Downgrading Utility Of Limitless Chrome New Tab

For about 5 months I have been using a Chrome extension called Limitless as my default “new tab”. During installation, Limitless requested my GMAIL credentials, which I I declined to provide. It works fine without them. However, in light of the recent Equifax data breach, I was curious to see what exactly Limitless was asking for.

As I suspected, the extension wants the ability to have total control of your email. Specifically:

View, manage, and permanently delete your mail in Gmail

At this point, alarm bells should be ringing loudly in people’s heads if they are entering in an active gmail address. Limitless’s privacy policy can loosely be interpreted as, “Even though the NSA, Equifax and Ashley Madison can’t keep their data secure, you can trust us and every employee that works for us now, or in the future, because your privacy is important to us! 🙂 ”

They do state that data is stored locally, and looking at their code, this appears accurate. However, they also state they may change this policy at some point in the future…

Sure, you could use a dummy gmail login, or none at all. However in principle, I’m tired of extensions asking to be trusted with information they simply cannot guarantee to remain secure. So I changed my feedback to negative 2 (out of 5) on chrome store and am going to drop the extension completely.

To be fair, Limitless is just one of MANY extension offenders wanting total access to your email. The point of this post is just to encourage people to drop these extensions, even if you don’t provide or even if they are semi-useful. If Limitless adjusts their policy I’ll change my Chrome extension feedback and followup with this post saying so.

As a side note, I feel like the “new tab” extension market is kind of weak. I may tinker with making my own. Maybe I’ll call it “LIMITED” as in the amount of data I’ll seek to collect from users!

Leave a Reply