Read and Change All Your Data on the Websites You Visit Reddit
Many extensions in the Chrome Web Store desire to "read and change all your information on the websites y'all visit". That sounds a piffling unsafe—and it can be—but many extensions just need that permission to exercise their jobs.
Chrome Has a Permission Arrangement, But Firefox and Internet Explorer Don't
Note: This piece was originally written in 2017. Since then, Mozilla Firefox and Microsoft Edge have gained permission systems.
This may seem alarming, especially coming from something like Firefox. Merely you simply see this warning considering Chrome has a permission system for its extensions, while Firefox and Internet Explorer don't. Every Firefox and Cyberspace Explorer extension has full access to the entire browser, and can practice anything it wants.
For instance, when yous install the Tampermonkey add-on in Firefox, you won't see a permission warning at all. Only that add-on gains access to your entire Firefox browser.
Different extensions for these other browsers, though, Chrome extensions must declare the permissions they demand. When you install an extension, you'll see a list of the permissions it requires and you can make an informed determination about whether to install the extension. Information technology's a flake like the permissions organization built into Android.
To use the same instance, when you install the Tampermonkey extension for Chrome, yous'll come across information about the permissions the extension requires.
Very unproblematic extensions don't actually require any permissions. For example, the official Google Hangouts extension just provides a toolbar icon you can click to open up a Google Hangouts chat window. Install it, and you won't be warned near whatever special permissions it requires.
Why Extensions Need Permission to "Read and Change All Your Data"
Endeavor to install most extensions, yet, and you'll be warned well-nigh the permissions they require. The most scary looking one is probably "Read and change all your data on the websites you visit". This means that the extension can view every web folio you visit, modify those spider web pages, and even ship data most that over the web.
For example, Google offers a Save to Google Drive extension that allows yous to correct-click on whatsoever web page or link and salvage that page to your Google Drive. The extension requires the ability to "Read and alter all your data on the websites you lot visit". Simply information technology needs this permission because, when you try to relieve content, the extension must be able to admission the electric current web page and view its data.
Extensions that demand to interact with spider web pages will well-nigh always require the "Read and change all your data on the websites y'all visit" permission. That'due south why the Google Hangouts extension doesn't enquire for this permission: Information technology has no features that interact with an open web folio in your browser.
Click effectually and y'all'll quickly realize that most browser extensions offer features that interact with the current web page, from countersign managers that need to fill passwords to dictionary extensions that need to ascertain words. That'south why this permission is so common.
Extensions that only piece of work on a single website may only require the power to "Read and change your data" on a specific website. For instance, the official Google Mail Checker extension requires the permission to "Read and change your data on all google.com sites".
Certain, this level of access would let an extension capture your passwords and credit menu numbers or insert additional advertisements into spider web pages. But Google doesn't know whether an extension will employ its permissions for practiced or evil. Many popular and legitimate extensions require this permission, as there's no other manner they can interact with open spider web pages.
Simply, it the permission warning makes you think twice before installing an extension you lot're not sure about, that'south adept. That'due south why it'due south there—information technology'south a reminder of how much access you're providing to your personal data whenever you install a browser extension.
Some Extensions Have Fifty-fifty Broader Permissions
Extensions can request quite a few other permissions, too. For example, the AVG Web TuneUp extension installed equally part of the AVG antivirus requires the permission to read and modify all your data on the websites you visit, read and change your browsing history, change your dwelling house folio, alter your search settings, alter your start page, manage your downloads, manage your apps, extensions, and themes, and communicate with cooperating native applications on your computer.
RELATED: Don't Utilize Your Antivirus' Browser Extensions: They Tin can Actually Brand You Less Rubber
We don't recommend using your antivirus's browser extensions, and Chrome's permissions arrangement does a good job of showing why in this instance. This extension is very invasive and requires access to nearly every function of your browser. The permissions window helps warn you lot of the permissions yous'll be granting, so you can brand an informed conclusion.
Even the scariest browser extension doesn't have as much access to your computer equally a desktop program would, though. Normal Windows applications have access to your keystrokes and files, including your spider web browsers. That's why you shouldn't run a desktop application you don't trust, just as you lot shouldn't install a browser extension you don't trust.
Which Browser Extensions Should You Trust?
If you're giving an extension access to all the websites you visit, that extension could potentially capture your online banking passwords and credit carte du jour numbers or insert ads in the pages yous view. It'due south merely as dangerous for your web browsing data as installing a desktop plan, so you should treat the decision just as carefully.
In theory, browser extensions bachelor in the Chrome Web Shop, Mozilla Add-ons website, and Windows Store are monitored by Google, Mozilla, and Microsoft, respectively. The company in accuse of the store can remove an improver from the store if it'due south doing something bad.
In reality, though, browser makers don't test every extension—or every update to a legitimate extension—to ostend it's safe. A browser maker will often but get around to removing an extension after information technology'southward caused problems for many people who have it installed.
If the extension requires quite a few permissions, you lot'll have to evaluate it like you would a desktop program. If the extension is created past a company you trust—like the many extensions created by companies similar Google, Microsoft, Twitter, Facebook—you know it's likely safe. If the extension was created by someone you don't know, be more conscientious. If the extension is established and has a big number of users, adept feedback in the store, and positive reviews on other websites, that'southward a good sign. If information technology has mixed feedback or much fewer users, that's a bad sign.
If you're ever in dubiety, don't install that extension. It's best to employ as few extensions equally possible to keep your browser fast, anyhow.
More than browsers are adding permission systems, however. Microsoft Edge uses Chrome-style extensions and will warn you lot about the permissions the extensions require. Firefox will also motility to Chrome-style extensions in the futurity.
Source: https://www.howtogeek.com/291095/why-do-chrome-extensions-need-all-your-data-on-the-websites-you-visit/
0 Response to "Read and Change All Your Data on the Websites You Visit Reddit"
Postar um comentário