Google is locking down Chrome to keep users safe from malicious extensions. The company has announced that it will prevent Windows users from downloading and installing Chrome extensions from any source other than the company's own Chrome Web Store. Google says that malicious extensions that take advantage of the option to side-load additional extensions upon install are the "leading cause of complaints from our Windows users." The offending extensions can attract users with a promising utility and then silently make unauthorized changes — like swapping out your new tab landing page. By forcing all downloads to come from the Web Store, Google will be able to remove offending extensions.
Only the beta and stable channels of Chrome for Windows will be effected by the change, and Google notes that most users shouldn't even notice a difference — if developers make the changeover correctly, extensions themselves should migrate seamlessly. Developers and enterprise users, meanwhile, will retain the option to perform local extension installs. The change does mean that some developers will have to pay a reasonable $5 fee to register and host their extensions on the store, and if the extension costs money, Google charges a 5 percent fee. An unintended side effect of the security measure is that a number of non-malicious extensions that violate Google's terms of service in other ways will effectively be shut out.