Hi,
When I look for tutorials on the internet I often see a reference to plugins, namely a developer called TIG and others from TheSketchUpEssentials.
Can anyone tell me if these plugins are safe and do not cause a malfunction on the PC and software?
Plugins also called extension are generally safe and very useful. TIG makes good ones, as do so many others. A good safe way to get extensions is through the extension warehouse which can be accessed from within Sketchup.
TIG’s extensions are safe to use. His are hosted on Sketchucation, not in the Extension Warehouse. The extensions hosted in the Sketchucation Extension Store are safe.
Over time there have been very few malicious extensions/plugins for SketchUp, particularly if you only download from reputable sources such as the Extension Warehouse, SketchUcation, Ruby Library Depot, or a fully-identified developer’s site. I’ve never run into one that was deliberately harmful.
On the other hand, there have been occasional incidents of badly-written extensions interacting with each other in ways that can cause SketchUp to behave strangely or even crash. It is always wise to keep track of the order in which you add extensions so that you can back them out in an orderly way if a problem arises. Failing that, the best way is the divide-and-conquer method: kill off half and see if the problem goes away. If not, repeat with half of the remaining ones. If so, reinstall half of the removed ones and see if the problem reappears. This technique zeroes in on the culprit(s) quite quickly compared to one-at-a-time.
Another good resource is the Ruby Console. If a plugin is throwing a lot of errors (in the Ruby Console) then you can also use this to help track down problems.
I’d recommend to get extensions from Extension Warehouse if possible, where they are reviewed by very competent staff. The SketchUcation pluginstore is also a respected source, but to my knowledge there is no review process there so badly written extension can slip by. I have never seen or heard of a malicious extension there though.
Several extensions authored by companies, e.g. renderers, are only available at their own websites. This means they can be of very varying quality (for instance Podium interferes with the API in a forbidden way and risk causing other extensions to malfunction). As these extensions don’t go through any formal review it’s hard to tell their quality, but if the publisher appears to be a serious company they are at least very unlikely to be malicious.
general as in universal: No!, because extensions have full access to modify your model as they like, as well as access to read, create, modify and delete arbitrary files in the file system (at least the user’s data), or submit contents of files over the network.
general as in prevailing: Yes, I (and others) have never experienced or heard of a case where an extension made for SketchUp was malicious.
However, take care to download extensions (like all software) from the original source, because malware makers often redistribute good, “safe” software bundled with malware (as it happened to Firefox). If an extension is “signed” (like all from Extension Warehouse), you can be sure it comes from the original author whose identity is registered at SketchUp.
More often than malicious extensions, you will hit the case that an extension (or a software) is buggy, that means its own function does not work properly, most of the time without affecting the safety of your computer.
I agree caution is warranted, which is why many have suggested the OP start out with vetted sources. I guess I was trying to strike a balance between being encouraging to someone just starting to explore extensions without promising that nothing unexpected can ever happen.
[quote=“Msa1, post:4, topic:92662, full:true”]
Thank you so much also slbaumgartner for this information.
Many thanks to everyone (DaveR, endelessfix,
slbaumgartner, medeek, eneroth3, aerilius…) for the various information provided and care to take into account.