Linked by Thom Holwerda on Sun 10th Jun 2012 22:36 UTC
Google So, Google has made it very hard to install Chrome extensions outside of the Chrome Web Store - out of security concerns. In addition, they sprung this on users and extension developers without much consultation or consideration for their concerns. As always - understandable to protect users, but the handling has an almost Apple-like bluntness to it. Next up: how to jailbreak your browser?
Thread beginning with comment 521519
To read all comments associated with this story, please click here.
Side-loading can be re-enabled
by jasutton on Mon 11th Jun 2012 00:06 UTC
jasutton
Member since:
2006-03-28

According to the green-highlighted comment added in this commit...

https://chromiumcodereview.appspot.com/10511015/diff/1/chrome/common...

You can re-enable side-loading by starting Chrome/Chromium with the "--enable-easy-off-store-extension-install" switch, and then drag-n-drop the *.crx file onto "chrome://extensions/".

I'd say this is a nice compromise. It still allows user freedom, while not opening up an easily-exploitable area for users to be duped by. This is pretty comparable to Android, which offers a checkbox to enable side-loading. This is no where near the Apple/iOS defective-by-design model, in which you have to exploit a bug in the OS in order to side-load.

Reply Score: 12

Alfman Member since:
2011-01-28

jasutton,

Yea, it's better than apple's control. But google is weaving precariously on the line between open and closed. I am extremely disappointed they're using a "security" excuse to justify new restrictions, which users won't know how to bypass. A better approach would have been to give users better tools to view/limit what extensions can do and just set the defaults to restrictive.

Reply Parent Score: 2

darknexus Member since:
2008-07-15

I am extremely disappointed they're using a "security" excuse to justify new restrictions, which users won't know how to bypass.


Speaking from tech support experience, I'd say if a user doesn't know enough to google for that switch, they have no business side-loading. The more checkboxes you give users, the more they will check out of annoyance just to avoid the alert dialogs, and then your security becomes null and void. I'd agree that having this switch is a nice compromise, and it's not as though you have to hack your browser to enable this.

Reply Parent Score: 6