diff --git a/js/background.js b/js/background.js
index 55c0580..b1cbc37 100644
--- a/js/background.js
+++ b/js/background.js
@@ -202,7 +202,8 @@ var HTTPSB = {
 
     userSettings: {
         deleteCookies: false,
-        deleteLocalStorage: false
+        deleteLocalStorage: false,
+        processBehindTheSceneRequests: false
     },
 
     // memo:
@@ -216,10 +217,14 @@ var HTTPSB = {
     // list of remote blacklist locations
     remoteBlacklists: {
         'assets/httpsb-blacklist.txt': {},
-        'http://pgl.yoyo.org/as/serverlist.php?mimetype=plaintext': {},
-        'http://www.malwaredomainlist.com/hostslist/hosts.txt': {},
-        'http://malwaredomains.lehigh.edu/files/justdomains': {},
-        'http://malwaredomains.lehigh.edu/files/immortal_domains.txt': {}
+        'assets/thirdparties/mirror1.malwaredomains.com/files/immortal_domains.txt': {},
+        'assets/thirdparties/mirror1.malwaredomains.com/files/justdomains': {},
+        'assets/thirdparties/pgl.yoyo.org/as/serverlist.php': {},
+        'assets/thirdparties/www.malwaredomainlist.com/hostslist/hosts.txt': {}
+        // 'http://pgl.yoyo.org/as/serverlist.php?mimetype=plaintext': {},
+        // 'http://www.malwaredomainlist.com/hostslist/hosts.txt': {},
+        // 'http://malwaredomains.lehigh.edu/files/justdomains': {},
+        // 'http://malwaredomains.lehigh.edu/files/immortal_domains.txt': {}
         },
     // remoteBlacklistLocalCopyTTL: 10 * 1000, // for debugging
     // Look for new version every 7 days
diff --git a/js/settings.js b/js/settings.js
index 331993f..316df33 100644
--- a/js/settings.js
+++ b/js/settings.js
@@ -19,41 +19,49 @@
     Home: https://github.com/gorhill/httpswitchboard
 */
 
-function httpsb() {
+/******************************************************************************/
+
+function gethttpsb() {
     return chrome.extension.getBackgroundPage().HTTPSB;
 }
 
-$(function() {
-
 /******************************************************************************/
 
-var httpsb = httpsb();
-
-$('#delete-blacklisted-cookies').attr('checked', httpsb.userSettings.deleteCookies);
-$('#delete-blacklisted-localstorages').attr('checked', httpsb.userSettings.deleteLocalStorages);
-$('#cookie-removed-counter').html(httpsb.cookieRemovedCounter);
+function changeUserSettings(name, value) {
+    chrome.runtime.sendMessage({
+        what: 'userSettings',
+        name: name,
+        value: value
+    });
+}
 
 /******************************************************************************/
 
-// Handle user interaction
+function initAll() {
+    var httpsb = gethttpsb();
 
-$('#delete-blacklisted-cookies').change(function(){
-    chrome.runtime.sendMessage({
-        what: 'userSettings',
-        name: 'deleteCookies',
-        value: $(this).is(':checked')
+    $('#delete-blacklisted-cookies').attr('checked', httpsb.userSettings.deleteCookies);
+    $('#delete-blacklisted-localstorages').attr('checked', httpsb.userSettings.deleteLocalStorages);
+    $('#cookie-removed-counter').html(httpsb.cookieRemovedCounter);
+    $('#process-behind-the-scene').attr('checked', httpsb.userSettings.processBehindTheSceneRequests);
+
+    // Handle user interaction
+
+    $('#delete-blacklisted-cookies').change(function(){
+        changeUserSettings('deleteCookies', $(this).is(':checked'));
     });
-});
 
-$('#delete-blacklisted-localstorages').change(function(){
-    chrome.runtime.sendMessage({
-        what: 'userSettings',
-        name: 'deleteLocalStorages',
-        value: $(this).is(':checked')
+    $('#delete-blacklisted-localstorages').change(function(){
+        changeUserSettings('deleteLocalStorages', $(this).is(':checked'));
     });
-});
 
+    $('#process-behind-the-scene').change(function(){
+        changeUserSettings('processBehindTheSceneRequests', $(this).is(':checked'));
+    });
+}
 
 /******************************************************************************/
 
+$(function() {
+    initAll();
 });
diff --git a/js/traffic.js b/js/traffic.js
index 4da40e9..b6d5782 100644
--- a/js/traffic.js
+++ b/js/traffic.js
@@ -71,6 +71,8 @@ window.onload = function() { \
 // Intercept and filter web requests according to white and black lists.
 
 function webRequestHandler(details) {
+    var httpsb = HTTPSB;
+
 /*
     console.debug('Request: tab=%d parent=%d frame=%d type=%s, url=%s',
         details.tabId,
@@ -85,7 +87,7 @@ function webRequestHandler(details) {
 
     // Do not ignore traffic outside tabs
     if ( tabId < 0 ) {
-        tabId = HTTPSB.behindTheSceneTabId;
+        tabId = httpsb.behindTheSceneTabId;
     }
 
     var url = normalizeChromiumUrl(details.url);
@@ -120,11 +122,18 @@ function webRequestHandler(details) {
         bindTabToPageStats(tabId, url);
     }
 
-    // block request?
     // quickProfiler.start();
+
+    // block request?
     var hostname = getHostnameFromURL(url);
-    var block = blacklisted(type, hostname);
-    // quickProfiler.stop('webRequestHandler | blacklisted()');
+    var block;
+
+    // https://github.com/gorhill/httpswitchboard/issues/27
+    if ( tabId !== httpsb.behindTheSceneTabId || httpsb.userSettings.processBehindTheSceneRequests ) {
+        block = blacklisted(type, hostname);
+    } else {
+        block = false;
+    }
 
     // Log request
     var pageStats = pageStatsFromTabId(tabId);
@@ -132,6 +141,8 @@ function webRequestHandler(details) {
         recordFromPageStats(pageStats, type, url, block);
     }
 
+    // quickProfiler.stop('webRequestHandler | evaluate&record');
+
     // rhill 2013-10-20:
     // https://github.com/gorhill/httpswitchboard/issues/19
     if ( pageStats && pageStats.ignore ) {
@@ -169,7 +180,7 @@ function webRequestHandler(details) {
         if ( pageStats ) {
             pageStats.requestStats.record(type, false);
         }
-        HTTPSB.requestStats.record(type, false);
+        httpsb.requestStats.record(type, false);
 
         // console.log("HTTPSB > %s @ url=%s", details.type, details.url);
         return;
@@ -182,7 +193,7 @@ function webRequestHandler(details) {
     if ( pageStats ) {
         pageStats.requestStats.record(type, true);
     }
-    HTTPSB.requestStats.record(type, true);
+    httpsb.requestStats.record(type, true);
 
     // remember this blacklisting, used to create a snapshot of the state
     // of the tab, which is useful for smart reload of the page (reload the
diff --git a/settings.html b/settings.html
index 84283e4..af0ba7b 100644
--- a/settings.html
+++ b/settings.html
@@ -26,19 +26,44 @@ <h1>HTTP Switchboard &mdash; Settings</h1>
 
     <h2>Cookies</h3>
     <div>
-        <p>Blacklisted cookies are not prevented by HTTP Switchboard from entering
+        <p>Blacklisted cookies are not prevented by <i>HTTP Switchboard</i> from entering
         your browser. However they are prevented from leaving your browser, which
         is what really matters. Not blocking cookies before they enter your browser
         gives you the opportunity to be informed that a site tried to use cookies,
         and furthermore to inspect their contents if you wish.</p>
-        <p>Once these blacklisted cookies have been accounted for by HTTP Switchboard,
+        <p>Once these blacklisted cookies have been accounted for by <i>HTTP Switchboard</i>,
         they can be removed from your browser if you wish so:</p>
         <ul style="list-style-type:none">
         <li><input id="delete-blacklisted-cookies" type="checkbox" value="">Delete cookies <span class="dim">(<span id="cookie-removed-counter">0</span> cookies removed so far)</span>
-        <li><input id="delete-blacklisted-localstorages" type="checkbox" value="">Delete local storage (not yet implemented)
+        <li><input id="delete-blacklisted-localstorages" type="checkbox" value="">Delete local storage (not yet implemented, unsure if feasible)
         </ul>
         </div>
 
+    <h2>Chromium: behind-the-scene requests</h3>
+    <div>
+        <p>According to <a href="http://www.google.com/intl/en/chrome/browser/privacy/whitepaper.html">Google Chrome Privacy Whitepaper</a>,
+        <i>Chromium</i> might send HTTP requests to <i>Google</i> without the user
+        expressly visiting a web page. Let's call these special requests
+        <strong>behind-the-scene</strong>
+        requests. Also, other installed browser extensions can send 
+        <strong>behind-the-scene</strong> HTTP requests.</p>
+        <p><i>HTTP Switchboard</i> let you
+        intercept and treat these requests like any other request: they can be
+        processed in order to allow/block them as per your whitelist/blacklist.</p>
+        <ul style="list-style-type:none">
+        <li><input id="process-behind-the-scene" type="checkbox" value="">Process <strong>behind-the-scene</strong> HTTP requests.
+        </ul>
+        <p><span style="color:red;font-weight:bold">Beware:</span> potentially
+        blocking <strong>behind-the-scene</strong> net requests is currently causing
+        <a href="https://github.com/gorhill/httpswitchboard/issues/27">an issue</a>
+        when the user wants to install an extension from the Chrome store, hence
+        the ability to disable the feature here. Blocking can also cause other
+        installed extensions to not work properly (those querying for remote data).</p>
+        <p>Even if this feature is not enabled, <strong>behind-the-scene</strong> requests
+        are still logged by <i>HTTP Switchboard</i>, so that you can at least inspect them
+        (from the <i>Stats</i> page).
+        </div>
+
 <script src="lib/jquery-2.min.js"></script>
 <script src="js/settings.js"></script>
 </body>