• January 18, 2019
  • Sean
  • 0

Have you installed an add-on or extension on your browser? Maybe it finds deals or coupons, provides social media help, helps with grammar or…. There are tons of add-ons for every flavour of browser. Some of then really do enhance our actvitiy on the Web….but should you trust them? You are giving an enormous amount of authority over to these extensions. You should carefully consider which add-ons you install and run because giving the add-on “access your data for all websites” is a major security concern. On a trust scale I would place extensions from Google or Microsoft on the high end while add-ons from a random developer, low.

Part of the problem is that your browser is already a trusted application. When you give the browser permission to run you also give it permission to run extensions so their operating system and most antivirus products usually give the browser and by extension the extention a free pass. What is to stop a developer from selling the extension to someone who happens to be a scammer or a scammer that gets their extension published and then changes the behavior dramtically after it’s published? At least in the short term the scammer will have access to lots of information. After a number of abuse reports Firefox or Google will suspend or boot the offending software but by then it will be too late for lots of folks. See this arstechnica article on extensions going rogue.

So what to do? My recommendation is to ask yourself “Do I really need this extension?”. If the answer is “yes” wait a day or so to rethink your first inclination. Then spend some time and decide your trust level of the extension developer. Check what permissions the extension asks for when you install it. Make sure the extension is not asking for anything strange, like a dictionary tool that wants access to your webcam.

Take a serious look at all your current add-ons and remove ones that do not match your level of risk. This is just one more step you can take to keep yourself safe on the Internet.

Call TELECO for assistance with your cyber security needs at 807-346-7292 or email at service@teleco.ca