Hacker News new | past | comments | ask | show | jobs | submit login

All my Chrome extensions are Git repositories in my home directory. Works really well and I can take a look at the changelog after pulling.

Requires the extensions to be open source, of course.




And means that Chrome will nag you about your "developer mode extensions" every time it starts up. I know why they do that, but it's still annoying. :(


This is similar to how Android warns me every single time I reboot that an unknown entity can observe my network traffic. The unknown entity, of course, is me (I've installed a certificate for my Streisand server). But still, it flashes a warning every single time.

Of course, this means that if anyone ever does install a malicious certificate on my phone, I'll be none the wiser. Thanks Google!


Thanks for mentioning your Streisand server. I had no idea this existed. This is amazing!

Here is the GitHub repository if other people are interested: https://github.com/jlund/streisand


The reason for that warning is the fact that when you add a certificate that is not trusted by Android, it goes into the personal cert store. When you add a cert in the personal cert store, the system requires a higher security level to unlock the device. hence the warning and pin/password nag.

But if you manage to add your cert to the global system store then Android will not issue any warning. Here's how to do it:

1 - add your cert normally, it will be stored in your personal store and Android will ask you a pin/password.

2 - With a file manager which has root access, browse to /data/misc/keychain/cacerts-added. You should see a file there. This is the certificate you just added at step 1.

3 - Move this file to /system/etc/security/cacerts

4 - Reboot the phone

5 - Now you can clear the pin/password you have set to unlock the device and there are no warnings.

I won't recommend doing this blindly as by doing this, you are actually man-in-the-middling yourself. But if you know what you are doing, this is the way.


Yeah, and that's even more stupid if your threat model considers your country and ISP as an adversary. We don't all live in nice countries, and in this case not having a VPN is far worse in terms of traffic interception than having your Streisand or similar. I guess Android developers are only aware of suspicious VPN providers and do not even provide an option to reverse this warning banner.


Chrome Dev and Chromium don't do that, however.


The Chrome dev channel didn't used to, but it does now.

The reason why? Malware was switching users to the dev channel to silence the warning. ¯\_(ツ)_/¯


Oops. Thanks for the correction! Looks like Windows and Mac Chrome developers are out of luck now, unless they are brave enough to try a solution listed here:

https://stackoverflow.com/questions/23055651/disable-develop...

Chrome on Linux doesn't warn yet (I just tested it) and neither does Chromium.


The price you pay for convenience vs security.


This nag is the reason I switched over to Opera. All chrome extensions work and no nagging message on startup.


I'm okay with that since I rarely restart Chrome anyway.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: