FWIW, I think your responses were perfectly reasonable for any human being having an automated system tell them something completely contrary to evidence provided. It's another symptom of why...
Now before anyone mentions it, yes I could have worded my response more delicately and in better faith, but I didn't...
FWIW, I think your responses were perfectly reasonable for any human being having an automated system tell them something completely contrary to evidence provided.
It's another symptom of why monopolies and duopolies are bad.
Post about this at https://groups.google.com/a/chromium.org/forum/#!forum/chromium-extensions. Chrome Web Store mixups can usually get straightened out there.
You don't have to like the platform to think about users. At the very least, upload the extension elsewhere so Chrome users could install it manually in dev mode.
You don't have to like the platform to think about users. At the very least, upload the extension elsewhere so Chrome users could install it manually in dev mode.
I'm still unconvinced. Indeed, I may not personally pore through an extension's source code to look for security and privacy issues (though occasionally I do, especially when there isn't that much...
I'm still unconvinced. Indeed, I may not personally pore through an extension's source code to look for security and privacy issues (though occasionally I do, especially when there isn't that much source code), but I at least trust that some others have done so, especially if the extension is popular.
In contrast, when a pre-built extension is offered by a remote server not under my control, I do not trust that it has not been modified by persons who don't have the same interests in my privacy and security as I myself do.
Very valid points overall, but these things are often not mutually exclusive. Given a choice between a popular open-source product and a closed source one with roughly equivalent userbases, I'll...
Very valid points overall, but these things are often not mutually exclusive.
Given a choice between a popular open-source product and a closed source one with roughly equivalent userbases, I'll go with the open source one 100% of the time.
I personally will always go with an open-source version whenever possible, simply because the possibility of anybody auditing provides at least some semblance of assurance.
But for the average user? One who doesn't really have the skills to evaluate why open vs closed is remotely important? A vetted distribution platform will likely be better than a non-vetted one. And that's fundamentally why I don't have a problem with the mobile or browser app stores. The problem really arises when a reasonable alternative isn't available if you want to deviate from those options, and that's why I'll choose Android over IOS and Firefox over Chrome every time. Firefox makes it easy to add unapproved extensions, as does Android, which enabled the creation of the F-Droid repository.
Good point. I acknowledge this. Indeed, in evaluating which is more secure, we'll have to say: it depends.
But for the average user? One who doesn't really have the skills to evaluate why open vs closed is remotely important? A vetted distribution platform will likely be better than a non-vetted one.
Good point. I acknowledge this. Indeed, in evaluating which is more secure, we'll have to say: it depends.
Not really, people will find exploits whether or not it's open source. Having the source available doesn't make too awful much of a difference for hackers finding exploits, but it sharply reduces...
Not really, people will find exploits whether or not it's open source. Having the source available doesn't make too awful much of a difference for hackers finding exploits, but it sharply reduces the barrier to entry to get more good hands on the codebase who might spot it.
With open-source, you'll have both good and bad actors looking over your source code. With closed-source, you generally have just the bad actors. Having more eyes is usually a good thing. Better...
With open-source, you'll have both good and bad actors looking over your source code. With closed-source, you generally have just the bad actors. Having more eyes is usually a good thing.
Better to learn about the problems and fix them, than hope they're remaining hidden.
Install both Firefox and Chrome. Use Chrome for your bank, for paying bills or doing taxes, or whatever else you need on sites you trust implicitly with boring real world stuff. For everything...
Install both Firefox and Chrome.
Use Chrome for your bank, for paying bills or doing taxes, or whatever else you need on sites you trust implicitly with boring real world stuff.
For everything else, use Firefox, and get yourself uMatrix, uBlock Origin, DecentralEyes, and PrivacyBadger. Shields up. If a website gives you static/trouble, load GreaseMonkey and get a userscript or find an extension built just for that site to lobotomize all of the bullshit out of places like Twitter and Facebook. Take back control of your web experience. There's nothing anyone can do to stop you.
I do this too, for two reasons: I install and configure so much privacy/anti-tracking/etc. stuff in Firefox that it breaks a lot of sites, and sometimes the way it breaks them is subtle or will...
I do this too, for two reasons:
I install and configure so much privacy/anti-tracking/etc. stuff in Firefox that it breaks a lot of sites, and sometimes the way it breaks them is subtle or will only show up when you try to do a very particular task. A Chrome install with almost nothing changed (usually just uBlock Origin installed) is easier to use for sites I trust than doing a bunch of trial-and-error to figure out the exact combination of things I need to whitelist to get them to work in Firefox.
Unfortunately, quite a few web developers only test in Chrome now. It's useful to have it around in case Firefox isn't working right for something important.
For your first issue, why not just have two firefox profiles? one with anti-tracking and one without. You can even run both at once. Just call firefox with the -p flag.
For your first issue, why not just have two firefox profiles? one with anti-tracking and one without. You can even run both at once. Just call firefox with the -p flag.
I'd say it's been getting worse, though. It wasn't nearly as much of a pain to whitelist components of websites even one year ago. As websites become less of a single site and more like a rickety...
I'd say it's been getting worse, though. It wasn't nearly as much of a pain to whitelist components of websites even one year ago. As websites become less of a single site and more like a rickety asspile of components coming from fifty vendors/sites, they get less stable, less flexible, and more prone to random breakage.
The modern web is frankly an abomination that's less stable than what we had in Mosaic in the mid-90s. I hate it.
You could just have multiple Firefox profiles in that case. At work I have two separate ones, one for work related stuff and one for personal stuff. Still sometimes there are some sites that don't...
You could just have multiple Firefox profiles in that case. At work I have two separate ones, one for work related stuff and one for personal stuff.
Still sometimes there are some sites that don't like FF but it's not something that has impaired me significantly.
Managing and switching profiles in FF using firefox.exe -P is kind of a PITA. I find it much easier to just use a separate browser for accessing sites that my current, privacy-heavy FF setup...
Managing and switching profiles in FF using firefox.exe -P is kind of a PITA. I find it much easier to just use a separate browser for accessing sites that my current, privacy-heavy FF setup breaks (e.g. my bank and CC site).
... I'm an idiot. Why didn't I think of that? Thanks, you probably just saved me from ever having to open Chrome again (unless I am browser testing a website)! :P
and just set up separate shortcuts with the profile I want.
... I'm an idiot. Why didn't I think of that? Thanks, you probably just saved me from ever having to open Chrome again (unless I am browser testing a website)! :P
I use and care about this extension and it’ll be sad to see it go. Among other issues Firefox works really bad with customized keybindings on Linux — I manipulate the keyboard layout using xmodmap...
I use and care about this extension and it’ll be sad to see it go. Among other issues Firefox works really bad with customized keybindings on Linux — I manipulate the keyboard layout using xmodmap and xcape. Firefox is also much harder to customize overall and it’s equivalent to Vimium is somewhat limited. That said, I totally understand your frustration and thank you for all the good work.
I’m allergic to the mouse. Between the terminal, Vimium and Emacs I can spend an hour without touching it. It’s a last resource. But I thank you for the suggestion and will take a look at it!
I’m allergic to the mouse. Between the terminal, Vimium and Emacs I can spend an hour without touching it. It’s a last resource. But I thank you for the suggestion and will take a look at it!
I was the same way, keyboard shortcuts for everything. I got tired of being hunched over my keyboard and my back thanked me when I stopped doing it all the time. Now I like to sit back in a big...
I was the same way, keyboard shortcuts for everything. I got tired of being hunched over my keyboard and my back thanked me when I stopped doing it all the time. Now I like to sit back in a big recliner-style chair, use a gamepad on the left arm, and the mouse on the right arm. I actually have to stretch to reach the keyboard and I rarely need it except to type comments like this one.
I never tried using a game pad for that. But that’s also a matter of posture and habits. I usually sit in a comfortable chair and use a very large monitor, so I can be in a comfortable position...
I never tried using a game pad for that. But that’s also a matter of posture and habits. I usually sit in a comfortable chair and use a very large monitor, so I can be in a comfortable position even while using the keyboard. I also prefer large discrete keyboards instead of built in. Most of what I do on the computer involves typing so it’s convenient to keep my wrists rested in the same area — when my usage doesn’t require typing I prefer the smartphone or the Kindle reader. And I only play videogames on the PS4, which is in another room.
There are also many Emacs specific advantages, since Emacs is keyboard oriented.
The gamepad is handy as hell since you can bind its keys to be any keyboard key or combination. It makes access to alt/shift/ctrl really easy and you can get as nuts as you like binding programs...
The gamepad is handy as hell since you can bind its keys to be any keyboard key or combination. It makes access to alt/shift/ctrl really easy and you can get as nuts as you like binding programs and key combinations to single gamepad keys.
If you want to go the extra mile, get yourself a MMO mouse. It's like having the numpad and F1-12 right under your thumb.
For you, @mrbig, and anybody else considering checking this out, I highly recommend a Steam Controller as that gamepad. It's infinitely configurable, and the dual-touchpad and gyro works...
For you, @mrbig, and anybody else considering checking this out, I highly recommend a Steam Controller as that gamepad.
It's infinitely configurable, and the dual-touchpad and gyro works incredibly well for a wide variety of uses, both gaming and otherwise. This program lets you map stuff without Steam if desired. The default keyboard input for it is very similar to using both thumbs on your phone (although I haven't really tested that outside of Steam on Linux).
I was able to map a game with over 30 keybindings to that one controller, and I've never been able to do that with any other controller.
Edit: Crap, seems they're not making or selling them anymore. Glad I have two....I guess check Ebay or local markets to see if you can get one used.
It's a matter of choosing a vendor that does more than just offer drivers for windows. There are good open source drivers for many vendors' products, and since they don't really change much under...
It's a matter of choosing a vendor that does more than just offer drivers for windows. There are good open source drivers for many vendors' products, and since they don't really change much under the hood, newer versions still work great.
Good to know! I have a cheap vertical mouse from an unknown brand with some extra buttons and it kinda works, but since the proprietary management software doesn’t run on Linux I’d have to mess...
Good to know!
I have a cheap vertical mouse from an unknown brand with some extra buttons and it kinda works, but since the proprietary management software doesn’t run on Linux I’d have to mess with X to rebind it for convenience—and I’m getting lazy for that stuff :P
Oh yeah this sounds about right for my experience with the support department for chrome extensions. It takes a whole lot of repeating your point (and in my case I kept asking if I could get a...
Oh yeah this sounds about right for my experience with the support department for chrome extensions. It takes a whole lot of repeating your point (and in my case I kept asking if I could get a human response not a template) before you actually get a response that makes a bit more sense. It is indeed not fun at all and very frustrating.
A real shame, Chromium Web Store made getting extension updates from the Chrome Web Store pretty simple on Ungoogled Chromium. Guess I need to add the ReExtended repo to my rss reader and build...
A real shame, Chromium Web Store made getting extension updates from the Chrome Web Store pretty simple on Ungoogled Chromium. Guess I need to add the ReExtended repo to my rss reader and build the updates as unpacked extensions myself.
The unpacked extension doesn't work for regular profiles since Chromium forbids loading folders beginning with an underscore. The work-around is as follows: Build extension Open Chromium's...
The unpacked extension doesn't work for regular profiles since Chromium forbids loading folders beginning with an underscore.
The work-around is as follows:
Build extension
Open Chromium's "extensions" page
Enable developer mode
Click "Pack Extension" button and point to the build directory
Chromium will automatically generate a signing key, zip the build directory, and generate the crx
Drag and drop the crx into the extensions page, or open the crx file with Chromium.
Don't lose the .pem key or else you will need to back up your settings and uninstall the old version of the extension before upgrading.
FWIW, I think your responses were perfectly reasonable for any human being having an automated system tell them something completely contrary to evidence provided.
It's another symptom of why monopolies and duopolies are bad.
I think it was a fair response as well. I think I'd have been a lot blunter had I been in your shoes.
Post about this at https://groups.google.com/a/chromium.org/forum/#!forum/chromium-extensions. Chrome Web Store mixups can usually get straightened out there.
You don't have to like the platform to think about users. At the very least, upload the extension elsewhere so Chrome users could install it manually in dev mode.
Is it more secure than downloading from an open source and installing manually?
I'm still unconvinced. Indeed, I may not personally pore through an extension's source code to look for security and privacy issues (though occasionally I do, especially when there isn't that much source code), but I at least trust that some others have done so, especially if the extension is popular.
In contrast, when a pre-built extension is offered by a remote server not under my control, I do not trust that it has not been modified by persons who don't have the same interests in my privacy and security as I myself do.
Very valid points overall, but these things are often not mutually exclusive.
Given a choice between a popular open-source product and a closed source one with roughly equivalent userbases, I'll go with the open source one 100% of the time.
I personally will always go with an open-source version whenever possible, simply because the possibility of anybody auditing provides at least some semblance of assurance.
But for the average user? One who doesn't really have the skills to evaluate why open vs closed is remotely important? A vetted distribution platform will likely be better than a non-vetted one. And that's fundamentally why I don't have a problem with the mobile or browser app stores. The problem really arises when a reasonable alternative isn't available if you want to deviate from those options, and that's why I'll choose Android over IOS and Firefox over Chrome every time. Firefox makes it easy to add unapproved extensions, as does Android, which enabled the creation of the F-Droid repository.
Good point. I acknowledge this. Indeed, in evaluating which is more secure, we'll have to say: it depends.
Isn't it also a disadvantage that certain things are open sourced, as people can potentially look for exposed security flaws?
Not really, people will find exploits whether or not it's open source. Having the source available doesn't make too awful much of a difference for hackers finding exploits, but it sharply reduces the barrier to entry to get more good hands on the codebase who might spot it.
With open-source, you'll have both good and bad actors looking over your source code. With closed-source, you generally have just the bad actors. Having more eyes is usually a good thing.
Better to learn about the problems and fix them, than hope they're remaining hidden.
Install both Firefox and Chrome.
Use Chrome for your bank, for paying bills or doing taxes, or whatever else you need on sites you trust implicitly with boring real world stuff.
For everything else, use Firefox, and get yourself uMatrix, uBlock Origin, DecentralEyes, and PrivacyBadger. Shields up. If a website gives you static/trouble, load GreaseMonkey and get a userscript or find an extension built just for that site to lobotomize all of the bullshit out of places like Twitter and Facebook. Take back control of your web experience. There's nothing anyone can do to stop you.
What's the benefit to this over just using Firefox?
I do this too, for two reasons:
I'm in exactly the same situation. Chrome and Edge tend to be my fallback for whenever my Firefox setup breaks a webpage, which is alarmingly often.
For your first issue, why not just have two firefox profiles? one with anti-tracking and one without. You can even run both at once. Just call firefox with the -p flag.
Not having to create a mountain of exceptions for your bank/gov sites/etc in the rules of all of those security plugins. :)
I'd say it's been getting worse, though. It wasn't nearly as much of a pain to whitelist components of websites even one year ago. As websites become less of a single site and more like a rickety asspile of components coming from fifty vendors/sites, they get less stable, less flexible, and more prone to random breakage.
The modern web is frankly an abomination that's less stable than what we had in Mosaic in the mid-90s. I hate it.
You could just have multiple Firefox profiles in that case. At work I have two separate ones, one for work related stuff and one for personal stuff.
Still sometimes there are some sites that don't like FF but it's not something that has impaired me significantly.
Managing and switching profiles in FF using
firefox.exe -P
is kind of a PITA. I find it much easier to just use a separate browser for accessing sites that my current, privacy-heavy FF setup breaks (e.g. my bank and CC site).Fair enough, it's simple enough for me to set up the profiles initially and just set up separate shortcuts with the profile I want.
... I'm an idiot. Why didn't I think of that? Thanks, you probably just saved me from ever having to open Chrome again (unless I am browser testing a website)! :P
I use and care about this extension and it’ll be sad to see it go. Among other issues Firefox works really bad with customized keybindings on Linux — I manipulate the keyboard layout using xmodmap and xcape. Firefox is also much harder to customize overall and it’s equivalent to Vimium is somewhat limited. That said, I totally understand your frustration and thank you for all the good work.
Best of luck.
You could try out Gestureify. You'd be amazed what you can do with a mouse gesture and that plugin is powerful. :)
I’m allergic to the mouse. Between the terminal, Vimium and Emacs I can spend an hour without touching it. It’s a last resource. But I thank you for the suggestion and will take a look at it!
I was the same way, keyboard shortcuts for everything. I got tired of being hunched over my keyboard and my back thanked me when I stopped doing it all the time. Now I like to sit back in a big recliner-style chair, use a gamepad on the left arm, and the mouse on the right arm. I actually have to stretch to reach the keyboard and I rarely need it except to type comments like this one.
I never tried using a game pad for that. But that’s also a matter of posture and habits. I usually sit in a comfortable chair and use a very large monitor, so I can be in a comfortable position even while using the keyboard. I also prefer large discrete keyboards instead of built in. Most of what I do on the computer involves typing so it’s convenient to keep my wrists rested in the same area — when my usage doesn’t require typing I prefer the smartphone or the Kindle reader. And I only play videogames on the PS4, which is in another room.
There are also many Emacs specific advantages, since Emacs is keyboard oriented.
The gamepad is handy as hell since you can bind its keys to be any keyboard key or combination. It makes access to alt/shift/ctrl really easy and you can get as nuts as you like binding programs and key combinations to single gamepad keys.
If you want to go the extra mile, get yourself a MMO mouse. It's like having the numpad and F1-12 right under your thumb.
For you, @mrbig, and anybody else considering checking this out, I highly recommend a Steam Controller as that gamepad.
It's infinitely configurable, and the dual-touchpad and gyro works incredibly well for a wide variety of uses, both gaming and otherwise. This program lets you map stuff without Steam if desired. The default keyboard input for it is very similar to using both thumbs on your phone (although I haven't really tested that outside of Steam on Linux).
I was able to map a game with over 30 keybindings to that one controller, and I've never been able to do that with any other controller.
Edit: Crap, seems they're not making or selling them anymore. Glad I have two....I guess check Ebay or local markets to see if you can get one used.
These devices usually have poor Linux support. Is that the case?
It's a matter of choosing a vendor that does more than just offer drivers for windows. There are good open source drivers for many vendors' products, and since they don't really change much under the hood, newer versions still work great.
Good to know!
I have a cheap vertical mouse from an unknown brand with some extra buttons and it kinda works, but since the proprietary management software doesn’t run on Linux I’d have to mess with X to rebind it for convenience—and I’m getting lazy for that stuff :P
Rebinding on Emacs is super easy though.
Oh yeah this sounds about right for my experience with the support department for chrome extensions. It takes a whole lot of repeating your point (and in my case I kept asking if I could get a human response not a template) before you actually get a response that makes a bit more sense. It is indeed not fun at all and very frustrating.
A real shame, Chromium Web Store made getting extension updates from the Chrome Web Store pretty simple on Ungoogled Chromium. Guess I need to add the ReExtended repo to my rss reader and build the updates as unpacked extensions myself.
The unpacked extension doesn't work for regular profiles since Chromium forbids loading folders beginning with an underscore.
The work-around is as follows:
Don't lose the
.pem
key or else you will need to back up your settings and uninstall the old version of the extension before upgrading.