""No, Chrome isn't killing ad blockers - we're making them safer," according to Chrome engineer Devlin Cronin."
""While this API is used by good actors to implement powerful features like content blockers, it can also be -and has been- abused," wrote Chrome extensions advocate Simeon Vincent in a separate blog post."
""Because all of the request data is exposed to the extension, it makes it very easy for a malicious developer to abuse that access to a user's credentials, accounts, or personal information," Vincent added. "Since January 2018, 42 percent of malicious extensions use the Web Request API.""
Google is limiting access to Chrome's webRequest API because the API exposes full request data to extensions and can be abused to intercept sensitive information. Chrome engineers say the restriction will make extensions safer by preventing malicious or compromised extensions from harvesting credentials, photos, and other confidential data. The company cites a hacked Mega.nz extension that stole passwords and notes that since January 2018, 42 percent of malicious extensions used the webRequest API. Google reports blocking about 1,800 malicious extension uploads per month and frames the change as a security-first move that will affect many content blockers.
Read at PCMAG
Unable to calculate read time
Collection
[
|
...
]