Fixed article title: Here is a topic that will impact you for 20 seconds until you google the problem and switch your browser to developer mode here are some words that will draw you in; Google!! Chrome!! Doom!!
What about extensions that I've had installed for a long time, installed from the webstore but have since been removed or updated to versions I don't want?
It's not about not knowing how to switch to developer mode, it's about the fact that everywhere is putting up higher and higher walled gardens. Sure, it makes sense for most people, but it's not the direction I like to see the internet go in.
You are over assuming the point of the comment. I find article titles to be incredibly misleading at times and it is frustrating and this was as good an opportunity as any to vent. I believe that segmenting extensions in this way is excellent with the primary added element of stopping installers from adding something to your browser in the first place that you may not want. I feel like "Google encapsulating extensions to protect entry level users" would have been a much more honest title for this article instead it uses words like "block" to make it feel like something is being taken away when really this is probably how it should have been setup in the first place.
From my experience remediating machines at a university support shop, we see far more that have crap addons installed that hijack search and inject intrusive ads into every site. They're never installed through the Chrome App Store, so I'm guessing Google is trying to combat things like this where the end user installs a coupon finding program and their browser gets taken over as a result.
Tell me if this exists...Imagine a developer tools "commit" interface, where you could make changes in the DOM or to CSS and then save them from the browser.
Right now if I adjust a bunch of different elements, I have to remember each one and copy them by hand.
I think this exists in the standard Dev Tools / inspector.
Edit a CSS file in the Sources tab of the Dev Tools then right click and click Local Modifications. Also right click on the file (in the whitespace) and click Save. Then click History and you can see the exact changes that you made and even revert.
I've never used it though, not sure how useful it is.
There is also a Workspace feature in the Dev Tools options which might have something closer to what you are looking for.
Dev tools, password manager, chrome-to-phone, adblock, edit-this-cookie are all I've ever needed, and many of those I use with another Chrome profile (wonderful new feature if you haven't used it yet).
Do you really want things like an FTP, file manager, text editor, or other extensions installed? They could easily introduce security vulnerabilities and will slow down your browsing experience (something that you want to be fast).
I leave about 500 tabs open so more extensions are not something that I want to have locking up my browser.
Many browser extensions ask for permissions such as viewing all web history, no thanks...
Haha, you should see my bookmarks... no less than 10,000 right now (probably more) and I export and clean them every 6 months. The thing is they are all quality sites or pages and interesting information that I would like to read or will need sometime soon. I've tried all of the major bookmarking sites and have even planned on rolling my own a couple of times (didn't have enough time to build it out though).
500 tabs is probably an exaggeration, but unless I recently restarted my computer or Chrome so it will update I always have over 100 open.
Does anyone know of an open-source bookmark manager that can be self-hosted? The bookmarklet is easy to create and archiving a copy of the site would be a really nice feature (but not required). There are also several scripts to pull out summaries or body text from pages, but those could always be processed later.
I'd like to eventually import all the bookmarks into some kind of bookmark manager once I figure out the best way to handle it. The XML files that Chrome creates when you export them are a very nice storage format for processing later.
I don't think it's quite that bad in Firefox. My Firefox really is my unique Firefox, and it isn't my Firefox until I get my extensions installed. My limited impression is that extensions are part of the appeal of Firefox.
The browser extension market had its golden age from Firefox 1.0 to Firefox 4.0, roughly.
Now the feature set for a browser pretty much settled down, web apps are able to do powerful things on their own, and mobile apps stole the market of the "small app that does one specific thing good".
Really? As far as I can tell extensions like Evernote (3.2m users), Pocket (1.5m) and Buffer (250k) are heavily used, well understood, and loved by many average consumers.
You could make the argument that the variety of use cases is limited: all of the above are fairly simple "click a button to save somewhere" apps, and they don't do too much fancy integration beyond laying an iframe with their save dialog onto the page.
Our own academic-focused extension (https://chrome.google.com/webstore/detail/paperpile-extensio...) is a bit more niche, but does some cool stuff: we use the background page to parse metadata from PDFs, content scripts to insert buttons into academic search results (Buffer does something similar for Twitter), and it plugs into Google Docs to provide an extra layer of UI.
But alas, the most useful thing our extension does is similar to Evernote/Pocket/Buffer: save a piece of content (in this case journal articles) for later.
I think the problem with doing cool extension stuff is that it's often really hard to get just right: you need to tread carefully when working on a system that could interfere with your user's most basic browsing experience!
Yep. I understand the resentment towards this decision, but anything that cuts down on the 10+ Conduit adware extensions I find myself uninstalling from clients' computers every day is fine by me.
Some of these infected extensions already show up as being installed by enterprise policy, though, which the article states will not be affected.
So I'm not sure how effective this will be in the long run.
Which, for 99.99999% of actual users will mean they are blocked. Digging around in the guts to enable "Developer mode", with all the scary consequences, is not something users will (or should have to) do.
That's a terrible idea. Menus shouldn't intentionally be designed to be user hostile. Instead just give a warning message, preferably one that is actually informative and appropriately scary looking.
There is a middle ground between letting any malware on the machine install whatever extensions it wants with no user consent, and banning users from installing extensions entirely.
Why is this needed? Wasn't the move to only install local extensions by dragging and dropping on the extensions tab enough to prevent the vast majority of "installing infected extensions by mistake"? What security advantage does having to check a box for Developer Mode on the extension page offer over how it's done now, other than making it slightly harder and more confusing for the user himself to install local extensions?
Google is just one step away from making me quit using Chrome. If they ban external extensions for good with a future Chrome release, that's it, I'm done. I'll start using either Firefox or Opera, and then convince everyone I know to use them, too, just like I did before with Chrome.
And how were people confused into dragging and dropping the extensions on the extension page before? That's what I'm saying. I see no security benefit over how it already works.
Local applications can modify Chrome's settings and inject their own extensions with no involvement by the user. This change is targeted at preventing extensions that the user did not explicitly install.
Can you elaborate? Do you mean supported browsers? I would have thought that for a POS (assume you mean 'Point of Sale') then this change would be a good thing?
I believe local extensions will be disallowed on stable and beta channel on Windows, according to the blog post. I think this means that on the stable channel on Windows, there will no longer be a “Developer mode” in chrome://extensions. This is because Developer mode is simply a registry setting that malware on Windows can modify, so Chrome will no longer trust this setting.
At the moment, there's a way for software to install Chrome extensions (not developer mode). They're removing this capability. You will probably still be able to run developer mode extensions
This is a smart move. Crapware vendors have started installing Chrome extensions bundled with their crapware installers, hijacking browser home page and search page.
The end result of this is that many of my non-technical family members end up with a hijacked Chrome experience. I've seen this only in the last year, increasingly so in the last few months.
This move to outlaw extensions not in the Chrome Store will halt this behavior.
The problem with this is crapware vendors existed before extensions were available. They were dirty hack modifications to the programs. They would introduce all sorts of bugs and since they modified the actual software they were a pain to uninstall.
If your cabin in the woods is getting broken into, you won't secure it by putting a lock on the front door. You'll just get robbed and have a broken window.
The real problem is users accepting and running installers that install crapware. You effectively give it permission to do anything it wants.
This is the best explanation of the move, but won't it just lead to crapware figuring out how to enable developer mode and continuing to install bad extensions?
Would you say the same about Microsoft not allowing apps outside of the Metro store, or Apple not allowing apps outside of the Mac store?
I can only support such a move as long as there is still away to use them. If they completely ban external extensions, then I won't be supporting Chrome anymore, because I know it's only a matter of time before they ban Adblock then, or other apps they don't agree with.
I agree, Chrome shouldn't allow external application to automatically install extensions. There are few (none outside of the business/enterprise area?) cases where it's done for a good reason, and a lot of cases where it's done to install some adware/spyware.
If I'm reading the article right, they'll also disable any extension that the user manually installed from a local .crx. I don't agree with this, just add a warning and allow it. To me, it feels like some sort of DRM.
It doesn't help that developers have to pay a $5 fee to publish extensions in the Chrome Web Store. It's small, but not everyone is willing to/can pay it.
Also Google removes apps from the chrome store they don't like. Like Youtube Center and Uneddit Reddit. And even if the amount of money it costs is small, it's still a relatively large tax for something that could be free.
This seems to me to be an interesting comparison to the political world. In this instance, we have Google and Apple, both doing essentially the same thing in different ways, but one of them is doing it slightly less than the other and demonizing their opponent over it.
In the (U.S.) political world, we have Democrats and Republicans both doing essentially the same thing in a different way, and demonize the other for taking some aspect of it "too far".
Maybe if we got used to having more than two choices, we wouldn't have to worry about this as much.
71 comments
[ 2.6 ms ] story [ 145 ms ] threadIt's not about not knowing how to switch to developer mode, it's about the fact that everywhere is putting up higher and higher walled gardens. Sure, it makes sense for most people, but it's not the direction I like to see the internet go in.
Too many drive by installs try to happen without it.
I'm Firefox all the way but let's not spread FUD.
Edit: I mean to say the development community hasn't explained the benefits or come up with interesting use-cases. Or at least not very loudly. ;)
Right now if I adjust a bunch of different elements, I have to remember each one and copy them by hand.
Edit a CSS file in the Sources tab of the Dev Tools then right click and click Local Modifications. Also right click on the file (in the whitespace) and click Save. Then click History and you can see the exact changes that you made and even revert.
I've never used it though, not sure how useful it is.
There is also a Workspace feature in the Dev Tools options which might have something closer to what you are looking for.
Do you really want things like an FTP, file manager, text editor, or other extensions installed? They could easily introduce security vulnerabilities and will slow down your browsing experience (something that you want to be fast).
I leave about 500 tabs open so more extensions are not something that I want to have locking up my browser.
Many browser extensions ask for permissions such as viewing all web history, no thanks...
500 tabs is probably an exaggeration, but unless I recently restarted my computer or Chrome so it will update I always have over 100 open.
Does anyone know of an open-source bookmark manager that can be self-hosted? The bookmarklet is easy to create and archiving a copy of the site would be a really nice feature (but not required). There are also several scripts to pull out summaries or body text from pages, but those could always be processed later.
I'd like to eventually import all the bookmarks into some kind of bookmark manager once I figure out the best way to handle it. The XML files that Chrome creates when you export them are a very nice storage format for processing later.
Now the feature set for a browser pretty much settled down, web apps are able to do powerful things on their own, and mobile apps stole the market of the "small app that does one specific thing good".
You could make the argument that the variety of use cases is limited: all of the above are fairly simple "click a button to save somewhere" apps, and they don't do too much fancy integration beyond laying an iframe with their save dialog onto the page.
Our own academic-focused extension (https://chrome.google.com/webstore/detail/paperpile-extensio...) is a bit more niche, but does some cool stuff: we use the background page to parse metadata from PDFs, content scripts to insert buttons into academic search results (Buffer does something similar for Twitter), and it plugs into Google Docs to provide an extra layer of UI.
But alas, the most useful thing our extension does is similar to Evernote/Pocket/Buffer: save a piece of content (in this case journal articles) for later.
I think the problem with doing cool extension stuff is that it's often really hard to get just right: you need to tread carefully when working on a system that could interfere with your user's most basic browsing experience!
If you do the right thing for your users first, this is what you do. You put user needs over developer needs.
There is a middle ground between letting any malware on the machine install whatever extensions it wants with no user consent, and banning users from installing extensions entirely.
Google is just one step away from making me quit using Chrome. If they ban external extensions for good with a future Chrome release, that's it, I'm done. I'll start using either Firefox or Opera, and then convince everyone I know to use them, too, just like I did before with Chrome.
People who are willing to move to "Developer mode" will not be the people who will be confused in any way.
To develop extensions on Windows, I think you will have to switch to the dev or canary channel http://www.chromium.org/getting-involved/dev-channel
Edit: changed “now” to “will be” for clarity. Thanks Navarr.
At the moment, there's a way for software to install Chrome extensions (not developer mode). They're removing this capability. You will probably still be able to run developer mode extensions
The end result of this is that many of my non-technical family members end up with a hijacked Chrome experience. I've seen this only in the last year, increasingly so in the last few months.
This move to outlaw extensions not in the Chrome Store will halt this behavior.
Also, I doubt that you need an extension to change the homepage.
If your cabin in the woods is getting broken into, you won't secure it by putting a lock on the front door. You'll just get robbed and have a broken window.
The real problem is users accepting and running installers that install crapware. You effectively give it permission to do anything it wants.
I can only support such a move as long as there is still away to use them. If they completely ban external extensions, then I won't be supporting Chrome anymore, because I know it's only a matter of time before they ban Adblock then, or other apps they don't agree with.
If I'm reading the article right, they'll also disable any extension that the user manually installed from a local .crx. I don't agree with this, just add a warning and allow it. To me, it feels like some sort of DRM.
It doesn't help that developers have to pay a $5 fee to publish extensions in the Chrome Web Store. It's small, but not everyone is willing to/can pay it.
In the (U.S.) political world, we have Democrats and Republicans both doing essentially the same thing in a different way, and demonize the other for taking some aspect of it "too far".
Maybe if we got used to having more than two choices, we wouldn't have to worry about this as much.