Skip to main content

Are Chrome Apps and Extensions Safe?

This conversation will get my blood boiling in a New York minute. I recently posted a question on Google+ (link)
How do you know whether or not you can trust a Chrome App or Extension? For example there is an APP out there that seems to have modified my "file" manager offering to install some "services" from this fellow Tanaka. I'm sure he's a fine fellow but he has no obligation or compliance requirement that his code is not going to (a) steal my data and export is someplace else (b) steal my credential and send them someplace else.
Simply put the Chrome user base has absolutely no assurance that the software we are running is true, reliable and safe. Or do we? Ask yourself why Angry Birds needs access to my Contacts.
There were some typical responses that all sound like "if it hurts don't do it"; but frankly that's bullshit. The entire world has come to depend on free software of every kind. Many businesses exist only to serve or use free software.

One fellow responded; "The code is on github". Phew that makes me sleep better. Since the compiled code is done somewhere else and the binaries are keyed and packaged on another system I feel so much safer. There is nothing to guarantee that the code on github is the code that was compiled and is executing on my computer and when I gave it permission to talk to ANY computer on my local and "the internet" I feel so much safer. (I hope you read my sarcasm).

He continued: "The permissions are justified". Well he's kinda right here but justified it the wrong word. Required would be more like it. It's kinda hard to deploy a network program if it cannot talk to the network. But since the security demands of this permission set is so low you can leak data at will.

Finally he said: "Tanaka is working upstream...". I do not know this person first hand. I did not go to school with him and I certainly do not sit around and chat code, politics, or religion. He might be a fine fellow but I'm pointing out the fundamental flaw. "We" clearly need a curated and blessed application store. That Tanaka has his own build process is meaningless. That his code is not reviewed for evil is BS. Google needs a way to bless apps and extensions.

This is more than the Cathedral and the Bazaar. The book should be renamed Cathedral, Bazaar, and the Underworld.

UPDATE:

By comparison; let me talk about the homebrew package manager. One of the interesting things about homebrew is that when it installs the requested packages; they are installed in user-space instead of root as many applications do. And the "recipes" in the system direct the build agent running on your computer how to build the application and which version of the source was the latest to be trusted. Of course trust being the operative word. Sadly if the package author and the package submitter are the same person then it is upon the homebrew owners to curate the source. The good news is that there is an alpha/beta channel and with any luck there is an informal code review, however, it's not a guarantee.

PS: if an app or extension needs access to the entire internet I should be able to flip a switch that limits the domains that it can talk to... maybe only my *.mydomain.com, apple.com, dell.com. This is not the same, but is similar, to prevent kids from surfing to whitehouse.com instead of whitehouse.gov. In my case I need to SFTP to a white-list of servers. Never the internet as a whole.

Comments

Popular posts from this blog

Entry level cost for CoreOS+Tectonic

CoreOS and Tectonic start their pricing at 10 servers. Managed CoreOS starts at $1000 per month for those first 10 servers and Tectonic is $5000 for the same 10 servers. Annualized that is $85K or at least one employee depending on your market. As a single employee company I'd rather hire the employee. Specially since I only have 3 servers.

The pricing is biased toward the largest servers with the largest capacities; my dual core 32GB i5 IntelNuc can never be mistaken for a 96-CPU dual or quad core DELL

If CoreOS does not figure out a different barrier of entry they are going to follow the Borland path to obscurity.

UPDATE 2017-10-30: With gratitude the CoreOS team has provided updated information on their pricing, however, I stand by my conclusion that the effective cost is lower when you deploy monster machines. The cost per node of my 1 CPU Intel NUC is the same as a 96 CPU server when you get beyond 10 nodes. I'll also reiterate that while my pricing notes are not currently…

eGalax touch on default Ubuntu 14.04.2 LTS

I have not had success with the touch drivers as yet.  The touch works and evtest also seems to report events, however, I have noticed that the button click is not working and no matter what I do xinput refuses to configure the buttons correctly.  When I downgraded to ubuntu 10.04 LTS everything sort of worked... there must have been something in the kermel as 10.04 was in the 2.6 kernel and 4.04 is in the 3.x branch.

One thing ... all of the documentation pointed to the wrong website or one in Taiwanese. I was finally able to locate the drivers again: http://www.eeti.com.tw/drivers_Linux.html (it would have been nice if they provided the install instructions in text rather than PDF)
Please open the document "EETI_eGTouch_Programming_Guide" under the Guide directory, and follow the Guidline to install driver.
download the appropriate versionunzip the fileread the programming manual And from that I'm distilling to the following: execute the setup.sh answer all of the questio…

Prometheus vs Bosun

In conclusion... while Bosun(B) is still not the ideal monitoring system neither is Prometheus(P).

TL;DR;

I am running Bosun in a Docker container hosted on CoreOS. Fleet service/unit files keep it running. However in once case I have experienced at least one severe crash as a result of a disk full condition. That it is implemented as part golang, java and python is an annoyance. The MIT license is about the only good thing.

I am trying to integrate Prometheus into my pipeline but losing steam fast. The Prometheus design seems to desire that you integrate your own cache inside your application and then allow the server to scrape the data, however, if the interval between scrapes is shorter than the longest transient session of your application then you need a gateway. A place to shuttle your data that will be a little more persistent.

(1) storing the data in my application might get me started more quickly
(2) getting the server to pull the data might be more secure
(3) using a push g…