The Great Suspender Chrome extension was officially banned today. Does anyone work on a policy of blocking all extensions?

  • 4 February 2021
  • 22 replies
  • 157 views
jesse
Userlevel 1
Badge +1

The Great Suspender Chrome extension was officially banned today. Google said it had malware added to it and killed it

22 replies

dominik
Rank
Userlevel 3
Badge +2

Fully support.


Open Thread in Slack
Shown at the end of every post
jesse
Userlevel 1
Badge +1

Yea I was hoping it would turn out better but oh well. This is a pre malware fork https://chrome.google.com/webstore/detail/the-marvellous-suspender/noogafoofpebimajpfpamcfhoaifemoa


Open Thread in Slack
colinmccarthy
Rank
Badge +2

With Malicious extensions like this does anyone work on a policy of blocking all extensions, then only allowing approved ones?


Open Thread in Slack
Join SOLVE at https://www.saasops.life/
rose
Userlevel 2
Badge +5

Been using a forked version of TGS that was created to remove the tracking. https://github.com/aciidic/thegreatsuspender-notrack


Open Thread in Slack
~ Work Smarter, Not Harder ~
rose
Userlevel 2
Badge +5

it’s not in the chrome web store, though. manual install required.


Open Thread in Slack
~ Work Smarter, Not Harder ~
rose
Userlevel 2
Badge +5

@colinmccarthy We considered doing an extension allowlist, but it’s frankly a lot of work to get to that point. the easiest thing to do would be to just allow all currently installed extensions and then set it up to block new ones going forward. We tend to block malicious extensions that we find, but haven’t moved towards the allowlist model yet.


Open Thread in Slack
~ Work Smarter, Not Harder ~
orose
Badge

another one bites the dust


Open Thread in Slack
mgosto
Badge

We use API Whitelisting in Google


Open Thread in Slack
brian.kim
Rank
Userlevel 3
Badge +1

this is a great video to watch from chrome team at google.
https://www.youtube.com/watch?v=aEJL-nwkg2M

block extensions by permissions as it may change over time.



Open Thread in Slack
dominik
Rank
Userlevel 3
Badge +2

On that note: which permissions do you block?



Open Thread in Slack
Shown at the end of every post
colinmccarthy
Rank
Badge +2

yeah @rose it would be quiet a process to manage approvals.



Open Thread in Slack
Join SOLVE at https://www.saasops.life/
brian.kim
Rank
Userlevel 3
Badge +1

extension approval workflows are coming.



Open Thread in Slack
brian.kim
Rank
Userlevel 3
Badge +1

@dominik high or critical?



Open Thread in Slack
brian.kim
Rank
Userlevel 3
Badge +1

https://www.youtube.com/watch?v=5zXBgDDP-OM



Open Thread in Slack
dominik
Rank
Userlevel 3
Badge +2

Don't know, Brian. I'm lost on that note tbh



Open Thread in Slack
Shown at the end of every post
brian.kim
Rank
Userlevel 3
Badge +1

i can test it and see if it breaks any extensions that i use haha



Open Thread in Slack
brian.kim
Rank
Userlevel 3
Badge +1

chrome sneak peak starts tat 8:00.



Open Thread in Slack
nosubstitute
Badge

@colinmccarthy all schools/districts work like that, all over the world. Block all, allow few.



Open Thread in Slack
colinmccarthy
Rank
Badge +2

Thanks Good to know what others are doing.



Open Thread in Slack
Join SOLVE at https://www.saasops.life/
A
Badge

@colinmccarthy I use this script to quickly see what apps & auth scopes of my users. Admin console provides the same info but I haven't figured out where I can get the same report https://github.com/slackhq/gsuite-oauth-third-party-app-report



Open Thread in Slack
colinmccarthy
Rank
Badge +2

Thanks. Will have to check it out



Open Thread in Slack
Join SOLVE at https://www.saasops.life/
J

thanks for sharing the script



Open Thread in Slack

Reply