Google Releases Chrome 48 with Interesting Features

Subject: General Tech | January 21, 2016 - 07:59 AM |
Tagged: google, chrome

Web browsers are typically on rapid release cycles so they can get features out frequently. The Web is changing on a constant basis to help it become an effective application platform, which is cross-compatible with competing implementations. A common complaint is that the cycle is to yield high version numbers for marketing, to give a false sense of maturity, but I'd expect that frequent, breaking changes are kind-of necessary to synchronize features between implementations. If Google lands a feature a month after Mozilla publishes a new version, should they really wait two years for their next one? Granted, they probably knew about it pre-release, but you get the idea. Also, even if the theory is true, artificially high version numbers is one of the most benign things a company could do.

Google_Chrome_icon_(2011).png

Some versions introduce some fairly interesting features, though. This one, Google Chrome 48, deprecates RC4 encryption for HTTPS, which forces web servers to use newer cyphers or they will fail to load.

Another major one, and probably more interesting for our audience, is the introduction of VP9 to WebRTC. This video codec is Google's open competitor to H.265. At similar quality settings, VP9 will use about half of the bandwidth (or storage) as VP8. WebRTC is mostly used for video conferencing, but it's really an open platform for webcam, microphone, audio, video, and raw, peer-to-peer data connections. There are even examples of it being used to synchronize objects in multiplayer video games, which has nothing to do with video or audio streaming. I'm not sure what is possible with this support, but it might even lead to web applications that can edit video.

Google Chrome 48 is available today. Also, as a related note, Firefox 44 should release next week with its own features, like experimental rendering of WebGL images offscreen and multi-threaded. The full changelog for Google Chrome 48 from Git is about 42 MB large and, ironically, tends to crash Firefox.

Source: VentureBeat

Google to merge Chrome and Android into their One True OS

Subject: General Tech | October 30, 2015 - 05:25 PM |
Tagged: chrome, Android, google

It has been long suspected that eventually Google would merge their two operating systems into one and we now have a rumoured date, 2017.  An Android runtime for the Chrome OS already exists and almost any Android app can be modified to run on a Chrome powered device but we now have confirmation that the two will finally merge under the Android brand.  The new OS will remain open sourced and programmers may be enticed into programming more applications as they would only need to make one application instead of needing to write two versions.  Pop by The Inquirer for more speculation.

chrome-os-logo.jpg

"ALPHABET SUBSIDIARY Google (still sounds weird, right?), is reportedly planning to merge Chrome OS and Android into a single platform."

Here is some more Tech News from around the web:

Tech Talk

Source: The Inquirer

Google giveth with one hand whilst taking with the other

Subject: General Tech | August 28, 2015 - 08:40 PM |
Tagged: google, chrome, flash, apple

The good news from Google is that as of next month, Flash ads will be 'Click to Play' when you are browsing in Chrome.  This will be nice for the moving ads but even better for defeating those sick minded advertisers who think audio ads are acceptable.  However this will hurt websites which depend on ad revenue ... as in all of the ones that are not behind a paywall which have Flash based ads.  The move will make your web browsing somewhat safer as this will prevent the drive-by infections which Flash spreads like a plague infested flea and as long as advertisers switch to HTML 5 their ads will play and revenue will continue to come in.

The news of Chrome's refusal to play Flash ads is tempered somewhat by Google's decision to put advertising ahead of security for Apple devices.  The new iOS 9 uses HTTPS for all connectivity, providing security and making it more difficult for websites to gather personalized data but as anyone who uses HTTPS Everywhere already knows, not all advertisements are compliant and are often completely blocked from displaying.  To ensure that advertisers can display on your iOS9 device Google has provided a tool to get around Apple's App Transport Security thus rendering the protection HTTPS offers inoperative.  Again, while sites do depend on advertisements to exist, sacrificing security to display those ads is hard to justify.

adobe-flash-player-icon.jpg

"The web giant has set September 1, 2015 as the date from which non-important Flash files will be click-to-play in the browser by default – effectively freezing out "many" Flash ads in the process."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

Google Chrome Team Commits to XP Throughout 2015

Subject: General Tech | April 17, 2015 - 11:00 AM |
Tagged: windows xp, windows, microsoft, google, EoL, chrome

It has been a year since Microsoft cut off extended support for Windows XP including Internet Explorer security updates for the platform. Yeah, I know, it doesn't feel like it. Other browser vendors announced that they would continue to target the retired OS after Microsoft washed their hands of it. At the time, Google said they would give at least 12 months support, which brings us to yesterday.

Google_Chrome_icon_(2011).png

Now Google is extending their commitment to the end of the year. They did not say that it was a hard deadline for their customers, but they also did not add an “at least” qualifier this time. The browser vendor wants people to upgrade and admits that they cannot genuinely provide a secure experience if a known issue bites everyone at the OS level. You can keep training the guard at the door, but if your window falls out, mind the pun, then it is still dangerous to be inside.

Granted, we have not seen a major attack on XP over the last year. You would have to think that, even if the attacks are sophisticated, some of the victims would have noticed and reported it to someone. Still, I wonder how it keeps surviving, especially since I would have thought that at least one vulnerability in the last twelve Patch Tuesdays could be ported back to it.

Maybe it is too small of a target?

Source: Google

Since TLS connections mostly ignore OCSP, Firefox is creating yet another solution

Subject: General Tech | March 5, 2015 - 06:46 PM |
Tagged: security, OneCRL, irony, firefox, CRLSet, chrome

It seems somehow strange that the vast majority of 'secure' connections still completely ignore what were developed as industry standards to ensure security in favour of creating their own solutions but that is the world a security professional lives in.  The basic design of OCSP does carry with it a lot of extra bandwidth usage and while maintaining a time limited local cache, referred to as stapling, would ameliorate this your TLS connection is not likely to support that solution.  Instead of fixing the root cause and utilizing existing standards it would seem that Firefox 37 will start a brand new solution, maintaining a list of revoked certificates ironically called OneCRL which will be pushed out to Firefox users, duplicating the CRLSet which Chrome has already developed and maintains. 

This is good for the end user in that it does add security to their browsing session but for those truly worried about attempting to make the net a safer place it offers yet another list to keep track of and for attackers yet another vector of attack.  At some point we will have to stop referring to standards when referencing networking technology.  Pour through the links on the Slashdot post and read through the comments to share in the frustration or to familiarize yourself with these concepts if the acronyms are unfamiliar.

firefox-crset-onecrl.jpg

"The next version of Firefox will roll out a 'pushed' blocklist of revoked intermediate security certificates, in an effort to avoid using 'live' Online Certificate Status Protocol (OCSP) checks. The 'OneCRL' feature is similar to Google Chrome's CRLSet, but like that older offering, is limited to intermediate certificates, due to size restrictions in the browser."

Here is some more Tech News from around the web:

Tech Talk

Source: Slashdot

Rumor: 15.4" Broadwell-U Chromebooks Are Coming

Subject: General Tech, Systems | December 29, 2014 - 06:42 PM |
Tagged: laptop, google, dell, ChromeOS, Chromebook, chrome, acer

According to DigiTimes via The Tech Report, because of course DigiTimes, we should receive 15.4-inch Chromebooks in the near future. Their sources claim that both Acer and Dell have products planned with that operating system, in that size, and will cost less then $300. The Acer system is expected in March 2015 with Dell scheduled for some time in the first half of 2015.

12-failslow-Chrome.png

One part that stands out for me is the maximum price of $300. The claim is that this is a Google mandated ceiling for Chromebooks with up-to Core i3 performance. This is troubling for two reasons. First, depending on the details, it might dance around inside the minefield of price-fixing laws, although I am sure that Google is doing this in a legally. I mean, Apple has been getting away with enforcing maximum retail prices of iPods and iOS devices for around a decade and I believe console manufacturers do about the same.

Second, and more importantly, it limits the ability for manufacturers to be creative and innovative, which is the major advantage of an open ecosystem. Being a web browser-based platform, there is already constraints on what manufacturers can implement. Sure, Google is probably open to communication with their partnered hardware vendors, but it is uncomfortable none-the-less. I could use the Nexus Q as an example of an experiment but unfortunately it was neither a hit nor did it cost over $300. Sure, they could add a more powerful processor to escape that clause but it is still

These Chromebooks are expected to launch in the early half of 2015.

Source: Tech Report

ARChon Brings App Runtime for Chrome Outside ChromeOS

Subject: General Tech | September 20, 2014 - 06:33 PM |
Tagged: chrome os, chrome, google, Android

Last week, we reported on Google's App Runtime for Chrome (ARC) beta release. Its goal is to bring apps from the Google Play Store to ChromeOS through an Android stack built atop Native Client. They are sandboxed, but still hardware-dependent for performance. Since then, vladikoff on GitHub has published ARChon, a project which brings that initiative to desktop OSes.

archon-project.jpg

Image Credit: ARChon Project

To use Archon, you will need to use an x86-64 version of Chrome 37 (or later) on Windows, Mac, or Linux. This project is not limited to the handful of ARC-compatible apps that Google officially supports. The Android apps need to be converted into Chrome extensions using a tool, also available, called chromeos-apk. In fact, the example app is an open source version of the game, 2048, rather than just the four launch apps from Google.

Whether Google intends to offer this, officially, with their Chrome browser is the most interesting part for me. I would prefer that everything just works everywhere but, failing that, having a supported Android platform on the desktop without dual-booting or otherwise displacing the host itself could be interesting. And yes, Bluestacks exists, but it has not been something that I would recommend, at least in my experience of it.

Source: ARChon

Chrome officially hits the 64-bit era

Subject: General Tech | August 27, 2014 - 04:34 PM |
Tagged: chrome, 64-bit

The new version of Chrome can now supports 64-bit if you so choose to install that version of Google's browser.  The ability to address more memory is not the only benefit to this new version, it is also optimized for the P9 codec used for Youtube HD which The Inquirer was told now processes 15% more quickly and they agreed that it felt generally faster when using the new browser to surf.  The new version should also offer improved protection from memory layout vulnerabilities so it is certainly worth using on your 64 bit machine.

chrome-64-bit.jpg

"GOOGLE'S 64-BIT EDITION of the Chrome web browser for Windows has been declared stable with the release of Chrome 37."

Here is some more Tech News from around the web:

Tech Talk

Source: The Inquirer

Chrome might be less polite than you think

Subject: General Tech | January 24, 2014 - 06:37 PM |
Tagged: google, chrome, snooping, mic

If you have never heard the phrase "Those who eavesdrop hear nothing good about themselves" you are in good company as Google Chrome has not either.  A developer by the name of Tal Ater has discovered that Chrome can enable your microphone when you view certain malicious websites without your knowledge.  According to Google's online documentation, when Chrome enables your microphone you should see both a blinking red light appear in the tab you are viewing and a persistent icon in the system tray.  Unfortunately when The Register saw a test, the site created a pop-under window which displayed the red light and was not visible until the other browsing session was closed or moved, nor was there a system tray icon.  Even more worrying, the initial specification called for recording to be disabled when the tab with access to the mic was not active but was never implemented.

hqdefault.jpg

"A design flaw in the Chrome browser allows malicious websites to use your computer's microphone to eavesdrop on you, one developer has claimed, although Google denies this is the case."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

Need another reason to upgrade from WinXP? You might be stuck with IE

Subject: General Tech | October 29, 2013 - 04:27 PM |
Tagged: winxp, firefox, chrome, browser

With 160 days remaining until the current official support expiration for WinXP unless you are willing to pay for the privilege of getting critical updates there is only a little time left in which third party providers need to continue support for the aging OS.  Two of the most noticeable of these will be Firefox and Chrome, both of which will be discontinuing development for their browsers on WinXP.  Their older versions will still work but will slowly succumb to more and more security vulnerabilities as they are discovered but not patched for WinXP.  This may not be the straw that breaks XP's back but recall that YouTube abandoning IE6 support was one of the driving forces behind the decline of that browser.  Slashdot comments for your entertainment here.

An update to this information does show that you have a while to go before this is a major concern as Firefox does not have a specific date in mind and Chrome is extending development for a few years yet.  You should still really consider upgrading to Win7 in the near future.

winxp.jpg

"While Windows XP is still going strong the sun is rapidly setting on this old platform fast. Firefox plans to end support for XP which means no security fixes or improvements. Chrome is being discontinued a little later as well for Windows XP. Windows XP has its die-hard users refusing to upgrade as they prefer the operating system or feel there is no need to change."

Here is some more Tech News from around the web:

Tech Talk

Source: Slashdot