Google blocking all Chrome Windows extensions not hosted by Chrome Web Store

Windows users of Chrome will have to get their extensions from just one source from now on. As the company previously announced in November, Google is now requiring all extensions for the Windows version of its browser to come via the Chrome Web Store.

In a blog post, the company said this move might also cause some previously downloaded Chrome extensions to be disabled. They won't be able to work or be re-installed until they are published in the Chrome Web Store. Google says it is making this change to help fight off malicious extensions that could track a user's web browsing activity or put in unwanted ads. It added, "This is just one more step we are taking to make sure our users can browse safely, and enjoy all the Web has to offer without worrying."

In related news, Google's Chromium blog also announced today that the Chrome Web Store will no longer show any NPAPI-based apps or extensions on its home page, search results, and category pages. This is part of their continuing efforts to phase out support for NPAPI plug-ins for Chrome. The current plan is to remove all NPAPI-based plug-ins from the store in September and do away completely with supporting those programs in Chrome by the end of 2014.

Source: Google | Image via Google

Report a problem with article
Previous Story

Hands-on with the LG G3

Next Story

Unencrypted cookies make WordPress accounts vulnerable over open networks

37 Comments

Commenting is disabled on this article.

I just installed an extension that wasn't hosted at the store. Works a little different than before but it's doable. Just run Chrome with --limited-install-from-webstore switch and download a dev build of Adblock Plus then drag it to the extension page and it installs and works just fine.
https://downloads.adblockplus....evbuilds/adblockpluschrome/

http://s26.postimg.org/bxa6vpe0p/Adblock_Not_From_Store.png

Before it would download and then auto install. They have just added an extra step.
You do need to have the following in your registry I'm pretty sure...

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist]
"1"="ldcecbkkoecffmfljeihcmifjjdoepkn;https://adblockplus.org/devbui...pluschrome/updates.xml";

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Chromium\ExtensionInstallForcelist]
"1"="ldcecbkkoecffmfljeihcmifjjdoepkn;https://adblockplus.org/devbui...pluschrome/updates.xml";

We've seen dozens of customers with snail pace computers due to dozens of hidden toolbars and extensions running in the background, as evidenced by viewing the running processes in task manager. These were in not only Chrome, but also IE and, if installed, Firefox. It's good to see Google remove this crud. It's not useful extensions being removed. It's the dregs.

NPLastPass - Version: 2.5.5
LastPass Plugin
Name: NPLastPass
Description: LastPass Plugin
Version: 2.5.5
Location: C:\Program Files (x86)\LastPass\nplastpass.dll
Type: NPAPI

Game over :(.

This has little to do with being open source. The code is still mostly open (besides bundled mp4 support, etc), and 100% of the Chromium code is still open. Nothing is or getting closed.

So please keep "Chrome the app" separate. ;) This is a separate, new Web Store policy. Probably so that Google has at least some check over whether they're distributing malware or not to Chrome users.

Unfortunately, Chrome Web Store has had trouble with this in the past so I bet this is the background:
http://arstechnica.com/busines...ore-used-to-spread-malware/

No company wants to have their brand tainted with malware and headlines like "Chrome extensions used to spread malware without users realizing".

meh. Dont think most will really care. Will be easier to find their extensions and more people may use it. Of course, they will be under stricter guidelines most likely so it could backfire as well. Will have to see.

Anyway, dont use Chrome much other that for Chromecast. Use FireFox.

Old, binary NPAPI extensions like "Adobe PDF Helpers" and other such junk are, but Chrome will be starting to phase those out in other recent news, and I hope others are thinking of doing this too. Flash will probably remain, but the Chrome version of Flash is a joint effort of Google and Adobe to (as an exception) have it at least run in the Chrome sandbox.

The other, non-native extensions can have rights systems set up, and will have their source code directly available to Google for scrutiny (why Google is taking this step). They also run in the web browser sandbox without system rights. So they're much, much more safe than ActiveX and cannot be compared.

ActiveX is so much worse since they're binary blobs, complete black boxes with system access, and is a technology created in an era which would never even be thought of today.

Edited by Northgrove, May 28 2014, 10:01am :

The worlds largest advertising agency taking steps to remove the ability to install extensions that might create a conflict of interest with their revenue stream. The new Firefox looks better all the time.

ZipZapRap said,

How do you do that?

TPLs with IE. Basically you say, don't load anything from X website or Y subdomain or Z path or whatever.

Crimson Rain said,
Remove adblock plus from store and now force store only app. Nice idea.

They didn't remove anything. Why do people keep saying they removed adblockers from the chrome store? They never have.

SharpGreen said,
Why do people keep saying they removed adblockers from the chrome store? They never have.

Maybe getting mixed up with the ones Google pulled from the Android store? AdBlock, etc is still there for Chrome. Between that and the other somewhat popular ones they pulled for Chrome (YouTube downloaders, etc), it's not a huge stretch, but I'm not the tin-foil hat type of person either. That said, reason #184579 I prefer Firefox, the walls aren't closing in.

Max Norris said,

Maybe getting mixed up with the ones Google pulled from the Android store? AdBlock, etc is still there for Chrome. Between that and the other somewhat popular ones they pulled for Chrome (YouTube downloaders, etc), it's not a huge stretch, but I'm not the tin-foil hat type of person either. That said, reason #184579 I prefer Firefox, the walls aren't closing in.

If anything, this is good as it keeps those stupid apps that install browser extensions (for no good reason) from doing so in chrome.

Sorry. I confused it with g.play. But I bet google will remove them all as soon as they can find a cause like "“interference with another service or product in an unauthorized manner.”

'google', 'track', 'ads' in the same sentence, not just irony, but blasphemy!
Until now, my 99% browser is firefox and i don't see that changing anytime soon!

tomasse said,
'google', 'track', 'ads' in the same sentence, not just irony, but blasphemy!
Until now, my 99% browser is firefox and i don't see that changing anytime soon!

Well unless you're blocking scripts, Google is running plenty of stuff through Firefox, as well.

How to: Install Extensions in Chrome from outside the Chrome Store:
Step 1: Install Chrome Dev version
Step 2: Install external extensions

You're done.

Android 4.5 / 5: The option to install apps through third-party stores / not from Google Play on Google-certified (or whatever they call the devices that have access to Google Play) devices is gone!

You've heard it here first! For UNN, I am Donny Vermillion.

elenarie said,
Android 4.5 / 5: The option to install apps through third-party stores / not from Google Play on Google-certified (or whatever they call the devices that have access to Google Play) devices is gone!

You've heard it here first! For UNN, I am Donny Vermillion.


Doubtful.