Home / Technology / Tech Tip: Protecting Your Data When Using Browser Extensions

Tech Tip: Protecting Your Data When Using Browser Extensions

Q. I was installing a browser extension the other day, and the software said it needed to “read and change all the data on the websites you visit.” Why is this, and should I be worried?

A. Browser extensions meant to perform tasks — like finding coupon deals or stopping videos from automatically playing — are programs all on their own. Web browsers that use a permissions system to explain what data the extension needs to function should alert you to what the program wants to do and, as with app permissions on mobile devices, give you a chance to stop installing the software if its reach seems too invasive.

In theory, an extension that has license to “read and change all the data on the websites you visit” can see the sites you browse, make changes to those pages and report back to its creator with the information. Some extensions legitimately require access to this data to perform their function. For example, video-blocking software must read a website’s code to see that a clip is set to play automatically — so it knows how to stop the playback.

Many extensions benignly use this information, but there is always the danger that the all-access pass will be abused or that rogue software will grab keystrokes, login information, account numbers and other private data. Malware makers have hijacked or even bought legitimate extensions from their original developers and used the access to pump invasive advertisements into web pages; Google previously banned these offenders from its Chrome extension store.


Before you install any browser extension, it’s a good idea to read the company’s privacy policy and know what the software can do — and plans to do — with your data. Credit The New York Times

The creators of Honey, a popular shopping extension that requires permission to “read and change” the data on the websites you visit, have said that they have been approached by malware and data collection companies about selling their trusted software — but that they have not done so. Many add-on programs quietly do their jobs without grabbing your data, but if online privacy and security concern you at all, consider skipping the convenience of the browser extension, or thoroughly read its creator’s privacy policy so you know what you are agreeing to share when you install the software.

Continue reading the main story
NYT > Technology

Leave a Reply

Your email address will not be published. Required fields are marked *