As an extension developer its absolutely infuriating to realize that:
1. There is no way to install extensions outside the web store
2. Google won't approve anything to the web store.
3. The vast majority of people use Chrome vs other browsers.
------
I get it, Chrome is Google's browser and they can do what they please with it. However Chromium is open source and it's still impossible to do so.
Like thanks Google. I spent months developing an extension only to realize that as it stands today for the majority of developers, the chrome web store is closed for new submissions.
And Google didn't even have the courtesy of telling us it's essentially closed, they just string us along with "pending reviews" (for context I've been trying to get my extension approved since February).
So this is a huge deal, Google is already bad at it, but I can't fault them for heavily restricting extension install: Currently they are way too lax.
The reason Chrome can't be much, much more restrictive about what extensions get placed in the store is because there is no alternative. The less important your store is, the more exclusive (and safer) it can be.
Look at Linux with package managers like AUR. If a package isn't included in the official Arch repos, I generally don't mind. I can go install it if I've vetted it myself. What that means is that Arch can be a lot more restrictive about what they include. They don't really need to provide a bunch of justifications, they can just say they had a bad feeling or haven't gotten around to looking at it.
If the goal is to have safe spaces where users can be certain that they won't ever run into malware, the space maintainers need the freedom to be very restrictive. Google doesn't have that freedom with the Chrome Web Store specifically because getting banned from the Chrome Web Store is a massive deal -- they can't just decide to prioritize safety over everything else.
Small, optional safe spaces that people can opt into will always be better filtered, better moderated, and overall safer than a giant space that's forced to balance between freedom and safety for every single user at the same time. Moderation doesn't scale.
laxness <--> strictness scale
carefulness/competence <--> carelessness / incompetence scale
What hope does any other store then have to create a malware free web store if even Google can't? And if they allow installation from anywhere, do you realize that whatever state we are in now, it would be orders of magnitude worse?
If there is some way to get malware into your computer, someone out there will make you do it. That's exactly why installing extensions is so locked down. I don't understand how people think that it will magically all be better if users were given full access to install whatever from wherever. Have you never in your life interacted with an average non-poweruser?
1. Same or better performance
2. Open source for real not just (pretending to be) Open Source
3. More transparent process
4. No business conflicts
Support Firefox if you care about the open web
As it is, I have a Winblows box for gaming only that I put Chrome on, but one day, I am going to be remote and needing Chrome. I don't want google's tentacles on my work laptop, but am starting to worry that I have no choice...
In `about:config`, set `xpinstall.signatures.required` to false, and then you can an unsigned bundled extension locally and they'll persist like normal extensions.
Firefox has its issues (the signing requirements because of malware and invasive antivirus companies suck but I can understand why they exist) but their addons aren't discriminated against. There's addons listing porn sites on there, something for which Google would remove the extension on sight, there's addons that mess with Google and their ads, and the list goes on. The browser is no longer independent from Mozilla, but it still remains much more free than Chrome.
[1]: https://adnauseam.io/, it's an addon that clicks every ad while still hiding them to fight back against advertisements and break the profile ad companies construct around your interests.
I think this is so hidden (and not really documented well) as a "fix" that must have been added for companies that use their own internal extensions that don't publish them on the web store.
If you can't figure it out from that description I can try to publish a step-by-step on how to accomplish this
I created a very basic Extension, to modify the new tab page (as it's something you can't set in G Suite the way we'd like it).
I wanted to deploy it our G Suite users, and saw there was an option to deploy via a URL. So I packaged it up in Chrome, put the .crx in an public S3 bucket and set it to force install.
Unfortunately it did nothing... is this not possible? Why is it even an option? Eventually ended up paying for a developer account and submitting it for approval (which was actually super fast).
Edit: You seem to say this did nothing for you? Well, good luck troubleshooting.
I don't know if it's true that the official Chromium or Chrome don't allow sideloading at all—but the rather popular ‘Ungoogled Chromium’ build certainly does (in fact, it probably still doesn't work with the web store directly): https://ungoogled-software.github.io/ungoogled-chromium-bina...
However, the security of these builds may be questionable.
> The vast majority of people use Chrome vs other browsers.
Can you even do it with Firefox any more?
Firefox allows you to install .xpi packages directly, just by opening the xpi and clicking "install", after enabling the option to do so in about:debugging (unless you use a development version of Firefox then it's automatically supported). No directory/zips extraction required.
> FWIW Tweeting at other Googlers will probably just get them to me – not that I have a problem with that. At the moment there isn't really a better way, and as a single human I don't scale well. TBH we have systemic issues to work through to improve the comms process here
https://twitter.com/DotProto/status/1261058935085101058
> I'm literally the only one for extensions.
The solution was for users of bart to self service.
Which got me thinking: so much of technological advancement isn't about reducing inefficiency, its about making other people bear the cost of that inefficiency. Someone that is proficient in navigating a subway map - someone that is doing it daily - can do so much quicker than people that are unfamiliar. Despite it potentially being more efficient to keep the person used to doing these things day in and day out employed, (some) technologists still insist on eliminating them because that's more efficient when looking at the smaller picture.
This is basically what Google is doing here. They are making other people and organizations bear the burden of their inefficiencies.
They constantly try to automate and make things more efficient, but they also assume they will constantly screw up for someone, somewhere, at scale.
So they back it with an empowered human CSR team, who do their best to make customers happy. They then (apparently) measure the rate of screw ups continuously, and iterate on their processes until they can drive that rate close to zero.
So essentially, Bezos realized that the way to excel was to (a) move fast, (b) break things, (c) apologize (and pay painfully!) when you break things, (d) do your best not to break things in the same way again.
I feel like Google (as a whole, some teams / products aside!) doesn't really grok (c).
Which may work for customer acquisition, but not so well for retention.
> Yeah, that's where I'm still catching up. The changes you've made look good at first blush, so I'm a little lost on the follow-up rejection. I'm going to open an appeal to get a second opinion. https://twitter.com/DotProto/status/1260623259315265538
If it's one person why would they be confused why the follow up submission was also rejected? And why would they be "appealing it" to themselves?
There's clearly more than one person involved here. I think they mean they are the only one dealing with customers.
I have a feeling the main review team is disconnected from customers, outside of an appeals system managed by a single person at their discretion. Which still leaves the situation with no clear transparency to developers, as again it's still not clear how their process works or whether any of this is being addressed.
Jack: This exchange was nice to read. But why couldn't it have been initiated and had via the official channels? After a couple back and forwards with the automated responses the system should hook in a developer advocate like yourself instead of the dev having to go beg on twitter...
Simeon: I'm literally the only one for extensions. Generally speaking [Developer Advocates] aren't a super populated role
Then at least they would be internally consistent about things like this. Too many Google products have "support by public outrage".
Also, I laugh about the google promise of being more open. Every single time they screw it and goes viral, they promise the same until 6 months later when another business is screwed again.
Call it having your mail shut down, your cloud, app deleted on the play store, the extension on chrome, etc etc.
We've already heard that story dozens of times.
https://www.blog.google/products/gmail/save-time-with-smart-...
Oh, you wanted an artisanal hand-crafted response unique to each individual situation? That's not scalable!
Every time you "didn't have to think" is a time when someone else did the thinking for you. Take that too far and there is no you left in your life.
It's currently expected behaviour that extension updates from developers can take up to 3 weeks to be reviewed and go live (same as before the pandemic):
https://developer.chrome.com/webstore/faq
> "If your item's status says "pending review" for more than three weeks, you should contact support."
Is it going to change? When? See here for all the developers waiting over 3 weeks for their updates to go live (that's not including what happens when they don't pass review):
https://groups.google.com/a/chromium.org/forum/#!topic/chrom...
All we seem to get back from the few people on the Chrome extension team that communicate with extension developers is along the lines of "I understand your concerns, I want it to change as well, and I'll talk to the team".
It's like the person from Google is talking about getting in touch with a team that work for entirely different company, as if what the team can't be influenced.
Who's the one making the actual decisions and why don't they talk to us directly?
I believe once you become a platform there should be an independent nano-courthouse where you can appeal. Today being rejected by Apple, Amazon, or Google platform is equivalent to the economical death penalty for many individuals.
It should be possible to pay $100 by individuals and appeal to an independent nano-courthouse if the original platform rejects or blocks you. If you win, the appeal fee is refunded and the platform has to cover the cost. If you lose, your $100 is gone.
I've since resolved the issue, lord did that take a chunck of our traffic away. Government bodies also could not access us, which hurt a lot!
As a technical person, you should be advocating the use of (real, community owned) open source browsers not just whatever the majority uses.
I feel that Google's monopoly on the browser market for desktops will be more and more endangered as they (for legitimate business reasons) refuse to provide the services and processes that a modern browser user/developer deserves.
2) Like 90% of Mozilla revenue comes from contract with Google.
3) Not sure what community-owned means here, but one could submit useful patch to both Chromium and Mozilla teams and have it accepted into main codebase.
4) Decisions for both products are not made by a community, but by internal full-time employees who are subordinates of CEO. Mozilla CEO knows the company absolutely can’t lose that contract with Google.
2. Not sure what your point is here. Mozilla needs to make money to maintain and improve its advocacy work
3. See point 1. You don't own or control Google's web services nor its domains therefore you have no full control of the build process if Google decides to shut down its services. If you want to see what community owned means, I suggest you look at the Python community. No hidden binaries or mysterious calls to corporate web services
4. Google's goal is to make money, Mozilla is to keep an open web. Obviously, Google has potential business conflicts while Mozilla doesn't, Mozilla wins even if it dies as long as the web is kept open, Google wins if it makes money full stop
You simply cannot compare them. Just look at Chrome in a fully Google-owned environment (Android), it does not even have extensions.
And even Chromium depends a lot on Google services...
The widespread failure of every major app store makes me skeptical that Google is going to improve. It's a good sign that it isn't possible, but even if it is, it's not going to happen unless a competitor forces it.
It's not as if developers can go to other platforms since Chrome has 70% of the market. Most of us in tech are in it to innovate and disrupt but hard to do that if everything is a Google or Amazon monopoly.
If Chrome is broken then the browser market is broken. Devs should organize to solve this since Google doesn't seem to be paying attention.
We need to collect and organize feedback from those experiencing problems which is everyone. Get it to antitrust folks in the EU and DOJ to start an investigation (to add to their other investigations). If Google knows the EU and Feds are watching, they might start behaving.
As a user I want my browser's extension support to be more like Visual Studio Code's than like Atom's. Visual Studio Code has fine grained permissions, and prevents extensions from going through and changing everything. Still, it's nice that Atom exists so if I want more powerful extensions, I can use Atom.
There's two ways to go that I see. One is for someone to release an alternative browser that let you install pretty much any extension, sort of like Atom. The other is for the company that wants to provide the user with an innovative browsing experience to develop their own browser, which is what Brave has done.
My reaction to Pushbullet is, as the author of the top comment on a recent post put it, "Yikes" [0]. They have funding from reputable VCs but they require way too much permission and store way too much user data for what seems to be occasionally useful utilities, and this places them alongside the Ask Toolbar in my mental model of the space.
At one time Yahoo! Toolbar was useful for a significant percentage of its users, because it would let them know how many email messages they have, as well as give them convenient access to the news and weather - so I disagree that it did nothing for its users.
Edit: I took a look at https://blog.pushbullet.com/2014/08/20/introducing-universal... - it appears it was doing that at one time, but currently it may only be doing that for premium users, who would conceivably be likely enough to get good use the feature that it would justify the potential security risk.
Having funding from VCs does not have much connection with security posture in products. If anything the correlation might be negative. Large funds seek market domination, not implementation of specific features.
I maintain an extension which provides a language server. I don't have to register intentions. I get the whole api and I even run a bundled executable which has full read/write/execute access to all your files...
Nobody wants their life and livelihood to be fucked over by an algorithm, especially when there is no recourse. These stories almost always end with some random person at Google "fixing something, really sorry" with no explanation. This is how Google operates, and I think they actually try to cultivate this image of themselves. It adds to their mystique and helps them hire bright engineers.
What can I do? Same as last time this came up, the best thing you can do is just to not use Google properties or software, and turn on your adblocker.
I think it's been made abundantly clear that Google will not, in fact, improve anything from experiences like this. They happen over and over and every single time it's the same; if it gets publicity, someone helps resolve it; but nothing ever improves in the way of communication.
This is basically the only person at Google who can make things happen if there's a problem with Chrome extensions.
A play store advocate can not look up why your app got rejected, they can at most ask their play store colleagues to look it up and to contact the app owner.
It is this way to avoid getting in a situation where being friends with a DA is an huge advantage.
Their job is to collect dev feedback, as well as evangelizing good practices.
And granted, both teams could do a better job at pinpointing the issues (and devs might also try harder to follow the rules .. fwiw play store bans threads have just been banned from r/androiddev because devs had a tendency to forget to talk about the legitimate reason why they got kicked out)
Sadly, a lot of companies will look at a PR problem and do just enough to make their pain go away, without ever saying, "Wait, are their people we should care about besides ourselves?" It's disappointing.
Now that we all agree that Google's process sucks, can we talk about how insane it is to even have this level or permissions available for request in the first place?
*://*/*
On the other hand, this particular extension requesting this access just because they weren’t told not to is more of a wtf.
They simply DO NOT CARE unless they're embarrassed.
My theory is that the AI has taken over and that there aren't any more humans at Google.
Instead of paying people to answer emails for developer support, they pay a small number of people to monitor social media sites for complaints that reach some threshold of outrage/publicity.
Way less hassle to let the public solve their problems.
-The permissions that pushbullet needed originally where a bit overaching.
-We never knew which was the offending one.
-Reading the original article it crossed my mind that some of the permissions the extension asked could be used for marketing (I'm not implying that they were used for that), and maybe google just didn't wanted extension developers to have a cut on that.
-I really don't like how this marketplaces have made big companies gatekeepers for market share.
I asked them to show me where they still found it... and they then realized it was indeed gone, rejecting my re-review was incorrect, and reenabled the account.
The only positive on my end, was that since it was the Ads team, where Google's money is, I got human email responses.
It started out with "Add google meet" not being a button, and below the Zoom button. Last week it shifted to the Google Meet button being a larger blue button. Today, they moved the Meet button to before the Zoom button by shifting their DOM around.
I assume Zoom can't do anything about this for 3 weeks at least, definitely goes to show how much authority Google has in this situation.
They're not going to be able to spend millions of dollars to fund better human moderators and tools for the extension reviews when a typical extension brings what, a few cents for Google?
They probably can't justify the resources to do the sort of specific feedback that would make this process much better.
I've thought of messing around with developing an Android app and uploading it to the app store just to gain some experience and try something different, but the fact that my whole google account could be banned just because a bot thought my app was bad for whatever reason is scary.
If Google hires programmers to do the review process, they can identify patterns, develop new techniques, and build tools to accelerate the process.
Additionally, I bet that they're expecting the value of the Chrome store to increase over time, which compounds on the effect above.
> things are back to normal now
I bet this happens again.
Since Big G's treatment of extension developers is incompatible with their self-respect, I wholeheartedly support devs who decide to dump the web store—despite me making some use of two Chrome-based browsers.
I understand they were using a very broad wildcard for permission on websites they could access. I'm glad they narrowed that down. But after they did, they still needed this to blow up in order to get an actual response.
I understand that the Chrome extension store is free, but if you're going to point a bunch of bots at it and have them de-list extensions based on unknown metrics, the least you could do is communicate the "gotcha" rules the extension supposedly violated.
Pretty sure it’s not free, I had to pay a nominal $5 fee ages ago, and looks like that hasn’t changed.
https://developer.chrome.com/webstore/publish#pay-the-develo...
Even found a recent news article reporting that now you need to pay the fee immediately on signup as opposed to when you publish the first extension/app.
https://9to5google.com/2020/03/12/chrome-web-store-fee/
(In case anyone wonders why $5 is even worth mentioning — if you’re a teenager in a third world country you probably have neither the fund nor a credit card to publish a Chrome extension.)
Unless there are secret rules.
https://old.reddit.com/r/PushBullet/comments/eirc1m/not_avai...
The dev said the iOS side of things are irrelevant for them anyway since most of their users are on Android, which is frankly disheartening since there's no alternative for iPhone users with linux desktops now
To me, Android PushBullet killer feature is notification sync (though I moved to KDE Connect once it came out), so I never had any reason to install their iOS app. For iOS, only Bluetooth devices can access notifications - BTW I made a script for Linux for that: https://github.com/pzmarzly/ancs4linux
Rest of the features seem to be possible to replicate with Firefox or Chrome for iOS, plus iCloud, plus pushover.net.
Found pushover.net which seems like a decent (paid) alternative.
We need an open-source version of this kind of functionality, maybe using ActivityPub? Self-hosted option with Google integration for a start, and since everyone needs to have Sign in with Apple for iOS, I guess that too. Might as well add Facebook login support.
Wait, what?
So you have an completly black box ultimatum, and even if you somehow magically guess what needs to be done, if you do it, they can still reject you?
That's worse than debugging IE6.
That's dishonest.
Read it could take a month plus be delayed due to COVID-19. I was pleasantly surprised.
As a former Call Center Director, it's pretty amazing to me how much bad-will these massive companies are willing to foment by not running their support correctly.
It's not that hard / expensive guys... you can hire great support employees for $20 / hour all across America.
Back of the napkin math for 1 billion users and a 1:100 support staff ratio comes out to around 5.8 billion dollars/yr.
I don't actually know the story of Google Reader and RSS feeds, but I remember how integral RSS feeds were to the golden era of blogging, and how abruptly that era seems to have ended with Google Reader's apparent death. And to me, that has a similar feeling. The idea is that the target is not potential competition wherever it might spring up; the idea is to sap the demand that might nourish competition, to suck the air out of the room, and stifle the imagination of the market itself.
It isn't Google alone who is responsible for this feeling, to be fair. There is watching the growth of the walled garden of Facebook, watching the collapse of the old chat services which allowed independent clients, watching successful startup after successful startup turn new ideas into content for a routine process wherein we see the exact same sheen of gloss on the promises, the same dance steps towards the pirouette, the attempt to pivot gracefully and effortlessly towards monetization in a maneuver that is in fact a mating dance desirous of acquisition.
All of it really sucks. It's not like there's an easy alternative. People like free things, and with computer-based resources there is often so much opportunity to scale the value of a thing that free things can be sustainable; a project can succeed and be useful to thousands of people merely on the basis of the labour that some are willing to commit to to sustain it. Again, I'm less qualified to describe this than most of you are. But that's what open source is like.
It doesn't work with services. Code that runs of different platforms can be replicated/adopted for infinitesimal cost, and the underlying costs of running it are naturally distributed. Services are different. The replication/adoption and the creation of value both involve on a massive rush of the many to the one. That relationship pretty much sums up the whole story. If capital accrued to capital by a square law, attention would accrue to attention by a cube law. In idiosyncratic niches that cannot be satisfied by the mass service, alternatives are actually viable and flourish. But anything that would be beneficial to us all encounters this problem of needing to absorb the real costs of operation while seeming to be as free as possible, or else the users will flit away to a different flower.
There's no good solution to this, but the way in which Google has graciously assumed responsibility for directing our attention does not make it better. All the improvements to search results over time seem to focus attention more and more to what an archetype of user is likely to be satisfied with. I would not be surprised if the energy costs per search had gone down. As many have noted, esoteric results are increasingly invisible.
Anyways, this is what we have done with the new universe of human communication that has opened up in the last few decades, which we imagined we would leverage into new systems of effortless communication and collaboration. And we have, to a lesser extent. Second best or third best. But we've discovered this really intractable problem with the distribution of costs.