Privacy Guard for Chrome assigns risk categories to extensions and apps
It is quite difficult to keep an overview over extension and app permissions in the Chrome browser, especially if you have installed several.
While you can look up permissions of individual extensions by opening chrome://extensions and clicking on the permissions link next to each extension, it is not really helpful if you want a quick overview of all apps or extensions installed in the browser.
The brand new Privacy Guard extension comes to the rescue. It assigns risk categories to each app and extension that you have installed in Chrome which makes it a lot easier to get an overview.
Once you have installed the extension -- it requires access to your data on chrome.google.com and permissions to manage your apps, extensions and themes -- you can load the assessment with a click on the extension icon in the Chrome interface.
It displays only extensions by default, which it sorts into high, medium and low risk categories. All installed extensions are assigned to a category, so that you can get an overview easily with a total of two clicks.
Each extension is listed with all of its permissions and that is about it. Apart from the rating itself, it is up to you to interpret the results.
This can be easy at times if an extension requested permissions that it does not really need, or not as easy if you are not sure what individual permissions do.
You can use this support page on the Google Support website for information about the permissions listed there.
If an extension requests lots of permissions, like the Speed Dial 2 extension on the screenshot above, you may want to search for an alternative instead that requests less permissions but offers a similar functionality.
This may not be possible all the time, and if you consider an extension essential, you may decide to keep it enabled in Chrome despite the permissions that it has.
You can enable the scanning of apps with a click on the apps check box in the Privacy Guard interface. This adds all installed apps to the risk categories so that you can check them out as well.
A search filter is available that you can use to find specific extensions or apps. You can search by name for example, or author.
The developer plans to add an option to Privacy Guard in the near future that will highlight app publisher changes. This is one of the most requested features in light of recent extension acquisitions which have later been turned into adware.
Privacy Guard is a useful extension for Chrome that you can use as a one-time extension right now to check up on all extension and app permissions in your version of Chrome. Once ownership change notifications are implemented, it may even make sense to have it installed and running at all times in the browser.Advertisement
it says everything is high risk. adblock plus, https everywhere, wot, flash block, feedly, evernote, ect. i don’t find this add on very helpful at all
Well if all of these extensions require lots of privileges, then they are. But, you are probably trusting the developer or company, so that you do not have to take any action.
I am using Shield for Chrome which flags suspicious extensions. It flagged Mail Checker Plus for Google Mailâ„¢ but doesn’t give any reasons.
Risk and suspicions doesn’t mean its dangerous.
Sometimes theres a genuine need for those privileges.
Don’t take the results of ‘detection’ extensions that detect using permissions too seriously.
Thus in a sense ‘detection’ extensions using a curated blacklist like the previously reviewed Chrome Protector is more accurate to me.
The sure way is to dig into the code and see, other ways like ratings etc can fall to deliberate sabotage (but I don’t suppose extensions are that competitive :P).
So maybe Google should screen through the code.
I wonder if the adware and malware code doesn’t require any permission then aren’t these ‘detection’ extensions useless?
What if they don’t use the Chrome API?
I don’t think the Google Analytics code require any permission declaration.
I do make extensions but I’m not familiar with the dark arts of tracking, malware and adaware so I’m just guessing.
I agree that a sole focus on permissions is not enough, and that permissions that are rated as high risk are not necessarily “bad”, “malicious” or “invasive in regards to privacy”. But, this extension can highlight the permissions they have, which can be useful to go through every now and then just to make sure that an extension does not go overboard with the permissions it requires.
Shield For Chrome has now the same type of function integrated into it.