In my last post I put in a small plug for the new support for extensions in Google Chrome. I am pretty sure that I have mentioned that this is my browser of choice and has been for some time. Speed and simplicity are what drew me in and what keeps me here. Extensions only add to the experience. If you don’t use Chrome, or haven’t used it yet, I suggest you try it out.

I, too, have been working on an extension for Chrome. It isn’t anything fancy right now, but I am happy with it. All that it does is show the most recent comic in a popup window. To be honest, I took the idea from an extension that does the same thing forXKCD.com. Nevertheless, I will post a link to it once I have it in the Chrome Extension Gallery, for those of you who wish to try it out.

In my developing of the extension, I started to read about how the whole process works and the things to do and not to do. It is a rather simple process and all you need to know is a bit of intermediate to advanced web programming knowledge.

Today, however, I was doing my usual browsing for an extension to help my work when I came across an extension called ‘Nothing’ with a description of ‘This extension does nothing.’ It currently has 464 users.

One of the comments (usually intended for positive feedback and bug reports) started off as:

FrostyC 17 hours ago
This extension is actually capable of one thing. Updating.

That made me think. If it is capable of updating then it is capable of anything. I quickly delved into the literature written by Google on how to work with extensions. Sure enough, after about five minutes of searching, I found that Chrome Extensions are updated automatically. And for the case of ‘Nothing’ and its 464 users this is a serious problem. Actually, for any of the extensions this is a serious problem. Let me explain.

I have seven extensions currently active on my laptop. As far as I can tell, only one of them was authored by someone I can trust. That someone on is Google (I can trust them because their company motto is “Don’t be evil.”). The rest are written by unknowns. Some of the extensions that I use are truly beautiful pieces of software written by people who really know how to program. That’s why I am worried. If they can program a wonderful extension that thousands of people use and they can automatically update the extension at any time, what is to stop them from turning their extension into a malicious piece of code? Nothing.

Needless to say, I am going to write a beautiful extension that everyone will use and then one day out of the blue have it turn on everyone. But not the one for viewing my comic, everyone needs to be able to view that at all times without worrying.