Google Chrome Now Warns You of Extensions From Untrusted Devs

Google has added new protection capabilities for Enhanced Safe Browsing users in Chrome, warning them when installing untrusted extensions and allowing them to request more in-depth scans of downloaded files.

The Safe Browsing feature, available in Google Chrome since 2007, warns you of dangerous events when visiting malicious websites (e.g., sites trying to steal your credentials, downloading harmful files) by checking URLs against a list of unsafe sites stored within Chrome.

Enhanced Safe Browsing, available to Chrome users since May 2020, significantly increases protection from dangerous sites, downloads, and extensions by adding faster, proactive safeguards and warning about password breaches.

“Since the initial launch, we have continuously worked behind the scenes to improve our real-time URL checks and apply machine learning models to warn on previously-unknown attacks,” Google said.

“As a result, Enhanced Safe Browsing users are successfully phished 35% less than other users.”

Upgraded to flag untrusted Chrome extensions

Starting with Google Chrome 91, released last month, a new Enhanced Safe Browsing feature is rolling out to all users to alert them if they’re installing an extension made by an untrusted developer.

“Enhanced Safe Browsing will now offer additional protection when you install a new extension from the Chrome Web Store,” Google added.

“A dialog will inform you if an extension you’re about to install is not a part of the list of extensions trusted by Enhanced Safe Browsing.

“Any extensions built by a developer who follows the Chrome Web Store Developer Program Policies, will be considered trusted by Enhanced Safe Browsing.”

Also Read: What Does a Data Protection Officer Do? 5 Main Things

New developers will have to build up trust over at least a few months until they will be added to Enhanced Safe Browsing’s list of trusted devs.

Until then, extensions they publish on the Chrome Web Store will be flagged as untrusted, and Chrome will notify users of what data the extensions can access.

While starting as untrusted even though they release extensions compliant with Google’s Chrome Web Store Developer Program Policies, all will reach trusted status according to Google.

At the moment, almost 75% of all Chrome Web St extensions are marked as trusted, with the number to grow as more and more developers will become trusted.

Enhanced protection against risky files

Enhanced Safe Browsing was also upgraded in the latest Google Chrome release to provide even better protection against risky files downloaded from potentially malicious sites.

When a downloaded file is tagged as unsafe, users are now offered the option to request a more in-depth Google Safe Browsing analysis.

“After a short wait, if Safe Browsing determines the file is unsafe, Chrome will display a warning. As always, you can bypass the warning and open the file without scanning,” Google said.

Also Read: The DNC Registry Singapore: 5 Things You Must Know

“If you choose to send the file, Chrome will upload it to Google Safe Browsing, which will scan it using its static and dynamic analysis classifiers in real-time. Uploaded files are deleted from Safe Browsing a short time after scanning.”