However this article got me asking the question above. If my browser becomes infected with a virus, can this do harm to the OS and any other software? Is my data safe? If it can, what do I need to check on to make sure I am safe?
hmm, your concern is valid. While modern browsers sandbox extensions to limit their reach and isolate them from the underlying OS; an infected extension can still access sensitive browser data like cookies, history, and saved passwords. So there’s a slim chance it could even be a doorway for more malware.
Even though Linux isn’t as prone to traditional viruses, the risk of data theft or additional malware remains. Al bit it very unlikely. A balanced approach is to regularly review your extensions—removing those you don’t use or that request too many permissions—and keeping your browser updated.
Frequently updates at last critical OS security fixes
Stay away from hamefoul websites
Be carefoul with installed extensions (for exaple I knew a person who was using an extension for syncing all it’s password on web browser. I don’t thik this is a good practice)
That’s one good thing about my browsing setup so far. No extensions. My main browser right now is Firefox and I use two accounts to share passwords and sites between computers. I use Chrome to access Google Workspace and Microsoft Edge for Office 365.
So I am supposing my lack of extension use would increase my security.
I had an extension ‘Nimble Capture’ which was the best tool I found to print a web-page to a PDF file, but a couple of months ago Chromium labelled it with ‘This extension contains malware.’ and wouldn’t let me use it any more.
Does this mean that threats that arise are being controlled, or could it be that another extension might be doing this detection, I wonder.
@AnthonyRKing Wow. Glad it was tagged. That warning likely came directly from Chromium’s own threat detection system.
They’ve been stepping up efforts to flag malicious or compromised extensions in the Chrome Web Store.
It’s a good sign that the ecosystem is being monitored, but it’s also a reminder that even “trusted” tools can turn rogue if the developer sells the extension or gets compromised.
Best to always check recent reviews, dev website, and update dates before trusting extensions.
@hydn I know there has been news about GitHub projects being hijacked. Are some of these plugins on GitHub, and could it be possible some get hijacked and thus become dangerous?