Chrome Sense Beta plugin flagged as malware

Elastic Stack Kibana
22

As an elastic subscriber, kibana console does not provide the following critical features that sense provided:

  1. sense provided an interface that is not tied into elasticsearch the way kibana is tied in. If elasticsearch is in trouble, so, typically, is kibana.
  2. sense allows me to manage my own list of often used queries easier than kibana console.

Some of this is covered previously, but I would encourage elastic to support a simple plugin of this type. For now, I'm using curl quite a bit when Kibana Console does not provide what I need.

23

Unfortunately chrome disabled this extension again.
Version 62.0.3202.75 (Official Build) (64-bit)
sense

24

Thank you for the screenshot. Try this new zip in the same location. I changed the key and name of the plugin. It worked for me, I tried restarting chrome a few times. Let me know if it works for you as well.

1 Like
25

Thank you, I'll try it.

26

Thanks Andy.
Please do raise a support request with this as well, it'll help us pass the request to the right people :slight_smile:

27

Hi,

I have make a fork with autocomplete indices, types and fields work on ELS 2.* and 5.* :

7 Likes
28

Currently using this new update. Will update you once it gets flagged, or disabled again..

Thanks.

29

Hi everybody,

Is it possible to retrieve my requests ?
Indeed i had a lot requests saved in the sense extension

1 Like
30

Thanks rashmi! I will say as primarily a search user of Elasticsearch, the Sense Chrome extension is invaluable. As a search-focused user, installing Kibana for Sense is overkill. So to me the missing Sense/Chrome extension is a missing piece in the ecosystem.

I don't consider Postman a good replacement for Sense. Postman is heavy-weight and general purpose. Sense in Chome was lightweight and focused on Elasticsearch.

31

Has anyone figured out why it was flagged as malware though?

32

Yes, because google thinks they know best. They removed the ability for users to enable developer mode and get around the issue as well. It's really frustrating.

33

My guess is that Google has changed something regarding what extensions are allowed to do or what APIs they are allowed to access, and it's being flagged as malware for breaking the new 'rules' or accessing data in an exploitable way.

For example, i believe the extensions needs to pull some tricks to bypass CORS on it's web requests, and something like that is a good indicator of real malware even if it's legit in this case.

34

We've posted a blog on this topic - https://www.elastic.co/blog/sense-chrome-plugin-malware-issue

2 Likes
35

Thanks, i have update my fork for include your link.

36

Thank you @Tirthankar_Bhowmick !!

37

It is really useful!

38

I looked over an old version of the sense extension source code and the disabled source and found that the extension was attempting to load a google docs spreadsheet.-- The extension is still on the hard drive in your chrome profile if you didn't delete the extension, as a note don't double click on .js files, open them directly within a text editor's file dialog if your are curious.

The disabled extension is completely different from the older source.

If I had to guess, I would say someone hacked the developer account associated with the sense extension, and uploaded a completely different malware extension masquerading as the sense extension. Google caught it and flagged it as malware.

39

Thanks for diving the code David.

40

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.