How to Check if a Chrome Extension is Safe

By /

There are things you can do to help prevent certain types of browser attacks, maintain privacy, and protect you from dangerous sites. Browser extensions are very useful and we as information technology users should do everything we can to foster a society that is secure online. If you want to practice safe browsing and increase your security/privacy then this is the article for you!

You will have to conduct additional research to supplement the reviews in the app store. Find honest thorough reviews of the extensions you are interested in. Try different search queries for that extension like, “How safe is X extension?” or “X extension and malware.” You want to be absolutely positive that the extensions are safe.

Browser extensions can provide ad blocking, password management, malicious site alerts, and much more. You can install browser extensions for the major browsers like Firefox, Google Chrome, and Edge Browser which are the ones we are going to go through. 

What are browser extensions?

Well, browser extensions are sets of software that are attached to your browser. They are kind of like mini applications that perform certain tasks like cookie editing, password management messaging, privacy functions, or retail coupon finders just to name a few.  

Extensions are very useful for shoppers, security and privacy enthusiasts, and anyone who wants a convenient browser experience. I would recommend installing several good extensions on your browser that provide some valuable information on trackers, privacy, and security. We will go over my recommendations in this article!

What extensions are safe to use?

There are a host of extensions on each browser’s extension store. For Google Chrome it’s the Chrome Web Store, Safari Extensions (for the Safari browser), Microsoft Store for Edge browser, and Firefox uses “addons.mozilla.org” in the browser settings for extensions.

As with anything else, you should research the safety (privacy/security) of each extension you wish to use. There are many that will collect a lot of personal data to include browser history, device fingerprinting, and other browsing information. 

Extensions that are derived from full webpages like Facebook messenger, Malwarebytes, and AVG online security. These extensions I like to look at like mini versions of those websites/applications. This means that like their matching websites, they will offer similar if not the same features…

See also  Is Bitlocker Secure Without a Pin?

This can be a good or bad thing. For an app like Facebook messenger it means the permissions that Facebook asks for and the data it collects will go the same (or be very close) for that extension. Facebook has been accused several times for violating user’s privacy, conducting fishy practice, and it offers security concerns.

There are a lot of safe extensions however. What it comes down to is what you are using the extension for, if you have researched the developer and extension, and what data it will collect from you as a user. With that being said, exercise discernment when choosing extensions.

Here are some of my favorite browser extensions..

  • DuckDuckGo Privacy Essentials

DuckDuckGo is a private search engine that doesn’t save history, blocks trackers, and forces web sites to deliver encrypted pages. You can use their mobile application or desktop browser extension. You can also enable ad blocking in the settings, pretty cool!

DuckDuckGo is very easy to deploy in your browser. In this article, I will go over the Google Chrome extension store.

These two screenshots show what the DuckDuckGo extension for the Chrome browser looks like in the browser window. When you visit a web page you will see a letter grade depending on that website’s privacy practices.  

Upon clicking the Unprotected Sites in the YouTube.com screenshot (R-side), you are presented with an overview of the privacy practices…



You can find DuckDuckGo Privacy Essentials in the chrome web store here…



And upon clicking the web link it takes you to the main page…

It is still good to look at the reviews for extensions but, I like to do outside research and reviews. Visit the developer’s web page and find honest information about the features and data the extension collects/sells (if any). This can help you make an educated decision whether or not to add it to your browser. 

This is another good extension to use especially if you are concerned with how websites collect and use your data. TOSDR gives you a privacy rating with “A” being the best one. The better the rating, the less questionable actions the website uses against you as the user.

See also  NMAP for Beginners

This extension basically puts those pages and pages of privacy statements from websites and breaks it down in small, easy to understand sentences. No longer do you have to read a long 5 point font privacy statement before you click that agree button. 

This is one the best extensions because I can see what the website is all about! Notice the screenshots; I visited YouTube and it gave me an E rating. That is absolutely terrible! 

Here’s what the extension looks like in the chrome web store. Upon clicking the tosdr.org link you are brought to the main page…

  • HTTPS Everywhere

Created by the Electronic Frontier Foundation (EFF) and the TOR project, this extension allows https to be enabled everywhere including non-secure http websites. You can enable/disable the extension as well. Notice the screenshots showing that it is enabled (Red ‘S’), disabled, and the settings you can modify through the extension icon.

Here’s how the extension appears in the chrome store and then the web page for the extension

Browser extensions truly seem useful and awesome right? You may be asking yourself, “are there any extensions I should avoid,” the answer sadly is yes…

Questionable extensions and how to avoid them

Marketing, advertisements, and data harvesting is extremely aggressive on the internet as we all know. We are all looking to save some money while shopping and look for convenient ways to be productive so we can have more time to do the things we love to do. 

Many websites and extensions utilize device fingerprinting. This is a method that collects information about your physical machine. Details like the IP address, selected language, OS, and the browser version are what make up a device’s fingerprint.

Some websites might collect this data for advertising purposes and device recognition for banking (to spot anomalies when a user logs in from different devices). This seems like an invasion of privacy especially because you don’t truly know what those websites are doing with your device information. 

Some extensions to avoid are:

  • Quora 

This got an E rating on TOSDR. The website tracks you on other websites, your data is given to third parties, and utilizes third-party advertising. So now you don’t know those third-parties identities or what their security practices are regarding your data.

  • Khan Academy 
See also  Can You Be Tracked on Public Wifi? What You Need to Know

Another one with an E rating. There is a longer list of questionable permissions that this site will use. The most alarming ones being: personal data given to third-parties, refusal of notification to disclose your personal information, fingerprints your browser/users, and uses tracking pixels and web beacons

  • Hola Free VPN

This claims to be a free VPN service but it functions differently. It functions like a peer-to-peer (P2P) network; it does NOT bounce your IP around to different endpoints before arriving at the web host you are connecting to therefore it does not encrypt your network traffic. 

So….if it isn’t a true VPN then why is it advertising as one? Well, this extension falsely advertises with the likelihood that someone who doesn’t want to spend money on a real VPN will opt for the free one (Hola).

Remember, that free VPN’s are usually riddled with shady features like: botnet support, high bandwidth consumption, privacy concerns, and possible malware deployment. It is a better idea to opt for a paid VPN with a lot of good reputation and reviews. 

To learn what a VPN is and how to choose one go here

Additional tips on extensions

There are several other extensions that are great to use alongside my three previous mentions. Disconnect, AdBlocker for YouTube, and Popup Blocker for chrome. These will provide summaries of trackers being requested, block chrome pop-ups, and disable YouTube ads enabling a smooth and interrupted video experience. 

Make sure you research extensions before you add them to your browser and ensure it has good reviews and safety/privacy ratings. If privacy is as important to you as it is to me then you will be thorough in your research.

Closing notes

To summarize, there are a lot of awesome extensions out there that offer privacy features but there are many sketchy ones to avoid. Always be sure to research any extensions before adding them to your browser; this can help keep your data safe. I hope you enjoyed this article!

Summary paragraph

This article was made to inspire 

Scroll to Top

Privacy Policy