Why You Shouldn't Use Google Chrome

Before we start, I have a confession to make. I was a Chrome user. As part of my job, I open and close Firefox a lot and it was simply easier to use a browser other than Firefox for my day to day browsing. After what Google has done recently, though, I have no interest in supporting them by using their browser. Here's why.

If you haven't heard, with Google Chrome 21, you can no longer install extensions from a location other than the Chrome Web Store. (Well you can, but it requires downloading them, opening the Extensions page and then dragging and dropping the CRX file onto that page - a usability and accessibility nightmare.)

This wouldn't be that big of a deal, except for the fact the Chrome Web Store is almost as bad as the Apple App Store (maybe worse). Your extension can be taken down for any reason and you have no recourse when it is removed. You are not given a reason for the removal and you are not provided any way to talk to Google to discuss why your extension was removed. Your account can also be suspended without cause, even though you paid money to get that account. Again, you have no contacts with whom to discuss the situation.

Although I have had my issues with AMO in the past, I'll never complain again. At least they provide a certain level of transparency, e-mail and even IRC communication. With Google, you have nothing.

Google has complete control over your extensions, and there is nothing you can do about it.

If you've ever wondered why you should care about Mozilla and Firefox and the Mozilla Marketplace and Firefox OS, this is why. Because in the end, the only way you can control your destiny is to be a part of it. And with Mozilla, you actually have a chance to be a part of it.

So going forward, I will only use Chrome to work on extensions I have already developed and to test websites. And Kaply Consulting will not be developing extensions for Google Chrome.

What about you? Do you support an open web?

Please note: I reserve the right to delete comments that are offensive or off-topic.

Leave a Reply

Your email address will not be published. Required fields are marked *

50 thoughts on “Why You Shouldn't Use Google Chrome

  1. I love that line, "the only way you can control your destiny is to be a part of it." That's why I've been working for Mozilla for the last 12+ years.

    Mike, Firefox add-ons users often suffer from some of the same issues that Google is attempting to address with that store lockdown. How do you propose that add-on developers "be a part of it" helping ensure that even add-ons hosted away from AMO have the same quality that we get when we apply reviews and developer expertise within AMO?

    If I think back about the last year or so of the AMO team outreach and just leak fixing work with developers of add-ons hosted at AMO and I then consider all the add-ons outside of AMO that go un-fixed because they don't have the amazing AMO QA and developer expertise, it makes me worry quite a bit about Firefox users and the experiences they're getting.

    So how do we increase quality of add-ons that aren't hosted at AMO so that they're less of a danger to Firefox users? How can add-on authors contribute to that?

    - A

    • First we need to be clear on why Google did this. It had nothing to do with quality. They claimed it was all about malware.

      Unfortunately because their extension identification model is horribly broke, so there's really no way to block an extension. They can block a particular key, but all someone has to do is use Chrome to generate a new key, repackage and voilà you have a new version of your extension that Google isn't blocking. By forcing people to put their apps on the store, you prevent this.

      While Firefox malware developers could do this as well by continually changing the ID, I don't think this is happening in practice (I could be wrong). I think Mozilla's method of identifying add-ons is more reliable.

      I do realize that some third party add-ons have some quality issues and I think we are doing the right thing by add-ons by reaching out to those add-on authors to get those problems fixed.

      If their are third-party add-on developers that are simply unwilling to communicate or fix their issues, I think things like soft blocking could be a useful tool in those situations.

      But I think the last thing we should do is turn AMO or the Mozilla Marketplace into a walled garden which is exactly what Google has done.

      The best thing we can do for add-on developers are the things we are doing. Fix things in Firefox where we can. Provide better tools to help developers find problems. Document best practices.

      That last one is where we could really improve. One add-on developer copies another and we end up with bad code everywhere. Sometimes they even copy code from Firefox and find out it was doing the wrong thing.

      So to summarize, I think we're doing a great job. Reports from the field are that leaks are way down. So we need to just keep doing what we are doing.

      • To see the Mozilla way of handling bad extensions, take a look at bug 721264. Blacklisting is still not out of the question, but the differences between "the Mozilla way" OT1H, and "the new Google way" (and "the Apple way") OTOH, looks edifying to me.

      • Mike, you are indeed wrong. Issue reports that I get from Adblock Plus users sometimes contain a list of installed extensions. I was able to identify several malicious extensions in that data - they have always the same name but different (randomly generated) IDs. I filed a bug with these findings but sadly there is nothing Mozilla can do about it. Any adjustment in the browser can be easily counteracted by the malware developers.

    • @Asa:

      how about introducing a "registered external addon" tier, one that is not reviewed and not guaranteed to be safe or anything, but it still goes through AMO (some httpS redirect) so that mozilla can keep a track of all the external addons, have statistics and contact information for addon authors.

      *after* that is implemented, a second step might be by default only allowing addon installs from AMO (either reviewed OR external).

      and eventually, seriously malicious addons could be blacklisted, but i think the bar here must be above simple privacy concern like tracking -- only blocking addons that explicitly steal bank accounts and similarly heavy stuff.

      • It's an attractive suggestion, but it turns out something like this way already tried, and it actually made things worse, counter-intuitively. Here's why...

        There is a big benefit for an add-on author in putting their add-on on AMO: visibility. But they have to jump through the hoops of reviews. By adding this middle tier of unreviewed add-ons, add-on authors can get visibility without jumping through the reviews hoop. So some add-on authors moved their add-ons from the top (reviewed) tier to the middle tier because it was easier for them, but it resulted in lower-quality add-ons for users. Unintended consequences!

        • they don't have to be listed. in fact, they don't even need to have a "public page", only a private "manage page" for authors.

          so the addon would be advertised on the author's site, but the link to install it would point to https://a.m.o/external/addon@id which would simply collect stats and redirect to (or deliver some other way) the actual addon.

    • Not true at all.... Especially now. Firefox loads 10x faster, no problem with ad-ons. I used to ADORE Chrome the best. Now it seems Chrome is getting worse. I now use the browser I used to hate, but this is a lot faster, more stable in speed, quality, extensions and security handsdown.

  2. | As part of my job, I open and close Firefox a lot and it was simply easier | to use a browser other than Firefox for my day to day browsing.

    I used to do that with Opera (still do sometimes), now when I am developing extensions I use a different session.

    A line like this in my test script:
    /home/bryan/Downloads/firefox/firefox -no-remote -P Testing Webcott.xpi

    As to the store lock down, I'm not entirely sure the locking out other sites is a really bad idea...

    • > As to the store lock down, I'm not entirely sure the locking out
      > other sites is a really bad idea...

      Just yesterday I wanted to install Html Validator https://addons.mozilla.org/en-us/firefox/addon/html-validator/ and found it not to be available for Linux via AMO. Instead I had to get it from the author's own site.

      No idea why the Linux version isn't on AMO, but the author claims it's for "technical reasons". In such situations Linux users could loose out with a lock down. Even if this particular problem could get resolved, I have a feeling there'll always be some valid reasons for people hosting their Add-ons elsewhere (like maybe companies having an addon for internal use only).

    • I just want to know if there is any reason I can not safely delete all google stuff. I am not a computer whiz, just a novice simple user who used to be the go-to person for computer problems at work, back when I was gainfully employed. But that was on the programs that the company used, not all the internet things. I do not like the fact that google uses your info, etc. I'm writing to you because you seem to know a lot about it. (And what is AMO?) I have Firefox and IE, too.

      • AMO is Addons.mozilla.org. It's the site to install Firefox.

        If you want to uninstall Google Chrome, you can go to uninstall in the control panel in Windows,

  3. Hey Mike,

    I sent an email internally with the core of your post hoping to bring some of your points to the attention of our web store folks. Personally I think the balance of "allow easy install from a curated store, allow more difficult install from anywhere else" may be OK -- I'm not as offended by that as you are. But it seems like you're describing a store that does a poor job of communicating with developers, and especially for people who pay for an account, that doesn't seem good to me.

    As some of the comments here highlight, malware is a tough problem, and one that I know AMO has struggled with too. I don't know if all the problems have easy answers. I do know that, like you, I want to be a part of shaping the web to come in a way that I can feel good about, so I hope I can help highlight some of this stuff to more folks at Google so they can deal with it.

    • Thanks, Peter, I appreciate it. My biggest concern is extensions being removed from the store with no communication to the owner of the extension. My clients have experienced this first hand.

      As far as making it more difficult to install from other places, I'm even OK with some of that. But drag and drop to the extension page is just a poor choice. I think Firefox does a good balance of letting you know that you're downloading from a website and requiring an extra confirmation. But local add-ons (on the file system) install without a problem.

      I think what this policy is going to do is push extension developers to use executables to install extensions will make things even worse.

      • I know we were coming from a model much like you describe, and lots of users happily installed malware and OKed the confirmation prompts. As a UI engineer, my bias is that prompting users is pretty much always the wrong solution. They will never read the prompt and always click whatever makes the prompt go away. It annoys people and serves no useful purpose. Sad, but true.

        I got some feedback from the store folks, but I don't feel able to share it publicly. I can at least say that the people who matter have seen what you've written and do want to make the store policies and processes as good as they can be. Sorry for the non-detail of that comment :/.

        • > They will never read the prompt and always click whatever makes the prompt go away.

          While that may be true for a large number of people, it's certainly not true for all.

          I agree with the goal to make the software work nicely and for everybody, but that must never result in an ignorant (may I say moronic?) part of the population pushing things to a point where functions that are important for other, more mindful/literate users are removed. In other words, AOL users must not make the work of scientists harder.

          And this function is not just important, it's critical for the whole ecosystem. The ability to run the software *I* choose (not somebody else chooses for me) is an fundamental cornerstone for freedom in the computing age. In fact, all of open source is useless, if only Apple (or Microsoft or Google or Mozilla) decides what I can easily install. As it happens, Apple flat out forbids GPL software in their store, from what I know. Whether it's UEFI Secure Boot or that an App Store is the only practical way to install, the end result is that my freedom is gone.

          Not with me. We need to find better solutions. If we don't have the dialog box, then it's the dialog box, but a global gatekeeper isn't a solution, it's a huge threat.

  4. I really wish Mozilla would start marketing the fact that the AMO team has been working like mad to improve the quality of addons hosted there. You guys can't expect the whole world to know what's going on under the hood and I think you've really left yourself open to unwarranted criticism because of it. MANY users assume that it's a free-for-all at AMO. I've had MANY conversations over the last year where I've had to point out how many steps public addons have to go through to assure people they are safe. And I only know about these processes because I'm an author... I suspect the vast majority of even the diehard Firefox community have absolutely no clue how much work AMO has put into quality, speed, and performance testing addons... malware checks and line-by-line code reviews. It's a ton of energy that is IMO basically wasted because no-body knows about it.

    Tell people about the testing. Tell people about review process. Tell people they should use Public addons hosted on AMO. And it wouldn't hurt to just flat-out block global extensions either IMO.

  5. Few months ago I opened Firefox and used it for 2 days because my friends PC had no Chrome. DO you have any idea how this feels to a V8 Chromer? Its like Time and Space slowed down and expanded. Sooooo slow and impotent browsing, so many tabs, spyware and virus attacks... I was horrified. How did I ever use Firefox? As a Chromer I have no idea what internet ads and spyware/malware is.

    Firefox is Volvo, Chrome is Ferrari. Extensions are lard, I prefer speed, safety and stability.

  6. Google Chrome in the enterprise auto updates and i never ever have to repackage and deploy it.

    having to repackage Firefox and deploy it even every security update is a pain as users get prompts about an update!

    This is the only thing in favour of Google Chrome.

  7. This is what I have to say...I just got DSL; my computer was sitting for over a year; I updated to Google Chrome and was not happy with the way things were working (or still are not working); I tried to contact Google at the number offered on their website for help at 10:30AM; at 1:30PM I was still waiting when the call dropped. Again I tried; after an hour and a half someone came on; I asked my number be taken, he refused and sent me to someone for help (that is what he said he was doing); automated information relayed Google no longer supports customer service. Who conducts business like this? How do I get Google Chrome off my computer?

  8. Do you blokes ever do anything "human", you seem to like technology for its own sake. I think you'd be disappointed if it all worked properly because your lives would end! Not once in this series of comments has anyone complained that a normal activity enjoyed by a normal life loving human couldn't happen because of Chrome. Stop being virtual and join us in reality.

  9. A big Thumbs Up if you are reading this article in March / April 2013. Chrome is now worst browser. It crashes 5-10 times a day, and it has a starting trouble for each and every site. A site doesn't start loading untill 10 seconds at least after you enter url and press enter.

  10. I was using gmail and happy with it. I got switched to Chrome and I hate it. How do I get back to pre-Chrome?
    Thanks

  11. The problem with the article is many point you have made are just wrong.

    The first is paid for an account. Seriously to get completely free hosting and a $5 dollar signup fee is hardly a paid account.

    You didn't mention that there is an option to host your extension on your own domain. You need to verify a domain with Google and then you can not only host your .crx but if you configure the autoupdate in the manifest chrome will automatically update the extension also from your domain. For an example of this working see http://mightytext.net/install# and click onthe link "Install MightyText Chrome Extension". Of course this extension can only be installed from the mightytext.net verified domain.

    What Google have disabled is the ability of of any Tom Dick and Harry to silently install an extension without user interaction or information. That should be applauded instead of frowned upon.

    I have no problem with people pointing out reasons why Firefox is better than Chrome or Chrome better than Firefox. However the premise is fundamentally flawed.

    • You are incorrect. You cannot host the extension on your own domain. That link to install mighty text installs it from the store. It's called "inline install."

      The only way to host a CRX on your own domain is to require a user to drag and drop that CRX to their extensions page.

      And they have not disabled the ability of anyone to install extensions - they've made it so extensions can only be installed from their store. They now suffer from the same problem as Apple in that they get to choose the things that want people to install on Chrome. It's called a "walled garden" and it's wrong.

  12. Its not just Chrome you should be avoiding.
    I have been an android owner for several years, and love(d) it. Up until i was stupid enough to sign up for a G+ account. On setting it up, one of the first things it asks, is if you want it to automatically upload photos from your phone. "No" (queue stuffing around for a while, and logging out) - Next thing you know, 250 photos automatically uploaded. And that was just the start of it.
    And what were the most common responses from the G+ help "Community"? - "Its not G+, you just dont know what youre doing. Go back to Facebook" - "Have you turned automatic uploads off on _ALL_ your devices?" (Only 1 device ever HAD G+) "Have you turned it off on your desktop?" (Apparently saying NO on your phone, means that your computer can override this at will now) When it all boiled down to it, not a single person would admit, that G+ has a single solitary bug or fault, it was all my fault, and that im just stupid because im from Facebook.
    And then there was the kool aid party that was getting involved in the site itself. Massively inflated egos. Holier than thou attitudes. Constant whining about how Facebook users are always whining about G+ users (I have NEVER seen a SINGLE mention of G+ from anyone on FB. No one gives a shit) ALMOST EVERY SINGLE POST, degenerating, into Republicans Vs Democrats, OR Google+ Vs Facebook, OR Android Vs iPhone, OR Samsung Vs HTC debate, no matter how unrelated to the original post these comments are.
    Constant anti Facebook propaganda, constant gaming of the "Trending" system by 13 year old Justin Bieber and One Direction fans who have worked out that its totes fun to spam the same goddamn hashtag 50 times in a post, and getting 50 of their mates to spam the same message, puts their particular talentless idol on top of the trending.
    Go to the trend list. Click on something. Anything. Youll immediately find the same 4 or 5 identical posts, reposted dozens and dozens of times. Not unique in any way. Completely identical. Every single person re-sharing these posts believing that they are the first person to post it.
    Slap on top of that the genuine delusion that the real hardcore plussers (about 98% of the user base.... the other 2% being people like me that logged on a few times and picked it for the crap that it is) have, that they are somehow intellectually and morally superior to anyone else on the internet. Seriously, go and read a few posts. Any 15 year old with a keyboard suddenly knows how to save the world, despite the fact that a good portion of them would fail a grade six basic english exam (not to mention science)
    So then we come to deleting the account. And quickly finding that if i want to say... rate the nagware ive just downloaded from the playstore, i need to create a G+ account. To remove myself from community mailing lists (which im still apparently subscribed to, despite not having a G+ account) I have to create a new account, to delete myself from the communities, so i dont get spammed hundreds of times a day by G+s unfilterable constant emails.
    All of this resulted in me praying hard, that ubuntu hurries the hell up and gets their mobile platform running. Ive seen where google is headed, and i dont like it. G+ has turned me from a stoic Android fan, to someone who has made the firm decision, that if a reasonable alternative mobile platform comes along, might actually have to buy *gasp* an iPhone. Just for the sole fact, that i wouldnt have to deal with this BULLSHIT that hangs around Google. Im over it and i want it to stop.

  13. Firefox isn't better than Chrome for extensions. With a 6 week cycle with Firefox developers can't keep up with their extensions. If you use ESR for firefox you will have some security issues. If you use the current rapid release then you some of your extensions may break.

    Personally I do not use extensions and I don't find I need to.

  14. The Chrome APIs provided to extensions developers are horribly limited; users complain about the poor quality of the extensions because of this; it's hard to tell them it's Google's fault without sounding like you're making excuses.

    I doubt the situation will change, Google don't like making their APIs too powerful, for risk that it might lead to apps that might actually be a real competitive threat. Plus they'll pull APIs at a moments notice if they see a threat, and then replicate the ideas.

  15. Great discussion. I remember exactly when this started happening and it was a headache every time I went to install a new extension. But in the end I still use Chrome because it's fast. Although Firefox has been working nicely lately. Also I can't live without my firebug and other developer tools on Firefox...I use both!

  16. I've been using IE since version 5. Still using IE9 to type this (would be on IE10 but a an online database I use doesn't display correctly, which isn't IE's fault). I've tried FF and Chrome. They open in the exact same time as IE. Half a second difference at worst(I used a stopwatch). Now I dont't do a whole lot so maybe I don't use extensions other than Java, but I've never had a reason to switch to another browser. Not to mention I can't block Chrome from installing on my public machine so I'm always uninstalling it. I generally just surf the web and IE works quick enough for me and I don't get viruses or malware.

  17. Chrome doesn't have a way to protect your extensions.

    For example, I like Google Chrome Nanny to block certain websites.

    But users can simply, DISABLE the addon, then Chrome Nanny STOPS functioning.

    There's no password protect or anything, stupid...

  18. I haven't read any of the thread of comments, but I need to agree, Chrome for sure is not suitable at enterprise level.

    If you use it, do so AT YOUR PERIL.

    I've just had customers affected by issues caused by the introduction of version 29 that were not present in version 28. The customers were irate at the website for having issues where the download link has stopped working!

    It's amazing that this update can be forced on you and there's no way to stop it unless you make changes to the group policy.

    Amazing in this day and age.

  19. That really shouldn't come as a surprise to anyone by now.

    Never, ever use anything Google or IE/MicrS**t - they're all feral thieves, justifying themselves by claiming "it was in the small print when you signed up".

    Nah. Screw that.

  20. I tend not to leave a response, however after looking at a
    few of the responses on this page Why You
    Shouldn't Use Google Chrome | Mike's Musings. I do have some questions for you if you do not mind.
    Is it just me or do some of the comments appear like they are written by
    brain dead visitors? :-P And, if you are writing at other sites, I'd like
    to follow you. Would you post a list of the complete
    urls of all your social networking pages like your linkedin profile,
    Facebook page or twitter feed?