Web browsers - Extensions
Many web browsers provide mechanisms to augment their native functionalities.
Use Cases
Third-party extensions provide ads, trackers or general content blocking, interface to password manager, cookies management, interface changes, custom styling, etc.
Risks
Users should carefully think about the usefulness and trustworthiness of extensions.
Malicious extensions
Extensions can be purposefully malicious, spy and sells users data (personal identifiable information, browser/search history, user input, cookies, session tokens, authentication credentials, passwords, …)
Extension hijacking
"Safe" extensions can be hijacked to inject malicious code, update themselves and infect users without their knowledge.
Change in ownership
Even previously vetted extensions created by well reputed developers can be sold to untrustworthy entities for malevolent purposes.
Permissions
Users cannot distinguish between safe and unsafe extensions by looking at the permissions alone as both type may require similar ones. But they can ask themselves if the permissions required are indeed necessary for the advertised tasks.
Extensions may perform privileged actions such as: capture input data, browsers/tabs activities; exchange messages with external programs; read and modify privacy settings; show notification …
As a result they may track user habits and manipulate web traffic.
Manifest v2 & Manifest v3
Extensions rely on API provided by WebExtensions to interact with the browser and come in two forms manifest v2 and v3. Firefox-based browsers support both types while most of Chromium-based ones at the exception of Brave Browser only support the latter.
Manifest v3 brings makes extensions more trustworthy with increase security by disallowing remote hosted code, better privacy with greater visibility and control over permissions and boost in performance thanks to service workers and a declarative model for APIs.
Outside of the original intent, these changes are overall positive. Except in the context of content blockers where the switch from blockingWebRequest to declarativeNetRequest limits the filters effectiveness.
Recommendations
Use extensions sparingly
Users should use extensions sparingly given the previously mentioned risks and their side effects of increasing information used to browser fingerprint and identify users.
Restrict site access
Users should consider restricting site access either on click or on specifics sites.
Optional permissions
Users should not toggle any additional permissions without considering their usefulness and risks.
Switch to a private browser
Users would be better off by choosing one of the already private browser option.
Useful extensions
In certain case the advantages outweigh the risks, notably in the case of an ad/tracker/content blocker or a bridge between a password manager and the browser.
uBlock Origin
uBlock Origin is an ads, trackers and general content blocker for a better, faster and more private web browsing experience. The extension works out of the box with pre-selected filter lists. Additional functionalities include among others optional/customs block lists, first and third parties script/frame blocking.
It comes bundled in Librewolf, IronFox and Mullvad Browser.
Permissions
- Access your data for all websites
- Read and modify privacy settings
- Access browser tabs
- Access browser activity during navigation
uBlock Origin Lite
On Chromium-based browsers only supporting Manifest v3 users should switch to uBlock Origin Lite.
NoScript
NoScript prevent any potentially harmful content to be executed without user consent. Global or contextual trust level can be set for each website; default for unknown websites, trusted either temporarily or persistent, untrusted or custom for more refined controls. NoScript also protects against the injection and execution of malicious code from external website (Cross-site scripting) and targeted deanonymization attack (Cross-tab identity leak).
While NoScript works on both Firefox and Chromium based browsers it runs better on the former as cross site protection not available on the latter.
It comes bundled in Mullvad and Tor Browser.
Permissions
- Access your data for all websites
- Access browser tabs
- Access browser activity during navigation
KeePassXC-Browser
Users should have their passwords generated and stored in a password manager. The extension allows passwords stored in KeePassXC to be auto-filled in websites.
Permissions
- Access your data for all websites
- Exchange messages with programs other the browser
- Input data to the clipboard
- Display notifications to you
- Access browser tabs
- Access browser activity during navigation
- Read and modify privacy settings (Optional)
Bitwarden extension
Users using Bitwarden as a password manager could use the extension to manage and auto-fill their passwords.
Permissions
- Get data from the clipboard
- Input data to the clipboard
- Display notifications to you
- Access browser tabs
- Access browser activity during navigation
- Access your data for all websites
- Exchange messages with programs other than browser (optional)
Sources
External Resources
- Web Request and Declarative Net Request: Explaining the impact on Extensions in Manifest V3
- Making Chrome extensions more private and secure
- Manifest V3 now available on M88 Beta
- Here’s what’s going on in the world of extensions
- Manifest V2 phase-out begins
- Migrate to Manifest V3
- What Manifest V3 means for Brave Shields and the use of extensions in the Brave browser
- Mozilla’s approach to Manifest V3: What’s different and why it matters for extension users