Linked by Thom Holwerda on Sun 10th Jun 2012 22:36 UTC
Google So, Google has made it very hard to install Chrome extensions outside of the Chrome Web Store - out of security concerns. In addition, they sprung this on users and extension developers without much consultation or consideration for their concerns. As always - understandable to protect users, but the handling has an almost Apple-like bluntness to it. Next up: how to jailbreak your browser?
Thread beginning with comment 521670
To view parent comment, click here.
To read all comments associated with this story, please click here.
Laurence
Member since:
2007-03-26

darknexus,

"Speaking from tech support experience, I'd say if a user doesn't know enough to google for that switch, they have no business side-loading. The more checkboxes you give users, the more they will check out of annoyance just to avoid the alert dialogs, and then your security becomes null and void."

The spread of malware happens because users lack the tools to make informed decisions. Often the choice is between "run" and "do not run" and the only information presented is to identity the software. Even knowledgeable users will be at a complete loss to know if something is harmful, so I fully agree that this type of security model is flawed. But I disagree very strongly with the "remedy" of a walled garden (even if more savvy users can disable it). It'd be both more open and more secure to add metadata about what the extension does and then enforce it in a sandbox. Given the right tools & information, users may be even more secure than simply trusting everything in google's repository.


Metadata can be faked. This method ensures that only people tech-savy enough to know how not to break their browser has enough control to break their browser.

Reply Parent Score: 2

Alfman Member since:
2011-01-28

Laurence,

"Metadata can be faked. This method ensures that only people tech-savy enough to know how not to break their browser has enough control to break their browser."

Can be faked to do what? Any metadata can be faked. But if the requested permissions are enforced by the sandbox and software attempts to escalate it's access above that specified in metadata, then it should be killed automatically. Furthermore the default max permissions should be restrictive enough such that the user needs to explicitly ok dangerous calls before the software will run.

The sandbox gives us much more security than we normally have when running extensions under blind faith. Although this could improve security for all extensions, I'd be open to removing sandbox restrictions from extensions that have already been vetted by google.

Reply Parent Score: 3