![]() ![]() From the beginning, Chrome has focused on developing a secure browsing experience and has led the way on numerous improvements within the browser ecosystem. Google Chrome is currently the world’s most widely used browser, with more than 60 percent of users using Chrome. And they wondered why their internet was slow. Ever since these heady days of the young consumer internet, there have been several models for browser customization - from heavy-handed interfaces like Internet Explorer’s ActiveX and the Netscape Plugin API, to the menagerie of toolbars that we dreaded seeing on relatives’ computers. Browsers previously didn’t provide any mechanism for users to customize their browser.įrom this point, the range of functionality provided by toolbars, plugins and extensions exploded. IE 4.0 provided a means for third-party developers to add entries to the right-click menu. The browser world was never the same again. On one fateful October day, Microsoft published Internet Explorer 4.0. Internet Explorer and Netscape Navigator were rapidly releasing new versions in an effort to one-up the features of the other. ![]() Gather round, children, and let me tell you a tale of the dark period that came to be known as the first Browser War. Remember When 'You've Got Mail!' Was Exciting? We’ll discuss the analysis and enterprise management features later in this post. To provide users and IT teams with actionable intelligence about Chrome extensions, Duo Labs is excited to announce the public beta of CRXcavator (rhymes with “excavator”), a free service that analyzes Chrome extensions and produces comprehensive security reports. These extensions are often overlooked when it comes to assessing the security of user endpoints, even though they have increasing access to personal and corporate data with the widespread usage of Software-as-a-Service (SaaS) tools for presentations, taxes or email clients. While the Chrome browser provides perhaps the most secure browsing experience available, it is often difficult for people and organizations to know which third-party extensions are compatible with their risk profile. Just like Google, Duo has deep interest in a secure and trustworthy browser and extension ecosystem. While browser security has progressed dramatically and modern browsers, such as Chrome, provide critical security features like automated updates and built-in protection against malicious content the powerful capabilities of browser extensions can introduce critical risks that are often unclear to users. It's just like how Apple can remotely delete a malicious app on your iPhone if it needs to.Duo Labs FebruJacob Rickerd Kyle Lady Steve Edwards Josh Yavor Democratizing Chrome Extension SecurityĪs our portal to the internet, browsers represent what is likely the largest common attack surface across consumers and businesses alike. Google can remotely disable them in everyone's Chrome browser, ensuring Chrome users aren't still using that malicious software. When they're discovered, Google can do more than just remove them from the Store. Here's one theory: Malicious extensions regularly pop up in the Chrome Web Store. (Update: Google responded, confirming our theory.) Bleeping Computer asked Google to explain the message but didn't get a response. The warning message provides no links for additional information and Google hasn't explained its rationale publicly. So what gives-why does Google think Microsoft Edge is a less secure platform for extensions than Google Chrome is, given that both are based on the same underlying Chromium code? The Chrome Web Store will let you install extensions in Edge, but it shows a big banner reading "Google recommends switching to Chrome to use extensions securely" along with a link to download Google Chrome. Google shows you a warning message when you navigate to the Chrome Web Store in Microsoft Edge. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |