Google Chrome is known for being secure. But you can improve both online security and functionality with the help of these third-party extensions.
Chrome is my Web browser of choice. Why? It arguably is the most secure Web browser currently available. Still, I'm a firm believer that you can't have too much security. So when third-party developers create extensions that enhance security, I pay attention. Here are some you may want to have a look at.
Note: This article is also available for download as a PDF and PowerPoint presentation.
Some may not consider AdBlock a security extension. But I would not surf without it. By blocking ads, AdBlock removes a relatively new attack vector. The bad guys are using what is called Malware Ad Injections to successfully infiltrate accredited Web sites like the New York Times. AdBlock prevents that.
2: Bug Me Not
Bug Me Not is a unique extension. Its purpose is to thwart advertising spam from Web sites that require registering. If a Web site requests information, activate the extension. It will check Bug Me Not.com's database. If registration information is available, Bug Me Not will populate the form, allowing you to continue, yet remain anonymous.
Vulnerabilities in Flash are becoming popular targets for the criminal element. FlashBlock helps by initially blocking all Flash content on a Web page. You then choose to activate individual elements or all Flash content on the page. FlashBlock remembers your decisions, building a whitelist of trusted sites.
4: LastPassLastPass is an online password manager and form filler. Because it is online, passwords and personal information can be synced across multiple computers. To accomplish that, all transferred data is first encrypted locally, then uploaded to LastPass servers. You can read about other helpful features in my review of LastPass.
5: RoboForm Online
RoboForm Online is another password manager and form filler I want to mention, as LastPass may not be for everyone. TechRepublic writer Tom Olzak wrote a nice review describing all of the available features. It is similar to LastPass in that passwords are encrypted locally, then uploaded to RoboForm servers.
6: SecBrowsing Plug-in Version Checker
If you use extensions, you need SecBrowsing Plug-in Version Checker. Like any software, extensions can have bugs. I recently wrote a post about how the bad guys are leveraging vulnerabilities in extensions. So install SecBrowsing Plug-in Version Checker to make sure you have the latest software.
SiteAdvisor is a service that reports on the safety of Web sites. I mentioned it when writing about phishing Web sites. The SiteAdvisor icon (located right of the address bar) advertises the Web site's rating. You also have the option of not allowing suspicious Web sites to load.
8: Unencrypted Password Warning
Unencrypted Password Warning does exactly what its name says. It also displays a warning if credit card numbers are sent in the clear. This extension is helpful for users who aren't familiar with HTTPS and what it means. If there is a problem, it opens a window and explains what's wrong.
Web of Trust (WOT) is another extension that rates the trustworthiness of Web sites. I wanted to include both WOT and SiteAdvisor, as they have differences. Unlike SiteAdvisor, WOT rates search results, which is a nice feature. You have an idea before you proceed to the Web site.
10: Xmarks Bookmarks Sync
Xmarks Bookmarks Sync is not necessarily a security extension, nor is it needed if you use Chrome exclusively. But if you run multiple Web browsers, including Chrome, Firefox, Safari, and Internet Explorer, on different computers, Xmarks will make your life a whole lot easier. It automatically syncs your bookmarks everywhere. A more detailed explanation of the extension is available on the Xmarks site.
Many of these extensions are just being ported to Chrome and may have issues. So you need to be careful, as the bad guys are focused on extension vulnerabilities.
One final note: LastPass is my favorite extension for many reasons. A new one has just cropped up. You may have heard about tabnapping. Password managers like LastPass remove the problem. The login information is associated only with the correct Web site address.