Google adds warning when malicious Extensions take over

Discussion of topics related to ad blocking.
Locked
-Mark-
Postaholic
Postaholic
Posts: 382
Joined: Tue Jul 05, 2016 7:46 pm

Google adds warning when malicious Extensions take over

Post by -Mark- »

https://www.bleepingcomputer.com/news/security/chrome-adds-warning-for-when-extensions-take-over-your-internet-connection/
Moved from Newsworthy to Ad Blocking News on Tue Oct 31, 2017 9:16 pm by LanikSJ

gotitbro
Postaholic
Postaholic
Posts: 866
Joined: Sat Jul 09, 2016 8:33 pm

Post by gotitbro »

This is nice especially the notice for New Tab. I remember using Chrome for the first time and not realizing the New Tab wasn't the one of Chrome (was changed by an adware).
-Mark-
Postaholic
Postaholic
Posts: 382
Joined: Tue Jul 05, 2016 7:46 pm

Post by -Mark- »

When it comes to extensions, only install those from the devs you trust like gorhill. Most of them tend to either collect data via GA or bundle a crypto miner or simply put adware to further their own agenda. That's the rule of thumb I go by.
gotitbro
Postaholic
Postaholic
Posts: 866
Joined: Sat Jul 09, 2016 8:33 pm

Post by gotitbro »

Yes, this was a long time ago though :)

Can't know what extension is going to harm you even if you go by the rating on Chrome Webstore I recently discovered that most ratings and reviews are faked. Should only go with what you yourself trust.
-Mark-
Postaholic
Postaholic
Posts: 382
Joined: Tue Jul 05, 2016 7:46 pm

Post by -Mark- »

I didn't mean the ratings, obviously they can't be trusted anymore. There's another way of checking an extension's true motives via a file titled "manifest.json" which is mandatory for all Chrome extensions and can be located in the installation folder of every chrome extension. Open that and see what directives are listed there along with which JSes are being instructed to load.
gotitbro
Postaholic
Postaholic
Posts: 866
Joined: Sat Jul 09, 2016 8:33 pm

Post by gotitbro »

[mention]-Mark-[/mention] directives as in?

Also what would be the point of checking after installing the extension? If there was harm to be done it could be done as soon the extension installs. Anyway to check the manifest before installing the extension?

Edit: This seems like a good way to get the extension crx and check that before installation http://crxextractor.com/.
-Mark-
Postaholic
Postaholic
Posts: 382
Joined: Tue Jul 05, 2016 7:46 pm

Post by -Mark- »

Also what would be the point of checking after installing the extension? If there was harm to be done it could be done as soon the extension installs.
No extension can cause harm right after installation, it needs to gather data first based on your browsing activity and that takes time, what you're suggesting would be a virus and such extensions don't make it in the approval queue itself. You can't check before because without installation your client won't download the extension itself and manifest.json is inside the extension package. You can manually download the extension if you want from third-party sites, that would be the only way if you want to do it before.
gotitbro
Postaholic
Postaholic
Posts: 866
Joined: Sat Jul 09, 2016 8:33 pm

Post by gotitbro »

-Mark- wrote: Thu Nov 09, 2017 12:38 pm No extension can cause harm right after installation
You know the extensions that hijack your new tab and homepage plus additional settings. They do the harm right after installation and these do make it to the Webstore as I have myself seen.
-Mark-
Postaholic
Postaholic
Posts: 382
Joined: Tue Jul 05, 2016 7:46 pm

Post by -Mark- »

Yeah those ones troll you but it's not permanent as you're able to remove them via the extensions page and you can easily distinguish them even before you add them, so no that's not what I meant by harm.
Locked