Microsoft

Google Chrome Bests Microsoft Edge, Mozilla Firefox, Opera In Independent Battery Life Tests (betanews.com) 113

An anonymous reader shares a report: YouTuber Linus Tech Tips has pitted Microsoft Edge against Google Chrome, Mozilla Firefox and Opera and discovered that it does not deliver as strong a performance as Microsoft claims. Linus Tech Tips took four Dell Inspiron laptops, with the same specs, and found that Microsoft Edge trails Chrome and Opera in battery life tests. It would seem that it still beats Firefox, after all. However, the results are much, much closer than what Microsoft's own tests indicate. On average, the difference between Chrome, which offers the best battery life, and Microsoft Edge is under 40 minutes. Opera comes closer to Microsoft Edge than Chrome in this test. Even Creators Update, which based on Microsoft's test should help Microsoft Edge obliterate the competition, didn't help make it faster than Chrome. Linus says he used the same methodology that Microsoft used in its set of battery tests earlier this year, in which it declared Edge as the winner.
Firefox

Chrome and Firefox Headless Modes May Spur New Adware & Clickfraud Tactics (bleepingcomputer.com) 80

From a report: During the past month, both Google and Mozilla developers have added support in their respective browsers for "headless mode," a mechanism that allows browsers to run silently in the OS background and with no visible GUI. [...] While this feature sounds very useful for developers and very uninteresting for day-to-day users, it is excellent news for malware authors, and especially for the ones dabbling with adware. In the future, adware or clickfraud bots could boot-up Chrome or Firefox in headless mode (no visible GUI), load pages, and click on ads without the user's knowledge. The adware won't need to include or download any extra tools and could use locally installed software to perform most of its malicious actions. In the past, there have been quite a few adware families that used headless browsers to perform clickfraud. Martijn Grooten, an editor at Virus Bulletin, also pointed Bleeping Computer to a report where miscreants had abused PhantomJS, a headless browser, to post forum spam. The addition of headless mode in Chrome and Firefox will most likely provide adware devs with a new method of performing surreptitious ad clicks.
Programming

Community Ports 'Visual Studio Code' To Chromebooks, Raspberry Pi (infoworld.com) 79

An anonymous reader quotes InfoWorld: A community build project led by developer Jay Rodgers is making Visual Studio Code, Microsoft's lightweight source code editor, available for Chromebooks, Raspberry Pi boards, and other devices based on 32-bit or 64-bit ARM processors. Supporting Linux and Chrome OS as well as the DEB (Debian) and RPM package formats, the automated builds of Visual Studio Code are intended for less-common platforms that might not otherwise receive them. Obvious beneficiaries will be IoT developers focused on ARM devices -- and the Raspberry Pi in particular -- who will find it helpful to have the editor directly on the device they're programming against... Rodgers said the lure of Visual Studio Code for him was its user-friendly interface, making it approachable for new users.
Safari

Apple Announces Support For WebRTC in Safari 11 (webkit.org) 46

Youenn Fablet, software engineer at Apple, writes: Today we are thrilled to announce WebKit support for WebRTC, available on Safari on macOS High Sierra, iOS 11, and Safari Technology Preview 32. [...] Currently, Safari supports legacy WebRTC APIs. Web developers can check whether their websites conform to the latest specifications by toggling the STP Experimental Features menu item "Remove Legacy WebRTC API". Legacy WebRTC APIs will be disabled by default on future releases. Websites that need to accommodate older implementations of the WebRTC and Media Capture specifications can take advantage of polyfill libraries like adapter.js. Peer5, a startup that offers serverless CDN for massively-scaled video streaming, writes in a blogpost: This is HUGE news for the computing industry. Since its introduction in 2011, WebRTC has become an incredibly important part of everyone's favorite platforms and applications. It is at the core of a few services that you might have heard of, including Google Hangouts, Facebook Messenger, Snapchat and Slack. WebRTC is also supported natively by most major web browsers, including Chrome, Firefox and Opera. But there were 2 big holdouts -- Microsoft's Edge browser and Apple's Safari. This meant that people using those browsers couldn't access WebRTC-based services without installing some type of plug-in. Well, those days are over given the WWDC news and Microsoft's announcement back in January regarding WebRTC support in Edge. Developers can now create compelling browser-based applications that incorporate real-time audio and video (and maybe even a peer-to-peer component) and know that 99% of the world's Web surfers will be able to use their services without having to install any plug-ins or additional software. This newfound ubiquity for WebRTC might even make a developer question whether he has to build a native iOS or Android app to deliver his service to end-users.
Chrome

Google Releases Chrome 59 (venturebeat.com) 72

An anonymous reader writes: Google has launched Chrome 59 for Windows, Mac, and Linux. Among the additions are native notifications on macOS, settings being revamped to follow Material Design, the Image Capture API, Headless Chrome, and more service worker improvements. You can update to the latest version now using the browser's built-in silent updater or download it directly from google.com/chrome.
Transportation

What To Do If the Laptop Ban Goes Global (backchannel.com) 344

"The U.S. is reportedly seriously considering a greatly expanded ban on laptops in airplane cabins," writes Slashdot reader mirandakatz -- sharing some advice from Dan Gillmor. If the government still allows laptops to be checked in with luggage, "the priority will be to discourage tampering and mitigate the risks associated with theft," he writes, envisioning that "If I have to check mine, I'll pack it in bubble wrap and tape, and do some other things to make it evident if someone has tampered with the machine." But of course there's other precautions: [W]e can travel with bare-bones operating system setups, with as little personal or business data as possible (preferably none at all) on the laptop's internal disk drive. When we arrive and get back online, we can work mostly in browsers and retrieve what we need from cloud storage for the specific applications that have to run "locally" on the PC... You might also get a Chromebook for international travel. Chromebooks run Google's Chrome operating system and keep pretty much all data in Google's cloud. So you could carry a bare Chromebook through a border, go online, and retrieve the information you need. You have to completely trust Google with this method...

[The article also suggests encrypting the hard disk -- along with your phone -- or carrying an external drive.] I use the Ubuntu operating system, and this simplifies creating a special travel setup. In preparation for international hassles, I've put a copy of my OS and essential data files on an encrypted USB thumb drive, which holds 256 gigabytes of data... If I've forgotten to load some specific files, and I have them backed up in the cloud, I can always go there.

Because of all the additional security procedures, he utlimately predicts higher ticket prices, fewer business travellers, and, according to Bruce Schneier, "a new category of 'trusted travelers' who are allowed to carry their electronics onto planes."
Chrome

Chrome To Deprecate PNaCl, Embrace New WebAssembly Standard (tomshardware.com) 108

An anonymous reader quotes Tom's Hardware Google announced that its Portable Native Client (PNaCl) solution for making native code run inside the browser will be replaced by the new cross-browser web standard called WebAssembly... Even though Google open sourced PNaCl, as part of the Chromium project, Mozilla ended up creating its own alternative called "asm.js," an optimized subset of JavaScript that could also compile to the assembly language. Mozilla thought that asm.js was far simpler to implement and required no API compatibility, as PNaCl did. As these projects seemed to go nowhere, with everyone promoting their own standard, the major browser vendors seem to have eventually decided on creating WebAssembly. WebAssembly can give web apps near-native performance, offers support for more CPU features, and is simpler to implement in browsers and use by developers.
Bug

Google Chrome Bug Lets Sites Record Audio and Video Without a Visual Indicator (bleepingcomputer.com) 36

New submitter aafrn writes: "Ran Bar-Zik, a web developer at AOL, has discovered and reported a bug in Google Chrome that allows websites to record audio and video without showing a visual indicator," reports BleepingComputer. "The bug is not as bad as it sounds, as the malicious website still needs to get the user's permission to access audio and video components, but there are various ways in which this issue could be weaponized to record audio or video without the user's knowledge. The bug's central element is a 'red circle and dot' icon that Chrome usually shows when recording audio or video streams." Bar-Zik discovered that if the JavaScript code that does the actual audio and video recording is launched inside a small popup, the icon is not shown anymore. This opens the door for various types of scenarios, where an attacker that has tricked a user into granting him permission to record audio and video records user data but when the user doesn't expect this (no visual indicator). For example, an attacker could disguise audio/video recording code inside popup ads. If the user doesn't close the popup, the popup continues to stream audio and video from the victim's house. Google declined to consider this a security bug.
Chrome

Even For Businesses, Chrome Is The Top Browser (computerworld.com) 98

An anonymous reader shares Computerworld's interview with David Michael Smith of Gartner. "Most enterprises still have a 'standard' browser, and most of the time, that's something from Microsoft. These days it's IE11. But we've found that people actually use Chrome more than IE... It's the most-used browser in enterprise," he said... IE retains a sizable share -- Smith called it "a significant presence" -- largely because it's still required in most companies. "There are a lot of [enterprise] applications that only work in IE, because [those apps] use plug-ins," Smith said, ticking off examples like Adobe Flash, Java and Microsoft's own Silverlight. "Anything that requires an ActiveX control needs IE."

Many businesses have adopted the two-prong strategy that Gartner and others began recommending years ago: Keep a "legacy" browser to handle older sites, services and web apps, but offer another for everything else... Chrome, said Smith, is now the "overwhelming choice" as the modern enterprise browser... Smith wasn't optimistic that Edge would supplant Chrome, even when Windows 10 is widely deployed on corporate computers in the next few years. "Edge certainly will have opportunities" once Windows 10 is the enterprise-standard OS, "but I would say that Chrome has a lot of momentum, largely for the fact that it is so popular on the internet."

While a year ago Chrome and Microsoft's browsers both held 41% of the browser market share, now Chrome holds 59% to just 24% for both IE and Edge combined.
Mozilla

Former Mozilla CTO: 'Chrome Won' (andreasgal.com) 272

Responding to Firefox marketing head Eric Petitt's blog post from earlier this week, Andreas Gal, former chief technology officer of Mozilla (who spent seven years at the company) offers his insights. Citing latest market share figures, Gal says "it's safe to say that Chrome is eating the browser market, and everyone else except Safari is getting obliterated." From his blog post (edited and condensed for length): With a CEO transition about 3 years ago there was a major strategic shift at Mozilla to re-focus efforts on Firefox and thus the Desktop. Prior to 2014 Mozilla heavily invested in building a Mobile OS to compete with Android: Firefox OS. I started the Firefox OS project and brought it to scale. While we made quite a splash and sold several million devices, in the end we were a bit too late and we didn't manage to catch up with Android's explosive growth. Mozilla's strategic rationale for building Firefox OS was often misunderstood. Mozilla's founding mission was to build the Web by building a browser. [...] Browsers are a commodity product. They all pretty much look the same and feel the same. All browsers work pretty well, and being slightly faster or using slightly less memory is unlikely to sway users. If even Eric -- who heads Mozilla's marketing team -- uses Chrome every day as he mentioned in the first sentence, it's not surprising that almost 65% of desktop users are doing the same. [...] I don't think there will be a new browser war where Firefox or some other competitor re-captures market share from Chrome. It's like launching a new and improved horse in the year 2017. We all drive cars now. Some people still use horses, and there is value to horses, but technology has moved on when it comes to transportation. Does this mean Google owns the Web if they own Chrome? No. Absolutely not. Browsers are what the Web looked like in the first decades of the Internet. Mobile disrupted the Web, but the Web embraced mobile and at the heart of most apps beats a lot of JavaScript and HTTPS and REST these days. The future Web will look yet again completely different. Much will survive, and some parts of it will get disrupted.
Mozilla

Firefox Marketing Head Expresses Concerns Over Google's Apparent 'Only Be On Chrome' Push (medium.com) 189

Eric Petitt, head up Firefox marketing, writing in a blog: I use Chrome every day. Works fine. Easy to use. There are multiple things that bug me about the Chrome product, for sure, but I'm OK with Chrome. I just don't like only being on Chrome. And that's what Chrome wants. It wants you to only use Chrome. Chrome is not evil, it's just too big for its britches. Its influence on the internet economy and individuals is out of balance. Chrome, with 4 times the market share of its nearest competitor (Firefox), is an eight-lane highway to the largest advertising company in the world. Google built it to maximize revenue from your searches and deliver display ads on millions of websites. To monetize every... single... click. And today, there exists no meaningful safety valve on its market dominance. Beyond Google, the web looks more and more like a feudal system, where the geography of the web has been partitioned off by the Frightful Five. Google, Facebook, Microsoft, Apple and Amazon are our lord and protectors, exacting a royal sum for our online behaviors. We're the serfs and tenants, providing homage inside their walled fortresses. Noble upstarts are erased or subsumed under their existing order. (Footnote: Petitt has made it clear that the aforementioned views are his own, and not those of Mozilla.)
Android

And Now, a Brief Definition of the Web (theverge.com) 64

Dieter Bohn, writing for The Verge: Traditionally, we think of the web as a combination of a set of specific technologies paired with some core philosophical principles. The problem -- the reason this question even matters -- is that there are a lot of potential replacements for the parts of the web that fix what's broken with technology, while undermining the principles that ought to go with it. [...] A lot of tech companies are flailing around looking for ways to fix this problem. There are web apps that work in Chrome but not really all that well elsewhere. There are Instant Articles in Facebook and AMP pages on Google. There are Instant Android apps that stream to your phone over the internet instead of being installed, which go away when you're done with them just like a browser tab. Google claims to be trying to bring some of the open ethos of the web to smart speakers. Hell, go back to 2014 and you'll find Apple pundit John Gruber arguing we should consider apps and "anything transmitted using HTTP and HTTPS" as part of the web. [...] And now, a brief definition of the web: To count as being part of the web, your app or page must: 1. Be linkable, and 2. Allow any client to access it. That's it.
Security

Stealing Windows Credentials Using Google Chrome (helpnetsecurity.com) 53

Orome1 writes: A default setting in Google Chrome, which allows it to download files that it deems safe without prompting the user for a download location, can be exploited by attackers to mount a Windows credential theft attack using specially-crafted SCF shortcut files, DefenseCode researchers have found. What's more, for the attack to work, the victim does not even have to run the automatically downloaded file. Simply opening the download directory in Windows File Explorer will trigger the code icon file location inserted in the file to run, and it will send the victim's username, domain and NTLMv2 password hash to a remote SMB server operated by the attackers.
Firefox

Firefox 55: Flash Will Become 'Ask To Activate' For Everyone (bleepingcomputer.com) 114

An anonymous reader quotes a report from BleepingComputer: Starting with the release of Firefox 55, the Adobe Flash plugin for Firefox will be set to "Ask to Activate" by default for all users. This move was announced in August 2016, as part of Mozilla's plan to move away from plugins built around the NPAPI technology. Flash is currently the only NPAPI plugin still supported in Firefox, and moving its default setting from "Always Activate" to "Ask to Activate" is just another step towards the final step of stop supporting Flash altogether. This new Flash default setting is already live in Firefox's Nightly Edition and will move through the Alpha and Beta versions as Firefox nears its v55 Stable release. By moving Flash to a click-to-play setting, Firefox will indirectly start to favor HTML5 content over Flash for all multimedia content. Other browsers like Google Chrome, Brave, or Opera already run Flash on a click-to-play setting, or disabled by default. Firefox is scheduled to be released on August 8, 2017.
Businesses

'WannaCry Makes an Easy Case For Linux' (techrepublic.com) 411

An anonymous reader writes: The thing is, WannaCry isn't the first of its kind. In fact, ransomware has been exploiting Windows vulnerabilities for a while. The first known ransomware attack was called "AIDS Trojan" that infected Windows machines back in 1989. This particular ransomware attack switched the autoexec.bat file. This new file counted the amount of times a machine had been booted; when the machine reached a count of 90, all of the filenames on the C drive were encrypted. Windows, of course, isn't the only platform to have been hit by ransomware. In fact, back in 2015, the LinuxEncoder ransomware was discovered. That bit of malicious code, however, only affected servers running the Magento ecommerce solution. The important question here is this: Have their been any ransomware attacks on the Linux desktop? The answer is no. With that in mind, it's pretty easy to draw the conclusion that now would be a great time to start deploying Linux on the desktop. I can already hear the tired arguments. The primary issue: software. I will counter that argument by saying this: Most software has migrated to either Software as a Service (SaaS) or the cloud. The majority of work people do is via a web browser. Chrome, Firefox, Edge, Safari; with few exceptions, SaaS doesn't care. With that in mind, why would you want your employees and staff using a vulnerable system? [...] Imagine, if you will, you have deployed Linux as a desktop OS for your company and those machines work like champs from the day you set them up to the day the hardware finally fails. Doesn't that sound like a win your company could use? If your employees work primarily with SaaS (through web browsers), then there is zero reason keeping you from making the switch to a more reliable, secure platform.
Chrome

Should You Leave Google Chrome For the Opera Browser? (vice.com) 303

mspohr shares a report written by Jason Koebler via Motherboard who makes the case for why you should break up with Chrome and switch to the Opera browser: Over the last few years, I have grown endlessly frustrated with Chrome's resource management, especially on MacOS. Admittedly, I open too many tabs, but I'd wager that a lot of you do, too. With Chrome, my computer crawls to complete unusability multiple times a day. After one too many times of having to go into Activity Monitor to find that one single Chrome tab is using several gigs of RAM, I decided enough was enough. I switched to Opera, a browser I had previously thought was only for contrarians. This, after previous dalliances with Safari and Firefox left me frustrated. Because Opera is also based on Blink, I almost never run into a website, plugin, script, or video that doesn't work flawlessly on it. In fact, Opera works almost exactly like Chrome, except without the resource hogging that makes me want to throw my computer against a brick wall. This is exactly the point, according to Opera spokesperson Jan Standal: "What we're doing is an optimized version of Chrome," he said. "Web developers optimize most for the browser with the biggest market share, which happens to be Chrome. We benefit from the work of that optimization."

Slashdot reader mspohr adds: "I should note that this has also been my experience. I have a 2010 MacBook, which I was ready to trash since it had become essentially useless, coming to a grinding halt daily. I tried Opera and it's like I have a new computer. I never get the spinning wheel of death. (Also, the built-in ad blocker and VPN are nice.)" What has been your experience with Google Chrome and/or Opera? Do you prefer one over the other?

United States

Google Owns the Classroom (axios.com) 114

An anonymous reader writes: The NYT's Natasha Singer has a fascinating, provocative look at "How Google Conquered The American Classroom." "[M]ore than half the nation's primary- and secondary-school students -- more than 30 million children -- use Google education apps like Gmail and Docs... Chromebooks, Google-powered laptops that initially struggled to find a purpose... account for more than half the mobile devices shipped to schools."
Microsoft

Microsoft Finally Bans SHA-1 Certificates In Its Browsers (zdnet.com) 38

An anonymous reader quotes ZDNet: With this week's monthly Patch Tuesday, Microsoft has also rolled out a new policy for Edge and Internet Explorer that prevents sites that use a SHA-1-signed HTTPS certificate from loading. The move brings Microsoft's browsers in line with Chrome, which dropped support for the SHA-1 cryptographic hash function in January's stable release of Chrome 56, and Firefox's February cut-off... Apple dropped support for SHA-1 in March with macOS Sierra 10.12.4 and iOS 10.3... Once Tuesday's updates are installed, Microsoft's browsers will no longer load sites with SHA-1 signed certificates and will display an error warning highlighting a security problem with the site's certificate.
Operating Systems

Opinion: Even if You Hate the Idea, Windows Users Should Want Windows 10 S To Succeed (arstechnica.com) 259

Last week, Microsoft unveiled Windows 10 S, a new variant of its desktop operating system aimed largely at the education space. While time will tell how this new edition of Windows fares, if early reactions from enthusiasts are anything to go by, Windows 10 S is in for a tough ride ahead. For one, Windows 10 S only permits installation of applications from the Windows Store. If that wasn't a deal-breaker, several popular applications including Google's Chrome are missing from the Store. Amid all of this, reporter and columnist Peter Bright has an op-ed up on ArsTechnica in which he argues that despite the walled-garden offering, people should want Windows 10 S to succeed as it could make Windows better for everyone else. From his article: This [forbidding execution of any program that wasn't downloaded from the Windows Store] positions Microsoft as a gatekeeper -- although its criteria for entry within the store is for the most part not stringent, it does reserve the right to remove software that it deems undesirable -- and means that the vast majority of extant Windows software can't be used. This means that PC mainstays, from Adobe Photoshop to Valve's Steam, can't be used on Windows 10 S. [...] Some of the arguments against this are bizarre. Notably, the complaint that Microsoft has now erected a paywall -- "you have to pay $50 to run Steam!" -- is very peculiar when one considers that, in general, Windows licenses have never been free. [...] The Windows Store makes bad parts of Windows better: I'd argue, however, that Windows users should want Windows 10 S to succeed. Windows 10 S isn't for everybody, and Windows 10 S may not be for you, but if Windows 10 S succeeds, it will make Windows 10 better for everyone. The Store in Windows RT required developers to write their apps from scratch. With negligible numbers of users, developers were uninterested in doing this work. The Store in Windows 10 has Centennial. In principle, Centennial should make it easy to package existing Win32 apps and sell them through the Store, and if developers of Windows apps adopt Centennial en masse then the Store restriction shouldn't be particularly restrictive. Widespread adoption will be good for Windows users of all stripes.
Chrome

Chrome For Android Now Lets You Save Web Pages For Reading Later (techcrunch.com) 46

Today, Google has introduced a series of improvements to Chrome for Android to make it easier to save content for offline access. The improvements will be made to the "Downloads" feature rolled out in December that allows you to save webpages, music and videos for offline access. TechCrunch reports: To download a web page previously, you would open Chrome's menu in the top-right of the browser, then tap the "save" icon that's located next to the star for bookmarking the site. You could then see all the content you had saved for offline access by tapping on "Downloads" from this same menu. Now, Google is adding more ways to save content, including a way to long press on a link the way you do when you want to open up a page in a new tab. The option to "Download Link" will appear on the pop-up screen you see after your press, below the options to open the page in a new tab or incognito tab. Google says this long press action will also work on its article suggestions on its New Tab page. This New Tab page will also include the articles you've already downloaded, which will be flagged with an offline badge.

Slashdot Top Deals