Browser extensions, the software add-ons that help users customize and enhance their web browsers, are wildly popular. Some of the most-used extensions find shopping deals, fix grammar and typos, manage passwords, or translate .
Browser extensions, the software add-ons that help users customize and enhance their web browsers, are wildly popular. Some of the most-used extensions find shopping deals, fix grammar and typos, manage passwords, or translate web pages. The types of extensions available are nearly endless, and many have become indispensable tools for businesses and everyday users.
While these extensions can make web browsing more accessible, productive, and rewarding, they are not without risk. New research from Georgia Tech reveals that thousands of browser extensions pose significant threats to privacy, and hundreds automatically extract private user content from within webpages—affecting millions of internet users.
Led by Frank Li, assistant professor in the School of Cybersecurity and Privacy and the School of Electrical and Computer Engineering, and Ph.D. student Qinge Xie, a team of researchers has developed a new system that monitors whether and how browser extensions collect user content from webpages.
The team, which also includes Paul Pearce, assistant professor in the School of Cybersecurity and Privacy and the School of Computer Science, and Manoj Vignesh Kasi Murali, a Georgia Tech M.S. alumnus, presented their research paper at the Usenix Security Symposium, a cybersecurity conference, in August.
« We know from prior research that browser extensions collect users’ browser activity and history, but some of the most sensitive user data is located within webpages, such as emails, social media profiles, medical records, banking information, and more », Li said.
Home
United States
USA — software Study finds that thousands of browser extensions compromise user data