The sad march towards tribal fiefdoms continued Thursday, as Google announced that it will only allow Chrome for Windows users to download extensions hosted by Google's own Chrome Web Store starting in January.
Google says the decision to transform Chrome into a gated community stems from security concerns, in an echo of the official reason that Microsoft moved to the Windows Store model to distribute modern UI apps. Google engineering director Erik Kay points the finger at the damage caused by rogue extensions in a blog post detailing the lock-down.
[ Get your websites up to speed with HTML5 today using the techniques in InfoWorld's HTML5 Deep Dive PDF how-to report. | For quick, smart takes on the news you'll be talking about, check out InfoWorld TechBrief -- subscribe today. ]
Bad actors have abused this mechanism, bypassing the prompt to silently install malicious extensions that override browser settings and alter the user experience in undesired ways, such as replacing the New Tab Page without approval. In fact, this is a leading cause of complaints from our Windows users.
The policy shift will no doubt make it easier for Google to police the sanctity of said extensions. Google's been on a bit of a security tear recently; last week, the company announced plans to step up Chrome's malware-busting chops.
But, it's also worth noting, developers who want to include their Chrome Web Store have to pay a $5 registration fee--and if your Chrome Web Store-hosted app or extension generates income, Google will take a 5 percent cut of the revenue.
The move to a gatekeeper-type model carries other implications: For example, while you can currently find the Adblock Plus extension in the Chrome Web Store, Google scrubbed the app from Android's Play store earlier this year. Android users can still sideload the Adblock Plus app after jumping through some hoops.
Everyday Chrome users would not have the same ability under the new extension policy, though developers and enterprise Chrome users will still be able to install "unauthorized" extensions.
Crappy par for a crappy course
Sadly, the shift away from the Open Web ideal is nothing new. Windows 8's move to the walled-off Windows Store caused anger amongst developers (and may have spurred the creation of the Linux-based SteamOS in response). Earlier this year, Google caught flak from privacy advocates for shifting away from the open XMPP technology built into Google Talk to the proprietary technology in its new Hangouts messaging service. Android looks less and less open by the day. And this week alone, both Microsoft and Google announced plans to cut off third-party client access to both Skype and Google Voice, respectively. (Again, they "pose a threat to your security.")
Before I sign off, I'll leave you with the words of Google co-founder Larry Page, from this year's Google I/O keynote.
And I think that we've really invested a lot into the open standards behind all that. And I've personally been quite saddened at the industry's behavior around all these things... I'd like to see more open standards, more people getting behind things, that just work, and more companies involved in those ecosystems.
Lofty ideals indeed, and noble ones. Just don't forget to practice what you're preaching, Google.
This story, "Google bans Windows Chrome extensions found outside the Chrome Web Store" was originally published by PCWorld.