[ new scan ] [ statistics ] [ github ] [ twitter ] [ help ]

Glider Proctoring

Version 4.0.1 View in Chrome Web Store

Last scanned: 1 day ago | force re-scan

Extension Details

Rating: 1.9 ★ (186 ratings)

Users: 200,000

Context-Aware Verdict

HIGH

Overall Risk

Trust Factors: The extension has a concerning trust profile with only 200,000 users and an extremely low rating of 1.9 out of 5 stars from 186 reviews, indicating significant user dissatisfaction. The lack of clear author and developer information raises additional transparency concerns. However, the extension appears to be associated with Glider.ai, suggesting it serves a legitimate proctoring purpose for online assessments.

Concerns:

- Extremely broad permissions including desktopCapture, which allows screen recording capabilities

- Universal host permissions (<all_urls>) enabling access to all websites visited

- The tabs permission allows monitoring and manipulation of browser tabs

- System.display permission provides access to display configuration information

- The combination of these permissions creates extensive surveillance capabilities

- Very poor user ratings suggest potential functionality or privacy issues

- Missing developer contact information limits accountability

Recommendations:

Given the high-risk nature and poor user feedback, consider running this extension in a completely separate Chrome profile dedicated solely to proctored exams. Only install and activate it immediately before taking a monitored test, then remove it afterward. Verify the extension is genuinely required by your testing organization and confirm you're installing the official version. Be aware that this extension has comprehensive monitoring capabilities including screen recording and website access tracking during use.

Findings

HIGH

Broad Host Permissions

This extension has broad host permissions allowing it to access many or all websites. This could potentially be used to steal sensitive data or track browsing activity.

HIGH

High-Risk Permission: tabs

This extension has the tabs permission. Can access browser tab information and manipulate tabs. This could potentially be used maliciously to compromise security or privacy.

Raw Manifest

{
  "name": "Glider Proctoring",
  "icons": {
    "16": "logo16.png",
    "48": "logo48.png",
    "128": "logo128.png"
  },
  "author": "GLIDER",
  "version": "4.0.1",
  "background": {
    "service_worker": "background-script.js"
  },
  "update_url": "https://clients2.google.com/service/update2/crx",
  "description": "This chrome extension allows you to share full screen of your computer privately and securely.",
  "permissions": [
    "desktopCapture",
    "tabs",
    "system.display",
    "scripting"
  ],
  "homepage_url": "http://glider.ai/",
  "host_permissions": [
    "<all_urls>",
    "http://localhost:3000/*",
    "https://*.glider.ai/*"
  ],
  "manifest_version": 3,
  "externally_connectable": {
    "matches": [
      "http://localhost:3000/*",
      "http://local.glider.ai:3000/*",
      "https://*.glider.ai/*",
      "https://*.gliderapp.com/*"
    ]
  },
  "minimum_chrome_version": "88",
  "web_accessible_resources": [
    {
      "matches": [
        "*://*/*"
      ],
      "resources": [
        "icon.png"
      ]
    }
  ]
}

by ✦ Astarte

Glider Proctoring

Extension Details

Context-Aware Verdict

Findings

Security Analysis Details

Required Permissions:

Host Permissions:

Embedded URLs (5 total):

Raw Manifest

Detections

Manifest Findings

https://code.google.com/p/chromium/issues/detail?id=413602	https://code.google.com/p/chromium/issues/detail?id=425344
https://clients2.google.com/service/update2/crx	http://glider.ai/
http://local.glider.ai:3000/