Privacy in Chrome Extensions

One of the most frequent concerns we hear from our users is about privacy.

A number of very popular Chrome extensions that have been used by thousands of people for years have been sold to big corporations or companies with a shady background.

Why does that matter? Well, a Chrome extension can get access that a normal websites cannot.
It can track your browsing history, access content you input in websites, it can even get to your file system (your hard drive) given the right permissions.

Most casual users, do not always check or care about what permissions are granted when they install an extension, especially if its a well known one that has allot of users.

When someone wants to easily get access to a large cash of information about thousands of users, a “good” way to do that is to buy a popular extension, take over it and change it to collect personal information – all without you knowing.

How is Privacy Addressed in Tabox?

When Tabox was created, the number one goal was to make it so none of the information used in it would be shared anywhere.

Tabox does not require you to sign up for an account, it does not ask for your name, email or anything else, it just works from the second it’s installed.

All the information in Tabox relating to your tabs, is stored locally, and if you enable the sync option using Google Drive, that data is stored in your Google Drive account.

The permissions used in Tabox

Like we mentioned before, permissions are important. They are the only thing standing between an extension and the access it needs to steal your information.

Tabox uses only the permissions needed to function properly, but even those might seem strange to some, so lets go over them.

Tabox permissions, as noted by Chrome when you install Tabox
  1. Read and change your data on apis.google.com and oauth2.googleapis.com
    Why we need this?
    We use those URLs to communicate with the Google Drive APIs that give us the capability to use Google Drive sync.
    When is it used?
    Only when you enable Google Drive sync and only to make API requests to sync your data.
  2. Read your browsing history on all your signed-in devices
    Why we need this?
    It may sound scary but we only use your “history” to enable the “Open your last closed window or tab” feature.
    When is it used?
    The “Open your last closed window or tab” link uses your browser history to figure out what window or tab you closed last and restore it.
    We do not keep track of your history and we do not access it any other time.
    Unfortunately Chrome is not able to give “partial” or “limited” history permissions, if it did we would surly limit it.
  3. View and manage your tab groups
    Why we need this?
    So we can save your tab group
    When is it used?
    When you save your session in Tabox, it collects information about your current open Chrome groups (id, title and color) and that data is later used when you click to restore a saved session.
To Sum Up

Always be careful when you install a new extension, and make sure it does not ask for permission it does not / should not need.

Tabox will never sell your information or hand over control to another party we do not fully trust. You, the users are what makes Tabox great and we will always appreciate that!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s