ETHERLive
ETHERLive delivers real-time price and volume data across 16+ exchanges to users in a clear and easy-to-understand package. Users can get up-to-the-second updates for each exchange/currency pair, as well as aggregated market averages for each exchange, currency, and the market as a whole. It also provides a global converted average of all the currency pairs monitored by ETHNews, converted to USD.

---

24hr ---
--%
Wednesday Oct 17th 2018
RESOURCES

The Basics

Learn the basics of Ethereum and various cryptocurrency technologies

Learn More

What is Ethereum?

Understand the underlying principles of the Ethereum Platform

Learn More

The Blockchain

Discover the revolutionizing technology known as the blockchain

Learn More
SUBMIT

Press Release

Submit a press release for consideration on ETHNews

Submit Press

Story / Dapp

Submit a story or DAPP to be considered for publication on ETHNews.

Submit Story

Explanation

Submit "Ethereum Explainer" content for consideration to be featured on ETHNews

Submit Topic
ETHNews Logo
---
--%
Home
News
Etherlive
Ether Price Analysis
Resources
Contact Us

Google Tightens Rules For Chrome Extension Developers

By

Tim

Prentiss

WriterETHNews.com

The new requirements should make cryptojacking more difficult.

In a blog post Monday, Google's manager of Chrome extensions, James Wagner, outlined some policy changes for extensions offered in the Google Chrome Web Store. He wrote:

"We've recently taken a number of steps toward improved extension security with the launch of out-of-process iframes, the removal of inline installation, and significant advancements in our ability to detect and block malicious extensions using machine learning."

The changes seem to have the goal of narrowing permissions for extensions, and also making the purpose of extensions more transparent. At least one of the changes will likely reduce the incidents of cryptojacking, a problem the Chrome Web Store has previously grappled with.

In April, Wagner announced the store was banning all crypto mining extensions. Prior to that, mining extensions had been allowed, but only if users were adequately informed of the extension's intent and mining was the extension's single, express purpose. He wrote then, "Unfortunately, approximately 90% of all extensions with mining scripts … have failed to comply with these policies, and have been either rejected or removed from the store."

The recent policy update says that extensions with obfuscated code will no longer be allowed in Chrome Web Store. Obfuscation conceals the source code of an extension, making it possible to hide functionalities, possibly malicious ones, such as those that could be used for cryptojacking, from the users who download the extension. Wagner writes:

"Today over 70% of malicious and policy violating extensions that we block from Chrome Web Store contain obfuscated code. At the same time, because obfuscation is mainly used to conceal code functionality, it adds a great deal of complexity to our review process."

While code obfuscation can be used to hide the real intent of a piece of malicious software, it does have a legitimate purpose of preventing a piece of code from being copied, thereby protecting a developer's intellectual property. However, Google no longer believes this protection is effective enough to justify the possible dangers of obfuscation. According to Wagner:

"Since JavaScript code is always running locally on the user's machine, obfuscation is insufficient to protect proprietary code from a truly motivated reverse engineer. Obfuscation techniques also come with hefty performance costs such as slower execution and increased file and memory footprints."

The post says that developers may continue to update extensions with obfuscated code for the next 90 days. However, all extensions must comply with the new requirements by January 2019.

Tim Prentiss

Tim Prentiss has a master’s degree in journalism from the University of Nevada, Reno. He lives in Reno with his daughter. In his spare time he writes songs and disassembles perfectly good electronic devices.

ETHNews is committed to its Editorial Policy

Like what you read? Follow us on Twitter @ETHNews_ to receive the latest Google Chrome, cryptojacking or other Ethereum technology news.