Pretending that Steve Bannon is really the President was funny when Saturday Night Live did it on their opening bit. Then today, Business Insider wrote about a Google Chrome extension that replaces every mention of "Trump" with "Steve Bannon" on all web pages. Funny? Not from a Defensive Computing perspective.
Any extension that can change a specific word on every web page is inherently dangerous. Almost by definition, such an extension is spyware.
Sure enough, when you install the President Bannon extension (above) it needs permission to "read and change all your data on the websites you visit." This is exactly what I wrote about last time (see Spyware on a Chromebook).
I am not claiming that the President Bannon extension is malicious. I have not looked at the source code or sniffed any traffic it may be sending. It's dangerous nonetheless.
First off, no software should have this much power. And, even if it's merely a joke today, since Chrome extensions are automatically and silently updated, nothing stops it from becoming spyware tomorrow.
You might as well have someone from American Bridge ("A major Democratic-aligned super PAC" according to Business Insider) standing over your shoulder watching everything you do in the Chrome browser.
It doesn't help that the website of the software developer says nothing at all about the extension and appears to have been abandoned.
Or, that the description of the extension, shown below, says nothing about what it actually does.
Exposing Steve Bannon's role in some of the most dangerous and unconstitutional actions taken by Trump's Administration. A white supremacist is calling the shots in Donald Trump's White House. This extension exposes Steve Bannon's role in some of the most dangerous and unconstitutional actions taken by Trump's Administration.
Business Insider should stick to business and leave computers to us nerds.
Now that Computerworld, and all of parent company IDG's websites, have eliminated user comments, you can get in touch with me privately by email at my full name at Gmail. Public comments can be directed to me on twitter at @defensivecomput
UPDATE Feb. 6, 2017:
The story was also picked up by the Daily Kos (Democratic organization creates Google extension that turns any mention of 'Trump' into 'Bannon') and Softpedia (Chrome Extension Turns "Trump" into "Bannon," Warns About His Influence).
A very similar extension, Steve Bannon to Wormtongue, that "Replaces Steve Bannon and President Bannon with the name "Wormtongue" requests the same Chrome permission.