Vakomana vari kutarisira web browser yekuvandudza Chrome yanga ichishanda mukuchengetedza nharaunda "ine hutano" mukati mebrowser yekuwedzera-ons chitoro uye kubva kusangana kweGoogle nyowani Manifest V3, shanduko dzakasiyana siyana dzekuchengetedza dzaitwa uye kunyanya makakatanwa anogadzirwa nekuvharirwa kwemaAPI anoshandiswa nevazhinji vekuwedzera -kuvhara kushambadza
Iri basa rese rakapfupikiswa mumhedzisiro dzakasiyana, izvo kuvharirwa kwenhamba dzinoverengeka dzakaipa kwakaziviswa izvo zvakawanikwa muChitoro cheChrome.
Muchikamu chekutanga, muongorori akazvimiririra Jamila Kaya uye kambani Duo Security yakaratidza akasiyana maChomre ekuwedzera ayo anotanga kushanda nenzira "yepamutemo", asi mukuwongorora kwakadzama kwekodhi yeaya, mashandiro aive achimhanya kumashure akaonekwa, yeiwo mazhinji acho akaburitsa mushandisi data.
Cisco Duo Security yakaburitsa CRXcavator, yedu otomatiki Chrome yekuwedzera chengetedzo yekuongorora chishandiso, yemahara gore rapfuura kudzora njodzi iyo Chrome extensions ichaunza kumasangano uye kubvumidza vamwe kuvandudza kutsvagurudza kwedu kuti vagadzire ecosystem.ye Chrome extensions yakachengeteka kune wese munhu.
Mushure mekuzivisa dambudziko kuGoogle, zvinopfuura mazana mana nemakumi matatu zvinowedzerwa zvinowanikwa mukabhuku, ane nhamba yekuisirwa isina kutaurwa.
Zvinokosha kuti kunyangwe paine huwandu hunoshamisa hwezvivakwa, hapana imwe yemapulagini ane chinetso ane ongororo yemushandisi, zvichitungamira kumibvunzo nezvekuti ma plugins akaiswa sei uye kuti chiitiko chisina kunaka chakaonekwa sei.
Iye zvino, ese ane chinetso plugins anobviswa kubva kuChannel Web Chitoro. Sekureva kwevaongorori, chiitiko chakaipa chine chekuita neakavharika plugins chave chichiitika kubva munaNdira 2019, asi madomeni ega ega akashandiswa kuita zviito zvakashata akanyorwa muna2017.
Jamila Kaya akashandisa CRXcavator kuburitsa mushandirapamwe wemakopi ekuwedzeredza Chrome ayo akabata vashandisi uye akaburitsa dhata kuburikidza nekukanganisa pakuedza kunzvenga kuona kubiridzira kweGoogle Chrome. Duo, Jamila, neGoogle vakashanda pamwechete kuti vaone kuti izvi zvinowedzerwa, nevamwe vakaita saivo, vakawanikwa uye vakabviswa ipapo.
Yakawanda ye zvinowedzera zvinokuvadza zvakaunzwa semidziyo yekusimudzira zvigadzirwa uye kutora chikamu mukushambadzira masevhisi (mushandisi anoona kushambadza uye anogamuchira zvinobviswa). Zvakare, hunyanzvi hwekudzoreredza kunzvimbo dzakashambadzwa dzakashandiswa pakuvhura mapeji akange aratidzwa mutambo usati waratidza saiti yakumbirwa.
Ma plugins ese akashandisa nzira imwecheteyo kuviga zvakashata zviitiko uye kupfuura nzira dzekuvharisa plug-in muChannel Web Store.
Iyo kodhi yemapulagi ese yainge yakafanana padanho rekutanga, kunze kwemazita emabasa aive akasarudzika kune yega yega plugin. Kufunga kwakaipa kwakaendeswa kubva pakati pevatariri manejimendi.
Pakutanga, iyo plugin yakabatana kune duraini iro rine zita rakafanana sezita re plugin (semuenzaniso Mapstrek.com), mushure meizvozvo Yakaendeswa kune rimwe remaseva manejimendi iro rakapa iyo script yezviito zvekuwedzera.
Pakati pezviito zvakaitwa kuburikidza nemapulagi tsvaga kurodha pasi zvakavanzika mushandisi dhata kune server yekunze, kuendesa kunzvimbo dzinotyisa nekubvumidza kuisirwa zvinokuvadza (Semuenzaniso, meseji nezve hutachiona hwemakomputa inoratidzwa uye malware inopihwa pasi pechirevo cheantivirus kana yekuvandudza browser).
Yakadzoserwa maseru anosanganisira akasiyana siyana phishing domains uye saiti kushandisa echinyakare mabhurawuza izvo zvine kusagadzikana kusagadziriswa (semuenzaniso, mushure mekushandisa kuyedza kwakaitwa kuisa zvirongwa zvakaipa zvinokanganisa mapassword uye kuongorora kuchinjiswa kwedata rakavanzika kuburikidza ne clipboard).
Kana iwe uchida kuziva zvakawanda nezve iyo noti, iwe unogona kutarisa iro rekutanga bhuku Mune inotevera chinongedzo.