The Most Dangerous Code in your Browser
Paper in proceeding, 2015

Browser extensions are ubiquitous. Yet, in today's browsers, extensions are the most dangerous code to user privacy. Extensions are third-party code, like web applications, but run with elevated privileges. Even worse, existing browser extension systems give users a false sense of security by considering extensions to be more trustworthy than web applications. This is because the user typically has to explicitly grant the extension a series of permissions it requests, e.g., to access the current tab or a particular website. Unfortunately, extensions developers do not request minimum privileges and users have become desensitized to install-time warnings. Furthermore, permissions offered by popular browsers are very broad and vague. For example, over 71% of the top-500 Chrome extensions can trivially leak the user's data from any site. In this paper, we argue for new extension system design, based on mandatory access control, that protects the user's privacy from malicious extensions. A system employing this design can enable a range of common extensions to be considered safe, i.e., they do not require user permissions and can be ensured to not leak information, while allowing the user to share information when desired. Importantly, such a design can make permission requests a rarity and thus more meaningful.

chrome

browser security

privacy

firefox

Author

Stefan Heule

Stanford University

Devon Rifkin

Stanford University

Deian Stefan

Stanford University

Alejandro Russo

Software Engineering and Technology (Chalmers)

15th Workshop on Hot Topics in Operating Systems, HotOS 2015

Areas of Advance

Information and Communication Technology

Subject Categories

Computer and Information Science

Information Science

Computer Science

More information

Latest update

8/8/2023 6