Non-Web Store extensions blocked in all channels of Google Chrome
Google is improving the security of the users of its browser, with a rather drastic move, which was announced today.
The Mountain View company will block all non-Web Store extensions, from being installed in Google Chrome.
Non-Web Store extensions blocked in Stable Channel of Chrome:
This isn’t something new though, The Verge reports. Around a year ago, Google announced that it would block extensions that were not hosted on the Chrome Web Store, but it only applied to the stable version of the browser, and users who wished to install extensions from other sources, could use the Developer channel of Google Chrome. The intent behind this was to prevent malicious extensions from being installed in the stable channel of Chrome.
Google says that it was an effective change, and that it saw 75% drop in customer support help requests for uninstalling unwanted extensions. However, users were tricked by hackers to use the developer version of Chrome, thus manipulating them to install malicious extensions. This is what Google says in a blog post today:
Unfortunately, we’ve since observed malicious software forcing users into the developer channel in order to install unwanted off-store extensions. Affected users are left with malicious extensions running on a Chrome channel they did not choose.
Non-Web Store extensions blocked in all versions of Chrome
So, with that in mind Google has decided to block extensions that are not hosted on its Chrome Web Store, completely. You can no longer install an extension from a third party app or anywhere else, in any version of Google Chrome.
This rule comes in to effect from today, for Windows users. It will be implemented in Mac, in July. Developers can still continue to install non-Web Store extensions by enabling the developer mode in Chrome’s settings.
So, users will be losing access to many useful extensions and plugins from Internet Download Manager, Kaspersky Internet Security, etc. The only way to get the extensions, would be if the developers add them to the Chrome Web Store.
Google isn’t the lone browser maker which is blocking malicious extensions. Recently, Mozilla implemented add-on signing, which requires all add-on developers to submit their add-on to Mozilla for review. Once it is found to be safe, the addon will be signed. Unsigned addons will be blocked in the stable, beta and ESR channels of Firefox.
But at least Mozilla still allows installation of addons in the developer and nightly channels. Google Chrome has been criticized for using too much RAM, and the Mountain View company may have just damaged Chrome’s reputation by disallowing extensions from third-party sources.