When you install an extension, you give it permission to use certain data, so it’s best that you learn how to double-check and install only safe browser extensions to be sure they aren’t using your information maliciously.
Checking For Safe Browser Extensions Before Installing
Thankfully, checking the safety of a browser extension can be easier than installing a program to your computer. This is because every browser extension will list any permissions it requests before being installed. Permissions can be anything from viewing your search history, accessing your webcam, reading your data on specific websites, or modifying data that you enter, copy, or paste. If a browser extension doesn’t have permissions, it cannot perform a task. So it’s impossible for an extension to access your webcam, for example, unless the permission to access it is stated on the installation page. When you go to install a browser extension, the first thing you should do is check for these permissions. They can tell you a lot about what the browser extension can do once it is installed. Let’s take Social Blade, for example. Social Blade is a tool that can tell you the growth stats for accounts on Twitch, YouTube, Instagram, Twitter, and more platforms. It’s great for tracking your own growth, tracking competitors, or for those curious about their favorite creators. When you add the Chrome Social Blade extension to your browser, it asks for permissions to read and change data on Facebook, YouTube, Twitch, Twitter, and Instagram. Given what the extension does, this sounds like a safe browser extension. When you install this it, it’ll show Socialblade stats within each website as you browse it. So it makes sense why these permissions are needed. Even so, you may feel a little apprehensive about using this service when it can access and edit data on social media websites. So, at this point it comes down to your own discretion. Do you trust this developer? Socialblade is well regarded in the industry and they have a privacy policy on their website, linked on their extension page. But alternatively, would you trust a similar extension from a more unknown developer? For example, this extension from a developer called system.unplugged has a 1 star rating and no public privacy policy. Maybe not, but then again, even if you download it, it can only access the permissions stated when installing the extension. This permission system is much the same for both Chrome and Firefox. On Microsoft Edge, you need to be extra careful. Permissions are granted, but they go through the Microsoft Store first, which means you will have scroll down to read the permissions first. There’s no warning when you press install. In summary, check the permissions first. If they are related to the service the extension provides, you’re most likely in the clear. Next, check the developer and their privacy policy to see if they are trustworthy. Finally, read extension reviews and if you’d like to take it further, take a closer look at the developer’s public profile and privacy policies on their website.
Which Are Safe Browser Extension Permissions & Which Aren’t?
When you give permissions to a browser extension, it can be a little confusing what that actually means. To help you, we’ve provided a closer explanation so that you can be more informed when installing new browser extensions. These guidelines are based on information provided by Google.
High Risk Browser Extension Permissions
You should be immediately suspicious of any extensions that require access to all data on your computer and the websites you visit. You should be concerned if an extension needs to access any data on your computer, instead of just data within the browser itself. This is a sign that it’s not a safe browser extension. Take extreme precaution when downloading these apps, even from trusted sources.
Medium Risk Browser Extension Permissions
You should be moderately suspicious of any extensions that require data on the websites you visit. It’s rare that an extension should ever need to gather data on every website you visit. It’s more likely that an extension may need access to read, request or modify data on a specific list of websites, and it’s down to your sole discretion to allow this permission. For example, Socialblade requires access to data on specific social media websites that it can provide in-depth stats for. The sole functionality of the extension needs this access to work. Understand the functionality of an extension and ask yourself whether the functionality matches up to the permission requests. You should never give an extension access to a website like PayPal or your bank’s website.
Low Risk Browser Extension Permissions
Any of the following permissions are considered low risk. You’re unlikely to be the victim of fraudulent or malicious behavior with these permission requests. However, it’s down to your sole discretion if you’d like to give up your data through these permissions.
Your saved bookmarksYour browsing historyYour tabs and browsing activityYour physical locationAny copy and pasted dataA list of installed apps, extensions and themes
Summary
With the permission system used for browser extensions, it can be easy to understand what data an extension is accessing. With that being said, you should be cautious and understand what is happening each time you allow permissions. Hopefully, this guide has helped to explain which permissions are safe and how to find only safe browser extensions from trustworthy developers.