Subject: General Tech | February 7, 2017 - 07:47 AM | Scott Michaud
Tagged: mozilla, firefox, web browser, Rust, llvm
Firefox 52 will be the company’s next Extended Support Release (ESR) branch of their popular web browser. After this release, Mozilla is planning a few changes that will break compatibility, especially if you’re building the browser from source. If you’re an end-user, the major one to look out for is Mozilla disabling NPAPI-based plugins (except Flash) unless you are using Firefox 52 ESR. This change will land in the consumer version of Firefox 52, though. It’s not really clear why they didn’t just wait until Firefox 53, rather than add a soft-kill in Firefox 52 and hard-code it the next version, but that’s their decision. It really does not affect me in the slightest.
The more interesting change, however, is that Mozilla will begin requiring Rust (and LLVM) in an upcoming version. I’ve seen multiple sources claim Firefox 53, Firefox 54, and Firefox 55 as possible targets for this, but, at some point around those versions, critical components of the browser will be written in Rust. As more of the browser is migrated to this language, it should be progressively faster and more secure, as this language is designed to enforce memory safety and task concurrency.
Firefox 52 is expected in March.
Subject: Editorial, General Tech | October 28, 2016 - 04:46 AM | Tim Verry
Tagged: editorial, web browser, vpn, Privacy, Opera, Blink
It has been some time since I last looked at Opera, and while I used to be a big fan of the alternative web browser my interest waned around the time that they abandoned their own engine to become (what I felt) yet another Chrome (Webkit) clone. Specifically, it looks like the last version I tested out was 12.10. Well, last month Opera released version 40 with just enough of a twist to pique my interest once again: the inclusion of a free built-in VPN.
I (finally) got around to testing out the new browser today, and it works fairly well. While setting the default to share usage data is not ideal, offering to enable the ad blocker after installation is a good touch. The VPN feature is a bit more tucked away than I would like but still accessible enough from the settings menu. Further, once it is enabled, it is easy to turn it off and on using the icon in the search/address bar.
According to Opera, the built-in VPN (virtual private network) comes courtesy of SurfEasy – a company that Opera acquired last year. SurfEasy uses OpenVPN and 256-bit encryption and also lauds itself on being a no-log VPN (they do not maintain logs tracking users' usage). Opera is not currently imposing any restrictions on the free VPN built into Opera with bandwith and data usage not being capped. Not bad for a free offering! For comparison, I've used the free version of ProXPN on occasion (public Wi-Fi mostly), and while the VPN is for the entire PC (not just the browser like in Opera's case) they heavily throttle the download speeds to entice you to pay (heh).
In a quick test, I got the following results:
|Ping (ms)||Download (Mbps)||Upload (Mbps)|
Considering the exit point was much further away (SpeedTest chose a Kansas test server, and it looks like the VPN server may have been in Houston, TX), the performance was not bad. Download and Upload speeds were only slightly slower, but (as expected) the ping was much higher.
Opera offers five locations for its free VPN: Canada, Germany, Netherlands, Singapore, and the United States.
Users can enable the VPN by browsing to opera://settings and clicking on Privacy & Security in the left hand list then checking the box next to "Enable VPN."
On another note, the included ad blocker seemed to work well (it apparently has already blocked 86 ads even though I only hit up a couple sites!). My only complaint here is that it does not make it as easy as AdBlock Plus to block/unblock specific elements (or if there is a way it's not intuitive). It is only a minor complaint though, and not really relevant for the majority of users.
I am by no means a browser benchmarker, but it feels fast enough when switching between tabs and loading websites. Fortunately, Michael Muchmore and Max Eddy put Opera through its paces and compiled the benchmark results from several synthetic tests if you are into the nitty-gritty numbers. From their data it appears that Opera is not the fastest, but by no means a slouch. The one test it fell hard on was the Unity WebGL benchmark, though it was not the only browser to do so (Opera, Chrome, and Vivaldi were all close with FireFox and Edge getting the top scores).
Other features of Opera 40 (41 in my case) include a personalized newsfeed that can be fed with any user-supplied RSS feeds, a new battery saver mode, hardware accelerated pop-out videos, Chromecast support, and a number of under the hood performance and memory optimizations (especially with more than 10 tabs open).
I am going to keep it installed and may switch back to using Opera as my daily browser. It looks like it has come a long way since Opera 12 and while it is similar to Chrome under the hood, Opera is doing enough to set itself apart that it may be worth looking into further.
What are your thoughts on Opera 41?
Subject: General Tech | July 19, 2016 - 06:38 AM | Scott Michaud
Tagged: web browser, Opera, China
Opera is the smallest of the major browser vendors, estimated at about one-fifth the desktop market share of Mozilla's Firefox. That said, it had some fairly high-profile device wins, such as the Nintendo Wii and the Nintendo DS, and they're strong on other mobile devices, too. They had their own rendering technology until 2013, when they switched to Webkit and, when Google forked away from Apple and KDE into the Blink project, followed Google.
Recently, a group of Chinese companies have announced that they will be purchasing a large chunk of the browser vendor for $600 million USD. Interestingly, this was after offering $1.2 billion just a few months earlier. This time, the Chinese group will receive less of the company, and thus will pay less for it. The original company, which will have 18 months to find a new name, will maintain ownership of three parts:
- Opera Mediaworks
- Opera Apps & Games (including Bemobi)
- Opera TV
According to Engadget, the original, $1.2 billion dollar deal was canceled when some government organization disapproved of the deal. Looking at the three components that were omit, I cannot see why a regulation body would raise an issue, whether it be for national security or monopoly reasons. They seem pretty innocuous and small, but I guess the EU might take issue with consumer data privacy?
Either way, these three elements will remain, but everything else will go.
Subject: General Tech | July 1, 2016 - 11:12 PM | Scott Michaud
Tagged: web browser, gecko, servo, Rust, mozilla, Samsung
No love for Windows at the moment, but Mozilla is showing previews of their new browser rendering engine, Servo. This one is developed in Rust, which is a highly parallel yet very memory safe language, which are two great features for a web browser, especially on mobile and multi-core desktops. You are currently able to pick it up on Mac and Linux, although it is not ready to be your primary browser yet. Windows and Android builds “should be available soon”.
Basically, Mozilla has been spending the last few years re-thinking how to design a web browser. Most Web standards are based on assumptions that the browser is going through a main loop, and that these items will occur in sequence. Back in 2013, most of the research was to see far a browser could travel into parallelization before compatibility just stops following. Samsung, who is obviously interested in smartphone technology, partnered with them, because it's easier to add more cores onto a mobile SoC than it is to make existing ones faster.
At the time, they weren't sure whether this research would be used to improve Gecko, the current rendering engine that has been around since Netscape 6, or create a suitable replacement for it. As far as I know, that decision has still not been made, but they also haven't bailed on it yet.
Perhaps we'll see a new wave of Web technology coming soon? Maybe even break up the Webkit monopoly that seems to be forming, led by iOS and Android devices?
Subject: General Tech | January 31, 2016 - 12:05 AM | Scott Michaud
Tagged: web browser, web, shockwave flash, shockwave director, oracle, Java
After decades of semi-ubiquitous usage, Oracle has announced plans to stop providing the Java plug-in for web browsers. It will still be available in the upcoming Java 9 platform, but classified as a deprecated feature.
Java, Shockwave Director, and Shockwave Flash filled in a huge gap in Web standards during the late 90s and early 2000s. Plug-ins were about the only way to access files, per-pixel 2D animation functions, and even access to 3D graphics hardware. Web browsers can do almost all of that now, albeit file input and output is limited to individual files, because you don't want every website to be able to read and write files (and site-specific data lockers with APIs like IndexedDB and Web Storage) on the user's hard drive without the user's explicit control.
As such, browsers are trying to kill off native plug-ins. This could be a problem for games like Battlefield 3 and 4, which (Update Jan 30th @ 7:51pm: Used to... it's apparently been a while. Thanks wileecyte in the comments.) require plug-ins to launch the native application, but the browser vendors have been expressing their desires for quite some time. Even companies that are heavily invested in plug-ins for their products, like Oracle, are finally giving up.
Subject: General Tech | September 11, 2014 - 08:22 PM | Scott Michaud
Tagged: firefox, mozilla, web browser, web development
Remote Debugging for Safari on iOS and Chrome on Android is available in early development on Firefox Nightly with an optional extension.
Subject: General Tech | February 17, 2014 - 08:10 AM | Scott Michaud
Tagged: web browser, Google Chrome, chromium
This stutter was 628 milliseconds, or about 38 consecutive frames at 60 FPS.
Image Credit: Chromium Project Blog
Web browsers are designed under the assumption that a single thread of instructions will weave through every task, one by one, until everything is done. At some point, since the early 1990s, computers have been give multiple cores (and some of those designs can have multiple threads shoved through at once). The problem is now that, since "Task A" was designed to occur before "Task B", doing them separately... can break stuff good.
A simplified browser execution flowchart. Execution follows the arrow.
Image Credit: Mozilla
In case you are wondering, Mozilla started to move compilation to a background thread as of Firefox 21. Firefox 29 will move the entire just-in-time (JIT) compilation process off the main thread. This is currently in their "Aurora" release channel. To the rest of the world: it's an alpha.
This optimization is currently available in Google Chrome Beta (33).
Subject: General Tech | July 2, 2013 - 03:29 AM | Tim Verry
Tagged: web browser, hands-free, google glasses, google glass, google
Later this week, Google is updating its Glass, well, glasses to add new features. Among the new features, Google is including a full web browser and a couple of new voice controls.
The full web browser will output to the Glass display and can be accessed by hitting the appropriate button. Users will be able to access the web using the Wi-Fi chip, and it will be controlled by the touchpad and motion controls. For example, users can scroll pages by moving a single finger forward on the touchpad. Zooming is handled by using a two finger guesture on the touchpad. Finally, while zoomed in, users can move their head around to pan around the page.
The motion control bit is actually an intuitive idea, though I expect bystanders will find those browsing the web on their Glass a bit odd as they hold two fingers to their glasses and move their head about. (Hopefully people do not try browsing reddit while walking, however.)
The upcoming Google Glass update also adds a few more voice controls to the mix. Using voice commands beginning with "ok glass," users will be able to reply to text messages, answer calls, and send photos to other people on their contact list.
Finally, Google has lifted the contact list restriction from a list of ten friends. Users can now access their entire Gmail contact list.
I'm glad that Google is continuing to improve the Glass software. According to The Verge, this new update will be rolled out over the next few days to the Explorer Edition units currently in the hands of developers. I'm looking forward to the final consumer release.
Read more about Google Glass at PC Perspective.
Subject: Editorial, General Tech | May 16, 2013 - 07:45 PM | Scott Michaud
Tagged: web browser, Malware, IE10
If you consider your browser security based solely on whether it will allow you to manually download a malicious executable: IE10 is the best browser ever!
Rod Trent over at Windows IT Pro seems to believe this when NSS labs released their report, "Socially Engineered Malware Blocking". In this report, Internet Explorer blocked the user from downloading nearly all known malware (clarification: all known malware within the test). Google Chrome came in second place with a little less than 17% fail rate and the other browsers were quite far behind with approximately a 90% failure rate.
Based on that one metric alone, Rod Trent used a cutesy chess image to proclaim IE the... king... of the hill. Not only that, he suggests Safari, Opera, and Firefox consider "shuttering their doors." After about a decade of Internet Explorer suffering from countless different and unique vectors of exploitation, now is the time to proclaim a victor for attacks which require explicit user action?
Buckle in, readers, it's a rant.
Firstly, this reminds me a little bit of Microsoft Security Essentials. Personally, I use it, because it provides enough protection for me. Unlike its competitors, MSE has next to no false positives because almost ignores zero-day exploits. The AV package drew criticism from lab tests which test zero-day exploits. Microsoft Security Essentials was ranked second-worst by this metric.
Well, time to shutter your doors Micr... oh wait Rod Trent lauded it as award-winning. Huh...
But while we are on the topic of false positives, how do you weigh those in your grading of a browser? According to the report, and common sense, achieving pure success in this metric is dead simple if you permit your browser to simply block every download, good or bad.
If a 100% false positive acceptance rate is acceptable, it is trivial to protect users from all malicious download. With just a few lines of code, Firefox, Safari, and Opera could displace Internet Explorer and Chrome as the leaders of protection against socially engineered malware. However, describing every download as "malicious" would break the internet. Finding a balance between accuracy and safety is the challenge for browsers at the front of protection technology.
A browser that is capable of blocking malware without blocking legitimate content would certainly be applause-worthy. I guess time will tell whether Internet Explorer 10 is able to walk the balance, or whether it will just be a nuisance like the first implementations of UAC.
OK, Google did actually release exactly one native Windows application at Google I/O: It's called Android Studio, an application that helps developers create apps that run on Android, Google’s answer to Windows. But don’t worry, Microsoft fans: Internet Explorer (IE) flags the Android Studio download as potential malware.
Ah crap... that was quick.
Now to be fair, Internet Explorer 10 and later have been doing things right. I am glad to see Microsoft support standards and push for an open web after so many years. This feature helps protect users from their own complacency.
Still, be careful when you call checkmate: some places may forfeit your credibility.
Subject: General Tech | March 28, 2013 - 04:54 AM | Tim Verry
Tagged: webgl 1.0.2, webgl, web browser, tegra, programming
The Khronos Group recently announced that the WebGL 1.0.1 specification is compliant across mobile and desktop systems on a number of platforms. Chrome 25 and Firefox 19 support WebGL 1.0.1 on Windows, Mac, and Linux operating systems. Further, mobile devices with Tegra SoCs can tap into WebGL using a WebGL-enhanced Android browser.
Additionally, the WebGL 1.0.2 specification and its extensions have been submitted for ratification, and is expected to be formally released in April. According to the press release, the following features are being rolled into the WebGL 1.0.2 specification:
- "adds many clarifications for specification behavioral precision
- mandates support for certain combinations of framebuffer formats, to ease developer adoption;
- clarifies interactions with the encompassing HTML5 platform, including the browser compositor and high-DPI displays;
- dramatically increases the number of conformance tests to roughly 21,000 to improve both the breadth and depth of test coverage - thanks principally to work by Gregg Tavares at Google and the OpenGL ES working group."
Khronos President and NVIDIA Vice President of Mobile Content Neil Trevett stated that "The close cooperation between browser and silicon vendors to ensure the GPU is being reliably and securely exposed to the Web is ongoing proof that Khronos is a highly productive forum to evolve this vital Web standard." Meanwhile, WebGL Working group chair Ken Russell indicated that WebGL 1.0.2 is "a major milestone in bringing the power of the GPU to the Web.”
Although there are security concerns to consider, WebGL does open up some interesting opportunities for new web services. The full press release can be found here.