[Slartie]

Whoa, I just set out to find the way to disable them. I thought it was possible, but I seem to have confused that with Firefox. Firefox calls it "studies", and you can easily opt out of them in the browser's options.

Chrome (and chromium) calls the feature "field trials" and there doesn't really seem to be a way to opt out. I'm seriously baffled by the audacity of Google here.

Seems as if the only way to actually get rid of them is to modify the Chromium codebase and compile it yourself.

It might be worth to investigate whether there is some kind of host name that could be nullified on the network, of the server that the trials are loaded from.

Sorry for that misinformation, I clearly have to update my original rant.

[fps_doug]

No no no. This is an isolated incident. Developers at Google are absolute Wunderkinds that know everything better than the stupid users out there, and never make any mistakes. Except this one time. So don't worry, just leave those field trials enabled, it won't happen again.

[obituary_latte]

Reminds me - they still don’t allow developers to disable chrome auto-fill which renders typeahead/autocomplete functionality useless since the chrome auto fill covers up the typeahead dropdowns. https://news.ycombinator.com/item?id=21238375

[robocat]

The reliability of Chrome is completely astonishing - why do you want to rip the team a new one for making one honest mistake?

Any enterprise that didn't have mitigations in place cannot legitimately complain about what is probably the most reliable piece software they use (adjusted for some complexity metric).

[omh]

Chrome is a generally great piece of software and I admire many of the things that Google are doing with it.

The frustration here is that Google are operating outside the way we're all used to for software updates. If we update the software, we know to expect problems. So we can test it and (crucially) roll back.

If Google make changes outside of that then it becomes far more difficult to manage.

[m45t3r]

Yeah, the fact that Google rolled up a fix in less than two days really shows how good they software engineering is.

I am sure that those multi million dollar enterprises affected by this issue have other softwares so reliable that this was the only time they lost millions on software issue /s.

[omh]

> I'm seriously baffled by the audacity of Google here

Join the club!

> It might be worth to investigate whether there is some kind of host name that could be nullified on the network, of the server that the trials are loaded from.

It looks like they're downloaded from https://clients4.google.com/chrome-variations/seed

Blocking the entire hostname would cause problems with other features of Chrome. But I think blocking the particular URL would need SSL interception which isn't very appealing.

[Slartie]

Digging in the code also brought up that URL, and it appears as if the entire feature was disabled if Chromium is built without the "Google Chrome branding" flag (and can then be reenabled by specifying a seed URL yourself via command line). Hence one might get by with building from unmodified Chromium source.

But the options to disable it on official prebuilt Chrome appear to be grim indeed. SSL interception might not even work at all, as I guess Google uses certificate pinning.

[technofiend]

Amusingly Chromium shows up in my list of things to disable in the Google security checks results.

[oarsinsync]

> But I think blocking the particular URL would need SSL interception which isn't very appealing.

SSL interception is very appealing in a corporate environment. Thanks for sharing this, I've raised it with the guys who run the proxies here to investigate if we can / should drop this.

[patrec]

Is just patching the url in the binary an option?