Slashdot Mirror

← Back to Stories (view on slashdot.org)

Browser Extensions Are Undermining Privacy (vortex.com)

Posted by EditorDavid on from the permission-slips dept.

pizzutz writes: Chrome's popular Web Developer plugin was briefly hijacked on Wednesday when an attacker gained control of the author's Google account and released a new version (0.49) which injected ads into web pages of more than a million users who downloaded the update. The version was quickly replaced with an uncompromised version (0.5) and all users are urged to update immediately.
Lauren Weinstein has a broader warning: While the browser firms work extensively to build top-notch security and privacy controls into the browsers themselves, the unfortunate fact is that these can be undermined by add-ons, some of which are downright crooked, many more of which are sloppily written and poorly maintained. Ironically, some of these add-on extensions and apps claim to be providing more security, while actually undermining the intrinsic security of the browsers themselves. Others (and this is an extremely common scenario) claim to be providing additional search or shopping functionalities, while actually only existing to silently collect and sell user browsing activity data of all sorts.
Lauren also warns about sites that "push users very hard to install these privacy-invasive, data sucking extensions" -- and believes requests for permissions aren't a sufficient safeguard for most users. "Expecting them to really understand what these permissions mean is ludicrous. We're the software engineers and computer scientists -- most users aren't either of these. They have busy lives -- they expect our stuff to just work, and not to screw them over."

34 of 82 comments (clear)

  1. Anti-extension Narrative Ramping Up? by Kunedog · · Score: 5, Interesting

    While the browser firms work extensively to build top-notch security and privacy controls into the browsers themselves, the unfortunate fact is that these can be undermined by add-ons

    Not false, but it's also true that ad-blocking (ublock) and script-blocking (flashblock, noscript) extension have done more for user privacy and security than most any other software, sometimes by working against the aims of the browser makers. I fear this story may be part of an anti-extension (and anti-user-control in general) narrative.

    1. Re: Anti-extension Narrative Ramping Up? by Anonymous Coward · · Score: 4, Insightful

      Yup. Google wants browser users to have "privacy", so long as Google can still snoop everything they do.

    2. Re: Anti-extension Narrative Ramping Up? by Antique+Geekmeister · · Score: 3, Insightful

      This is _exactly_ right. The data is much more valuable to any one vendor of they have it and their competitors do not, especially if it can be used for monopoly control or even fraud.

    3. Re:Anti-extension Narrative Ramping Up? by Anonymous Coward · · Score: 1

      It's worth noting that extensions _can_ undermine your privacy though. I'm not anti-extension at all, but I seem to recall NoScript phoning back to some homesite (informaction.com) periodically. Like once an hour or something weird. That might not be the case anymore, but still, I definately do NOT expect privacy/security related plugins to do fishy crap like "beaconing".

    4. Re: Anti-extension Narrative Ramping Up? by Anonymous Coward · · Score: 1

      But that would be evil*. Didn't they promise not to be evil?

      * Our definition of evil can change at any time, without having to notify our users.

    5. Re:Anti-extension Narrative Ramping Up? by MrMr · · Score: 2

      You almost remember correctly. Do you happen to work for an advertising company? https://addons.mozilla.org/en-...

    6. Re:Anti-extension Narrative Ramping Up? by mapkinase · · Score: 1

      Not false, but it's also true that ad-blocking (ublock) and script-blocking (flashblock, noscript) extension have done more for user privacy and security than most any other software, sometimes by working against the aims of the browser makers

      Correcto mundo. I would claim that ad-blocking extensions of internet browsers are even more significant inventions than the internet itself. The impact of these two humble guys ADP and NS on my life is more than internet itself.

      They completely eliminated advertisement from my life at home.

      My home is ad free. It is hard to overemphasize how important this is.

      --
      I do not believe in karma. "Funny"=-6. Do good and forbid evil. Yours, Oft-Offtopic Flamebaiting Troll.
    7. Re:Anti-extension Narrative Ramping Up? by geekmux · · Score: 1

      While the browser firms work extensively to build top-notch security and privacy controls into the browsers themselves, the unfortunate fact is that these can be undermined by add-ons

      Not false, but it's also true that ad-blocking (ublock) and script-blocking (flashblock, noscript) extension have done more for user privacy and security than most any other software, sometimes by working against the aims of the browser makers. I fear this story may be part of an anti-extension (and anti-user-control in general) narrative.

      Imagine if an aftermarket vendor offered a vehicle modification that disabled the air bags without telling the driver, which ultimately resulted in killing people. You would tend to want to not only go after the aftermarket vendor, but you would probably also question the automobile manufacturer, and their security mechanism that was undermined.

      Quite often with shitty extensions or shitty apps, consumers are unaware that safety and security has been compromised. The narrative is not anti-user-control, it's anti-user-manipulation.

      And if you're worried about the automobile manufacturer making an unsafe product from the factory, then you find a different car to drive.

    8. Re:Anti-extension Narrative Ramping Up? by Anonymous Coward · · Score: 2, Informative

      You just don't remember correctly at all. Here's the developer discussing it with other people it made uncomfortable: https://forums.informaction.com/viewtopic.php?f=7&t=4743

      I think NoScript is great, but I also think that kind of background network behavior is a very poor design feature in a privacy/security product.

    9. Re:Anti-extension Narrative Ramping Up? by Baloo+Uriza · · Score: 1

      Can it be both? Because it's probably both.

      --
      Furries make the internet go.
  2. What about the privacy-undermining browser itself? by Rosco+P.+Coltrane · · Score: 1

    Because you know... Google.

    I guess they don't like it when lose their data-sucking monopoly.

    --
    "A door is what a dog is perpetually on the wrong side of" - Ogden Nash
  3. not properly restricted by Gravis+Zero · · Score: 3, Interesting

    Part of the problem is that extensions are not properly restricted because they can get/send data to/from anywhere regardless of the permissions you give it. What they really need to do is restrict arbitrary URL requests. If the domain name isn't part of the [content of] requested page then it should require explicit permissions to access it.

    --
    Anons need not reply. Questions end with a question mark.
    1. Re:not properly restricted by Anonymous Coward · · Score: 1

      If the domain name isn't part of the [content of] requested page then it should require explicit permissions to access it.

      You know, there's an extension for that: Request Policy.

    2. Re:not properly restricted by Gravis+Zero · · Score: 1

      That defines which websites the extension will be enabled and which stored data it can access. When it's enabled, there are no restrictions on which sites it can communicate with.

      --
      Anons need not reply. Questions end with a question mark.
    3. Re:not properly restricted by Waccoon · · Score: 1

      Hey... why bother going through all that trouble when you can just force mandatory code signing to ENSURE things are safe, and then drop support for extensions altogether because the people in charge of the platform always know better?

    4. Re:not properly restricted by Gravis+Zero · · Score: 1

      I'm going to assume that is sarcasm because if it is not, GTFO.

      --
      Anons need not reply. Questions end with a question mark.
    5. Re:not properly restricted by preflex · · Score: 1

      If the domain name isn't part of the [content of] requested page then it should require explicit permissions to access it.

      You know, there's an extension for that: Request Policy.

      Or you could use the all-in-one solution uMatrix. It gives the user control over cookies, css, images, media files, scripts, XHR, frames, and other requests, by domain. It allows for conveinent whitelisting, blacklisting, and greylisting of domains as well as resource types. It even comes with lists of known-to-be-hostile domains which are blacklisted by default.

      This functionality should be included by in all browsers. It would be included too, if the browser vendors considered the "user-agent" to be an agent of the user, instead of the ad companies.

  4. Cant disable extension update in Chrome by citizenr · · Score: 3, Interesting

    Chrome forces extension updates from the mothership. No way of disabling it. Even editing out update server address in extension .xml doesnt do it. = its all Googles fault in the end.

    --
    Who logs in to gdm? Not I, said the duck.
    1. Re:Cant disable extension update in Chrome by The+MAZZTer · · Score: 2

      Being able to change the update server would just open the door for malware to infect your machine by issuing updates for all your extensions through their own server. Don't blame Google for a developer who fails to use provided security mechanisms like two factor authentication (at least, I don't see how the author's account could have been compromised so easily if he was using it, and using it properly).

    2. Re:Cant disable extension update in Chrome by Rockoon · · Score: 1

      Stop being a stooge... or are you actually a shill?

      The problem is that the user has no defense against whats on the update server. Full stop. It does not matter that you vetted adblock+ because the next time you run the browser it may be a different version throwing your data at the NSA/CIA/DNC

      --
      "His name was James Damore."
  5. Google could potentially fix this by The+MAZZTer · · Score: 1

    by requiring any extension developer to have 2FA enabled on their Google account, which will make it much harder to compromise accounts. That's really the only thing I see Google doing wrong here, ultimately it's the developer's responsibility to maintain control of the account used to publish updates.

    That, and maybe requiring extension updates be signed with the developer's private key. I believe Android's Play Store requires this. Last I checked Chrome Web Store just accepted plain ZIP uploads? The thing is, Chrome has the ability to sign extensions built in. So they could do this today.

    But I think the bigger problem is extension devs who sell out their extensions... and their user bases... to individuals who embed malware or ads into it. That's not a technological problem that can be solved that way, unfortunately.

  6. Re:What about the privacy-undermining browser itse by AHuxley · · Score: 2

    Thats why Firefox is good.
    The ads stop with a nice selection of quality add ons.
    The next step is to ensure the add ons are correct in what they offer and do.

    --
    Domestic spying is now "Benign Information Gathering"
  7. Re:Lunacy by sheramil · · Score: 1

    Data is not fact. Who fucking cares.

    "Interesting! AC there doesn't seem to be capable of putting together a grammatical sentence. Let's steer some advertisements for grammar books his way. Slant the ads so he feels inadequate with his present, sad command of the language. Couldn't hurt."

  8. Not the only one: Copyfish too by alanw · · Score: 1

    https://a9t9.com/blog/chrome-e...

  9. Re:What about the privacy-undermining browser itse by ckatko · · Score: 1

    Open source always means no privacy violations!

    Just ask Canonical!

  10. Re:Shortsighted by Aighearach · · Score: 1

    They can't take away open source software that we already have.

    If they muck it up, we'll select a fork and be done with it.

    Solved, easy.

  11. Sounds more like a Chrome issue by TheOuterLinux · · Score: 2

    The title is misleading or there are more idiots out there than I thought. "Why do my privacy add-ons not work right?" Maybe it's because Google, a search engine company, made the browser? You know that web browser, Tor...something or other I think it is, that's based off of Chrome? *sarcasm. Me neither. -_- It would be interesting to see a security comparison between Chrome and Chromium for these privacy add-ons. I'm sure there are plenty convinced a derivative = same, but if that were true, then I guess all us Linux users are nut-cases. Don't answer that. Chrome needs to be renamed to Chrime.

    1. Re:Sounds more like a Chrome issue by Teun · · Score: 3, Interesting

      Same here, when you use Chrome you know you share your browsing habits with Google.
      Aside from the memory footprint an important reason to avoid that browser.
      I sometimes use Chromiium for some multi media sites that just won't work in FF and assume it has better privacy than Chrome but would love to see an expert's view on this.

      --
      "The likes of Facebook and WhatsApp are free to those whose privacy is of zero value."
    2. Re:Sounds more like a Chrome issue by TheOuterLinux · · Score: 1

      Someone other party would have to do it because the Chromium developers would probably worry about recourse from Google. Also, I'm not so sure if all of Google's Chrome is open source; this makes it harder for security researchers to do their job. Though, I'm sure Google has plenty of their own, not that means anything to a healthy skeptic.

  12. Re: "Lauren" is mentally ill. by MrMr · · Score: 1

    I actually missed that story. The most interesting thing about it appears to be the reaction of Danielle Brown at Google: "...expressing views on the natural abilities and characteristics of different genders, as well as whether one can speak freely of these things at Google. And like many of you, I found that it advanced incorrect assumptions about gender. I’m not going to link to it here as it’s not a viewpoint that I or this company endorses, promotes or encourages...."

    Google does not approve of linking to stuff that it doesn't endorse promote or encourage? That made me smile.

  13. Funny by johannesg · · Score: 1

    Most of the extensions I have installed are there for the express purpose of improving my privacy: privacy badger, sharemenot, ublock, etc.

  14. Comment removed by account_deleted · · Score: 1

    Comment removed based on user account deletion

  15. Re:What about the privacy-undermining browser itse by allo · · Score: 1

    Ask systemd.

  16. What no rust by jmccue · · Score: 1

    You mean they are writing these extensions in rust ???

    Inconceivable !! Not only is in impossible to have insecure rust code, it will also bake and put an apple pie on your window sill :)