Stylish extension pulled after tracking users’ full web browsing habits

Brittany A. Roston - Jul 6, 2018, 5:27 pm CDT
1
Stylish extension pulled after tracking users’ full web browsing habits

A popular extension downloaded more than two million times has been pulled from browser app stores after a major security issue was discovered. The app, called Stylish, was used to modify the design of websites, such as altering images, turning bright backgrounds dark, and altering unwanted elements. Unfortunately, the browser extension was also extensively tracking users’ browsing habits and uploading the data to a remote server.

The security issue was discovered by software engineer Robert Heaton, who revealed the issue on his personal website. According to the post, the Stylish browser is tracking its users’ complete browsing activity and saving the information to a server alongside a unique identifier. Via the unique identifier, the company behind Stylish can keep records of an individual user’s data.

Stylish tracks a user’s total browsing history, according to the report; if the company behind the extension wants to, it may be able to use account details with a login cookie to tie the browsing data to the individual’s actual identification. The extension was available for Google Chrome, Mozilla Firefox, and Opera, but has been deleted from the extension stores following the security issue revelation.

User browser tracking wasn’t always the case, but rather appears to be a change implemented by Stylish’s latest owner SimilarWeb following the previous owner’s sale in August 2016. The change was first applied to the Chrome browser, with tracking on those users having started in January 2017, and later for Firefox users in March 2018. The company published a new Privacy Policy in May 2018.

Though the company says it tracks anonymous data, the scraping of one’s complete browsing history can reveal the user’s identity. Someone repeatedly visiting the same Facebook profile, for example, is likely the person the profile belongs to. The issue highlights one unfortunate fact: is something is both good and free, there’s a good chance the user is the product.

SOURCE: Robert Heaton


Must Read Bits & Bytes