Browser Extensions that Steal Your Privacy

Some browser extensions for Google Chrome and Firefox allow outside parties to track you indirectly. The extensions themselves are passing this information without informing you properly. Yes, they obey some obscure rules, but how many uses know those rules and how to invoke their protections? On top of that, some of the extensions add code after they are installed the rules simply do not protect you from that.

The story is a little technical and detailed: Chrome Extensions – AKA Total Absence of Privacy

Example: If you log into some service like Facebook, you receive a really long, random cookie that constitutes an “access token” — so long as FB can find that token in your cookies, you are considered actively logged into FB. Several extensions have been caught sending that access token to third parties, making it possible for them to use your account. Nobody claims they do this, but aren’t you just thrilled at the prospect?

The linked article offers a partial list; partial because they don’t have the resources to test every extension. However, good privacy extensions don’t block this sniffing because extensions seldom check on each other.

About Ed Hurst

Avid cyclist, Disabled Veteran, Bible History teacher, and wannabe writer; retired.
This entry was posted in computers and tagged , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.