Hacker News new | past | comments | ask | show | jobs | submit login
[flagged] Chrome Is Bad (chromeisbad.com)
651 points by basisword on Dec 12, 2020 | hide | past | favorite | 290 comments

This is total nonsense.

Even for malware, hiding from Activity Monitor would be quite a feat. Short of an exploit, you couldn't hide your process without a kernel rootkit, but macOS has required user approval to load kernel extensions for several versions now. I suppose you could go the low-tech way and just name your process "WindowServer" to confuse the user, but you'd still end up with two WindowServers.

The idea that Chrome's auto-updater is doing this is ludicrous.

For those of you who are unaware, Comex is one of the most respected security researchers of all time and has done extensive research into Chrome and won Pwn2Own multiple times. He is completely correct, keystone is just Chrome's auto updater. The technical content of this article is super thin. This shouldn't be on the top of hacker news.

The blog post quality is lacking but the comments are interesting.

Oh the good old argument by authority.

The parent did not rely on authority; they posted actual substantive content. Read their comment history.

You can choose to flip off people's qualifications if you want.... but it doesn't make what they say wrong, no matter hooooooowwwww much you don't like it. :)

I remember quite well the Google update process being notorious for evading Little Snitch firewall rules. It popped up every intervall as if it were a new (unseen) process. There's definitely something going on with the app signature. (Haven't used Chrome for some time by now.)

I am curious why that happens. From some Googling it seems like the updater copies itself to a random directory each time it runs [1], and I guess Little Snitch classifies programs by their full path, so it sees it as a new program each time.

Copying itself is odd and probably suboptimal behavior, but it is explainable without assuming malice: my guess is that it’s related to some kind of “before we update let’s update the updater” bootstrapping logic. I could be wrong, but IIRC the updater code is open source, so it should be easy to find out.

[Edit: Oops, it's actually not open source. Their Windows updater (Omaha) is open source, but their Mac one (Keystone) is not. Of course, one can still open the binaries in a decompiler.]

Regardless, moving a program around on disk, or even deleting the program while it’s running (which is possible on macOS), would not prevent it from showing up in Activity Monitor.

[1] http://www.reecefowell.com/2012/11/16/ksfetch-annoyance-on-m...

> my guess is that it’s related to some kind of “before we update let’s update the updater” bootstrapping logic.

However, it happens (happened) specifically, if network access has been denied and there couldn't have been an upadate possibly received.

I think the observation is just out of date now. "Haven't used Chrome for some time by now." At present, Little Snitch does just fine at blocking GoogleSoftwareUpdate.

While it's indeed unlikely that there is deliberately hiding, there is a chance that the google updater triggers something in some (OS-level) components via some (implicit) IPC mechanism that causes load spikes in those components. You'd hardly see any load for the real culprit itself but those other connected components may run hot.

This user says their WindowServer runs hot. Some Chrome-related software may have entered a state where it accidentally DoS'es the WindowServer either due to a bug in google software or a bug in WindowServer that google software triggers, at least in the system configurations particular to this user.

True, that much is possible. But fairly unlikely, especially since Chrome's updater normally does not even pop up a GUI. We'd need stronger evidence than "I deleted some Google stuff and rebooted and now feels faster". I suppose the author did claim to have reproduced it on two computers, but only once each, and with no objective performance measurements. Sadly, there are a lot of things that can make macOS 'randomly' seem slower or faster, especially after rebooting, and with subjective measurements, confirmation bias is a huge factor.

Well, the author is blaming it on the updater kinda, but it could have been chrome itself or the updater might be trying to create a window for whatever purpose in a tight loop or do something else that somehow ends up eventually calling into the WindowServer. There are plenty of things that can go wrong.

I had my own run in with chrome recently where dwm.exe (Desktop Windows Manager on win10) would eat and eat memory until everything OOM'ed. Didn't use much CPU tho. I eventually tracked it down to a single chrome tab that had a specific website open. It's reproducible at least on my system but I haven't yet had the time to look into it more thoroughly. If I had to guess, it was the website making Chrome use some "hardware layers/surfaces" or something like that and cause the corresponding buffers in dwm to be retained forever. No idea if it's a chrome bug or a dwm bug or even some kind of driver bug, and just closing the tab was enough as a "quick fix".

WindowServer CPU before/after is as objective as I've got. I'm convinced there's a fire, but I can only show you the smoke: https://twitter.com/lorenb/timelines/1338892756752732169

For those that didn't measure, it's almost irrelevant — I'm telling you it's not a subtle difference. It's night-and-day.

It's very low on my list of plausible theories, but if there was a hypothetical keystone exploit, what is the latest on code-injecting WindowServer?

Also added an FAQ to the site: https://chromeisbad.com/#faq to address the low-hanging fruit of obvious objections to the possibility that Chrome/keystone is doing something to the system to cause it to thrash.

I’ve been having WindowServer problems for month taking almost 100% of cpu out of the blue. I never could find any solutions and believe me it’s really painful when working when my IDE becomes so slow if takes seconds for every keystroke. So far it seems to fix my problem and I have the same computer setups. I switched to Brave to get back the Dev Tools. I don’t have a day to take off to analyze the my system deeply without knowing where to start so in my case it’s a welcome fix

Afaik you don't need to hide from the monitor to cause load by WindowServer while staying silent yourself. You just need to do graphics-intensive stuff. WindowServer then shows up as the manifestation of graphics being processed.

In fact, Un-googled Chromium (without the autoupdater) easily causes load that's displayed as WindowServer's, for me—when I open a Youtube video on my oldish Macbook with a shitty integrated video card. However there's little chance that I would think this to be caused by something else.

I may have got it wrong, but I interpreted the page to say only that Chrome and/or its updater made Window Server work hard, not that they're impersonating it.

Chrome does have the capacity for screen sharing (e.g. Chrome Remote Desktop), but I assume it wouldn't inject any extensions into the window server unless it was actively invoked.

The author went so far as to create a domain for this rant, and yet didn't even do any performance metrics or basic forensic analysis at all. I'm not saying the author is wrong, but there's a lot of questions here. How does Keystone hide itself from the Activity Monitor? Is there a Keystone process if you run `ps aux`? Did you run dtruss/strace? What is it doing when Chrome isn't running that causes it to degrade performance?

Because this sounded outlandish, I decided to have a look on my own system. Since the author didn't give any technical details, I grepped `~/Library` and `/Library` for files containing `keystone` in either name or contents. This yielded the following interesting candidates, along with similar entries for daemons etc:

They all reference the same binary, `~/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent`, and frankly are wholly uninteresting configuration files to integrate with launchd and other stuff.

Looking through a full system trace in Instruments didn't yield anything interesting either (outside of discovering that I forgot to shut down one of my virtual machines).

All in all, this sounds like hot air, and I can't help but wonder what the motivation behind making this page was.

Thank you for digging in to it on your machine. That level of forensics is exactly what we need in this issue.

Because there is a rich history of issues that only affect certain configurations, and those configurations are typically only revealed in hindsight: your results have to be seen as a single datapoint and not a nail in the coffin.

To others who are curious about this: please contribute more datapoints

> I can't help but wonder what the motivation behind making this page was.

Why would you immediately jump to assuming bad faith?

No grand conspiracy required... the author believes that Chrome is slowing down his Mac and decided to share it. The end.

I'm not really one for conspiracies, more so I fail to see where the evidence is that Chrome was somehow related to begin with. I do agree my wording could be better there, though.

Asking the question "wonder" is not really assuming bad faith is it? I don't see any intentional deception there.

The page says "I deleted Chrome, and all the files Keystone had littered on the computer, restarted, and it was so snappy it felt like a brand new computer. Yeah, I realize this sounds like a freakin' infomercial, but it worked so well I spent $5 on a domain name and set up this website even if it makes me sound like a raving nut."

To then "wonder what the motivation is" is to suggest that you don't believe this simple positive explanation, and imply there's something less simple, and more scheming.

Yeah, there was no super master plan here, just that after dealing with one sluggish computer for days (you name it, I tried it), and another one for 5 years... the fact that it turned out to be slow because of an app that wasn't even running was pretty frustrating.

Filing a bug report that would get "works on my machine"'d and then ignored and auto-closed by a bot in 5 years didn't quite feel worthy.

Auto-updating browsers are a good idea. Keystone is bad auto-updating software. It should probably get scrapped.

What's a good way to verify that I've removed Keystone completely? Google doesn't provide any sort of uninstaller or uninstall instructions.

try `mdfind keystone` in terminal

And domains are dirt cheap nowadays, so it’s not as if the author is out a lot of money.

Well, for one, going as far as buying a domain for a single rant is a little bit suspicious. If at least it was a website dedicated to gathering issues with chrome, but a single issue with zero evidence or research. That's not generally how people "decide to share it".

Sure looks suspicious and not the content I expect to see on HN.

"Assume good faith."

"Please don't post insinuations about astroturfing, shilling, brigading, foreign agents and the like. It degrades discussion and is usually mistaken. If you're worried about abuse, email hn@ycombinator.com and we'll look at the data."


It's not suspicious, its $5 which is not much to a lot of people in 1st world countries, especially those with at least enough curiosity/knowledge to be able to set one up if he/she has be frustrated a long time by a slow computer.

Another thing you can do: profile the process to find out what exactly it’s spending all that CPU time on. There are a few different ways to do this on macOS, including the GUI Instruments.app which comes with Xcode, and dtrace. But if you’re the sort who always has a terminal open, the quickest way is to just run

    sudo spindump
Also useful when a process is hung, even if it’s not taking up CPU time.

Sometimes the output isn’t useful due to a binary having been stripped of symbol names, but all macOS system libraries have symbols, so you can usually figure out something.

So users are expected to run debugger tools in order to figure out what some hidden program is doing?

Many years back I couldn't sleep and noticed my HDD's was working hard. I checked and it was google updater that was scanning everything...

I will never know why, they might be stealing IP (i was working on OCR at the time) or they just wanted to create a profile to serve better ads...

> So users are expected to run debugger tools in order to figure out what some hidden program is doing?

That's like saying "So we're expected to investigate and have a full trial before sending someone to jail?". If you just want to delete it, go ahead. If you want to go as far as creating a whole domain to blame Chrome, yes, you do need more than just "I deleted it and coincidentally my computer got fast".

> If you want to go as far as creating a whole domain to blame Chrome, yes, you do need more than just "I deleted it and coincidentally my computer got fast".

I think the fact that the site exists and is a pretty highly ranked story on HN probably proves that incorrect.

s/you do need more/you should need more/

Clearly if you read the thread, most people here aren't happy about this being at the top of HN, and it honestly reminds me of reddit where people just upvote things purely based on the headline, without even looking at the content. If anything this is just a sad day for HN.

> most people here aren't happy about this being at the top of HN

well the ones that comment, at least.

there might very well be a silent majority that is reading these threads with great joy.

like for instance the bit where someone lost it when they got reminded of the site guidelines and felt the need to list their "accomplishments" on HN

you don't get entertainment like that in normal threads.

You're welcome!

Of course your comment also violates the guidelines: "Please respond to the strongest plausible interpretation of what someone says, not a weaker one that's easier to criticize. Assume good faith." Reinforcing my claim that violation of the guidelines is the norm here rather than the exception.

My point was that authors of HN submissions are almost always treated with disrespect by HN commenters, and I was citing my repeated personal experience of having been such an author. (I believe the HN moderators are in denial and view the site through rose-colored/orange-colored glasses). I don't view having been #1 on HN to be an "accomplishment". I don't find it useful at all, because I run an independent business, yet being #1 on HN never increases my software sales at all, so it's pretty useless as far as I'm concerned. It just increases my server usage. I've sometimes considered (as I'm sure many people have) simply blocking Hacker News referers on my server. Could still happen...

In fact I finally created an account on HN simply to try to have some "control over the narrative" in HN comments about my own authored articles, because there are often some really dumb misunderstandings in the comments. Not sure it has been worth it though.

Technically, I "lost it" on HN about 3 weeks ago, when I got sick and tired of accurate information being downvoted. The only reason I'm still here now is that I have way too much free time on my hands due to the pandemic/social distancing.

How else do you expect to figure out what a program is doing? Should it make a pop up with a stack trace from time to time?

Maybe a notification of what it is doing. "We are using your computer for machine learning" or "Currently upgrading Chrome". Or some sort of documentation on what the program is supposed to do.

There is a GUI program as he said.

By definition, “hidden” programs are not gonna tell you what they are doing up front.

Yep lots of responsible software companies will tell you what software is doing if it goes outside the parameters of their software. Say if a program is scanning your computer for information when it's really only supposed to be a web browser.

Speaking of the GUI Instruments.app. Is there a way to start a process from there, instead of attaching to an already running process? I used it the other day and could only figure out how to attach to an already running process with it.

Create a new profiling environment based on the template you're interested in, making sure "Choose a profiling template for:" is set to "Your Computer > All Processes." Next, in the top-left of the window, where it says "Your Computer > All Processes", click on All Processes. Select Choose Target... and navigate to your binary and hit Choose. Then hit the red circle to begin recording. This will launch a new instance of the specified binary and profile it.

This may not work for binaries that set PT_DENY_ATTACH, though.

Thanks :)

Yes, it’s possible. In the menu with all the processes, pick the option “Choose Target”. It’s kind of an annoying UI, but it works.

Another option is to use `xcrun xctrace` to get a recording from the command line, which can then be opened in Instruments.

> The author went so far as to create a domain for this rant

It's not a 'far' thing to purchase a domain anymore. Domains are cheap as chips, and have gotten cheaper now since the advent of novel generic TLDs where usually the first year is sold cheap but to roll it over into the next few years the price is hiked (which is why so many people now purchase a domain for a year only).

It is common now and expected to see single-serving-sites[0] that are just thinly veiled blogposts.

[0] https://en.wikipedia.org/wiki/Single-serving_site

A lot of blogging services integrate domains as well.

If you already have payment integrate, adding a domain to a blog is a few clicks - if even.

I'm quite impressed by that “chromeisbad” as a domain was not already taken.

Yeah. After reading your comment I tried out a couple of similar domains on the form x is bad and x is good and they were both parked waiting for someone to pay whatever ridiculous price the owner is wanting to demand to sell it. I wish it was illegal to do that.

If it weren't legal, then someone would simply use it for a trivial website and then sell it.

Perhaps that is the only reason this simple, trivial article exists.

With the amount of rebuttals in this thread, I'm impressed `chromeisgood.com` isn't taken.


besides, most probably would learn themselves the hard way when put in the same position the OP detailed

problems with Goo are widely known in circles of the Mac-communities ever since Goo-acc's first became avail in the beginning only by invitation, back then

also worth to look into the history of why, when and by whom LS aka LittleSnitch was developed in the first place -- tho this was more related to issues with that then must-go-to site 'versiontracker' [for all sorts of Mac shareware] and a vintaged firewall [3rd party] product widely used that time that didn't work as advertised

a Mac OS w/out LS these days ? back then very few only were concerned with 'calling-/phoning-home' issues on a scale nobody could imagine, least speak or post about in public, in those pre-iPhone ages

Here you have another one: ilovechrome.com :)

Possible correlation and hand waving equals causation.

I, too, was hoping for something, well, technical. Considering #1 on hacker news...

Does anyone else see the irony that hand waving is being disputed with hand waving?

No, there's a concept of "burden of proof" which applies here.

You don't get to stack "hand waving" indefinitely. The person who made the original claim is responsible for providing refutable evidence.

I was reading through the comments and hoping someone would know what keystone actually was and if there was any possibility of the claim in the article :) . I mean there's a lot of stuff in chrome other than this keystone thing, maybe it was one of those other things.

Hating Google is very fashionable on HN these days, I'm not surprised to see this so highly voted. I also wouldn't be surprised if most of the upvotes are based on the title/domain rather than the actual "content".

>Hating Google is very fashionable on HN these days

Well, why shouldn't it be?

Why shouldn't apple? For some reason apple gets a pass on HN for things like fighting to keep forced labor camps open [1]. Lets hate Google AND Apple.

1. https://9to5mac.com/2020/11/23/anti-forced-labour-bill-apple...

>Why shouldn't apple? For some reason apple gets a pass on HN

Or, you know, Apple gets the same or more kind of criticism, but since you are biased to agree with it, you are blind to it, and only see the praise/defenses.

>for things like fighting to keep forced labor camps open

That's probably because the framing of this by the media is BS, playing into the trade war objectives and narrative of the US foreign policy.

It's just that these companies have a lot of suppliers in those areas, unrelated with any "labor camps", whereas the US/law has put a wide canvas that includes a huge area and all kinds of inoffensive suppliers. Seeing that the companies can't just cut off their supply chain on the drop of a hat, they ask for extention period, better monitoring on which and if any of their particular suppliers might actually involve such labor, etc.

But that doesn't make for good headlines for the masses, or for good propaganda.

>Or, you know, Apple gets the same or more kind of criticism, but since you are biased to agree with it, you are blind to it, and only see the praise/defenses.

Do you honestly believe if this post was about apple or an apple product with the exact same lack of content, it would have gotten the same number of up votes as quickly as this one did?

In HN, where every third post is "Why I'm leaving Apple" or such? Yes.

I dont see any apple related post on the front page, let alone negative ones. Do you see a different front page than I do?

Yes, it's called "bias blind spot" :-)

Here's one in the front page, just a few days ago:

Falling Out of Love with Apple, Part 3: Content and Censorship (hardware.substack.com) 321 points by zherbert 7 days ago | flag | hide | 292 comments


Wait, so we went from every third post on HN is a negative post about apple to here is one post from 7 days ago? Talk about "bias blind spot".

This law is untenable. For one thing outside of companies like Apple or Amazon who -might- be able to negotiate with the Chinese government on audits, middle to small businesses would have no possibility of that because they mean nothing to the CCP. This is a government to government thing, not a company thing and the bill doesn't make sense to make companies culpable for the entire supply chain. It's just punting responsibilities to companies who trade rather the US government whose job it is really to investigate such things. It's just a feel good law to blame corps rather than Congress Critters, which they've been trying to get rid of responsibilities for decades.

Or, you know, maybe the world isn’t black and white, and you could read the whole linked article to see why Apple might want to reasonably oppose certain provisions of the bill, instead of simply being “evil”, whatever that means:

> However, there is one potential explanation.

> In July, campaign groups called on Apple to err on the side of caution by ceasing using production facilities based in the Uyghur Region of China. The bill as it is currently written might make that the only way that US companies could ensure compliance.

> > One provision in the bill requires public companies to certify to the Securities and Exchange Commission that their products are not made using forced labor from Xinjiang. If companies are found to have used forced labor from the region, they could be prosecuted for securities violations.

> If Apple cannot easily avoid using downstream suppliers based in the region, it may be that it is trying to dilute the provision to something more along the lines of a requirement to conduct audits, investigate claims, and to take all reasonable steps to prevent the use of forced labor.

With Apple you get what you've paid for. With Google you pay for what you've got for "free".

Seriously, why not? And why was wnevets getting downvoted?

The linked article references a source I’m sure most on HN would agree is reputable, to the extent it confirms their biases.

> A report in [The Washington Post](https://www.washingtonpost.com/technology/2020/11/20/apple-u...) claims that Apple is trying to weaken provisions in the bill.

> > Apple lobbyists are trying to weaken a bill aimed at preventing forced labor in China, according to two congressional staffers familiar with the matter, highlighting the clash between its business imperatives and its official stance on human rights.

Yeah, just bad reporting.

"Apple lobbyists are trying to weaken a bill aimed at preventing forced labor in China, according to two congressional staffers familiar with the matter, highlighting the clash between its business imperatives and its official stance on human rights."

1) The US legislators could not care less about "forced labor" in China (or even in the US for that matter, e.g. penal labor). Same way they don't care when it is their allies doing it (or worse things). It's all about the trade and dominance war with China.

2) Apple and the other companies involved don't care about forced labor either (if they could legally and without media repurcusion use it, they would). But they also don't need and don't seek forced labor. Good old capitalist low wage labor is good enough for them. So it's not like they try to defend China's forced labor because they benefit for it.

3) What Apple and the other companies have is multiple suppliers all over China, including that area. Most of them (if not all) have little or nothing to do with forced labor. But because the law aims to hurt China and not to stop forced labor, it doesn't care about little details, but uses blunt force and a wide net.

4) Understandingly (from a business/logistics perspective) Apple, Google, and co, can't just drop/replace suppliers at the drop of a hat. So they ask for more time for check, and a better look at which suppliers are actually problematic to be added to the bill. So "weaken the provisions" is actually "make the law more accurate and fairer", but they won't say that.

Then the mix of propaganda for foreign policy (as if those legislators care), hypocrisy, business interests (from Apple and co) and extremely bad reporting for clickbait and patriotic reasons, then turns into:

"Apple lobbies in favor of force labor".

It's as if some companies wanted to continue to use some useful drug medically, and e.g. tried to "weaken the provisions" of an strict anti-drug law that forbade it without nuance, and the headlines were like "Company X lobbies in favor of heroin".

I agree, this is a deal that should be between governments, this is just an attempt of the US government to push responsibility to companies rather than actually acting against the Chinese government to end these labor camps. Whether tariffs or whatever. Few companies have the ability to follow every link of the supply chain for corruption. Most small to mid size to just find a distributer and buy what they need, they don't have the ability or authority to send in a small army of auditers, that the CCP isn't going to allow anyway.

That this is so high right now is quite reflective of HN.

It's nearly an exact match of the meme like utterance often seen on reddit: "chrome bad".

If you're going to credit the community with the problem I trust you'll credit it with the solution as well.


There's been a massive influx of reddit-quality comments for quite a while. I guess it was only a matter of time before it was reflected in the submissions.

So are you also going to point out that the vast majority of other top links are actually quite credible? It's easy to declare a whole site bad over one thing isn't it? Like the author in this article did under similar circumstances?

I think that in HN there is a high quality in the comments and a low quality in the voting of publications, because in the first, people refrain from commenting stupid things because it gets them harsh criticism, but in the second, people can vote for stupid (or low quality) publications because they will not be criticized.

And most of HN (and of social media, and the world in general) is dominated by dumb people.

A lot of skeptical comments in this thread.

I'm not low-level enough to confirm or deny the specific claims in the article.

I will say that my experience with regards to CPU performance "leaks" and Chrome seeming to always be running in the background even when I didn't want it to, as well as Chrome starting up on system startup when there didn't seem to be any references to it anywhere I'd expect to cause that, are consistent with the article.

I saw a lot of "low-level integration" with my system going on, a lot more than I understood, ever wanted or asked for, and there was no way I knew of to turn it off. It was like IE on Windows all over again.

I was also able to solve the issues by removing Chrome from my systems.

I sometimes install it temporarily to do Web testing and remove it shortly afterwards, but I think I'll do that in a VM from now on.

What is running in the background/on startup, Chrome itself or its updater? And is this on macOS or another platform?

Chrome can/does definitely run in the background if you have chrome Remote Desktop enabled. It wouldn’t surprise me if they had a daemon always running in case you want to enable Remote Desktop.

I just tested it. Setting up Chrome Remote Desktop requires installing a separate package which Chrome downloads for you. When it's enabled, there are indeed two always-running processes located under /Library/PrivilegedHelperTools/ChromeRemoteDesktopHost.app, which are apparently launched thanks to /Library/LaunchAgents/org.chromium.chromoting.plist. But those weren't running before I set up Remote Desktop; I imagine they were installed as part of the package and didn't exist before.

If I disable Remote Desktop again… well, it doesn't actually delete the LaunchAgents plist or ChromeRemoteDesktopHost.app. That's rude. But it does make the processes stop running.

(To be totally clear, Chrome's updater does run in the background, though not all the time.)

This was on Mac OS X when it was still stylized that way.

Chrome itself would run on system startup.

I no longer use that system, and don't remember the details well enough.

My experience is very different.

I have a standard install of chrome on big sur, as well as brave, and a bunch of electron apps. When I start up my mac none of these are running, there is no process with chrome or chromium in the name, and nothing in the process list that I can link back to chrome. When I launch some of the electron apps, chrome_crashpad_handler launches, which I assume is some kind of default electron behavior. When I close those apps, all chrome-related processes disappear from my process list. There is nothing untoward about chrome I can tell, nor is my system seeing any kind of recognizable slowdown, with or without chrome running. I also have chrome on very low-end macs, a 2009 mini with 8 GB ram and a 2014 air with 4 GB RAM, both running catalina. It runs fine on both, without seeming to cause particular performance issues. I just went through a reinstall of the 2009, and there was no performance difference before and after installing chrome.

I'm not saying yours or other people's bad experiences with chrome are not real, but I do wonder how it's possible that there are such very different experiences out there with what is ostensibly the same product. Maybe it's not just one cause: bad extensions, broken profiles, old installs with broken updaters (I had a broken microsoft updater causing havoc for a while), badly configured enterprise deployments, etc...

On mac OS, Activity Monitor itself causes WindowServer CPU usage to spike. This is the "observer effect".

To test, just open a terminal and compare a few samples of `ps aux | grep WindowServer` with Activity Monitor open and with it closed.

Mine averages 7-11% with Activity Monitor closed and 20-40% with Activity Monitor open. It's even more noticeable if your refresh rate is set to "Very Often". Closing Activity Monitor brings the WindowServer CPU back to normal.

As other have noted, this site provides no evidence. The keystone daemon is not running in the background constantly. When it does run, it's plainly visible and not "hiding itself". According to the launchd job config located at `/Library/LaunchAgents/com.google.keystone.agent.plist` my keystone process is set to run itself every 3623 seconds. Probably randomized to avoid the thundering herd problem. When it does run it checks for updates, often downloading new ones, and then quits.

This is because since macOS Catalina Activity Monitor did something to itself to make itself spend half a core just updating its table view and literally nobody who works on it (which I suspect is <1 person) understands that a monitoring tool that uses more CPU than the thing it is meant to monitor is absurd. I have seriously considered rewriting it multiple times and if the app stays like it is one day I probably will.

Please do! I like Mac, but I yearn a quality of 1st and 3rd party Windows tools. Task manager is nicely readable and lightweight, and process explorer is a godsend.

Meanwhile Activity Monitor updates once per 30 seconds when the system is under load.

Agreed! I recently used Windows for the first time in years, and was impressed by two of the built in monitoring programs. It was dead simple to actually get a global view of all file system activity and the processes responsible. Mac’s first party "fs_usage" tool is far less usable. As an example, there’s no way to prevent it from truncating long paths.

Any reason you don’t use a terminal tool like htop?

I do use htop occasionally; however, I am not really a fan of keeping around a terminal for something that could be a well-integrated native app. Plus htop is missing a lot of information Activity Monitor has, as well as the ability to do things like run sample or spindump.

This should not be the #1 story on HN right now. :(

It's a single anecdote that deleting Chrome on two computers sped them up. It provides zero evidence (even anecdotal) that it has anything to do with "Keystone" specifically. It provides zero evidence for the idea that "Keystone" is able to "nefariously hide itself from Activity Monitor". And it also completely contradicts the normal user experience of Chrome, which is that most people's computers don't slow down after a Chrome install. (WindowServer on my MBP usually uses <10% CPU and I've used Chrome for many, many years.)

Why is this nonsense being upvoted? I get people dislike Google and Chrome, but wouldn't it be better to stick to things backed by real evidence?

Indignation attracts upvotes, then flags. When an indignant post is relatively empty or misleading, flags will eventually win, but it's like the immune system—it takes some time to marshall enoguh white blood cells.

This is a nice case because moderators only saw it after the process was done.

Hundreds of people commented and how many tens of thousands read it first though? Reminds me of the moderation problem big tech companies face. Humans are prone to confirmation bias which means that when they read inaccurate information that confirms a bias it even further twist people's brains. For example, this article likely twisted thousands of people just a little further against Google even with though there was no good reason for it.

My grandpa twenty years ago had some legitimate gripes with the other side of the political aisle. However, he has seen so many biased and false news stories that his confirmation bias has accepted as truth without critical thinking that he now believes the other side is literally made up of evil criminals intent on destroying the country.

The only solution I can think of is something like a libel law that makes anyone who publishes false information liable to anyone who reads that information... Basically, cut out the enormous amount of garbage produced by media and people chasing pennies. People should only publish things they firmly believe based on evidence to be true.

> The only solution I can think of is something like a libel law

Let's bring things a little bit back into perspective, because on the whole nobody's getting hurt here.

It's just Google Chrome. It's not a person. A thread like this isn't going to hurt its dominance of the browser ecosystem. And if it did, it would even be good for the diversity.

I don't think it would make a really big dent in people's bias against Google, because slowing your computer down is way way WAY less bad than the things that people biased against Google are worried about (being a gigantic faceless corporation with power equal to nation states that is controlled by something that is not, does not care for democracy).

It's like badmouthing Thanos because he has bad breath.

If true then Chrome has some bad code, and what else is new. If false then ... then what. At worst somebody deinstalls Chrome, and then?

Let's not bring libel law into this, or in fact even compare it to biased and false political news stories.

That's a different and much harder problem. I don't think there's a way around it. Community mechanisms need time for people to evaluate what they're looking at.

It's also an old problem - the adage "A lie flies around the world while the truth is still getting its trousers on" traces back to Jonathan Swift:

Falsehood flies, and the Truth comes limping after it; so that when Men come to be undeceiv’d, it is too late; the Jest is over, and the Tale has had its Effect.

A perfect 18th century description of internet dynamics!


The interesting thing here is I follow Loren on twitter - and he has dozens of credible people repeating the experiment and getting the same result, including people that I would consider unimpeachable sources such as:


Well, I agree—that's interesting. It implies that something real is happening, though not that the OP's interpretation was accurate. It often happens in such cases that the observation is right but the interpretation is wrong [1]. It's when the interpretation rushes into angry denunciation, and especially a campaign using baity tricks to rile people up, that fair-minded readers start to have adverse reactions.

A discussion oriented more around a question (what explains this odd phenomenon?) could be a good thing. A more neutral submission, with a less baity title, might get a different reception from the community. But the combination of overstated claims and baity denunciation is usually going to trigger an immune response.

[1] I have no idea if it's wrong or not, just that a lot of informed commenters reacted that way.

Indeed. It’s almost as though Loren was reading this thread an took your advice. His post as of a few hours ago (he continues to troubleshoot this with google and tons of people experiencing the same thing)


“ Also, sincere apologies for any misleading language in the original post, coming down off my fury that this was possible (helps not wanting to hurl your mac through a wall).

Thanks to everyone for coming through now with samples/evidence.

Something's up, but I'll shut up now.“

Thanks, as always for the calming and wise guidance Dang.

Dang, I can't tell you how much I enjoyed you applying that old quote to the modern day. The more things change...

My WindowServer usage was over 90% before but it went back down to under 10% after I did what he said. I also only needed it to test one site I was developing. I had the exact same things he did: MBP slow even when nothing is running, WindowServer always running high. So I think I can vouch for it being true. It seems to have worked for me also.

EDIT: Maybe it's just placebo. I checked the CPU usage on WindowServer before and after deleting & restarting.

If you’re having visible performance problems, file a report with Feedback Assistant. It’s ok if it seems to be a 3rd party app causing the issue.

(High CPU use isn’t necessarily a real performance issue and might be caused by just having Activity Monitor open.)

Apple does not support or fix third party apps.

This is 100% chrome, with their annoying updating agent, which you can't remove

You're awfully confident for someone who has provided no additional evidence.

The OP claims the high CPU usage went after uninstalling chrome and rebooting their machine.

Rebooting their machine.

The thing we tell everyone to as the absolute first step in trying to solve any problem with a computer, "have you tried turning it off and on again?".

This isn't proof that chrome or keystone or anything at all caused the problem. We have nothing to determine the root cause.

I've had numerous problems with keyagent. It was horrible. I spend way too much time on trying to get that monster to work normally or get it removed.

But it's an "essential part" of chrome

Apple likes it when the products they sell work properly and would like to hear about it when common third party products are causing that to not happen.

Yeah, next time I'll try that as well! Completely forgot Feedback Assistant existed, but I'm glad it is back to normal speeds now.

After reading your post I did the same thing. Similar results 90% to 20% in my case. Anecdotes aren't data but I am glad I tried.

Yeah, I had my friend try it as well because he said his was suggish as well. He said he had a similar experience

Maybe you are right. A lot of comments here are complaining about the post in terms of scant evidence. Someone could pretty easily myth-bust this, but I have not seen that in the comments here yet.

This is a fair comment.

At the same time even "hard" evidence would likely get dismissed as anecdotal, and there's certainly enough of it now (and even plenty in the past) to point a clear finger at Chrome/Keystone.

This certainly beat filing it in the black hole that is Chromium's bug reporter where it would have been ignored / works-on-my-machine'd / or dismissed as anecdotal there.

Whatever it is doing is sketchy and causing WindowServer to thrash. And this is not the first sketchy thing it has done.

I think it's kinda sus that Google doesn't provide any sort of instructions or script to uninstall Keystone. Why not?

It's literally Chome Bad = upvote

I mean Chrome is bad on Macs in terms of resource usage and speed.

But this post alleges it is really bad when not running, which seems like huge news if true.

I don't see enough evidence here, but I'd be open to the idea that this is true if someone looked into it deeper.

It would have been a lot better as "Having CPU Load Issues you can't identify? This might be worth a try"

'how should communities amplify or suppress anecdotes' is a good question

'facebook advertises based on IRL conversation' is another example of something that feels true to people but nobody has made stick as far as I know

upvotes don't always mean 'yes, guilty, firing squad'. I think they can mean 'yes tell me more, let's bookmark and start investigating'.

Agreed, about 25% of the content on HN seems to be Google hate.

None of the top 30 stories right now mention Google

Google, Amazon and Facebook. Microsoft gets it in the comment section, mostly. Only Apple is truly safe on HN.

>Only Apple is truly safe on HN.

Not even close to being true...

Yea, I would've agreed ten years ago but Apple gets plenty of criticism here these days.

I will say that it seemed like this was a pretty big story to be not be covered in the tech press. I do wonder if there really is much evidence.

On the other hand, I generally feel that Chrome is garbage that slows computers down, so I wouldn't be surprised. But I don't see enough evidence here.

I think the thing is that the title is ‘chrome is bad’, and that’s something most of the crowd here can sort of agree with for a variety of reasons.

Why don’t you let the vote buttons do the voting? If you’re not interested in content you can ignore it and not upvote it

Rust = Good

Google = Bad

This is peak hacker news. If this were a comment it would be deleted, but for headlines, the less information the better.

Comment. (comment.com)

To make an argument of this scale you have the burden of proof. There is no proof here past casual correlation.

An analogy I see here is the scene from an old film where a woman walks behind a wooden screen and a goose walks out thus the woman is a shape shifting witch.

>>To make an argument of this scale you have the burden of proof. There is no proof here past casual correlation.

And yet, as of this writing, it has 200+ upvotes and is at the top of the front page.

HN audience really needs to do better. If you are reading this and are one of the people who upvoted the story, please really ask yourself why.

Oh this is normal. People upvote the title, then comment, then read it if the comments aren’t agreeing with their preconception. Humans are a mess of a species.

Sounds like a design issue. Why does the front page have an upvote button if we expect people to read the post/article first?

Interesting point. Perhaps if you click through the upvote button shouldn’t appear until 5 minutes later?

Because some people check the linked article only and might never look at the comments.

There isn't a website on the planet that allows for votes where it doesn't very often happen that they provide a viewport into the boundless stupidity of the human species.

I wonder how H.N. and similar websites would work if ranking was purely a function of activity and not of votes — simply push to the top whichever branch of the tree has the last reply so highly debated news is statistically more often at the top, but whichever link had the last reply somewhere will be currently at the top.

Chrome lives in the causal consumer world.

Many of us believe, with some justice, the causalization of computers has been to the diminishment of power users.

Therefore chrome bad gets hundreds of upvotes. I guarantee you not everyone read the entire article, and then ran their own diagnostic CPU benchmarking to verify the results, and also compared it against chrome competitors.

It's more like the common folk like chrome, and chrome ruin PCS for us

I surely hope chrome lives in a causal world, a non-aristotelian world would be confusing. (Just me being an ass, I know you meant casual)

Found an old thread involving the Google Keystone tech lead:


This is why dates on articles is so important. I can’t tell if this website is newer or older than that response so I can’t tell if this is a problem today or was a problem that was resolved

Huh. Chromeisbad.com doesn't have an author credit, but the tweet implies it's by notable iOS developer Loren Brichter, creator of Tweetie, Letterpress, and inventor of pull-to-refresh.

Yeah, it felt weird to put my name on it, people usually do that when they have something to sell. Someone mentioned that it seems sketchy being anonymous so I'll probably sign it.

There's no upside for me either way.

Hopefully the upside has been learning to do a bit more investigation, provide a bit more evidence, before registering a domain for your theory and submitting to HN :)

I didn't submit it or write it for this crowd.

The only clue this domain might be newer is he mentions the 16inch MacBook Pro which first came out in 2019.

That is about a different bug involving Keystone :)

I've had noticeable issues with "WindowServer" in the past (taking 80% CPU usage and causing the fans to ramp up even when the system seemed like it should be idling even after a reboot) so I decided to give this a shot.

This is anecdotal but there is a noticeable difference for me with responsiveness after following these steps. Currently the WindowServer process is hovering around 14%.

Most likely the issue was resolved by the reboot, not by uninstalling Chrome. From my experience Mac OS tends to slow down after a few days. Animations and scrolling gets choppy and there's nothing I can do to fix it, short of rebooting.

I can assure you that it wasn't related just to rebooting as this has been something that's been bugging me for months. I had previously rebooted earlier in the day because of this exact same issue (a runaway WindowServer process), before I saw this article. I also did a fresh reboot before following these instructions too as a sort of "control".

The change only happened for me after removing Chrome as well as the launch agent for keystone.

> From my experience Mac OS tends to slow down after a few days

Just for the sake of the argument, do you have installed Chrome?

I use macOS daily for months at a time without rebooting and have not seen this problem on any of the 5 Macs I've been using for the past several years, for what that's worth. It does seem like it's something specific to your machine.

Does your system have Chrome on it, because if it doesn't then you observations don't really apply since the conversation is centered around a bug possibly associated with that. Personally I don't allow chrome on my machines. I do install brave for those cases where I have to use "chrome" because some company simply doesn't design their web app for anything else otherwise it's firefox.

The question is: Chrome, or no Chrome? xD

Yes. Just like Linux - in 1996.

Very sad.

(I have recently started using Apple tools for developping with Swift/Xcode on iPad. I am very unimpressed by the quality of the tools, and quite impressed by the range and depth of features....)

Hmm, can't there be some kind of malware hiding under the Keystone name?

Do you happen to have an external USB mouse?

The amount of effort I need to invest to get my development team to even look at our apps in a browser other than Chrome is exhausting and I have to put up with snark and eye rolling every step of the way.

I feel like I'm back in the IE7 era.

This point is truly worthy of an article or domain name. People here ask why there is so much “hate” for Chrome, but forget something important, that it doesn’t fall out of the sky.

More and more I find that sites / apps work badly on my FF or Safari. It’s truly shameful and that IS my why absolutely am disappointed with Chrome and devs who can’t be arsed to do the work for other browsers.

If you’ve never been in the IE era maybe it’s hard to believe/understand that browsers are different enough to make that necessary.

How does it make it necessary for developers not to be arsed to do the work for other browsers?

This must be how things like some alternative medicine and anti-vax start: Things like feeling healthy and your computer being slow can be very subjective.

The author appears to be technical enough to know that there is something called keystone on his computer, but not technical enough to benchmark and investigate further. The name keystone sounds kind of nefarious, so it makes sense that someone would be able to convince themselves that it makes their computer slower.

Well yeah, because "my kid has autism and his also got a vaccine so obviously that's the reason my kid got autism" is exactly how it gets started because they heard about that paper (or rumors thereof) that has been debunked a 1000 times over in the medical literature but now it's a part of folklore and almost impossible to kill like other superstitions.

Any actual evidence of the performance impact? This seems thinly supported by evidence.

I think evidence of functional impact might be just as appropriate.

If removing keystone doesn’t harm the user, and may make the computer faster; why would anyone leave it at all?

the linked 2009 wired article quotes adobe saying 'yeah we don't see the need to have an always-on updater process'

fast forward to 2020 when (1) adobe has this and (2) they still email me every so often to remind me to install their software which (3) I have installed and been using

I think life would be better if there were a 3rd-party update service that wasn't trying to also own marketing + distribution (i.e. take 15-30% of the sale and also maintain platform dominance). A tool that was 'just updates' so my other software doesn't get to install a rootkit.

Most of the GUI apps I use on macos update themselves using a framework like sparkle. Just uses an occasional (typically weekly) connection to check if an update is available and doesn’t need its own daemon.

This is the way. Windows is rife with these updater things. It's one of the first things I disable when I'm debugging a friend's Windows computer. I much prefer Mac and Linux because they (mostly) don't do such things, although I still have to keep a windows machine around for various reasons.

Like homebrew maybe? ;-)

homebrew is non-commercial and updates on-run, rather than in the background, but frankly yes

if they had a commercial offering I think they have the brand trust to make this work

They have that trust because all the software installed by homebrew is open source.

Not necessarily all open source, homebrew-cask has been merged into brew and you have e.g. Jetbrains IDEs and Zoom available.

Personally I use homebrew-cask to manage almost all applications and their updates, turning auto-updating off in almost all apps. That way I am in control and can update when it is convenient, know if an update broke something, etc.

Edit, using:

- https://github.com/buo/homebrew-cask-upgrade

- https://github.com/Homebrew/homebrew-bundle

Apple should allow Firefox and Chrome into the Mac App Store as they are, and have the updating done from there. That’s the solution.

and Apple take 30% of transactions you make in Chrome and FF? Desktop is less of a walled garden than ios. i hope it stays that way.

They could make an exception, for the larger benefits to their platform. Custom updaters are helping no one, and it seems like the spark has left Sparkle (the last I looked, sparkle 1 was for an era long past, and sparkle 2 was still incomplete).

On an alternate timeline, Apple could have allowed software vendors to hook into the old software update application, and pull in updates through that mechanism, in addition to the first party updates.

The Mac App Store is for well behaving apps haha. For some definition of well behaving, anyways. This compromise is actually great -- the MAS is available to those who want to live in a cozy little walled garden of perfection. Those who are willing to compromise on security in exchange for apps that have free run of the system are welcome to do that also.

This argument sounds eerily familiar, but I can't quite place it...

I know I can’t because the iOS App Store argument is “and you can’t have it any other way.” On macOS for as long as you can have it other ways I’m totally ok with it.

No, I was just being sarcastic because the double-standard mystifies me. I completely agree.

The Mac App Store is really for scamware, it seems like…

Now that I haven’t heard!


It's not just Google. Adobe or any other company installing always running updaters... is just wrong.

Situation: there are 14 companies installing rootkits.

14?! Ridiculous. We need a single company that's allowed to install rootkits.

Situation: there are 15 companies installing rootkits.

How about we just stop digging when we find ourselves in a hole?

(Ref https://xkcd.com/927)

yes I get it but none of the proprietary updaters are trying to be a standard or a 3rd-party tool

The PC equivalent is the 'reporter' process? App locker really comes in handy for such a thing. I used Chrome for so long but it was Firefox containers that finally forced me to switch and never look back.

You probably mean 'Windows equivalent'. Many people don't care, but it really is a bad habit to use 'Windows' and 'PC' ambivalently. Yes, Windows is the dominant OS for the PC, but there are others as well.

Not sure about this Keystone, but the Chrome Software Reporter Tool keeps annoying me A LOT. It frequently causes high CPU load and at least the last time I checked I could not find a proper documentation on what it is or does.

Hm. I figure I'll give it a try. I have stability/slowdown issues, but I don't attribute it to anything more than I'm a native software/device control developer, and often running dodgy, hacked-together tools. I generally have to do a "deep cleaning" of my system once a year or so.

I do often have a windowserver hang.

I don't really use Chrome much (just for testing, or the odd times that a site won't work on Safari). Not a big deal for me to rip it out.

If it were a tool that I use all the time, though, I might be more comfortable with a posting that had a bit more detail.

The window to the internet should not be some monster that takes millions of developer hours and held ransom by a couple of big companies.

I should be able to build my own browser in a 3 month sabbatical.

> The window to the internet

This exact part of your comment is why big companies are fighting so hard to own and gatekeep web browsers.

> > The window to the internet

> This exact part of your comment is why big companies are fighting so hard to own and gatekeep web browsers.

Yes. And it goes even further, it's also why they're working hard to destroy the WWW, and have everybody silo-d into their app.

It's why on most social/media networks you can't really link to anything. Why they're dressing down the address bar so that people don't see (and learn about!) URLs any more. Or learn about their use, that they are one of the fundamental building blocks of what was the WWW.

Although there's more, they already burned some parts of the woods before attacking the WWW. Do you remember there was a time when almost all of the popular instant messaging protocols were supported in ONE (free, non-tracking, non-ad infested) app (and there was even a choice of such apps: Pidgin, Trillian, Miranda ..).

Some of them could even talk to each other. It's crazy to imagine, but ultimately even more crazy is that we don't have this any more!!

They won the instant messaging war, it was pretty silent in fact. Just wasn't as ingrained as the WWW used to be. They had to wean the users off slowly, which is exactly what they're doing right now.

The time is coming but not yet. If they could, they would completely do away with the browser and just have their own apps. All the browser represents to them is a liability; an opportunity to click away and leave their platform for another.

> big companies are fighting so hard to own and gatekeep web browsers

could you expand on this? Which big companies are you referring to?

Apple, Microsoft, Mozilla, Google

Well, Microsoft gave up and are using Google's browser. And Mozilla just downsized the Firefox team (and they're paid by Google to keep Firefox going, basically). And Safari is only ever a presence on Apple computers, which Apple already control completely. It's not really a huge competition...

Microsoft Edge is not "Google's browser". It uses the Chromium rendering engine but it's still developed and distributed by Microsoft, which means they own the telemetry, the features, the defaults, and the user experience (which are the parts that matter, no one cares about the renderer from a business POV).

Google has Chrome, we've covered that already.

Apple has Safari.

Firefox exists, and is only funded by Google - in my opinion - to fend off anti-trust at this point.

Just because Google has more or less won the browser wars doesn't mean all those other companies wouldn't _love_ to regain market share in the future.

And perhaps they will. Owning that window is hugely valuable and lucrative, so why wouldn't they?

I agree completely that Firefox is only maintained as an anti-trust foil by Google.

When Google worked out that Microsoft owning the browser might cost them in the long run, they started working on Chrome.

I don't see anyone doing anything similar at the moment. Microsoft's adoption of Chrome is a tacit admission that they lost the browser wars and are not interested in continuing that fight. Apple isn't trying to get Safari adopted en masse on any other OS, it just seems to want to have a browser that it controls on its platform, which I guess makes sense. But it's not a play for "controlling the browser" - they don't even stop you from installing other browsers on their platform.

This just isn't an area anyone is fighting for any more. Building a standards-complient fully-featured browser is a huge project, but not so huge that a large corporate couldn't afford it. Persuading people to use it is a larger problem, but again, nothing that hasn't been done before and can't be done again. But no-one at this scale is even trying.

There are a few attempts from the other direction, dedicated companies like Brave trying to make this happen, and I hope they succeed.

The Internet is much bigger than the Interweb.

There’s more to the Internet than web pages. Web browsers don’t even get the most runtime on my machine.

Sure, I meant web pages.

Its frustrating to see replies discussing the definition of the internet.

The point I wanted to discuss is that there are not many choices for browsers and it takes a lot of effort to build one from scratch. Thus the competition is lacking.

While I'm not sure if the author is right or wrong about this, Google definitely has a liberal approach to using the computers of their users. You are not asked (or even informed!) they will run the Software Reporter Tool and you won't probably notice it until the fan gets louder and you start investigating what is draining your battery now. Yes, I know they do it in good faith but still find in arrogant.

Is there anything like this going on on Linux? I don't really use it, but I have it in case I need to do dev testing.

I find it maddening when articles presume a specific operating system without ever explicitly mentioning it. This is not limited to a Mac - happens with Windows and Linux articles as well.

Fortunatelly on Linux it's just using standard repositories.

Yes... except the Chrome package adds updating itself to your cron scripts without telling you. :/

I used to be concerned about it. But so does Brave and other Chromium-based browsers. The script in `/etc/cron.daily/google-chrome` on Fedora ensures that the google chrome repository configuration file is correct, but it doesn't update Chrome itself. You still update Chrome manually with `dnf update`.

And it can update itself without sudo?

Yes, since the cron script automatically runs as root on a repeating schedule.

If you want to see what it does:

    mkdir junk
    cd junk
    wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
    ar x google-chrome-stable_current_amd64.deb
    tar xf data.tar.xz
    cat opt/google/chrome/cron/google-chrome
It's not nefarious - it's well-documented and explained.

It's just making a decision for me that, as an administrator, I need to be the one deciding instead.

That is very bad. With this they can easily and covertly target an ip and deploy automatically a rooted version to infiltrate a specific computer.

That looks like crazy theory, but tell me what they will do if the nsa request it?

% ls /opt/google/chrome/cron/google-chrome

ls: cannot access '/opt/google/chrome/cron/google-chrome': No such file or directory

Refutation by counterexample: I have Chrome, FF, and mpv running right now and my WindowServer process is averaging below 6% on a 2015 13" MBP.

If Google is doing this, that's not great. I am much more disturbed by the behavior of Microsoft Teams, which installs itself into your login items on install. Then you remove it from your login items and think you're all good. But if you ever open the application, it automatically adds itself to your login items again.

As far as I can tell, it will re-add itself no matter how many times you have removed it. This strikes me as incredibly user hostile and I'm surprised Microsoft is quite so brazen about it. I would expect this behavior would lead people to just uninstall the desktop application and use Teams through a browser when needed.

The idea that a process could hide itself from Activity Monitor seems hard to believe, so since that is one of the first claims in the article it seems like it’d be easy to demonstrate or disprove.

Does this apply to Ungoogled Chromium too?

Thank goodness i switched to FireFox long time ago But i still have to use chrome as it makes some Google applications slow on firefox which I hate

Should be called "Keystone, part of Chrome, appears to behave badly on my Mac." There's nothing like this running on my Linux box.

I'm starting to think that there's some truth to OP's accusations. The fan on my MacBook has had a tendency to spin like crazy and it's been quite unresponsive at times for it's spec and age. When this post came out, I went for it and deleted it all and it's been acting surprisingly more responsive. Doing a conference-call used to kick of the fan after about a minute or so, the fan doesn't make a sound at all now. I've put in an order for an M1, but I think dropping Chrome (Canary in my case) could have been a worthwhile solution.

To add to my suspicion. A month or so ago, I was running Big Sur beta and was asked to give a system service from Google, admin access and restart. That in turn broke my Mac, so I had to spend hours to get back up and running. Why does the service require admin-access? Why did it require me to restart my computer?

This happened to me as well. Unplugging my external USB mouse solved the problem for me (lagging Window Server).

I don’t know about the author’s claims, but I find Google Chrome unusable on my Ubuntu laptop. Whenever it’s running, my fan is blasting. If I clear the Chrome cache, this fixes it for a while, but it’s not long before it starts exercising the CPU again.

Could that happen due to some Chrome extension, mining in the background? XD

> When any installed hosted app, packaged app, or extension has "background" permission, Chrome runs (invisibly) as soon as the user logs into their computer—before the user launches Chrome. The "background" permission also makes Chrome continue running (even after its last window is closed) until the user explicitly quits Chrome.


Only show the upvote / down vote button after clicking the link. This small bit of resistance would go a long way to solving the issue of upvoting titles, rather than the content.

I never use Chrome really and decided to try it. I figured it wouldnt actually make a difference, so I didn't try to take any tests etc to see before and after.

But, subjectively, my computer post-restart is MUCH more responsive and e.g. firefox is MUCH faster. WHereas it would take like 30-45 seconds for fx to load all of my pinned tabs, just now it loaded in like 5.

I don't know what is going on, but I definitely notice a difference. I honestly expected this not to work, and was really surprised when it did.

I recently started to use Edge. It is funny that YouTube couldn't detect my identity, so it will ask me to login in almost every video I play, and it won't display any comments for videos. If I want to read comments, I will have to switch to Chrome. YouTube behaves very strangely when you are not using Chrome.

I do see many times WindowServer would be at 40%-50% CPU usage, it happens fairly often. I might just delete Chrome now.

Strange, I switched to Brave in the beginning of the year and it's pretty much chrome with stronger controls around cookies, trackers, etc.

Youtube works just like it did under Chrome.

That's nice. The YouTube problem on Edge appeared after a few weeks usage. Maybe I accidentally use of Google service triggered it. Now it assumes that I have an account, insist me logging in with my account to get better experience. It is very annoying. I cannot delete Chrome because I use it for gmail. I don't want to log into gmail with other browsers. Maybe I should keep using Chrome for YouTube as well.

If you find a bug in Chrome then I'm sure the team would like to know about it. We even have a website for reporting bugs in Chrome - crbug.com. Filing a bug there isn't as flashy as creating a website but it is probably more effective.

It sucks because Chrome is so much better usability wise than all those others. I wish they would just fix whatever this keystone trash is, and leave that to stonehenge

I found out, surprised, that current Edge is basically a better Chrome - even compatible with all extensions, faster, and with lower battery consumption.

And, yes, Microsoft AutoUpdate, which however seems reasonable so far.

Edge is missing E2E encryption in the sync feature.

Yep - pretty critical missing bit of functionality unfortunately.

What does Chrome do better than Safari?

For me - it works properly on spotty connections. I have fast, but unreliable internet that drops connection few times an hour and Safari and Firefox are almost unusable - when connection drops for just a few seconds they cannot open many websites for up to 5 minutes (reddit, google and youtube among many others; hacker news is one of the few that work all the time).

Chromium based browsers do not have that issue, I used to use Vivaldi but temporarily switched to Safari as I wait for ARM build of Vivaldi and I am constantly frustrated by that issue.

I have tried debugging it but got nowhere, it seems to be system wide issue as some 3rd party apps exhibit this behaviour too (for example live streaming through IINA or Skype) while others not (Electron based apps usually work fine). Recently switched to new M1 Macbook and it happens on it too.

I wonder if this is a DNS issue. Are the browsers that work ignoring the system DNS servers? Perhaps using DoH?

This was my first idea, I tried setting DNS to, tried, tried others, tried setting them in Network Setting, tried on router, tried sudo killall -HUP mDNSResponder. I can ping those faulty websites during Safari downtime without issue, but somehow the browser does not even try opening the website (Timeline Recording in Safari shows no Network Requests). It looks like macOS is caching something somewhere and when that cache expires it starts to work again. Emptying Safari caches does not help and I don't know if there is any way to purge all system networking caches.

Chromium based browsers certainly ignore something, it might be DNS related but I'm out of concrete ideas what exactly to change.

Does anyone know a way to get Safari to show a preview of the url when you hover over a link?

I tried to switch recently since it's supposed to waste less battery but two things I found were a bad experience after Chrome:

- no decent ad blocker? the one I saw recommended was Ad Guard but that seems to require you to have an Electron app running simultaneously (!) in order for it to block anything

- in Chrome when I hover over a link I see the url in the bottom left 'status' area... I had no idea how much I like this until it wasn't there in Safari... it feels really weird to click on a link and not know where it goes to

- AdGuard has to run its app in the background, true, but it‘s very well behaved. - menu: View —-> ShowStatus Bar (command /)

View -> Show Status Bar

Ah great, that's it!

The other thing I miss with Safari I don't think there is a solution for... there's no version for Android, so I miss sharing history and passwords with the browser on my phone.

My fault for not buying all Apple devices I guess

You can force click on the link if you have a trackpad that supports it. There are probably ways to simulate a force click even without such a trackpad. The same also applies to iOS: links can be previewed across many apps by long pressing.

KB here: https://support.apple.com/guide/safari/go-to-websites-ibrw10...

That shows the whole webpage. It looks like they just want to see the link in the lower left, which can be done, as others have said, by turning on the status bar from the View menu.

force trackpad press on the link to see a preview

Ad Guard for Safari does not require you to run the app to block ads. Just quit the app.

The hover thing might be some pref but Safari shows urls on mouseover.

When I quit the app the Ad Guard shield icon went back to "paused" so I assumed it needed to be running to work

It's not the best UI but the mouseover of the icon tells you what's going on, albeit in tiny print at the bottom:


Supports web standards ? Extensions ? Developer tools ?

I'm using Safari as my primary browser because Chrome is a resource hog and this i9 MBP sounds like a 747 taking off when it starts using CPU but Chrome is a better browser feature wise - I plan on switching back to desktop (since this WFH shift it's just better) and I will 100% use Chrome even if Safari was an option (fan noise/CPU power/power consumption aren't a concern).

Runs on my computer.

(not a big fan of chrome though)

Well that's a great answer. ;)

It's kind of a shame that Apple killed off the Windows version of Safari. I often wonder if they would consider bringing it back.

1. dev tools 2. extensions

Applications are open for YC Winter 2024

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact