Google Adds New Rules For Chrome Extensions

Google announced on Monday that it’ll now be deploying more secure and stricter rules for the Chrome extensions in the Chrome Web Store. The new regulations will come in effect with the forthcoming Chrome 70, while extensions containing obfuscated code will be blocked immediately.

“Starting today, Chrome Web Store will no longer allow extensions with obfuscated code. This includes code within the extension package as well as any external code or resource fetched from the web. This policy applies immediately to all new extension submissions. Existing extensions with obfuscated code can continue to submit updates over the next 90 days, but will be removed from the Chrome Web Store in early January if not compliant.”, wrote James Wagner, Chrome Extensions Product Manager.
Google, Chrome, Chrome Web Store, Extensions
In view of providing better security and functionality to the Web Store, Google is working on handling extensions with a wider approach. Users will now have the choice and the ability to restrict an extension's access to a custom list of sites or to set extensions to require permission each time they need to gain access to a page. For extensions that request powerful permissions, will be subjected to additional compliance review.
While host permissions for extensions have enabled for a more customized experience on the Chrome browser, some have also opened a gateway for malicious and harmful deeds, that is by allowing extensions to automatically read and change data on websites. Starting 2019, extensions will require to have a two-step verification security installed by default.
“Our aim is to improve user transparency and control over when extensions are able to access site data. In subsequent milestones, we’ll continue to optimize the user experience toward this goal while improving usability.”
There have been cases of cyber attacks previously where cyber-criminals have been engaged in compromising the security of user accounts of crypto wallets, which is a major issue. And already over 70% of extensions on the Chrome Web Store contain obfuscated code.
Visit the official blog to learn more about the new policy.