Google Updates Chrome Web Store Review Process and Sets New Extension Code Requirements (venturebeat.com) 26
Google is finally turning its attention to Chrome Web Store. On Monday, the company announced a range of big changes that would make the online store more secure for customers. From a report: The first two are happening now: Developers are being subjected to a more rigorous review process, and the Chrome Web Store no longer accepts obfuscated JavaScript files. In a couple of weeks, Chrome users will get the option to restrict host access for their extensions. And in 2019, two more changes will take effect: Chrome Web Store developer accounts will require 2-step verification, and Google will introduce manifest version 3 of the extensions platform.
[...] Effective today, extensions that request powerful permissions will be subject to additional compliance review. Google doesn't offer much detail here, but it does say your extension's permissions should be as narrowly scoped as possible and all your code should be included directly in the extension package to minimize review time. If your extension uses remotely hosted code, Google will also be taking a closer look (and will monitor on an ongoing basis).
[...] Effective today, extensions that request powerful permissions will be subject to additional compliance review. Google doesn't offer much detail here, but it does say your extension's permissions should be as narrowly scoped as possible and all your code should be included directly in the extension package to minimize review time. If your extension uses remotely hosted code, Google will also be taking a closer look (and will monitor on an ongoing basis).
Chrome, for Hearding the Ignorant (Score:2)
Re: (Score:2)
I'm just curious if people get paid to manually post this stuff or if there is some program that is systematically posting these.
I guess the more people read a statement the less outlandish it seems and eventually just normal.
Re: (Score:2)
It just seems like a lot of effort for something that I doubt people even look at.
Well, these and the racist and sex jokes make it harder and harder for me to risk using this site at work. Work wise, that is probably a good thing. I'd really hate a coworker to come up to me and see those comments and assume without actually talking with me.
Why? Its not like the users care. (Score:1)
Re: (Score:3)
And this is likely the reason Google is making this change. Google provided the tools for users to see what things extensions wanted access to, and users did not care. So now Google has to be more selective with their approval process.
The other big reason is the practice of selling legitimate extensions to "developers" who promptly pump it full of malware and push an update to all of the existing users.
It sounds like Google's changes will address these problems and I welcome them.
Re: (Score:1)
Computers have been around since at least the '40s, and (relatively) affordable personal system have been around since the early '70s
Unless you were born before 1950 or after 2013, there is no reason not to know how to use a computer.
Re: (Score:1)
Google can say all they want about how they're trying to protect users against malicious extension updates, but I won't believe a word of it until they change the fact that Chrome still won't:
- Show you what extensions of yours have recently updated
- Show you when a particular extension was last updated
- Allow users to disable automatic updates for an extension
These are pretty basic features, and they're all things the Play Store has done on Android for years. It boggles the mind that they would devel
Re: (Score:2)
Google provided the tools for users to see what things extensions wanted access to, and users did not care. So now Google has to be more selective with their approval process.
Right. How dare these 3rd party apps spy on users. That's Google's job!
I don't run Chrome due to the licensing. (Score:3)
I don't run chrome on my desktop and laptop for several reasons, but on my android smartphone, which includes Chrome as the default browser, I don't run it because of the licensing.
The Chrome license includes an Adobe license, due to their using an Adobe product as a component.
The Adobe license, while apparently intended as a no-reverse-engineering prohibition, amounts to a non-compete that would forever taint my ability to work on software similar to Adobe's.
(Clicking "accept" on a cellphone can be expected to leave a database record that is personally identifiable by its connection to my cellphone account with the carrier.)
So I haven't activated it. At the moment, having not gotten around to installing a replacement browser (and figuring out how to do so without use of the un-enabled Chrome browser) I don't have browser-based functions on the cellphone. This largely cripples it as a smartphone.
(Fortunately I can get by using it as a "dumb phone" and tethering it to my laptop (currently using Firefox) when I really need to get on the net. The latter works great. But it's a pain if I'm on the move.)
Re: (Score:3)
So I haven't activated it. At the moment, having not gotten around to installing a replacement browser (and figuring out how to do so without use of the un-enabled Chrome browser)
Naturally, you install it through the play store. Or you download an APK onto your laptop, and sideload it using adb install.