Google tightens Chrome security, bans extensions from outside sources

By on November 8, 2013, 10:15 AM
google, windows, chrome, security, browser

Google has announced it will no longer allow installing Chrome browser extensions in Windows unless they come from the Chrome Web Store. The new policy goes into effect starting January for the stable and beta channels, meaning the change will mostly affect end users and not developers or Enterprises running local extensions.

For those who are unaware, extensions are small applications that extend a browser's functionality. You can use an extension to quickly post to social networks, get email notifications, manage passwords and so on.

Erik Kay, Engineering Director at Google, said that the existing security mechanism is being abused as extensions are getting installed silently without any prompt. These malicious extensions are then able to do things like altering browser settings, replace the new tab page without approval, etc. He cited numerous complaints that the company has been getting from Windows Chrome users, in support of this decision.

As far as extension developers are concerned, they can easily migrate their applications to the Chrome Web Store. The migration process will have no impact on users, who should be able to continue using extensions without noticing the change, if the developer follows through of course. A point worth noting here is that Google will require extension developers to shell out a one time $5 registration fee and a 5% cut on each transaction done through Chrome Web Store Payments, the built-in payment system.

This is the latest of several security-oriented moves for Chrome. Recently, the company added a Reset browser settings button that lets users go back to the original browser settings should they notice any strange behavior.

User Comments: 6

Got something to say? Post a comment
1 person liked this | wastedkill said:

Atleast be intelligent about it give us advanced users a button to allow installation of outside extensions!

Satki said:

Proxtube isn't available on the chrome store, I wonder how long adblock will last?

Serag said:

Proxtube isn't available on the chrome store, I wonder how long adblock will last?

I think Google is pretty satisfied with the recent changes with Adblock Plus, the "none-intrusive ads" being allowed by default and the complications of adding filters upon fresh installs "I realized a lot of people I know have adblock plus installed on chrome without having any actual filters working"

1 person liked this | dgoodchild dgoodchild said:

I completely agree with wastedkill. Make it optional like it is on my Android tablet. I don't even mind if they want to disable 3rd party downloads by default but give those of us who know better than to click 'OK' every time a box pops up the option to get extensions from wherever we want.

This sort of thing is *exactly* why I refuse to buy Apple products. It's my device; I bought it. I don't need, don't want and won't tolerate the manufacturer telling me what I am and am not allowed to do with it. I'm disappointed to see Google taking the first steps down that road.

Guest said:

It's not about security for gods sake - this is yet another opportunity to make another walled garden.

captaincranky captaincranky, TechSpot Addict, said:

So, the bottom line is, soon you'll have to pay for extensions that you could get for free in Firefox! And Google gets a cut.

Hm.......But hey, it's all in the name of "security" of course....Good lookin' out there Google.

Well that settles it for me, "Chrome" is the "best browser ever". I hope and pray that I have the good fortune to run into one of Google's drive by downloads of it......

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.