Chrome's new "Proceed with Caution" warning when installing new or untrusted extensions
Google Chrome's Enhanced Safe Browsing feature will soon display warnings to Chrome users when extensions are about to be installed that are either new or untrusted by Google.
Enhanced Safe Browsing is an opt-in feature that extends the capabilities of Safe Browsing, a security feature that is protecting Chrome users by default against malicious extensions, downloads, or websites.
Google Chrome will block the installation of malicious extensions, provided that the extensions are flagged by Google staff. Google notes that the number of disabled extensions increased by 81% in 2020 alone.
New browser extensions for Chrome that are published on the official Chrome Web Store for extensions, are not handled differently than established extensions; this will change soon for Chrome users who have enabled Enhanced Safe Browsing in the web browser.
Extensions that are considered new by Google, and extensions that are not trusted because of Chrome Store Developer Program Policies issues, will soon be handled differently in Chrome for these users.
Chrome displays a "Proceed with caution" prompt when users select the "add to Chrome" option on the Store.
The prompt reveals that the extension is not trusted by Enhanced Safe Browsing. A learn more link is provided, and users may either continue with the install or close the prompt and cancel it.
The continue to install button leads to the default extension installation prompt in Google Chrome.
Google does not define "new" in the blog post on the company's Google Security blog, but reveals that it will at least take a few months for new developers to become trusted by Enhanced Safe Browsing.
Most extensions are considered trusted already. According to Google, "nearly 75% of all extensions" are considered trusted. The company expects the number to keep growing in the coming months and years.
The new warning prompt will impact extension installations, as it may make users feel unsure about the installation.
Enhanced Safe Browsing was launched in May 2020. The feature is controversial despite being opt-in, as it will send browsing data such as URLs and a "small sample of pages, downloads, extension activity, and system information" to Google.
Configure Safe Browsing in Chrome
Chrome users may configure the status of Safe Browsing on the following page: chrome://settings/security
The three options are:
- Enhanced Protection -- Faster, proactive protection against dangerous websites, downloads, and extensions. Warns you about password breaches. Requires browsing data to be sent to Google.
- Standard Protection -- Standard protection against websites, downloads, and extensions that are known to be dangerous.
- No Protection (not recommended) -- Does not protect you against dangerous websites, downloads, and extensions. You’ll still get Safe Browsing protection, where available, in other Google services, like Gmail and Search.
Chrome users who have enabled Enhanced Safe Browsing will benefit from the change. New and untrusted extensions can still be installed, but an intermediary prompt needs to be interacted with beforehand.Advertisement