Web browser extensions can generate discount codes for retail sites, add features to your email app of choice and help you scribble down a to-do list in a couple of clicks. But are they safe to use?
Helpful add-ons sound great, but when you consider that you’ll have to part with your data to install many of them, It raises some very interesting questions over privacy
What can they do?
There are thousands of web browser extensions out there, and most of them are free to download. They’re supported by all the popular browsers, such as Microsoft Edge, Firefox and Google Chrome.
The Editor’s Picks section on the Google Chrome web store is updated every so often with some new options to take a peek at. This month, we’ve spotted:
LastPass – a password manager that saves your passes and logs you in automatically when you visit certain sites.
Save to Pocket – quickly save a web page or news story so you can revisit it on your smartphone, even without an internet connection.
My Cats – get treated to an adorable cat picture every time you open up a new tab!
Just recently, a coder shared his progress on an ‘experimental’ Chrome extension called FacePause, which uses your webcam to pause videos when you look away from your screen.
Would you be happy giving your web browser access to your webcam? I’m not sure I would.
Sharing your personal data
Every time you install a browser extension, you give that app permission to access your information.
By installing free grammar-checking app ‘Grammarly’, for example, you agree to the group’s terms and conditions, which means the following information will be collected: your username, email address, contact preferences, payment information (for paying users only), geographic information, ‘any user content you add to your account’, activities you perform within your account and the type of hardware and software you use.
That sounds like a lot of data, but it’s pretty typical for a Google Chrome extension to request these things.
Extensions and malware
With browser extensions getting increasingly popular, malware makers are getting creative. We’ve seen countless cases where a malicious Chrome extension has made its way onto Google’s download page, disguised as a legitimate tool when it’s actually stealing personal data without permission.
Earlier this month, cybersecurity group Radware reported on a damaging extension that managed to infect more than 100,000 users in over 100 countries.
Dubbed “Nigelthorn”, unsuspecting users on Facebook were lead to a URL supposedly linking to a YouTube video. However, the website was a fake, encouraging users to install a Chrome extension to play the video on the page. Once installed, the extension hijacks the user’s PC and uses its processing power to mine cryptocurrency, thus slowing down the PC to the point where it’s practically unusable.
Have your say
I’ve used my fair share of browser extensions in the past, with one of my favourites, Evernote, letting me quickly share files between my mobile and my PC, but should I rely less on apps that require so many data permissions?
What are your thoughts on sharing data with developers if it means having access to a genuinely useful browser extension? I’d love to hear your thoughts.