Chrome prepares to ax silent extensions
In a move sure to annoy businesses and other groups that bundle browser extensions as part of their main toolset, Google is tightening extension security in Chrome for Windows. The company announced on Friday two new features in Chrome 25 that will make it harder for third-parties to force-install extensions. Chrome Product Manager Peter Ludwig wrote that Google decided to clamp down on third-party extensions because the policy had been “widely abused” to silently install extensions, “without proper acknowledgment from users.”
All new third-party extensions will be disabled by default, Ludwig said. Once installed, a box will open warning you that the extension has installed and give you the option to activate it.
The second change will deactivate all third-party extensions currently installed, and open a prompt to make it easier to reactivate them. After that, you’ll have to go through the Extensions management screen to do so.
These changes pull Chrome in line with changes that Mozilla made to Firefox’s add-on management policies. If Chrome’s implementation resembles Firefox’s, then the third-parties, such as security suite vendors or businesses, will still be able to get their extensions installed. It will just take an extra click from the end user.