These browser extensions have been caught stealing user data; Do you have them? Remove NOW
Extensions have always been an important part of user experience. The problem, however, is that at times we download so many extensions on a browser that we don't even remember most of them.
Extensions have always been an important part of user experience. The problem, however, is that at times we download so many extensions on a browser that we don't even remember most of them. And, that's what some unscrupulous elements are taking advantage of. AdBlock Plus creator Wladimir Palant has identified four such extensions offered by Avast and its subsidiary AVG installed that have been caught collecting a lot more data on its millions of users than they are intended to, including your detailed browsing history.
When users install Avast or AVG antivirus on their PCs, the software automatically installs their respective add-ons on the users' browsers. Both of these are primarily online security extensions and are designed to warn users when they visit a malicious or phishing website. Palant had found out that he extensions are sending a large amount of data about users' browsing habits, to the company's servers — "far beyond what's necessary for the extension to function."
Which extensions have been caught?
As many as four extensions offered by Avast and its subsidiary AVG have been found guilty. These include: Avast Online Security, AVG Online Security, Avast SafePrice and AVG SafePrice. SafePrice extensions help online shoppers learn about best offers, price comparisons, travel deals, and discount coupons from various sites.
WATCH Zee Business TV LIVE Streaming Online -
What data is being shared?
- Full URL of the page you are on, including query part and anchor data,
- A unique user identifier (UID) generated by the extension for tracking,
- Page title,
- Referrer URL,
- How you landed on a page, e.g., by entering the address directly, using a bookmark or clicking a link,
- A value that tells whether you visited a page before,
- Your country code
- Browser name and its exact version number,
- Your operating system and its exact version number
"Tracking tab and window identifiers as well as your actions allows Avast to create a nearly precise reconstruction of your browsing behavior: how many tabs do you have open, what websites do you visit and when, how much time do you spend reading/watching the contents, what do you click there and when do you switch to another tab. All that is connected to a number of attributes allowing Avast to recognize you reliably, even a unique user identifier," Palant said.
What action has been taken?
Palant reported his findings to both the browser makers - Mozilla, and Google, of which Mozilla took immediate action by temporarily removing the extensions from its Firefox Add-on store within 24 hours until Avast resolves the issue. "This add-on violates Mozilla's add-on policy by collecting data without user disclosure or consent," Mozilla said.
What should you do?
Those who had installed these extensions should disable or remove them as soon as possible. Also, all the four extensions are still available on the Google Chrome Web Store, but Palant believes they will be removed by the tech giant. Until then, make sure you don't install them.