|
|
|
|
|
|
by Ennergizer
1157 days ago
|
|
|
Google actually has a list of websites categorized as banks and financial institutions. Yes it does not cover every single case but that's a start. Extensions are not malicious by default, but some developers are selling well known extensions to bad actors (unknowingly) who can change things. In most cases you only need the extension to inject their scripts only in certain websites, not all. Right now Chrome provides an option in each extension's settings "Allow this extension to read and change all your data on websites you visit:" with an option to allow only when you click on the extension. That config can easily be applied to every extension in Chrome's settings IF that was an option and add any extension to allow list by default on specific sites where you need. Currently during extension install when the extension needs access to the all websites where you want to use it there is no option to select which website you want to allow it to be used on (the extension developer does not know where you want to use it so they make it to allow on all websites). |
|
|