existing to silently collect and sell user browsing activity data of all sorts.
Lauren also warns about sites that "push users very hard to install these privacy-invasive, data sucking extensions" -- and believes requests for permissions aren't a sufficient safeguard for most users. "Expecting them to really understand what these permissions mean is ludicrous. We're the software engineers and computer scientists -- most users aren't either of these. They have busy lives -- they expect our stuff to just work, and not to screw them over."
This discussion has been archived. No new comments can be posted.

Browser Extensions Are Undermining Privacy

Comments Filter:
  • by Kunedog ( 1033226 ) on Sunday August 06, 2017 @12:06AM (#54949307)

    While the browser firms work extensively to build top-notch security and privacy controls into the browsers themselves, the unfortunate fact is that these can be undermined by add-ons

    Not false, but it's also true that ad-blocking (ublock) and script-blocking (flashblock, noscript) extension have done more for user privacy and security than most any other software, sometimes by working against the aims of the browser makers. I fear this story may be part of an anti-extension (and anti-user-control in general) narrative.

    • by Anonymous Coward on Sunday August 06, 2017 @12:21AM (#54949345)

      Yup. Google wants browser users to have "privacy", so long as Google can still snoop everything they do.

    • by Anonymous Coward

      It's worth noting that extensions _can_ undermine your privacy though. I'm not anti-extension at all, but I seem to recall NoScript phoning back to some homesite (informaction.com) periodically. Like once an hour or something weird. That might not be the case anymore, but still, I definately do NOT expect privacy/security related plugins to do fishy crap like "beaconing".

    • Not false, but it's also true that ad-blocking (ublock) and script-blocking (flashblock, noscript) extension have done more for user privacy and security than most any other software, sometimes by working against the aims of the browser makers

      Correcto mundo. I would claim that ad-blocking extensions of internet browsers are even more significant inventions than the internet itself. The impact of these two humble guys ADP and NS on my life is more than internet itself.

      They completely eliminated advertisement

    • While the browser firms work extensively to build top-notch security and privacy controls into the browsers themselves, the unfortunate fact is that these can be undermined by add-ons

      Not false, but it's also true that ad-blocking (ublock) and script-blocking (flashblock, noscript) extension have done more for user privacy and security than most any other software, sometimes by working against the aims of the browser makers. I fear this story may be part of an anti-extension (and anti-user-control in general) narrative.

      Imagine if an aftermarket vendor offered a vehicle modification that disabled the air bags without telling the driver, which ultimately resulted in killing people. You would tend to want to not only go after the aftermarket vendor, but you would probably also question the automobile manufacturer, and their security mechanism that was undermined.

      Quite often with shitty extensions or shitty apps, consumers are unaware that safety and security has been compromised. The narrative is not anti-user-control, it

    • Can it be both? Because it's probably both.
  • Because you know... Google.

    I guess they don't like it when lose their data-sucking monopoly.

  • by Gravis Zero ( 934156 ) on Sunday August 06, 2017 @12:31AM (#54949357)

    Part of the problem is that extensions are not properly restricted because they can get/send data to/from anywhere regardless of the permissions you give it. What they really need to do is restrict arbitrary URL requests. If the domain name isn't part of the [content of] requested page then it should require explicit permissions to access it.

    • by Anonymous Coward

      If the domain name isn't part of the [content of] requested page then it should require explicit permissions to access it.

      You know, there's an extension for that: Request Policy [github.io].

      • If the domain name isn't part of the [content of] requested page then it should require explicit permissions to access it.

        You know, there's an extension for that: Request Policy.

        Or you could use the all-in-one solution uMatrix [github.com]. It gives the user control over cookies, css, images, media files, scripts, XHR, frames, and other requests, by domain. It allows for conveinent whitelisting, blacklisting, and greylisting of domains as well as resource types. It even comes with lists of known-to-be-hostile domains which are blacklisted by default.

        This functionality should be included by in all browsers. It would be included too, if the browser vendors considered the "user-agent" to be an

    • Isn't there already a separate permission for "read and access your data on SPECIFIC websites" vs "on ALL websites"?

      https://developer.chrome.com/e... [chrome.com]

      • That defines which websites the extension will be enabled and which stored data it can access. When it's enabled, there are no restrictions on which sites it can communicate with.

    • Hey... why bother going through all that trouble when you can just force mandatory code signing to ENSURE things are safe, and then drop support for extensions altogether because the people in charge of the platform always know better?

  • by citizenr ( 871508 ) on Sunday August 06, 2017 @12:47AM (#54949381) Homepage

    Chrome forces extension updates from the mothership. No way of disabling it. Even editing out update server address in extension .xml doesnt do it. = its all Googles fault in the end.

    • Being able to change the update server would just open the door for malware to infect your machine by issuing updates for all your extensions through their own server. Don't blame Google for a developer who fails to use provided security mechanisms like two factor authentication (at least, I don't see how the author's account could have been compromised so easily if he was using it, and using it properly).

      • Stop being a stooge... or are you actually a shill?

        The problem is that the user has no defense against whats on the update server. Full stop. It does not matter that you vetted adblock+ because the next time you run the browser it may be a different version throwing your data at the NSA/CIA/DNC
  • by requiring any extension developer to have 2FA enabled on their Google account, which will make it much harder to compromise accounts. That's really the only thing I see Google doing wrong here, ultimately it's the developer's responsibility to maintain control of the account used to publish updates.

    That, and maybe requiring extension updates be signed with the developer's private key. I believe Android's Play Store requires this. Last I checked Chrome Web Store just accepted plain ZIP uploads? The thing

  • "However, the Firefox version of both the extensions was unaffected."

    The difference is that Chrome will automagically update things, while Firefox makes you manually update extensions.

    Biggest issue I see is that all of the popular browsers are in an all-out war to include as many extensions in their core code, so that you don't need ones they don't control. This may be "more secure", but, it makes the browsers bloody slow for ALL users, instead of the few who need their browser to keep them connected to 145

  • by TheOuterLinux ( 4778741 ) on Sunday August 06, 2017 @03:51AM (#54949633)
    The title is misleading or there are more idiots out there than I thought. "Why do my privacy add-ons not work right?" Maybe it's because Google, a search engine company, made the browser? You know that web browser, Tor...something or other I think it is, that's based off of Chrome? *sarcasm. Me neither. -_- It would be interesting to see a security comparison between Chrome and Chromium for these privacy add-ons. I'm sure there are plenty convinced a derivative = same, but if that were true, then I guess all us Linux users are nut-cases. Don't answer that. Chrome needs to be renamed to Chrime.
    • by Teun ( 17872 ) on Sunday August 06, 2017 @04:54AM (#54949727) Homepage
      Same here, when you use Chrome you know you share your browsing habits with Google.
      Aside from the memory footprint an important reason to avoid that browser.
      I sometimes use Chromiium for some multi media sites that just won't work in FF and assume it has better privacy than Chrome but would love to see an expert's view on this.
      • Someone other party would have to do it because the Chromium developers would probably worry about recourse from Google. Also, I'm not so sure if all of Google's Chrome is open source; this makes it harder for security researchers to do their job. Though, I'm sure Google has plenty of their own, not that means anything to a healthy skeptic.
  • Most of the extensions I have installed are there for the express purpose of improving my privacy: privacy badger, sharemenot, ublock, etc.

  • You mean they are writing these extensions in rust ???

    Inconceivable !! Not only is in impossible to have insecure rust code, it will also bake and put an apple pie on your window sill :)

"Why can't we ever attempt to solve a problem in this country without having a 'War' on it?" -- Rich Thomson, talk.politics.misc

Working...