While Google Chrome is easily the most popular web browser for the PC, its open source big brother, Chromium, doesn’t have that many users, but it has always had a few fans on Linux for the desktop. Now, however, that love affair is in trouble.
Google claims to have recently found unnamed third-party Chromium-based browsers integrating Google’s cloud-based features like Chrome sync and Click to Call, which were intended only for Google Chrome users. In other words, “This meant that a small fraction of users could log into your Google Account and store their personal Chrome sync data as favorites, not only with Google Chrome, but also with some third-party browsers based on Chromium . ”
Besides that: Best Linux Foundation Classes
Google was not amused.
As of March 15, Google said it will limit access to many Chrome application programming interfaces (APIs) within Chromium as of March 15, 2021. This means that users using the Chromium browser or any another browser based on your open source code won’t be able to use most of Google’s specific API-enabled services. This includes the ability to sync Chrome bookmarks, check spelling, find your contacts, translate text, and so on.
Many users are also not happy now. Thom Holwerda, editor-in-chief of OSNews, spoke for many when he wrote: “Google” is not closing a security breach, they just require everyone to use Chrome. Or, to be honest, they don’t want you to access Google API functionality without using proprietary software (Google Chrome). ”
Developers can, after going through the necessary obstacles to obtain API keys and an OAuth 2.0 client ID, obtain keys for those APIs. But, Google underlines, “that the keys you have now purchased are not for distribution and should not be shared with other users. ”
In theory, a developer could take the API keys out of the main Chrome and maintain the Google build functionality of Chromium. However, this is just asking for a lawsuit.
In addition, Jochen Eisinger, Google engineering director for Chrome Trust & Safety commented on the Google Chromium developer group: “We will not remove the API from your key, but we will limit the quota for development. … this will make the keys inappropriate for production use. “These” APIs are not designed to be used by third-party software, so without a complete rewrite, unfortunately there are no [other] option.”
So, where does that leave the Linux distributors that have been packing Chromium? Between a rock and a hard place.
Porting Chromium to Linux is not trivial. Alan Pope, Canonical’s community manager for the Ubuntu Linux engineering service, explained why Canonical started shipping Chromium in an Ubuntu Snap container instead of in a DEB package:
Maintaining a single version of Chromium is a significant time investment for the Ubuntu Desktop team that works with the Ubuntu security team to deliver updates for each stable version. As the teams support several stable versions of Ubuntu, the amount of work increases. Comparing this workload with other Linux distributions that have a single supported continuous version loses the nuance of supporting multiple long-term (LTS) and non-LTS versions.
Google releases a new major version of Chromium every six weeks, typically with several minor versions to address intermediate security vulnerabilities. Each new stable version must be built for each supported version of Ubuntu – 16.04, 18.04, 19.04 and the next 19.10 – and for all supported architectures (amd64, i386, arm, arm64).
Although Snap has made it easier, it is still not easy. According to sources, Canonical has not yet decided whether to support Chromium without end-user support for specific Google services APIs.
Linux Mint recently started packaging its own Chromium browser. The leader of the mint, Clement “Clem” Lefebvre, continues with Chromium. “We are not going to do anything. We will continue to pack Chromium.”
The Red Hat Linux community, Fedora distro, however, was seriously considering dropping Chromium. Tom Callaway, maintainer of Chromium Fedora explained that it is because Google is “cutting access to sync and” other Google-exclusive APIs “from all builds except Google Chrome. This will make the Fedora Chromium build significantly less functional (along with all other distro packaged Chrome). ”
However, after consideration, Calloway explained “Never said I would remove Chromium from Fedora. I said I was seriously thinking about it, but after a lot of thinking, I decided that there were enough users who still wanted it, even without the functionality provided by the Google API. “So, starting immediately, the Chromium version of Fedora no longer supports the logo to be deprecated APIs.
Calloway really wants Google to reconsider its position. But he sees little chance of that. “What frustrates me,” Calloway tweeted, “more is like no one on the Chrome team understands the concept of building open source communities. Nothing that the maintainers of Chr did hurt Chrome, they just made it stronger. ”
Other Linux distributions are getting close to discarding Chromium. Arch Linux maintainers have already thought about this, but for now, they will continue to keep Chromium close even after the March 15 deadline.
Eric Hameleers, who maintains Chromium for Slackware Linux, is discarding Chromium. “I will not package and distribute a Chromium for Slackware if that package is hampered by the lack of Chrome Sync login. I will not package a Chromium build with Google’s own built-in ID and secret. Instead, I will do the right thing: advise people don’t use Chrome, but switch to Firefox. ”
With this change, Google has alienated code maintainers and developers on several Linux distributions. When Linux Chromium users discover that the latest versions will not work as before, they will also be unhappy.
True, this is just a small number. But, this is leaving many others with a bad taste in the mouth about how Google failed the open source community in this case. This, in the end, will matter more than the immediate impact of this change on programmers and end users.
Related stories: