This will probably get downvoted quickly, but Chrome's updater is one of few things I quarantine on my machine. I just don't trust Google enough to let it run stuff that "works quietly in the background, never notifying you." The technology is interesting (though not exactly a rocket science and certainly not magical ... which it would've been if it could update a running instance of Chrome without restarting it), but I am wee bit uncomfortable letting a company who is in business of collecting data and tracking people to run anything in my background.
I just run the Canary build and get auto-updated nightly. Until Google does something egregious, why not just help them build a great browser as quickly as possible?
Google, and now Mozilla too, is essentially crowd-sourcing, hopefully throwing a few million extra eyes on the problem.
And you are within your right to do that. But for non-tech elite that either don't care or would make an uninformed decision it is magical that they continuously the best features and security available with zero effort.
I used to think the same way, but after letting the stable version do its thing for a while on several computers, mine and my relatives', with no issue whatsoever, I stopped worrying.
Sorry, I don't see the logic behind this. You basically imply that if something works well, it must be benign, and this is clearly not always the case.
The roof of your bedroom could fall off on you every night, however, it hasn't so far and you just assume that it won't because not assuming so would make your life horrible by say, making you sleep in the outdoor, which may be even more dangerous. Life is full of compromise, of course the next version of Google Chrome could wipe out your hard drive and post all your photos to 4chan without your consent, but based on a few evidences (Google being a reasonable company whose interest is not to mess with you, past positive experience with chrome etc) we choose to compromise and accept autoupdate because it's convenient and we consider the amount of evidence enough to trust it.
I haven't investigated this, but I'd guess you could add a "chrome" user, chown the chrome directory to that user, and basically give it permission only to touch the stuff in its own directory. Would that help allay concerns about auto-updating software?
There's some convenience/security tradeoff here anyway. I don't know about you, but I don't inspect the source code of most apps I install or update.
"Stop! Whatever you were going to do, it couldn't possibly be more important than checking if fart-button-xpi has been updated from 1.0.4 to 1.0.5! Now just five more clicks and I'll restart"
But that's exactly the point -- just manually update to firefox 4 and your problems will go away! Firefox 4 is only a few months old. Compared to previous firefox releases it's brand-new.
I agree with this. Chrome has effectively changed the entire nature of client-side computing with this feature. If you want to run stuff client-side any more (hello Windows? Anybody listening?), you're going to need to implement this.
In general, the user should extremely rarely be interrupted for anything, especially not anything program-related. Each program having a tray icon, an update alert, update restarts, and flow interruption because it thinks something is important is what has turned windows from a productive computing platform to some kind of cross between a Kafkaesque X-box and a slot machine.
After getting used to Chrome's silent updates, I started to find it breathtakingly ridiculous the way Firefox kept interrupting its startup asking about updates. When I start Firefox, it is because I want to go to a website. Giving attention to updates is not what I want to do.
Google have open-sourced their auto-update mechanism to a project called 'Omaha'. But it's so complicated an google-specific that nobody else seems to use it:
"It is magical because it continuously updates an entire development platform invisibly, frequently"
That "frequently" is every 30 minutes, by the way... I accidentally removed the goog updater from my Lil Snitch rules and noticed that it then started asking permission every 30 minutes, on the dot (I started recording the times for a while).
I don't know why it needs to check so often - except that that kind of data would be very useful for noting how often your users were on 'puters, and if they moved around etc.
Out of curiosity, were you allowing it to check? If you denied permissions I could see it asking every 30 minutes since it failed the previous attempt.
In this case the benefit far outweighs the cost, if a bug is introduced in an update I want Google to be able to patch it and my browser to receive it asap.
My group is currently having discussions about the new paradigm of browsers updating frequently and silently. We currently have to support a wide array of browsers and versions for our apps (due to the nature of the product), and our QC group is grappling with how to manage this.
Personally, I don't think we need to worry about a Chrome or FF update suddenly breaking our apps--they don't use cutting edge HTML5/CSS3 features, and I don't suspect that either browser will suddenly change an HTML4 implementation.
While I've never seen an update cripple our software. I have noticed changes in rendering engines that change how things appear slightly. Minor stuff, only a few pixels here and there.
Also, I was forced to change our browser checking software to only do lower bound checking. Before, I would explicitly specify which versions were allowed. Now it's more like Firefox 4+, etc.
I notice on Ubuntu auto-update doesn't work. I wonder if this is a technological issue (they can't or haven't bothered to get it working) or a cultural one (like if Ubuntu programs shouldn't auto-update ever).
On Linux, the chrome team chose to integrate with system package managers instead of using their native updater - arguably the native updater would have worked better (many Linux distros still don't support delta updates!), but they wanted to buy goodwill with the Linux community.
I don't see any such thing on their download page, only for stable and beta. I think linux users are better equipped than most to build it from source, however...
When you install Chrome/Chromium in Ubuntu it adds a repository for the channel (stable, beta, dev, canary) that you chose. When you update Ubuntu, via the Update Manager or the terminal, it will fetch the latest version of Chrome and install it.
It does not make sense for an application to autoupdate itself when there's a system wide package management with updates available. There are also other reasons that are more cultural than technical in nature.
If you want bleeding edge versions of Chromium (or some other popular program), there are non-standard/third party repositories available. Then you can get nightly builds but still update your system with the package manager.
My guess is that Chrome/Chromium is installed system-wide from a distribution package, and when you run it as a normal user you don't have write permission for updating it.
Good thing they are still not evil.
Seriously, this is a very powerful way to run software, but what if they, or some other company who emulated this idea, took that great power we have granted them and used it for evil? They could suddenly 0wn millions of computers.
I really want a Linux version of the binary with the updater. There's an open feature request for it, but no activity on it.
Flash is unfortunately still a requirement for a lot of websites. The 32bit binary chrome has flash bundled, so updates are received as quickly as possible (I know, I should run some flash-blocking plugin, but I don't right now). On 64bit Linux (which is what I need most of the time), you have to maintain the flash plugin separately, and run it through nspluginwrapper, which makes it much less stable in my experience.
You used to be able to run the 32 bit debs on 64bit Ubuntu, but that broke a couple versions ago, and I never had time to see if it could be fixed. You also lose the package manager updates when you do this, since apt isn't multi-arch aware.
It's nice, but I really don't find it vastly preferable to a friendly update notification and a quick application restart - especially now that most applications open in the state they were closed in, and with an SSD the restart is barely a blink. In fact, I like to know the feature additions or design adjustments happening to an app, so I enjoy the notifications - it's like I'm getting something for free (which I am, actually).
I don't think it's a huge advantage for average users, either - %90-percent of iPhone users are on the latest available major OS version, and that (until 5.0) involved a huge non-delta download, physically docking your phone and an onerous, lengthy (well over 30 minute) process, during which you had limited use of your phone.
The only issue with this otherwise wonderful feature is that often when chrome starts doing something weird/broken it turns out it installed an update and is ready to be restarted.
So it appears there is a bug where the update messes up currently running processes.
On a related note, for a side project that requires a windows download (http://www.getbugcam.com), I've been experimenting with Microsoft's "ClickOnce" installer + autoupdate technology. Obviously (per the name and Microsoft reputation), it's not quite as simple and straightforward as Chrome's autoupdate process, but it is pretty good.
Although it is a nice feature, for me the most important Chrome feature is unifying the address and search box.
Even non-technical people know to respond to a software update prompts, but the number of people I see (including normally quite tech savvy people) that still search for a url, or enter a search in the address field surprises me.
OK, you could argue it is bowing down the lowest common denominator, but I believe it's a great feature that saves the frustration of people that just want to do go somewhere or find something on the web quickly.
Users in countries with slow/expensive internet connections will hate the feature. It might not even work as the machine is not connected to the network 24/7. And when its connected they do not want Google to use bandwidth for updating software. I know many people in India turn off autoupdate on their windows machines because it eats bandwidth (of course I try to talk them out of it).
Only those running admin accounts benefit from this feature. If you run Chrome in a limited user account on Windows 7, or a Standard User account on OS X 10.7, Chrome may or may not prompt you for an admin password (depending on the configuration). I've always had to quit all my applications, log out of my everyday account, login as admin, update, logout, then login again.
From my experience Chrome installs itself into %appdata% to avoid requiring admin permissions. And not once has Chrome asked for my admin password on OS X.
Right, that's one way of installing Chrome on Windows. However if you install Chrome for all users, then you pretty much have to start Chrome with an admin user's UID. I get prompted for my admin password on OS X, as I work in a standard user account.
I maintain two accounts on OS X: one for software installation & updates, and the other being my primary account with limited credentials. That way, if I were to accidentally run some malicious code, it wouldn't hose the entire system.
So Google Chrome.app resides in /Applications, but it's installed by the account that gets created when you reinstall OS X (which is by default an account with full privileges). Standard users can read /Applications, so they can launch Google Chrome.app, but the process can't write to /Applications because of its effective UUID. That's why it prompts for an admin password.
I would have thought it's best features are that it's fast and clutter free compared to other browsers. Whether chrome updated every 5 minutes silently in the background or never updated at all would not make a difference to me.
They have releases their updated as open source under the name Omaha: http://code.google.com/p/omaha/
Several of their products use it but afaik no other product is making use of it yet.
So why hasn't Firefox implemented this yet? They've already said they are moving away from version numbers, but I still get the "You need to update, do you want to?" and "You've updated, now stop what you're doing and restart".
Chrome has eliminated both of these dialogs (that used to be browser standards), and the FF dev team is usually responsive enough to adopt new, good ideas quickly. So what gives?
Firefox addons are traditionally written using the same API the browser itself uses. That's what makes them much more powerful than Chrome extensions, but clearly more fragile to breakage.
They're starting to offer a separate extension SDK (formerly called Jetpack) that allows extensions to ignore the internal API and build against something more stable. Such add-ons can be installed without requiring a restart, and should be much easier to update, but many important extensions need more power than currently provided. (Ad block is a good example.)
This is the tail wagging the dog. The plugins are going to be broken whether the update from 3 to 4 happens manually or automatically (and, if anything, discourages manual updating despite all the popups).
Windows has had binary compatibility for decades. Why not just version the internal browser API? (Extension XYZ was built against FireFox 3.6).
Often times they are stuck using insecure browsers because some archaic piece of in house software depends on obsolete features only present in dated versions of browsers. They choose to skip updates because they don't want to spend the cash rebuilding the timekeeping system to work with anything other than IE <= 7.
Stated another way, for most large enterprises, the functionality of intranet in-house browsing for internal systems is more important than public web browsing. And this really is true for the enterprise's day-to-day business and ultimately profitability. Once you understand that, it naturally follows that the corpus of installed software and updates will be controlled to favor the former case at the expense of the latter.
This kind of thinking is what has lead us to the sorry security state we are in today. Why do we allow our providers to dictate to us that insecure software is a requirement for running their software. If enterprise pushed back on vendors for this issue we would be better off.
It isn't their fault alone. Lots of software has backward-compatibility breaking changes all the time. Maybe if all platforms ensured all existing applications worked correctly with every update, maybe by extraordinarily thorough testing or something.
You see, enterprise PCs are centrally managed and admins don't want something breaking because of the smallest of updates. They want to test their updates for a long time before they are pushed down to users. Auto-updating is exactly the opposite of what the enterprise wants, IMO.
Yes, which has led to countless other problems because users are running insecure browsers. Admins always want control, but it's not always better for anybody but the admins who justify their existence. I'm currently deploying a project in a business environment and we're requiring Chrome because of its auto-updating feature.
They may well be right, but boy does it /feel/ wrong.
What if it sucks down bandwidth when I'm on 3G? What if an update breaks something, and I'm in the middle of something that can't be updated? What if an update silently breaks the update process? Hrm!
I reference that in your mention of 3G bandwidth usage. Chrome updates should be fairly tiny and bandwidth-friendly. Not always, but more often than not.. Especially on a beta/dev channel.
It's like you've never actually experienced the autoupdater and are only responding to a rough description of the process. It's a HUGE win.
> What if it sucks down bandwidth when I'm on 3G?
That might happen. What if it does?
> What if an update breaks something, and I'm in the middle
> of something that can't be updated?
As per TFA (and experience): The autoupdater never interrupts you. The only UI change is one of the toolbar buttons changes subtly. Most of the time you don't notice that an update is ready to install. More to the point, after the update you usually don't even notice anything different.
> What if an update silently breaks the update process?
There's absolutely no precedent for this, but honestly, who cares? This is hardly reason to shun the entire system.
Bottom line: The autoupdater makes sure I never care about the version of Chrome I'm running, just like a web app.
Then it risks costing me money, for doing something I've not chosen to do. For a feature described as "not worrying", that can be potentially very worrying.
Do you choose what version of a web site you use? Generally no. You trust that whoever is running it cares enough to not break it for you, just like Chrome users trust Google to not break their web browser.
Exactly. I can only buy this line of thinking if you're in charge of mission critical machines (if it ain't broke, don't fix it).
For the vast majority of people, heading down this rabbit hole isn't worth the effort.
(On the flip-side, it would be nice if there was a magical "undo those updates to point in time X" feature in case something went wrong and you wanted to see if it was because of an update).
You have chosen to, by installing Chrome. Install Chromium if you don't want automatic updates. It's a pain though, Chrome's auto-updates are first class.
If you're in the middle of something, it isn't a problem. It doesn't update until you close the browser and open it again.
It's also really unlikely to break anything you might be doing from one version to the next, unless you're doing really experimental cutting-edge things... And then you probably want the update anyhow.
> What if an update silently breaks the update process? Hrm!
This is part of why Chrome uses a separate application (Google Updater) to do the updating. Even in the worst-case scenario where we update to a version of Chrome that can't even start, the updater still runs and can later update to a fixed version.
Sorry for slow response. I sure wish HN would mail me when people comment.
Sure, the updater can break itself. But in practice, you rarely update the updater because the majority of the features you might want to update are in the app, not the updater.
So you update the updater very rarely and cautiously, and you update the app quickly and fearlessly. It's not 100% foolproof, but it's a lot better than the alternative: Any crash bug anywhere in the application having the capacity to disable updates.
Chrome saves a copy of the last version, so if an update breaks something there is something to easily rollback to, even without network access. The updates are also impressively small, thanks to Courgette.
The 3G will cost you a few extra bucks. Can't live with that? Maybe you should try Internet Explorer, I've heard they're not planning to include such a feature anytime soon... :)
