I can't believe how great it looks and how responsive it is. I've been running an emacs client in it for a while and other than C-n opening a new window it's practically perfect. Huge props to the team who wrote this.
I believe this is the same terminal that replaces urxvt as the non-VT terminal in the newest version of ChromeOS (IE the one you access with Ctrl-Alt-T). I was worried when I switched to the dev channel on my Cr-48 and crosh opened in a new tab instead of a chromeless window.
Works really well, nice and quick. Call me stupid, but I'm not actually sure how to launch it (clicking on "Launch App" from within the webstore works but that's surely not the only way).
oh, good idea. I wonder if navigator.registerProtocolHandler works in apps?
I tried adding it manually in settings->Content Settings...->Handlers, but it only allows you to select handlers on sites that have already requested permission, not add new ones (as far as I can tell).
I don't know that this really rises to the level of a "killer" app. Serious ssh users are, of course, already quite happy with their terminal emulators and use platforms that support them natively. I find it very hard to believe (though I'm willing to be surprised) a chrome extension is going to present me with the performance, platform integration, or keyboard navigability I get and demand from gnome-terminal. I'd probably be happy using it from friends machines, etc...
What this will do, however, is hopefully end for good the mess of "How do I expose a command line application to my windows-using friends such that they aren't confused and won't hate me.". And there's a whole lot of value to that.
Why are we happy? We are not. Terminal emulation needs to die, but as you point out, there is no reasonable substitute yet. I have enjoyed toying with interesting experiments like the MPW shell, and I support every attempt to replace or kill the ridiculous anachronism that is termcap. It's like we're the SCA and unix is our ren fest.
I was talking to someone recently who likened it to a shifting pendulum. For a while, he told me, terminal control languages were sufficiently complex that you could send a program to run _on the terminal_, and then things shifted back to running things where you store them on the server.
Now there's HTML5 and javascript, the world's most complicated terminal control language.
I'm not sure that I disagree: the terminal implementation in modern unix is a terrible mess. But the terminal metaphor (a command line being fed by a keyboard and displaying to a scrolling window of text) is nearly perfect, and won't by dying any time soon. And ssh is fundamentally just a data pipe for that metaphor anyway.
The terminal metaphor isn't so great either; in fact I think it's miserable, compared to the workbook-type approach provided by something like Mathematica from 15 years ago (last time I worked somewhere that could afford it) I find it depressing that all command line interfaces aren't like that.
Also, in-band signalling, escape characters, magic select() timing loops to distinguish from "real" input, hackarounds for the fact that the original terminal was a separate computer and had local and remote modes and some keys never sent anything... is that metaphor REALLY still relevant?
I've never used Mathematica and can't find any good comprehensive explanations of the workbook paradigm. From the little I have found, it's basically a text editor interface where you can execute previously typed commands by hitting a shortcut and the output is appended below the command, while still retaining the ability to move all over the page, right?
So those controls in the last link can be displayed in the workbook as views on command output? I've been toying with a similar idea for a while now - wasn't aware that there were already implementations of it. I think we're going to witness/participate in a paradigm change in the near future.
Your second paragraph is confusing what I was trying to distinguish as "implementation" from "metaphor". Yes, I agree all that is a mess (though good luck trying to fix it -- won't ever happen). But it's a tolerable mess, because it enables the command line.
And your first point is just verifiably wrong. If there were truly better workflow metaphors for software development, you'd think at least some of the best hackers would have discovered it and moved to it at some point in the last four (!) decades. Instead, all of the most productive developers in our subculture (almost quite literally every single one of them) work at a command line. They haven't moved elsewhere, because it won't happen, because your thesis is simply incorrect: no better metaphors have been discovered.
> Why are we happy? We are not. Terminal emulation needs to die
Yes, but the proposed replacement for UNIX consoles is a Google web browser that requires you log into Google in order to use it?? I don't think so....
this is insanely awesome. as it stands right now, yes its "just ssh". But open up the developer toolbar and you'll notice this thing is rendering HTML inside of webkit. It doesn't take a genius to see this is a few baby steps from making it possible to render arbitrary graphics in the shell. edit: I might go out on a limb here and say this project is something that is going to be looked at as a real inflection point a few years from now.
Any input receivable by OpenSSH, regardless of whether it is valid user input or malicious input being delivered by a cross-domain attacker, mustn't result in exploit. If so, it's a bug in OpenSSH, not the fault of the developer who integrating the existing OpenSSH code into a new environment.
Unless, of course, the developer integrating the existing OpenSSH code did so in a way that's not the formal OpenSSH interface. Like if he had to do some kind of dirty hack. But he shouldn't have to for this project.
I don't see how the OpenSSH code is expected to automagically insure that keystrokes sent from Google Chrome came from intentional user generated actions.
Any XSS type vulnerabilities in this are likely the result of issues with the extension itself rather than OpenSSH, IMO.
The app opts-in to a strict Content Security Policy <http://www.w3.org/TR/CSP/>, which disallows 'eval' entirely. It also severely restricts where and how JS can be loaded with the script tag, setTimeout/setInterval, and event attrbites. It's essentially intended to make sure that only the JS that shipped with the extension can be executed.
There may be undiscovered exploits, of course, but CSP severely reduces the chances.
Ah yes, I was trying to remember what the name of that project was. Seriously, with a few tweaks this will allow you to write console apps that can check termcaps to decide if they should be writing out HTML. From there, you can imagine building a "websh" that does the right thing to enable all of those TermKit ideas.
Shameless self plug: https://github.com/hoeck/schirm. It does exactly that, rendering arbitary html (inside iframes) between lines of a vt100 compatible terminal emulator, using escape-sequences to denote document data and images. Works quite well as a proof of concept. What annoys me so far is that its relatively slow (running find on a large dir may take ~20 times longer than on gnome-terminal) and the headaches around (automatically) resizing iframes.
Uh, kinda. "Browser applications" is a bit misleading though. Imagine starting a Clojure REPL and having it graph things right there as you hack. Or having iconography or image previews when you run ls. Or being able to see mathematical notation while you're inside of BC. Or having a commandline interface to Wolfram|Alpha output.
The TermKit reply in this thread should be sufficient to see why this will be very cool.
People already write these kinds of applications today [0], they just don't run in a terminal. I could ask what benefit there is to expanding a terminal's capabilities so they can run there, but then we would just end up rehashing the arguments from http://news.ycombinator.com/item?id=2559734
This app is part of a small whitelist of apps that can make this type of connection. It's a temporary solution though. The Chrome team is working on ways to make the functionality more widely available.
Just got through scouring the pepper 19 docs for any mention for how this was done. Exciting to see this kind of functionality enabled, but apprehensive about chrome apps developing into an android style permission nightmare. Perhaps if the user always had the ability to arbitrarily revoke permissions and block them by default.
I'd been checking every few months for the last several years to see if sockets were available in NaCL, for this exact killer app (along with a vnc/rdesktop client)
Sad that it had to be done with an internal whitelist, but I'm mostly just happy that it exists for me to use even if I didn't get to write it!
Can someone please explain to me why I would possibly want to run a terminal emulator inside of my web browser, instead of just using the terminal emulator app that my system ships with?
THANK YOU. I seriously do not get this app. Yes, they may have done a great job, but i don't get why i would want to use it. I can't use it on someone else's desktop because i'd have to install crap in their Chrome. I wouldn't use it on my desktop because I've already got a good terminal app that I've tweaked to be just the way I like it.
Nevermind "killer" app... why is there ANY need for this?
Nope, it runs fine on my Cr-48. In fact, as of Chrome OS 20, the native xterm seems to have been replaced with the version from this extension, running in its own tab.
No. from the page "It uses Native-Client to connect directly to ssh servers without the need for external proxies." it IS a ssh client. no http proxies.
And they support keys -- Although it seems the primary way to use them is by putting your keys into your 'Downloads' folder, which isn't exactly ideal.
Looks like this will eventually replace the inbuilt ssh supplied with crosh (Chromium OS shell)
Windows doesn't have good terminal emulator. This extension is almost like having gnome-terminal on Windows. SSH into a remote machine and you have the usual keyboard navigation that the Windows "terminal" doesn't offer.
Sure, but I can download and run PuTTY directly from its download page faster than I can log in to my Google account on any machine where the credentials aren't already saved.
The Chrome extension could be nice for preconfigured "many-to-many" single-sign on from/to a number of hosts with a (hopefully encrypted) RSA key, however.
Windows! I spend most of my time coding in PuTTy + Vim when I'm on windows. In my limited testing this works as I expect with xterm-256, tmux, and Vim on my Ubuntu 12.04 Server without having to configure anything. PuTTy is a pain to configure on a new box.
Setting unicode, changing backspace, setting xterm-256 as the TERM variable, etc ... PuTTy configuration is unintuitive when you first try to configure it. There's a well known page dedicated to configuring PuTTy properly on Windows.
tmux didn't work as expected for me. i.e. I could attach to my tmux sessions, as well as switch between the "panes" - but I couldn't see the status bar.
I also started a new tmux instance (rather than attach to existing one) still no status bar. Any suggestions ?
Edit : Problem solved. I went into Full screen mode (F11) after clicking in addressbar (When focus was on the terminal, F11 printed ~) Anyway, when I started tmux in full screen mode, I could see tmux status bar. I continued to see it even after I left full screen.
the complete list of software i use day-to-day consists of a web browser and a terminal emulator. if i switched over to this, that list goes down to just a browser.
maybe some people don't care, but i think it's pretty cool.
If the complete list of software you use is a web browser and a terminal emulator, what do you do in the terminal emulator? Run a text-based web browser and/or other terminal emulators?
sorry, i mean software installed on my computers. i use many different software packages installed on remote servers, but i don't need or want any of that stuff running on my computers.
I don't like the idea of using a single app for everything. I have tons and tons of (personal) reasons, but the most obvious and un-solvable reason is: I can switch between terminal emulator and web browser with Command+Tab. If they were both the same thing, I couldn't do it and I would be very disturbed and confused. The same reason I don't use GMail web app and use Mail.app instead, or Reeder.app or iCal.app or iTunes.app.
Of course. But I usually have a few open browser windows (each containing 5-10 related tabs). If Gmail was also a window, I would have to press Cmd-` (Mac's shortcut for switching between different windows of a single app) multiple times.
But to be honest that's not how I actually do my stuff. I use QuickSilver[1] and when I want to go to Mail.app, I just press Cmd-Space, then 'M' or 'Ma' (because Mail.app begins with M) and press return. It takes less than 0.4 seconds (QS is wicked fast) and is much more convenient than a tab in my browser. Not to mention that a native app is usually way faster and more responsive (I have a ridiculously slow internet connection).
On Windows and *nix--well Ubuntu at least--you can drag a browser tab into a new window and then Alt-Tab between them. Is there no equivalent on a Mac?
Yes. It's Cmd-` (~ without holding down shift. and it works in all apps, not just browsers). But there are more benefits to a native app than a browser tab (for me at least): http://news.ycombinator.com/item?id=3912689
As a followup, my terminal windows are rarely the same size as my browser windows. I don't like resizing my browser windows in general because the browser will remember the new size, even though it was meant as a once-off window. So having a browser-sized terminal doesn't seem like a very good experience.
Additionally, it doesn't even work right. In a screen-controlling app like vim it seems fine, but in the normal shell, once I enter enough text to use more than a screen, the bottom-most line is actually off the window (even if I scroll down).
The missing lines at the bottom is a bug that got fixed just after this release. The next Secure Shell release won't have the issue.
And your browser size issue goes away if you open the terminal in its own window. Chrome even has an "Open as Window" option (right click on the Secure Shell icon) to open in a window with no browser UI.
So I used to think the same thing, and then I saw something funny: it was a spinning 3D cube with a scrolling document on all 6 faces. It was made with pdf.js and WebGL.
Now this isn't the same because it's NaCl and therefore not pure-web, but a pure-web terminal emulator would be awesome! It would mean you could embed it within normal web content and mash it up with other stuff. Want to edit your dropbox contents/Gmail in Vim? Maybe pipe the contents of a file into a text box? Maybe just live refresh the output of your web site when you save?
Actually, I'm running out of cool things you could do. Nobody needs a spinning 3D cube with a PDF on it, but the fact that you CAN do it means that people will invent something useful for it, and I have no doubt they would invent something awesome with an in-browser terminal emulator.
Unfortunately, this being NaCl, it may not be it. Shame.
I can understand that having an open-source library that provides the ability to embed a terminal emulator might be useful somewhere, to someone. But as a full-screen plugin for Chrome?
The only part about this written in NaCl is the "ssh" command. The terminal emulator portion of it is entirely JS.
The only reason it isn't currently cross-browser is because I don't have enough time in the day to make it work everywhere. I tried not to make it too Webkit specific though. If some brave JS hacker/Firefox user wants to make this cross browser, I'd be happy to help.
I opened chrome to check this out, but it wants me to "sign in" to install the extension. For me this is a bridge too far: I don't care to tell google about every single extension/application (extensplication?) I'm using.
Like many people, I'm trying to step back from google/facebook snooping, and this would be a solid step toward such big brothering. I suppose next they'll see what email providers I use and whom I correspond with with mutt or whom I chat with on other services with finch etc.. Why expand google's data-gathering "attack surface"? And all this for... (?) what does this offer that sets it above my current terminal client?
Someone please tell me if there is any technical reason I should need to sign in to add an extension (in particular this, or some game).
>For me this is a bridge too far: I don't care to tell google about every single extension/application (extensplication?) I'm using.
Oh for pete's sake...
Is there anything to this " I suppose next they'll see what email providers I use and whom I correspond with with mutt or whom I chat with on other services with finch etc.. Why expand google's data-gathering "attack surface"?
Or is it further chicken-little, slippery slope conjecture with no basis in reality? Keep in mind that you're connecting to their web store to download this, even sans login. That means they have your IP, and a metric ton of identifying information about you via your browser fingerprint (ala Panopticlick). Complaining about signing in just seems rather silly. Oh noes! They know that you downloaded an extension!
You'll have to forgive me for being blunt. This particular absurd line of thought is starting to seriously become an annoyance - even the chans have latched onto it. Correcting people who have the wrong idea is getting old.
Have you noticed that this keeps happening on different forums? It seems to be an effect of a population threshold being reached and (possibly) the time the forum has existed (separate from the population size - how comfortable the members are and, therefore, how loose they are with their words).
Well frankly I think my "they might read my chat in finch" is a stretch, but no, I don't think that assuming google's goal is to stretch their tentacular roots as deeply as possible into the fertile, loamy soil of my private information is "slippery slope conjecture with no basis in reality." To the contrary, as you probably know, gathering personal information on users is the primary purpose of all of google's unpaid products and the heart of their business model. Would you dispute this fact?
So they are a targeted-ad company whose value is to a great extent commensurate with the amount of information they have on users (another uncontroversial statement, I hope). More info = more value, and you think it's "conjecture" to speculate that they might push further and further into your experience on their platform?
This is the crux of it for me: I've been installing desktop applications and browser extensions for years, and I've never needed to tell an advertiser and the biggest tracker / data snooper on the 'net what my email address. Now all the sudden I do, and there's no (clear) method to opt out, and I'm OK with this because why? I'm willing to trade my data for services when the services are valuable (I use gmail & facebook), but this looks like "give us more info, just cuz" with no value prop. Sure you can sync but I don't want to and there's no reason you should be forced to sign in; that is 100% about data gathering (otherwise there'd be a "forgo sync" option).
IP address and browser fingerprint is not the same as "link everything explicitly to my google account," by the way.
> Like many people, I'm trying to step back from google/facebook snooping, and this would be a solid step toward such big brothering.
Google seems to be working on this. If you've ever seen someone without a Google account try to use Android for the first time you can see how much effort they are putting into stopping people from using their products.
I've never used an iPhone. At the time, I was comparing the experience with setting up my DSi. It lets you download things without making an account or having a credit card.* In fact, before downloading Angry Birds for Chrome I had never needed to sign up to download anything. (You also need to be online and signed in to play the game.)
*The DSi Shop is a big pile of fail, but that is unrelated.
Cool, and I see what you're saying, but there's a specific reason that these things are set up the way that they are.
It's about ensuring that the same experience exists whether you're spending money or not. The reasoning goes, if it's painful to spend money the first time, many people will never set things up if they can get away with free stuff. But if you're required to have an account with a credit card already set up to even get a free thing, then you're more likely to spend money when the time comes. This is also why installing a free app on your iPhone requires you to enter your password and confirm your purchase.
Google's implementation of this is worse than Apple's, because they don't demand your credit card information until the first time you try to purchase something. But ultimately, they're both driving at the same thing, and it's hard to argue with the fact that they're pretty successful at it.
As for your DSi, I hope you never lose or damage it. The lack of accounts for the store means that your purchases are bound to the device and are non-transferrable.
>Google seems to be working on this. If you've ever seen someone without a Google account try to use Android for the first time you can see how much effort they are putting into stopping people from using their products.
You press the "skip" button and then don't try to launch Gmail or Google Play or anything else that understandably needs a Google account.
What is so... appalling about that. There is no effort to "stop people" from using an Android phone without Google. Further it's a pretty silly attack on Google given their competitors and the fact that you bought... a Google Android phone...
(edit: speaking about the Nexus line of phones which I would tend to argue best reflects Google's "effort".)
this doesn't answer your question, but you can always download the crx file and sideload it without signing in (you can also clone it from the chromium repo, but then you'd also have to build the nacl part).
Kind of a pain, but if someone does want to try it out badly enough...
You misunderstand. I am pointing out that if you are consciously giving Google potential access to your bank account, it's odd to be concerned about Google having other information that is far less sensitive. It's like worrying about your white carpet because the robber holding a gun to your head has muddy boots.
Using recovery links emailed to users to access their bank accounts and gather information would open up Google to all sorts of legal trouble even if they do nothing but look. As class-action lawsuits are generally not very good for business, I consider this much less of a concern than legal methods of gathering information, even when the potential information gained from the legal methods is less sensitive.
You need to be signed in so that the extensions/apps/games can be properly synced to your other Chrome installations. The philosophy of ChromeOS seems to be for absolutely everything to get synced from the cloud. The login can't be optional since it'd be an incredibly shitty UX to have apps installed from the store sometimes sync to your new machine and sometimes not.
> The login can't be optional since it'd be an incredibly shitty UX
The login can be optional if Google chooses to make it so. If I don't want to log in and therefore endure a shitty UX, let me have that shitty UX, thank you very much! It's not like I need all the same apps in all my devices anyway. For example, I might not need this SSH app in a device that can run a proper OpenSSH client.
And that's exactly the problem that some of us have with the /Chrome(OS)?/ philosophy. It's either their way or highway, with no options in between. (That's not necessarily bad for everyone, though. There are alternatives like Firefox for those who don't like Chrome.)
To those saying "who cares" consider that you may wish to use this extension on a computer where you don't feel comfortable issuing your Google login credentials.
I don't think you need to issue your Google login credentials to _use_ the extension, only to install it. Further, if you're on a computer where you don't feel comfortable using your Google login, why would you feel comfortable using ssh (via this extension) on the same said computer?
because having a web browser just be a web browser is apparently an outdated concept. Or something.
I mean sure, opening up an ssh client is 4 keystrokes for me (on windows) but we need to have it integrated into the browser so firefox (or chrome in this case) can find a way to be even more of a bloated memory pig.
177 comments
[ 3.4 ms ] story [ 285 ms ] threadno ssh keys, no port forwarding, Chrome 19 + "Open as Window" for some shortcut keys, etc.
I tried adding it manually in settings->Content Settings...->Handlers, but it only allows you to select handlers on sites that have already requested permission, not add new ones (as far as I can tell).
FWIW, it was reviewed internally by Google security people before going live.
What this will do, however, is hopefully end for good the mess of "How do I expose a command line application to my windows-using friends such that they aren't confused and won't hate me.". And there's a whole lot of value to that.
Now there's HTML5 and javascript, the world's most complicated terminal control language.
Also, in-band signalling, escape characters, magic select() timing loops to distinguish from "real" input, hackarounds for the fact that the original terminal was a separate computer and had local and remote modes and some keys never sent anything... is that metaphor REALLY still relevant?
Also check out http://www.wolfram.com/cdf/ for the more general attempt to make a dynamic document standard. I don't know how successful that's been.
Thanks for all the links.
And your first point is just verifiably wrong. If there were truly better workflow metaphors for software development, you'd think at least some of the best hackers would have discovered it and moved to it at some point in the last four (!) decades. Instead, all of the most productive developers in our subculture (almost quite literally every single one of them) work at a command line. They haven't moved elsewhere, because it won't happen, because your thesis is simply incorrect: no better metaphors have been discovered.
Yes, but the proposed replacement for UNIX consoles is a Google web browser that requires you log into Google in order to use it?? I don't think so....
Unless, of course, the developer integrating the existing OpenSSH code did so in a way that's not the formal OpenSSH interface. Like if he had to do some kind of dirty hack. But he shouldn't have to for this project.
Any XSS type vulnerabilities in this are likely the result of issues with the extension itself rather than OpenSSH, IMO.
There may be undiscovered exploits, of course, but CSP severely reduces the chances.
The TermKit reply in this thread should be sufficient to see why this will be very cool.
[0] E.G. http://fishsoup.net/software/reinteract/
I'd been checking every few months for the last several years to see if sockets were available in NaCL, for this exact killer app (along with a vnc/rdesktop client)
Sad that it had to be done with an internal whitelist, but I'm mostly just happy that it exists for me to use even if I didn't get to write it!
Nevermind "killer" app... why is there ANY need for this?
I feel like I'm missing something very obvious.
I can't work on a Windows machine without installing SecureCRT or Putty. One less thing to install and tweak.
Looks like this will eventually replace the inbuilt ssh supplied with crosh (Chromium OS shell)
The Chrome extension could be nice for preconfigured "many-to-many" single-sign on from/to a number of hosts with a (hopefully encrypted) RSA key, however.
What sorts of configs have you had to do for Putty?
http://www.extraputty.com/features.html
Seems like one of its goals is to make it easier to move PuTTY configurations from one machine to another.
I also started a new tmux instance (rather than attach to existing one) still no status bar. Any suggestions ?
Edit : Problem solved. I went into Full screen mode (F11) after clicking in addressbar (When focus was on the terminal, F11 printed ~) Anyway, when I started tmux in full screen mode, I could see tmux status bar. I continued to see it even after I left full screen.
Not sure what was the (temporary) problem.
So with the Chrome keyboard shortcuts to switch between tabs, it makes things a little quicker.
maybe some people don't care, but i think it's pretty cool.
But to be honest that's not how I actually do my stuff. I use QuickSilver[1] and when I want to go to Mail.app, I just press Cmd-Space, then 'M' or 'Ma' (because Mail.app begins with M) and press return. It takes less than 0.4 seconds (QS is wicked fast) and is much more convenient than a tab in my browser. Not to mention that a native app is usually way faster and more responsive (I have a ridiculously slow internet connection).
[1]: http://qsapp.com
This is actually completely solvable, if it was something lots of people wanted to do it could be trivially built into any browser.
It could be built into FF globally with an extremely simple plugin.
Additionally, it doesn't even work right. In a screen-controlling app like vim it seems fine, but in the normal shell, once I enter enough text to use more than a screen, the bottom-most line is actually off the window (even if I scroll down).
http://code.google.com/p/chromium-os/issues/list?can=2&q...
And your browser size issue goes away if you open the terminal in its own window. Chrome even has an "Open as Window" option (right click on the Secure Shell icon) to open in a window with no browser UI.
Now this isn't the same because it's NaCl and therefore not pure-web, but a pure-web terminal emulator would be awesome! It would mean you could embed it within normal web content and mash it up with other stuff. Want to edit your dropbox contents/Gmail in Vim? Maybe pipe the contents of a file into a text box? Maybe just live refresh the output of your web site when you save?
Actually, I'm running out of cool things you could do. Nobody needs a spinning 3D cube with a PDF on it, but the fact that you CAN do it means that people will invent something useful for it, and I have no doubt they would invent something awesome with an in-browser terminal emulator.
Unfortunately, this being NaCl, it may not be it. Shame.
The only reason it isn't currently cross-browser is because I don't have enough time in the day to make it work everywhere. I tried not to make it too Webkit specific though. If some brave JS hacker/Firefox user wants to make this cross browser, I'd be happy to help.
Like many people, I'm trying to step back from google/facebook snooping, and this would be a solid step toward such big brothering. I suppose next they'll see what email providers I use and whom I correspond with with mutt or whom I chat with on other services with finch etc.. Why expand google's data-gathering "attack surface"? And all this for... (?) what does this offer that sets it above my current terminal client?
Someone please tell me if there is any technical reason I should need to sign in to add an extension (in particular this, or some game).
Is there anything to this " I suppose next they'll see what email providers I use and whom I correspond with with mutt or whom I chat with on other services with finch etc.. Why expand google's data-gathering "attack surface"?
Or is it further chicken-little, slippery slope conjecture with no basis in reality? Keep in mind that you're connecting to their web store to download this, even sans login. That means they have your IP, and a metric ton of identifying information about you via your browser fingerprint (ala Panopticlick). Complaining about signing in just seems rather silly. Oh noes! They know that you downloaded an extension!
You'll have to forgive me for being blunt. This particular absurd line of thought is starting to seriously become an annoyance - even the chans have latched onto it. Correcting people who have the wrong idea is getting old.
"You'll have to forgive me for being rude, obnoxious, conclusion-jumping."
Fixed that for ya.
You're welcome.
Obnoxious? Don't post misinformation and you won't be challenged.
Conclusion jumping? What conclusion did I jump to?
And as far as making "Fixed" posts go.. doctor, heal thyself ;)
Maybe they do, maybe they don't. ;-)
So they are a targeted-ad company whose value is to a great extent commensurate with the amount of information they have on users (another uncontroversial statement, I hope). More info = more value, and you think it's "conjecture" to speculate that they might push further and further into your experience on their platform?
This is the crux of it for me: I've been installing desktop applications and browser extensions for years, and I've never needed to tell an advertiser and the biggest tracker / data snooper on the 'net what my email address. Now all the sudden I do, and there's no (clear) method to opt out, and I'm OK with this because why? I'm willing to trade my data for services when the services are valuable (I use gmail & facebook), but this looks like "give us more info, just cuz" with no value prop. Sure you can sync but I don't want to and there's no reason you should be forced to sign in; that is 100% about data gathering (otherwise there'd be a "forgo sync" option).
IP address and browser fingerprint is not the same as "link everything explicitly to my google account," by the way.
Google seems to be working on this. If you've ever seen someone without a Google account try to use Android for the first time you can see how much effort they are putting into stopping people from using their products.
It was really difficult with the ADP1/G1 back in 2008. But meanwhile it is not that difficult if you don't want to use the Google services.
...wait.
*The DSi Shop is a big pile of fail, but that is unrelated.
It's about ensuring that the same experience exists whether you're spending money or not. The reasoning goes, if it's painful to spend money the first time, many people will never set things up if they can get away with free stuff. But if you're required to have an account with a credit card already set up to even get a free thing, then you're more likely to spend money when the time comes. This is also why installing a free app on your iPhone requires you to enter your password and confirm your purchase.
Google's implementation of this is worse than Apple's, because they don't demand your credit card information until the first time you try to purchase something. But ultimately, they're both driving at the same thing, and it's hard to argue with the fact that they're pretty successful at it.
As for your DSi, I hope you never lose or damage it. The lack of accounts for the store means that your purchases are bound to the device and are non-transferrable.
You press the "skip" button and then don't try to launch Gmail or Google Play or anything else that understandably needs a Google account.
What is so... appalling about that. There is no effort to "stop people" from using an Android phone without Google. Further it's a pretty silly attack on Google given their competitors and the fact that you bought... a Google Android phone...
(edit: speaking about the Nexus line of phones which I would tend to argue best reflects Google's "effort".)
Kind of a pain, but if someone does want to try it out badly enough...
Trust me when I tell you this:
Google will never steal money from your bank account, by using a password recovery link that you had emailed to your GMail account.
Does that really need to be said? Do you really need CONVINCING of this?
my bankaccounts are important, but they also come with fraudprotections.
the complete picture of my life, all data mined, possibly misinterpreted, and then availableto my enemies is farmore scary.
Gmail was not the OP's cause for concern.
The login can be optional if Google chooses to make it so. If I don't want to log in and therefore endure a shitty UX, let me have that shitty UX, thank you very much! It's not like I need all the same apps in all my devices anyway. For example, I might not need this SSH app in a device that can run a proper OpenSSH client.
And that's exactly the problem that some of us have with the /Chrome(OS)?/ philosophy. It's either their way or highway, with no options in between. (That's not necessarily bad for everyone, though. There are alternatives like Firefox for those who don't like Chrome.)
To those saying "who cares" consider that you may wish to use this extension on a computer where you don't feel comfortable issuing your Google login credentials.
I mean sure, opening up an ssh client is 4 keystrokes for me (on windows) but we need to have it integrated into the browser so firefox (or chrome in this case) can find a way to be even more of a bloated memory pig.