Chrome should start warning about unreliable browser extensions

Insecure browser extensions are a problem. There are times when Google removes an extension from the Chrome Web Store that turns out to contain malicious code or does something else wrong.

Google removes such extensions, but when the company becomes aware of a problematic extension, it may have already been installed by thousands of users, sometimes millions.

Therefore, Google now plans to roll out a new security feature on the add-on store, writes Zdnet. Starting with Chrome 91, the browser will display a warning if you try to install an extension that has not been rated as trusted by Enhanced Safe Browsing.

Developers who already follow the Chrome Web Store rules for developers will be trusted from the start, while new developers will have to prove that they are trustworthy. This means that an add-on from a developer who has not been in the store before must show that it follows the rules for a few months before Google classifies it as reliable and removes the warning when users install it.

Enhanced Safe Browsing is a feature that sends addresses you are about to visit to a Google server that checks that it is not a phishing attempt.

Google will also enhance Enhanced Safe Browsing with a feature that can alert you if a downloaded file is suspicious. You can then choose to upload it to the server where the Google antivirus engine checks it and then deletes the file.