Google Disables Inline Installation For Chrome Extensions

An anonymous reader writes: Google today announced that Chrome will no longer support inline installation of extensions. New extensions lose inline installation starting today, existing extensions will lose the ability in three months, and in early December the inline install API will be removed from the browser with the release of Chrome 71. Critics have pointed out such moves make the Chrome Web Store a walled garden, while Google insists pushing users to the store ultimately protects them.

Apple.

[Anonymous Coward]

Apple did it first post.

Re:

[Anonymous Coward]

Just gave me a reason to suggest ONLY using Chrome to most users. There is no end to the amount of sideloaded shitware extensions that fuck up your browser.

"But the website said I needed this to do X!" "I don't know. It just appeared there and I cant search anymore" "Why do I see so many ads?"

To their Credit, google has taken down a good 20 or 30 extensions I've reported as obvious garbage that violates their terms. Still. Anything to cut down on this crap is great.

Re:

[Anonymous Coward]

To their Credit, google has taken down a good 20 or 30 extensions I've reported as obvious garbage that violates their terms.

And how did that "obvious garbage" get into the Chrome Store in the first place?

Google, Apple, whatever. NONE of them can be arsed to scrutinize things that are submitted to their store. Everybody knows it, and the "bad guys" exploit it routinely.

Their "walled garden" is a PR move and nothing more.

Re: Another reason

[Anonymous Coward]

Maybe on googles side. But Apple has their walled garden locked down pretty tight.

Not saying "nothing" gets thru. It's just that I trust them a lot more than I trust google.

Re:

[Anonymous Coward]

To their Credit, google has taken down a good 20 or 30 extensions I've reported as obvious garbage that violates their terms.

And how did that "obvious garbage" get into the Chrome Store in the first place?

Google, Apple, whatever. NONE of them can be arsed to scrutinize things that are submitted to their store.

Google does not manually review every extension in the store. However, when an extension in the store is found to violate the rules, the removal from the store removes it for all users. That *dramatically* reduces the pay-off of tricking users into installing malware.

Re:

[Anonymous Coward]

In order to sideload an extension, you have to not only have OS permission (you do have your group policies setup correctly, right?) and the knowledge to enable developer mode in Chrome, but you also have to know how to download and execute the extension file itself. It's also not like the Chrome Web store is any safer. There are tons of malware and spyware extensions there.

This is just another idiotic way that a corporation can scream out "look at me, look at me, we're protecting users", when in fact the e

Re:

[Anonymous Coward]

They probably are, and they should be.

Unless, of course, you like the idea of the computer equipment you paid for effectively being owned by a company, which is precisely what we are progressing towards.

Re:

[jenningsthecat]

Thanks for saying what needed to be said, and for doing it so well:

OK, so were removing from your phone any app that isn't G+ or Facebook. Its for your protection and that's the entire internet anyway.

Still feel safe?

How about we prohibit any retail store not called McDonald's, Walmart, Pizza Hut, and Lowes to cut down on illegal products and bad local service providers?

Want more?

Starting today Comcast is the only ISP allowed in America, as they have a vested interest in your protection that no one else has.

Also Verizon is now the only allowed cellphone provider in the US for obvious reasons.

If you can't figure out what the red light in an intersection is for, you shouldn't be driving a car. The same is true about extensions or any code for that matter. If there isn't a known reason why you need it beyond "because we said so", you shouldn't install it. And if you can't figure out how to remove them, then you shouldn't be using one period. Actually think before you click yes to everything, and you might not get hosed so easily. That's not the fault of others. Its your own fault, and you need to learn to take responsibility for your own actions instead of whining to the rest of us for protection at our detriment. I have a better idea: if you can't learn to use a web browser correctly, then you should be kicked off the internet.

Re:

[Ol Olsoc]

Just gave me a reason to suggest ONLY using Chrome to most users. There is no end to the amount of sideloaded shitware extensions that fuck up your browser.

Hmm, I had to use Chrome this morning, and the once stable browser hung on me several times. I wonder if there is any relation. Can't think why, but that's never happened before. Ended up having to use FF.

Re:

[Ol Olsoc]

Just gave me a reason to suggest ONLY using Chrome to most users. There is no end to the amount of sideloaded shitware extensions that fuck up your browser.

Hmm, I had to use Chrome this morning, and the once stable browser hung on me several times. I wonder if there is any relation. Can't think why, but that's never happened before. Ended up having to use FF.

Looks like some folks with mod points must have been old-school AOL users who don't understand that what I posted wasn't a troll. It was a question. Carry on!

not a garden

[Reverend Green]

It's not a "walled garden", it's a "prison state".

This is fine

[omnichad]

If you've ever seen a regular Chrome user's computer, you know there's at least one rogue extension that they can't explain how it was installed. More likely, several - and one of them changing the new tab page or redirecting searches away from Google.

Re:This is fine

[AmiMoJo]

And you can still install extensions from outside the Chrome store, you just download them, enable dev mode and load them up that way.

It's sufficiently difficult enough to deter users being tricked into doing it by dodgy web sites, but easy enough that it doesn't really affect developers and nerds.

You are Safer in the Store....

[Steve Jackson]

Right up to the moment you realize that as much as 30% of the apps there are not properly vetted, and that infections are RAMPANT! But, of course, going to a developer who doesn't want to pay google or conform to their BS, that you may have been downloading apps and content from for DECADES, is worse somehow because google can't extort them or force creative control over their code/IP.... Isn't it?

Re:

[farble1670]

Right up to the moment you realize that as much as 30% of the apps there are not properly vetted

And 70% of the apps have been vetted. Sounds safer to me.

Re:

[oh_my_080980980]

And what exactly are you installing that you need Google to protect you.....

Re:

[rudy_wayne]

More like 0% of apps are properly vetted.

If you happen to get an app or extension that isn't malware, it's more likely just luck and coincidence, not an actual benefit of getting something from an official App Store.

After all, Google and Apple have so few employees and so little money, they can't possibly conduct proper vetting of apps.

Re:

[Carewolf]

More like 0% of apps are properly vetted.

If you happen to get an app or extension that isn't malware, it's more likely just luck and coincidence, not an actual benefit of getting something from an official App Store.

After all, Google and Apple have so few employees and so little money, they can't possibly conduct proper vetting of apps.

What is the point of getting a malware-free extension for Chrome? Chrome already is malware, it is made specifically as spyware to collect more data on you, and while it benign in that it can be (mostly) disabled, and Google is probably one of the safest places to have your personal data, and trusted to only to sell it anonymized as statistics, it still is what it is.

No biggie

[Billy the Mountain]

As long as they support Radial, Boxer, and V8 and Wankel Rotary installations, we're good to go.

Re:

[cas2000]

Ethel shook her twigs angrily. And Billy just laughed.

Re:

[sconeu]

I have a V6, you insensitive clod!

Re:

[Actually, I do RTFA]

Of course they support V8 [wikipedia.org]. It's a critical part of their engine. Not only that, they opensourced their work on it.

Good, another reason

[Anonymous Coward]

To push Chrome onto the vast majority of people. I can't even count the number of people who I've help with computer issues with odd, usually scammy/spammy/spyware/malware type extensions installed. 100% of the time they had no idea exactly what they were installing, they were essentially "drive by" installs because of this inline installation feature. 100% of the time, I uninstall those extensions and never get one single complaint about "hey this used to work, but now it doesn't"

The root of the problem

Government

[Anonymous Coward]

1. Put up a app walled garden.
2. Have government demand you remove app that chronicles torture and murder.
3. Profit

So long as Google has a walled garden for the expressed purpose of removing nefarious content based upon the whim of governments across the globe, Google is complicit in the support of crimes against humanity.

So how do I develop?

[ugen]

I wrote a small Chrome extension previously. I did submit it to the Chrome store (where I can download it) - but during the development process I needed to modify and reload that extensions many times over (as is natural to any dev. process)

Without inline extension installation ability - how would a developer be expected to do that? Is there going to be a special "developer" Chrome version? Or would developer have to submit every line change of the extension to the store in order to test it?

Re:So how do I develop?

[Anonymous Coward]

Inline installation just refers to installs from a website. What you are talking about can be done locally using the extensions tab in dev mode.

Re:

[GoRK]

Sort of; you can no longer download and install a packaged extension. You have to unpack the extension and put chrome into developer mode where it will display a warning about the extension every time you open Chrome.

Tried to install moonlight on my macbook yesterday (chrome is the only way to run it on os x) and it was really fucking annoying.

Re:

[Tough Love]

There's already a developer mode that lets you sideload extensions (this is not going away or nobody could make extensions), but it will nag you to disable them every time you restart the browser.

Remember how Windows used to nag you if it found itself running under DRDos? It's like that. Microsoft ended up being sued and paying out for such practices, ISTR DRDos was part of that.

Re:

[Anonymous Coward]

Windows didn't 'nag' if it found DRDos, it gave a fake error message and then pretended to crash.

Re:

[Tough Love]

There's already a developer mode that lets you sideload extensions (this is not going away or nobody could make extensions), but it will nag you to disable them every time you restart the browser.

Remember how Windows used to nag you if it found itself running under DRDos? It's like that. Microsoft ended up being sued and paying out for such practices, ISTR DRDos was part of that.

Wow, some Microsoft belly crawler doesn't want the world to remember that.

Re:

[Tough Love]

Remember how Windows used to nag you if it found itself running under DRDos? It's like that. Microsoft ended up being sued and paying out for such practices, ISTR DRDos was part of that.

Wow, some Microsoft belly crawler doesn't want the world to remember that.

But the internet does remember.

Re:

[Tough Love]

Develop your app using Chromium, then port it to Chrome.

Re:

[TeknoHog]

Welcome to the world of users vs. developers [godsong.org]. I recently installed Android in a VM so I can publish the content I produce on a real OS. I also need to use an "app" (things sure have developed from from the olden decades of "application program") for 2FA, because obviously smartphones and/or Chrome are the best way to keep things secure online.

Does it affect Chromium?

[rsilvergun]

Though it sucks to see another browser making it harder on Devs. I'm still trying to get my extension to play nice with FF Quantum (It's a slow, laborious re-write with a lot more C++ I need to write to do the conversion now). I'm not seeing a lot of improvements in security just more work for devs.

So that's why Firefox...

[urusan]

So that's why Firefox has been becoming more and more Chrome-like, so it can be an alternative to Chrome after this change!

Its not like the chrome web store is trustworthy

[blackest_k]

I've reported too many dodgy chrome extensions from the chrome store to trust it.
What this is really about is control over what you can install.

There are useful extensions for working round restrictions and google is trying to stop you using them.

Although this is often effective.

document.body.contentEditable = 'true'; document.designMode='on'; void 0

just add it as a bookmark usually is fairly successful, just delete the content you don't want.

You brought this on yourselves

[Tough Love]

You brought this on yourselves. Who would have thought that a Google-owned browser monoculture would increasingly tend towards evil? Solution: use Chromium. Better solution: use Firefox.

Re:

[johnsie]

Browse as little as possible. The Internet is a giant data collection tool.

Re:

[vandamme]

Even better solution: use a real Linux distro, not ChromeOS. I'm running GalliumOS, which is a spin of Ubuntu optimized for Chromebooks.

I am not an app developer

[foradoxium]

But would this mean app developers can't test their extensions without first getting them in the store? If so is Google going to allow bad apps onto the store for the use of testing? Seems very odd.

Inline Extensions

[enderwiggin7]

And the definition is? I've been a Chrome user since the beginning and I've never heard that term.

Re:

[skids]

Yeah, well they would get even better security still if the walled gardens would democratize the vetting process, and allow users to add multiple authorities which vouch for apps, and choose which authorities to trust (to the possible exclusion of "the store" whichever store that happens to be.)

(Really it astounds me that people stand for being forced to divulge a user identity in order to obtain all software, including free-as-in-beer and opensource, but that's an othogonal matter. It also astounds me tha

Re:

[jwymanm]

Love this post. Thank you. Unfortunately it seems everyone is content in being consumers and more and more are born into this environment of not giving a fuck about freedoms.

How about an option that allows the adults freedom

[Marisaze]

Can we get a setting that allows me to use my computer the way I want to? I know how to not wreck myself and would maybe like to not be beholden to Google's strategy tax.

Oh well, I never got on the Chrome bandwagon, this just ensures I never will.