Considering Chrome extensions? 280 million users faced vulnerabilities—Learn how to stay safe
Google understands the importance of protecting users' privacy and security by offering secure browser extensions through the Chrome Web Store that meet strict security standards. However, a recent study conducted by researchers at Stanford University and the Helmholtz Center for Information Security CISPA has shown that the Chrome Web Store contains some unseen pitfalls, including extensions that may contain unsafe code or raise privacy concerns.
New Research Highlights Possible Concerns for Millions of Users
A recent research paper "What is in the Chrome Web Store? Investigating Security-Noteworthy Browser Extensions," published in July 2024, found that over 346 million users installed browser extensions with potential security concerns. According to the results, 280 million users installed extensions containing unsafe scripts, 63 million with policy breaches, and 3 million installed vulnerable extensions between July 2020 and February 2023.
Millions of Chrome Web Store users might not realize their data and devices could be at risk. But don't worry—we've got tips to help you stay safe. But first, let's break down the findings a bit further.
Are Google Chrome Extensions Safe?
Many of us rely on Google Chrome extensions to enhance our browsing experience. From ad blockers to password managers, there are over 250,000 extensions available in the Chrome Web Store, and according to their Google Security Blog publication "Staying Safe with Chrome Extensions," released on June 20, 2024, less than 1% of all installations contained unsafe software. However, the study raises questions about how effective Google's review process is.
But then, what are the Chrome Web Store policies that support our security and privacy as users? The Chrome Web Store requires developers to follow the Developer Program Policies, which ensure user protection and privacy. The Chrome team reviews new and existing extensions using human and automated processes to enhance safety.
Top Key Points to Consider
However, while the Chrome Web Store focuses on providing a secure environment, the study identified potential security implications with Chrome extensions. We highlight the main points:
- Extensions' short life cycles: Extensions often have short life cycles, leading to security and usability concerns because their vulnerabilities may need to be addressed promptly.
- Long-term risks: If vulnerabilities remain unpatched, "Security-worthy extensions" (SNE) could affect the long-term user base.
- Extensions with similar codebases: The study identified extensions with similar codebases, which could expose many users to security-related concerns.
- Lack of updates: The study found almost 60% of extensions never receive updates.
In addition, although Chrome launched the V3 manifest in November 2020 to improve security, by February 2023, 74% of extensions were still using the V2 manifest, losing the newer security and privacy benefits.
Stay Safe and Informed: Tips for Choosing Reliable Extensions
Addressing vulnerable extensions requires a collaborative effort and a likely strengthening of Google's security measures. However, how can we empower ourselves to stay safe? As users, we are responsible for always staying informed. Find below simple steps you can take to protect yourself:
- Make evidence-based decisions: Reading user reviews and ratings can provide valuable information for making informed decisions.
- Double-check the developer: Research the developers' legitimate websites and contact information to ensure trustworthiness.
- Choose Google's featured badges: As part of the Chrome Web Store's new security measures, extensions that meet best practice guidelines are now assigned the Featured Badge.
- Watch out for permissions: Avoid extensions asking for excessive permissions for unrelated functionality, such as your microphone or webcam access.
- Regular updates: Ensure your extensions, browser, and operating system are up to date to benefit from the latest security patches.
- Research outside the Store: Search for information on reputable tech websites or forums to gain additional insights into its reliability.
By following these tips, enjoy the benefits of Chrome extensions while staying safe. Chrome extensions can significantly improve your browsing experience and make your life easier. Just make sure you choose them carefully to keep you safe on the Internet. For example, to enhance your browsing experience by reducing load times and avoiding ads, let’s review Stands Ad Blocker: A reliable extension available on the Chrome Web Store.
✅ Decisions backed by data: Stands AdBlocker has received positive reviews and user ratings, highlighting its effectiveness and reliability in blocking ads.
✅ Verified developer: Stands AdBlocker's developers have a legitimate website that provides detailed information about the extension, including an easily accessible contact.
✅Awarded the Featured badge: Stands AdBlocker has been awarded the Featured Badge from the Chrome Web Store, which indicates that it meets Google's best practices.
✅Only necessary permissions: Stands AdBlocker requests only the required permissions to fulfill its primary ad-blocking function. You can check our privacy policy for more information.
✅Frequent updates: The Stands AdBlocker development team updates the extension frequently to ensure user protection.
✅Positive reviews beyond the store: In addition to reviews in the Chrome Web Store, Stands AdBlocker has been reviewed by other websites as a safe option.
Embrace the power of today's technology!