Slashdot Mirror
Google To Block Local Chrome Extensions On Windows Starting In January
An anonymous reader writes "Google today announced it will block local Chrome extensions starting in January, but only on the Windows platform. This means that next year, Windows users will only be able to install extensions for the company's browser from the Chrome Web Store. The changes will affect both Chrome's stable and beta channels on Windows. Google says it will continue to support local extension installs on its Dev and Canary channels, as well as installs via Enterprise policy. Chrome apps are not affected at all and will continue to be supported normally."
I know that LastPass has a web app, but the local app has for more options. Hope they get this updated before January!
For example, YouTube downloaders-
I stopped using Chrome because it's extensions were not up to par with Firefox addons.
And now I feel less inclined to use Chrome at all.
I use an extension to download videos from YouTube. Those tend to be blocked from the Web Store, so you have to install them manually from other websites (this is the bit that is getting blocked). I hope there is at least a command line switch left in to disable this behavior! It's very "walled garden" and I don't like it.
BTW, the summary says "local extensions" but that is incorrect. It just blocks non-Chrome Web Store web extensions. Extensions you are actively developing and load via "Load unpacked extension" will still work.
Actually, that might have to be the fix for my YouTube extension I use. Oh well.
...And overnight, Chromium replaces 97% of Chrome's market share.
Good thing I use Chromium.
Adblock, maybe?
Did Google recently buy a brick factory because they seem to be trying to slowly build a wall around their not-quite-as-open-as-it-once-was garden. Between this and some of the stuff they are pulling with Android (Play Store, API lock-ins) and Chromecast they seem to be all about turning down the openness lately. Come to think of it, that seems to be a trend (Skype, Twitter APIs off the top of my head, then of course that fruit company) lately.
I browse on +1 so AC's need not respond, I won't see it.
Oh, wait, you can just use Chromium and stop crying.
Anyone that uses Chrome and bitches deserves to suffer. You do not need automatic updates.
In fact, automatic updates are more of a pain than anything. There is a reason nobody uses forced updating in business, because developers are asshats that constantly break their own shit and then everyone suffers because of it.
Chromium devs are some of the worst for that too. I can't count how many times "stable" updates broke the browser back in the earlier days, jesus christ what the hell were you guys doing?
If they do, however, block it on Chromium, I am serious in the forking question, I can easily drop my life and work on it. Fuck Google. Don't piss me off, I'm bitter, determined and lifeless outside of code.
I suspect that this is less about blocking YouTube downloaders, and more about blocking those extensions that appear after not un-checking the box on programs downloaded and installed from the internet. I.e. it's more for the protection of grandma who wants to download a pretty solitaire app than it is for stopping little Johnny downloading his music videos of Miley. If you're smart enough to follow a few simple instructions and install a local extension, you're smart enough to follow a few simple instructions and install the Dev channel of Chrome first.
mediahint, Hola, anything that lets you free VPN into services that you aren't really supposed to be able to access.
First you are going to kill off VoIP via Google voice, and now this.. Have they lost their minds? What is next?
---- Booth was a patriot ----
I have the same add-on available for both Google Chrome and Firefox. Firefox has about 100x as many users.
It makes Chrome the same on all platforms so that using Chrome on windows is like Chrome OS on a chromebook.
It is a stupid move, just like removing the ability to turn off all autocomplete in the address bar.
Do not look at laser with remaining good eye.
See Also: Google Chrome 25 will disable silent extension installation, kill all such extensions retroactively
Friday, 21 Dec 2012
Translation: Google still can't figure out how to secure Chrome from stealth installs of malware.
[Fuck Beta]
o0t!
Adblock definitely not be available to chrome soon
All adblock apps and addons were banned from google play store already.
Firefox is only browser on android and desktop that will support adblock plugin soon.
Plus they've realy exposed their hate of adblock on google groups forums
Adblock is on the Chrome Web Store.
If that were the motivation, would they not also do this on the Mac?
This is about _fucking_ annoying windows malware repeatedly reinstalling chrome extensions.
The fact that they are not breaking the capability on 'enterprise' policy installs suggests the same.
Incidentally, even if you aren't on a domain, this should mean that it isn't exactly rocket surgery to install the 'blocked' Chrome extensions. Winkey+r, gpedit.msc, import the chromium policy templates, modify 'ExtensionInstallForcelist' to taste. Game over.
I agree that its the sign of a company that needs to mature.
While i can fully understand 'projects' coming and going as not all will make the cut, but when you start mucking around with front line business apps like this, you are a fool.
---- Booth was a patriot ----
Came here to say this, it's all about the malware. Tons of malware apps use Chrome plugins.
"When information is power, privacy is freedom" - Jah-Wren Ryel
Google's catch phrase "don't be evil" reminds me of the famous Outerlimits Episode where the aliens come "TO serve Man", and it turns out that's the title of their cook book.
So google walls its garden. The walls seem to be taller than apples. FOr example, try installing linux on a chromebook. Sure you can do it but every single time it falls asleep or boots the screen it says after wake"You are running in an insecure mode, press the space bar". If press the spacebar, it erases the hard drive and re-installs chrome from scratch. Thus it's practically impossible to run Linux in any stable way on a chrome book. Yes it runs, but it's like having a set of rotating knives permanently surrounding the on-off switch. They just don't want you to do this, while they want to take credit for having an "open" platform. ( by comparisons Apples are happy to boot to linux, no rotating knives thrust at you upon wake from sleep.)
Now they crank down on the path you can use to install extensions.
Google has become not only more severe than apple but they also sell all your private info.
Google actually meant "Don't settle for being merely Evil".
Some drink at the fountain of knowledge. Others just gargle.
combined with "strategic" moves like this blocking of extensions, makes them look like nothing so much as a bunch of entitled sociopathic douche bags
I think words like "disorganized" and "unreliable" would describe it better.
... how the fine editor and all the comments managed to avoid even hinting to the real reason (clearly stated in both TFA and the original announcement - seriously, how fucking hard is it to link to that instead of some random article?!):
http://blog.chromium.org/2013/11/protecting-windows-users-from-malicious.html
This is strictly a security move. Google says it is making the move in reaction to malicious Chrome extensions plaguing Microsoft’s desktop platform
Last time I checked HTTPS Everywhere was installed from the EFF's web site and not through the Chrome store. What does this mean for Chrome and HTTPS by default?
And another corp degrades their products and starts trend toward abandonment.
Run a dns proxy.
For now. I don't trust the world's biggest advertiser to control my "user experience". There's a ghastly conflict of interest there.
I run a computer repair shop and this is not an exaggeration. Anyone stupid enough to accidentally install and then use Chrome is evidently also stupid enough to install 50 different advertising and crapware plugins as well. Every copy of Chrome I see is infected with DefaultTab and MP3Rocket and Babylon, etc. This now makes perfect sense because they can advertising themselves as the clean and safe browser.
The fact that they are not breaking the capability on 'enterprise' policy installs suggests the same.
And the fact that they allow anyone to run dev channel build, and they don't block them there...
It was nice, Chrome. Your scripting engine was fast. You hardly ever crashed. Your UI was pretty decent. I could even overlook some of your shortcomings. You were my first tabbed browser. I was actually willing to retrain my brain to quit using my OS's more universal process switching in defference to your tabbiness. We had some tough times closing the whole browser by accident when we really only wanted to close the page; but we worked through it. Your scripting engine was fast. You were young and sexy. It had to end though. I knew you wanted to pull me into your walled garden and make me mow every Saturday. I just wasn't ready for that kind of commitment. I know it's painful but I think we both realize it's time to move on. There's this other browser and, well... it's a fox.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
Unfortunately I have yet to a windows installation that doesn't have all browsers encumbered by at least 3 adware/spyware addons. This even happened on my own computer after letting my niece play with it for a few hours. Only discovered after noticing "ads not from this page" poppons. Unfortunately this is probably a step in the right direction for most users. To the knowledgeable this is only a annoyance.
In the store. Google made some changes to Webkit a while back to improve Adblock, before Adblock used to still have to download the ads, then block them. Some changes Google made allowed the ads to be blocked before the ads were fetched.
I get good products and great service from Google (search, Gmail, Chrome, and my Nexus 4). No one is "holding me hostage" to force my loyalty. That loyalty is freely given, even with the knowledge that all of my interactions with Google are tracked and stored somewhere. Every other provider of these services would track, analyze, and use this data anyway, and even if Google has shown itself to be a corporate entity with corporate goals sometimes, that doesn't mean that they have broken their "don't be evil" mission. You can be "not so good" sometimes without being "evil".
If only "common" sense was actually that common...
Sounds like a good reason to avoid Chrome. And to be suspicious of any Google product.
I'm *not* on MSWind, but...
Yeah, I know it's "a security measure". If that's their idea of the right way to implement a security measure, then I'm quite skeptical of anything Google does. But really I believe that the explanation is a lie. They aren't starting it now, and they haven't announced that "it's a temporary measure until we get a better fix".
It seems to have been a long time now since Google was the "Do no evil" company, or even had that as a goal.
I think we've pushed this "anyone can grow up to be president" thing too far.
Perhaps not... Apparently, I'm not too deeply versed in Windows technical arcana, but apparently some applications are configured by group policy indirectly (group policy changes the registry in the appropriate places, the application reads the registry in those places and acts accordingly) and some applications use an OS-provided API to query the applied group policies directly and apply those(exactly where the policies are stored in this instance is not clear to me. The domain controller presumably has them, in a networked environment; but where on the client they persist if it goes off the grid for a bit, or in the case of a locally managed machine, I don't know).
As of version 28, (according to the thread in the above link, because of malware leading Chrome around by the nose through modifications of the registry entries), Chrome switched from the registry-based mechanism to the new mechanism. Modifications to the registry are now ignored, and only policies applied by the OS-supported group policy manipulation mechanisms will apply.
I assume that these policies have to live somewhere, and thus can be edited (even if the OS protects them hard enough that you need a hex editor and a liveCD to do it); but it won't be a simple regedit.exe job.
shushsh, the hosts file guy may hear you.
Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion. -- Spazmania (174582)
Or edit your HOSTS file...
Support the EFF and Creative Commons. The war is coming, and they're supporting you...
Firefox is only browser on android and desktop that will support adblock plugin soon.
Mac Safari has AdBlock as well.
#DeleteChrome
I've been 100% SRware Iron since the stupid new tab page in Chrome 29. Been using Iron for years, tho.
Slashdot Valentines Beta Massacre: iT WORKED! The boycotts killed Beta!!
Last I looked you couldn't get Safari for both "android and desktop".
The adblock guys should package it as a local standalone proxy then.
so far they did a good job to keep the real annoying ads (flash, blinking, sound) out of their ads.
I never had an urge to block ads served by google
bickerdyke
If they were planning to do that they would have started by removing all the existing extensions on their web store that let you do those things. You can install numerous YouTube downloaders, proxy managers, ad blockers etc. and the same goes for Play (Android apps).
This move is simply to block malware.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
AdBlock Plus for Chrome, from the official Google site: https://chrome.google.com/webstore/detail/adblock-plus/cfhdojbkjhnklbpkdaibdccddilifddb?utm_source=chrome-ntp-icon
There are many other ad blockers available on there too. If you are going to lie you should at least think of something that isn't so trivially easy to disprove.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
or if you do, we'll just use firefox
Do I have to spell it out? The comment said Firefox was the only browser on both Android and Desktop that supported Adblock. That means Safari, Apple and Mac are not the subject.
Why do I care what browser my phone is running when selecting one for my desktop? I don't really understand the insistence on tying the two together.
From a syntactical perspective, "Firefox is only browser on android and desktop that will support adblock plugin soon," is ambiguous. You could be referring to the union "android and desktop" or to the intersection of "android and desktop". So I don't think the example above is out of line. (The inclusion of "both" removes ambiguity, per your second post.)
Lastly, Chromium?
The primary use case of downloading a Youtube video is to use said video in another work. For example: a mashup or parody, or in a presentation at a convention where Internet access isn't guaranteed.
GeekNights!
Late Night Radio for Geeks!
This scared me into re-installing Firefox. After 10 minutes of having to re-start the browser after putting in every new extension - plus the butt-ugly interface - I remembered why I switched from Firefox to Chrome in the first place. Fuck it. Even crippled, Chrome will be more pleasant to use than that.
Too bad. Google Chrome showed such great promise once . . .
and their NSA comrades.
Sent from my ENIAC
Well, potentially, because you want a consistent experience across devices, via settings, bookmarks, history etc via Firefox Sync.
I've never used it personally (tin-foil hat...)
Most certainly not.
With Chromium, disabling "local" extensions would mean blocking all extensions.
Chromium is a pure open source project, which isn't tied to the Google ecosystem. So blocking extensions from outside the Play Store would make no sense.
They blocked media hint a while ago.
I don't know for sure about the others, but I wouldn't be surprised if that's exactly what is coming.
It's an ugly browser. I tried it a while back and just could not get on with the minimalist interface and lack of useful addons. The deal breaker was not being able to move the scroll bar to the left hand side.
Fastforward a few years and we get it installed at work. After a little while, I see that nothing's changed, I removed it and went back to a decent browser.
-- Fuck Beta
I'm surprised the lack of capital letters doesn't bother you, then. A lack of capitals or basic punctuation is what really bothers me, as not having those elements makes posts much more difficult for me to read.
It doesn't bother me when users sign posts *if* they aren't inexplicably changing languages just to display their adoration for another culture. There was one user on a forum Ihung out on several years ago that went 'all the way' in that department: she posted a couple dozen times per day, and diligently placed an overly-cutesy "aloha ^_^" at the beginning and end of every single one.
Now mostly at Usenet:comp.misc & SoylentNews.org (it's made of people!)
Did you read the thread I linked to?
It's roughly 50% Windows admins whose GPO-fu is weak bitching because their registry hacks don't work anymore, and 50% Chromium developers telling them that, yes, sorry, Chrome queries group policy state directly, only falling back to the registry under specific conditions (and noting that they make no assurance that that fallback will continue in the future.)
If that isn't enough, try a look at 'policy_loader_win.h'. It's fairly clear about reading the registry, rather than grovelling through the policies directly, is a fallback behavior that occurs only if grovelling through the policies doesn't work out.
But see, hysteria, speculation, and conspiracy theories are a lot more fun than facts.
Hail Eris, full of mischief...
E pluribus sanguinem
Youtube downloaders => Install them on Chrome dev channel, canary or switch to Linux/Mac/ChromeOS If you still want them on Windows stable, turn on developer mode in chrome://extensions And AdBlock is very much alive on Webstore: https://chrome.google.com/webstore/detail/adblock/gighmmpiobklfepjocnamgkkbiglidom It's obvious that Google is doing this to prevent crapware (installed by many naive Windows users) from hijacking your browser. If you're not a naive Windows user, why not move to dev channel?
Run them on Chrome dev channel or canary
This is due to Chrome's webrequest extension API: http://developer.chrome.com/extensions/webRequest.html
This is due to Chrome's webrequest extension API: http://developer.chrome.com/extensions/webRequest.html
Thank you for this! Was looking for a reference to it.
Quite literally the only reason I have Chrome installed is to use one very specific plugin that certainly wasn't installed through their store.
Time to make sure I have the Chrome updater service disabled.
Run them on firefox.
No need. Privoxy
Remove advertisements before the data even hits the browser.
Finally had enough. Come see us over at https://soylentnews.org/
Mozilla has similar plans: https://docs.google.com/document/d/1SZx7NlaMeFxA55-u8blvgCsPIl041xaJO5YLdu6HyOk/edit?pli=1#heading=h.8hzkmge855kv
I have never seen mediahint blocked and I use chrome to access US netflix from the UK. Here is the thing about that.... netflix know very very well that this is happening... they have to with the amount of ML profiling and monitoring they do. My account is clearly marked as a UK account and it would be trivial for them to check against that. But they don't. The do a geo test and if you pass that you get thru. They know... they don't care. It means more people will sign up for netflix if they can get both UK and US access.
Well, fuck you, Jorge Villalobos and your stupid prd. Thanks for sharing that.
I have literally just this second installed AdBlock Plus in Chrome from Google's Chrome Web Store (the very link the GP posted).
No colour or religion ever stopped the bullet from a gun
Adblock is financially supported by Google.
-- I was raised on the command line, bitch
This was my thought. I have already gone to Firefox when viewing YouTube because the extensions don't work half of the time anymore under Chrome, and installing them is a pain in the butt.
TubeMate is no longer in the Play store and you have to install by an alternative media site or downloading the apk. The YouTube downloaders I have seen in the Play store are either virus infected or just simply do not work - which may be why they are still there.
YouTube downloaders are disappearing from the Chrome site, and you have to download the extensions from the developers sites and manually install them. The extensions that still do appear in the Chrome store mostly do not work with current Chrome builds (or rather, out of the half-dozen ones I have tried, none worked - I didn't bother checking more because I found one on a developers site that worked).
If Chrome disables YouTube downloaders all together, I just won't use Chrome. There are many perfectly legal reasons for wanting to download videos from YouTube, the main reason be for showing videos in places that might not have Internet (ie some churches, lecture halls, my non-smart television, etc). And 99% of the time, it is not copyrighted (ie music videos, movie clips) that I am downloading.
I also sometimes use YouTube's tools (such as video stabilizer) on my personal videos, and download them when it finishes processing. Google's war on YouTube downloaders has lead me to pretty much using Firefox with extensions or stand-alone programs to download videos.
I started using Chrome for a couple online games as the extensions were easier to deal with in chrome. If those extensions get blocked I have no use for chrome and it will go poof. I use FF as my main browser, but it seems the newer versions have become pretty unstable. Under my normal use I can usually crash FF hard enough it can't restore my sessions as when it tries it again crashes. The EA online game is very hard to play without the extensions and these are the extensions approved by EA.