Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Starts Blocking Extensions Not In the Chrome Web Store

Posted by Soulskill on from the protecting-you-from-yourself dept.

An anonymous reader writes "Google has begun blocking local Chrome extensions to protect Windows users. This means that as of today, extensions can be installed in Chrome for Windows only if they're hosted on the Chrome Web Store. Furthermore, Google says extensions that were previously installed 'may be automatically disabled and cannot be re-enabled or re-installed until they're hosted in the Chrome Web Store.' The company didn't specify what exactly qualifies the "may" clause, though we expect it may make exceptions for certain popular extensions for a limited time. Google is asking developers to reach out to it if they run into problems or if they 'think an extension was disabled incorrectly.'"

19 of 225 comments (clear)

  1. Welcome to your new walled garden by TubeSteak · · Score: 5, Insightful

    It's only going to get worse as more and more "platforms" get tied to some company curated web store.
    No thanks!

    --
    [Fuck Beta]
    o0t!
    1. Re:Welcome to your new walled garden by pitchpipe · · Score: 5, Insightful

      It's only going to get worse as more and more "platforms" get tied to some company curated web store.

      HA! Pretty soon they'll have your desktop acting just like a smart phone: no privacy what-so-ever with every app knowing when you take a shit to when your SO is ovulating.

      No fucking thanks indeed!

      --
      Look where all this talking got us, baby.
    2. Re:Welcome to your new walled garden by swillden · · Score: 4, Insightful

      Chromium is open source so if you don't like it, fork you own copy and get whatever useless toolbars that install without permission that you want.

      You let me know when Chromium gets bundled with Android cell phones or Chromebook laptops.

      Nicely done... you slipped that word "bundled" in there, because obviously that's not going to happen; Google will provide the normal Chrome builds. Users that want to can install Chromium themselves, of course, and in fact Google even provides instructions on how to do it, as well as all of the source code.

      And you also slyly ignored the fact that the just-announced news doesn't affect Android or Chromebook, only Windows. Maybe Chrome for Android will eventually get the same policy, but it's likely that the superior security architecture of ChromeOS will make it unnecessary on Chromebooks.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
    3. Re:Welcome to your new walled garden by ozmanjusri · · Score: 4, Informative

      No fucking thanks indeed!

      Or you could just not use Windows.

      And if that's not an option, you could use the dev channel version of Chrome to sideload anything you want. Or use Chromium instead. You're not locked into the App store unless you want to be,

      Look, you can spin it any way you want, but his is pretty obviously a step to protect non-technical Chrome users from malware. It's not aimed at people who have the know-how to manage their own plugins/apps.

      --
      "I've got more toys than Teruhisa Kitahara."
    4. Re:Welcome to your new walled garden by AmiMoJo · · Score: 4, Informative

      Complete nonsense. Extensions are just Javascript and a bit of metadata, and can post data anywhere they like. No need for it to "flow though google" at all.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  2. A Pox on Google! by Anonymous Coward · · Score: 4, Interesting

    I refuse to use Google search, maps, cloud, G-mail or anything of theirs. I strongly object to entries in their terms of service and this is the only way that i can express my displeasure with them. Try to find an e-mail address that a live human will read at Google.

    1. Re: A Pox on Google! by postbigbang · · Score: 4, Interesting

      You're not alone, but then again, neither are they. The new world order is to host your own store, and reap the rewards, control your clientele, and do so in the superficial PR mechanism of controlling bad stuff, where the actual motive is more like: profit and gleaning market trends.

      Altruism is NOT Google's business model.

      --
      ---- Teach Peace. It's Cheaper Than War.
  3. Dealbreaker by Anonymous Coward · · Score: 4, Interesting

    The extension I used to correct their staunch adherence to the idiocy that is mapping backspace to the browser back button is unhosted, so... bye.

  4. yeah whatever by epyT-R · · Score: 5, Interesting

    The claim of protection is just the public plausible deniability excuse.. The real reason is to force people to use their stupid 'app store.'

    1. Re:yeah whatever by _xeno_ · · Score: 5, Insightful

      Also to get rid of troublesome extensions like Adblock Plus. I seem to recall Google kicking Adblock Plus from the Google Play store, which while not the same thing as the Chrome Web Store, does seem a bit worrying.

      Granted the reasoning used in that case (it "interfered with the operation of other apps") likely wouldn't apply to Chrome but it's the primary reason I want to be able to install extensions from non-Google "blessed" sources: I don't trust Google not to be evil.

      --
      You are in a maze of twisty little relative jumps, all alike.
    2. Re:yeah whatever by verylargeprime · · Score: 5, Informative

      Nope. You're wrong.

      Browser hijacking is a major problem within Chrome and other browsers, and side-loaded extensions are by far the most common vector for hijacking. Firefox and IE have the same problem. Short of making extension APIs totally useless for developers, this is the best approach anyone's come up with. Third-party anti-malware vendors are unreliable in this regard because it's very difficult (with good and often sufficiently gnarly legal reasons) to get them to classify any given extension as clearly being malware. This gives Google a necessary choke-point through which to filter unsavory extensions.

      While you seem to believe this desire for control is driven by a nefarious, greedy plan to herd all the sheeple into a walled garden [diabolical laughter] with "plausible deniability," it's actually driven by a desire to not have users fucking hate Chrome because some dipshit is making millions of dollars injecting toolbars into browsers and sucking up volumes of sensitive and often personally identifiable information with no (or ill-begotten) user consent.

      Though I don't see it mentioned in either of the links, it should be noted that this constraint only affects Windows stable (and I believe beta) channels. If you want to run Windows Chrome and you know you can handle yourself without being hijacked, just run dev channel. It's usually pretty stable.

      Source: I'm a full-time Chrome developer at Google.

    3. Re:yeah whatever by AmiMoJo · · Score: 4, Informative

      The reason AdBlock Plus for Android was removed from Play was that it sets up a transparent proxy on your phone. Since the Android version of Chrome doesn't support extensions that is the only way it can operate. The problem is that all network traffic flows though the proxy, even stuff from other apps. If other apps use HTTP to get data it goes through the AdBlock filter. This broke some legitimate non-advertising functionality and also tended to cause issues accessing normal web pages when the mobile connection was a bit intermittent.

      It was fine if you were willing to put up with all that, but created a bad user experience for most people and got a lot of complaints. You can still install it just by downloading the .apk from the AdBlock Plus web site of course.

      Similarly with Chrome, you can still install extensions locally, just not from random web sites any more.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  5. Old by tepples · · Score: 4, Informative

    This was announced six months ago. Unpacked extensions will still run.

  6. This is not new news. by Virtucon · · Score: 5, Interesting

    For those of us on the Dev channel for Chrome hit this in February. It's definitely a fucked up decision by the Chrome team and has led to a lot of folks ripping out Chrome in favor of something else. The claim made by the devs is that it's safer if the extensions come out of their web store and would eliminate malicious activity from extensions. They obviously didn't want to fix the browser to alert the user when malicious extensions are installed or provide a sysadmin set of functions necessary to install necessary, safe extensions. Of course we all know it's another fucking walled garden take-over by Google. I've already recommended to clients that they don't use Chrome and have removed it from a little over 4000 systems thus far. Personally Google is fucking the user community on this one, so fuck Google.

    --
    Harrison's Postulate - "For every action there is an equal and opposite criticism"
  7. Developer Mode still can install by Formorian · · Score: 4, Informative

    The article clearly states that you can still do this with developer mode. To me this is non story. They trying to stop the malware stuff for 90% of users.

    The rest of us can still do what we want. Or anyone else that can manage to click a single check mark.

  8. Data loss due to accidental navigation by tepples · · Score: 4, Insightful

    So how do I unambiguously indicate to a web browser that I want to delete only one character from a text area, not have the entire message be destroyed because I accidentally navigated away from the page?

    1. Re:Data loss due to accidental navigation by scottbomb · · Score: 4, Insightful

      Use Firefox. They have the same idiocy (mapping back to backspace - which I can't stand either) but at least you can turn it off. Almost nothing in Chrome is customizable. Why it has such a large following is beyong me.

    2. Re:Data loss due to accidental navigation by Xolvix · · Score: 4, Informative

      I just did a test in Firefox with this very post. I typed up to this point, clicked backspace outside the text pane to go back a page, then clicked forward. Whatdayaknow... the text was retained. Maybe that's the reason I never investigated about changing the behavior - because it's far more useful than it is annoying (and the annoyance is temporary because the text buffer won't disappear).

  9. How-to by Namarrgon · · Score: 4, Informative

    From the Chrome Developer page:

    1. Unzip the .crx file
    2. Go to chrome://extensions
    3. Tick on Developer Mode
    4. Click Load Unpacked Extension...
    5. Select and install.

    --
    Why would anyone engrave "Elbereth"?