Why You Shouldn't Use Google Chrome
Before we start, I have a confession to make. I was a Chrome user. As part of my job, I open and close Firefox a lot and it was simply easier to use a browser other than Firefox for my day to day browsing. After what Google has done recently, though, I have no interest in supporting them by using their browser. Here's why.
If you haven't heard, with Google Chrome 21, you can no longer install extensions from a location other than the Chrome Web Store. (Well you can, but it requires downloading them, opening the Extensions page and then dragging and dropping the CRX file onto that page - a usability and accessibility nightmare.)
This wouldn't be that big of a deal, except for the fact the Chrome Web Store is almost as bad as the Apple App Store (maybe worse). Your extension can be taken down for any reason and you have no recourse when it is removed. You are not given a reason for the removal and you are not provided any way to talk to Google to discuss why your extension was removed. Your account can also be suspended without cause, even though you paid money to get that account. Again, you have no contacts with whom to discuss the situation.
Although I have had my issues with AMO in the past, I'll never complain again. At least they provide a certain level of transparency, e-mail and even IRC communication. With Google, you have nothing.
Google has complete control over your extensions, and there is nothing you can do about it.
If you've ever wondered why you should care about Mozilla and Firefox and the Mozilla Marketplace and Firefox OS, this is why. Because in the end, the only way you can control your destiny is to be a part of it. And with Mozilla, you actually have a chance to be a part of it.
So going forward, I will only use Chrome to work on extensions I have already developed and to test websites. And Kaply Consulting will not be developing extensions for Google Chrome.
What about you? Do you support an open web?
I love that line, "the only way you can control your destiny is to be a part of it." That's why I've been working for Mozilla for the last 12+ years.
Mike, Firefox add-ons users often suffer from some of the same issues that Google is attempting to address with that store lockdown. How do you propose that add-on developers "be a part of it" helping ensure that even add-ons hosted away from AMO have the same quality that we get when we apply reviews and developer expertise within AMO?
If I think back about the last year or so of the AMO team outreach and just leak fixing work with developers of add-ons hosted at AMO and I then consider all the add-ons outside of AMO that go un-fixed because they don't have the amazing AMO QA and developer expertise, it makes me worry quite a bit about Firefox users and the experiences they're getting.
So how do we increase quality of add-ons that aren't hosted at AMO so that they're less of a danger to Firefox users? How can add-on authors contribute to that?
- A
First we need to be clear on why Google did this. It had nothing to do with quality. They claimed it was all about malware.
Unfortunately because their extension identification model is horribly broke, so there's really no way to block an extension. They can block a particular key, but all someone has to do is use Chrome to generate a new key, repackage and voilĂ you have a new version of your extension that Google isn't blocking. By forcing people to put their apps on the store, you prevent this.
While Firefox malware developers could do this as well by continually changing the ID, I don't think this is happening in practice (I could be wrong). I think Mozilla's method of identifying add-ons is more reliable.
I do realize that some third party add-ons have some quality issues and I think we are doing the right thing by add-ons by reaching out to those add-on authors to get those problems fixed.
If their are third-party add-on developers that are simply unwilling to communicate or fix their issues, I think things like soft blocking could be a useful tool in those situations.
But I think the last thing we should do is turn AMO or the Mozilla Marketplace into a walled garden which is exactly what Google has done.
The best thing we can do for add-on developers are the things we are doing. Fix things in Firefox where we can. Provide better tools to help developers find problems. Document best practices.
That last one is where we could really improve. One add-on developer copies another and we end up with bad code everywhere. Sometimes they even copy code from Firefox and find out it was doing the wrong thing.
So to summarize, I think we're doing a great job. Reports from the field are that leaks are way down. So we need to just keep doing what we are doing.
To see the Mozilla way of handling bad extensions, take a look at bug 721264. Blacklisting is still not out of the question, but the differences between "the Mozilla way" OT1H, and "the new Google way" (and "the Apple way") OTOH, looks edifying to me.
Mike, you are indeed wrong. Issue reports that I get from Adblock Plus users sometimes contain a list of installed extensions. I was able to identify several malicious extensions in that data - they have always the same name but different (randomly generated) IDs. I filed a bug with these findings but sadly there is nothing Mozilla can do about it. Any adjustment in the browser can be easily counteracted by the malware developers.
@Wladimir
I had a feeling I was as I was writing that.
There's got to be a better way than what Google is doing though.
What Google is going to do is drive extension developers (especially malware developers) to create executables to install their add-ons, and things will actually get worse.
Actually, it doesn't have to be an executable. See "Chrome installation note" under https://adblockplus.org/en/development-builds#installation - fun, isn't it?
Agreed!
@Asa:
how about introducing a "registered external addon" tier, one that is not reviewed and not guaranteed to be safe or anything, but it still goes through AMO (some httpS redirect) so that mozilla can keep a track of all the external addons, have statistics and contact information for addon authors.
*after* that is implemented, a second step might be by default only allowing addon installs from AMO (either reviewed OR external).
and eventually, seriously malicious addons could be blacklisted, but i think the bar here must be above simple privacy concern like tracking -- only blocking addons that explicitly steal bank accounts and similarly heavy stuff.
It's an attractive suggestion, but it turns out something like this way already tried, and it actually made things worse, counter-intuitively. Here's why...
There is a big benefit for an add-on author in putting their add-on on AMO: visibility. But they have to jump through the hoops of reviews. By adding this middle tier of unreviewed add-ons, add-on authors can get visibility without jumping through the reviews hoop. So some add-on authors moved their add-ons from the top (reviewed) tier to the middle tier because it was easier for them, but it resulted in lower-quality add-ons for users. Unintended consequences!
they don't have to be listed. in fact, they don't even need to have a "public page", only a private "manage page" for authors.
so the addon would be advertised on the author's site, but the link to install it would point to https://a.m.o/external/addon@id which would simply collect stats and redirect to (or deliver some other way) the actual addon.
Not true at all.... Especially now. Firefox loads 10x faster, no problem with ad-ons. I used to ADORE Chrome the best. Now it seems Chrome is getting worse. I now use the browser I used to hate, but this is a lot faster, more stable in speed, quality, extensions and security handsdown.
| As part of my job, I open and close Firefox a lot and it was simply easier | to use a browser other than Firefox for my day to day browsing.
I used to do that with Opera (still do sometimes), now when I am developing extensions I use a different session.
A line like this in my test script:
/home/bryan/Downloads/firefox/firefox -no-remote -P Testing Webcott.xpi
As to the store lock down, I'm not entirely sure the locking out other sites is a really bad idea...
> As to the store lock down, I'm not entirely sure the locking out
> other sites is a really bad idea...
Just yesterday I wanted to install Html Validator https://addons.mozilla.org/en-us/firefox/addon/html-validator/ and found it not to be available for Linux via AMO. Instead I had to get it from the author's own site.
No idea why the Linux version isn't on AMO, but the author claims it's for "technical reasons". In such situations Linux users could loose out with a lock down. Even if this particular problem could get resolved, I have a feeling there'll always be some valid reasons for people hosting their Add-ons elsewhere (like maybe companies having an addon for internal use only).
Woah woah woah, let's not go crazy.
(Your theme could use some styling on the blockquote element. It looks like I'm talking to myself there...)
I'm gonna quote him on that!
The full list of reasons not to use Google Chrome, ever:
1. It's made by Google.
I just want to know if there is any reason I can not safely delete all google stuff. I am not a computer whiz, just a novice simple user who used to be the go-to person for computer problems at work, back when I was gainfully employed. But that was on the programs that the company used, not all the internet things. I do not like the fact that google uses your info, etc. I'm writing to you because you seem to know a lot about it. (And what is AMO?) I have Firefox and IE, too.
AMO is Addons.mozilla.org. It's the site to install Firefox.
If you want to uninstall Google Chrome, you can go to uninstall in the control panel in Windows,
Hey Mike,
I sent an email internally with the core of your post hoping to bring some of your points to the attention of our web store folks. Personally I think the balance of "allow easy install from a curated store, allow more difficult install from anywhere else" may be OK -- I'm not as offended by that as you are. But it seems like you're describing a store that does a poor job of communicating with developers, and especially for people who pay for an account, that doesn't seem good to me.
As some of the comments here highlight, malware is a tough problem, and one that I know AMO has struggled with too. I don't know if all the problems have easy answers. I do know that, like you, I want to be a part of shaping the web to come in a way that I can feel good about, so I hope I can help highlight some of this stuff to more folks at Google so they can deal with it.
Thanks, Peter, I appreciate it. My biggest concern is extensions being removed from the store with no communication to the owner of the extension. My clients have experienced this first hand.
As far as making it more difficult to install from other places, I'm even OK with some of that. But drag and drop to the extension page is just a poor choice. I think Firefox does a good balance of letting you know that you're downloading from a website and requiring an extra confirmation. But local add-ons (on the file system) install without a problem.
I think what this policy is going to do is push extension developers to use executables to install extensions will make things even worse.
I know we were coming from a model much like you describe, and lots of users happily installed malware and OKed the confirmation prompts. As a UI engineer, my bias is that prompting users is pretty much always the wrong solution. They will never read the prompt and always click whatever makes the prompt go away. It annoys people and serves no useful purpose. Sad, but true.
I got some feedback from the store folks, but I don't feel able to share it publicly. I can at least say that the people who matter have seen what you've written and do want to make the store policies and processes as good as they can be. Sorry for the non-detail of that comment :/.
> They will never read the prompt and always click whatever makes the prompt go away.
While that may be true for a large number of people, it's certainly not true for all.
I agree with the goal to make the software work nicely and for everybody, but that must never result in an ignorant (may I say moronic?) part of the population pushing things to a point where functions that are important for other, more mindful/literate users are removed. In other words, AOL users must not make the work of scientists harder.
And this function is not just important, it's critical for the whole ecosystem. The ability to run the software *I* choose (not somebody else chooses for me) is an fundamental cornerstone for freedom in the computing age. In fact, all of open source is useless, if only Apple (or Microsoft or Google or Mozilla) decides what I can easily install. As it happens, Apple flat out forbids GPL software in their store, from what I know. Whether it's UEFI Secure Boot or that an App Store is the only practical way to install, the end result is that my freedom is gone.
Not with me. We need to find better solutions. If we don't have the dialog box, then it's the dialog box, but a global gatekeeper isn't a solution, it's a huge threat.
I really wish Mozilla would start marketing the fact that the AMO team has been working like mad to improve the quality of addons hosted there. You guys can't expect the whole world to know what's going on under the hood and I think you've really left yourself open to unwarranted criticism because of it. MANY users assume that it's a free-for-all at AMO. I've had MANY conversations over the last year where I've had to point out how many steps public addons have to go through to assure people they are safe. And I only know about these processes because I'm an author... I suspect the vast majority of even the diehard Firefox community have absolutely no clue how much work AMO has put into quality, speed, and performance testing addons... malware checks and line-by-line code reviews. It's a ton of energy that is IMO basically wasted because no-body knows about it.
Tell people about the testing. Tell people about review process. Tell people they should use Public addons hosted on AMO. And it wouldn't hurt to just flat-out block global extensions either IMO.
The full list of reasons not to use Google Chrome, ever:
1. It's made by Google.
Few months ago I opened Firefox and used it for 2 days because my friends PC had no Chrome. DO you have any idea how this feels to a V8 Chromer? Its like Time and Space slowed down and expanded. Sooooo slow and impotent browsing, so many tabs, spyware and virus attacks... I was horrified. How did I ever use Firefox? As a Chromer I have no idea what internet ads and spyware/malware is.
Firefox is Volvo, Chrome is Ferrari. Extensions are lard, I prefer speed, safety and stability.
Google Chrome in the enterprise auto updates and i never ever have to repackage and deploy it.
having to repackage Firefox and deploy it even every security update is a pain as users get prompts about an update!
This is the only thing in favour of Google Chrome.
This is what I have to say...I just got DSL; my computer was sitting for over a year; I updated to Google Chrome and was not happy with the way things were working (or still are not working); I tried to contact Google at the number offered on their website for help at 10:30AM; at 1:30PM I was still waiting when the call dropped. Again I tried; after an hour and a half someone came on; I asked my number be taken, he refused and sent me to someone for help (that is what he said he was doing); automated information relayed Google no longer supports customer service. Who conducts business like this? How do I get Google Chrome off my computer?
Unfortunately because Google is a large company that offers Google Chrome for free, you really can't get support from them.
You can uninstall Google by going to the uninstall page in the control panel:
http://support.google.com/chrome/bin/answer.py?hl=en&answer=95319
Do you blokes ever do anything "human", you seem to like technology for its own sake. I think you'd be disappointed if it all worked properly because your lives would end! Not once in this series of comments has anyone complained that a normal activity enjoyed by a normal life loving human couldn't happen because of Chrome. Stop being virtual and join us in reality.
A big Thumbs Up if you are reading this article in March / April 2013. Chrome is now worst browser. It crashes 5-10 times a day, and it has a starting trouble for each and every site. A site doesn't start loading untill 10 seconds at least after you enter url and press enter.