×
Chrome

Chromebooks Get New Way To Run Windows Apps With Cameyo's Virtual App Delivery (9to5google.com) 19

Posted by BeauHD from the unique-solutions dept.
An anonymous reader quotes a report from 9to5Google: Google has worked with Cameyo to give enterprise Chromebooks another way to run Windows applications using ChromeOS Virtual App Delivery. Cameyo is an enterprise company that offers a "Virtual App Delivery" (VAD) platform that can stream Windows, Linux, internal web, and SaaS applications to other devices. This offering is now getting tight integration with ChromeOS. These Windows apps appear like other icons in a Chromebook's launcher and taskbar. Behind the scenes, they are PWAs (Progressive Web Apps) that aim to blur their streamed nature with native file system integration. This includes letting users access local files and folders from within the virtual instances. Similarly, integration with the ChromeOS Clipboard Connector allows for local copy and paste.

When a user opens a specific file type, Cameyo makes it so that the appropriate virtual app launches. These virtual apps can be streamed from the cloud or on-premises data centers. Compared to full virtual desktop apps, this approach is said to "eliminate the infrastructure and licensing complexity." On the security front: "apps and devices are isolated from network resources and segmented by default so that users only access the apps and data they need to get their jobs done, all while eliminating the need to expose firewall and server ports to the open internet." ChromeOS Virtual App Delivery with Cameyo is available today as an enterprise offering. There is no consumer equivalent.
Firefox

Firefox Users May Import Chrome Extensions Now (ghacks.net) 41

Posted by BeauHD from the long-overdue-features dept.
Mozilla has implemented the WebExtensions system in its browser, allowing Firefox users to import select extensions from other browsers like Chrome. gHacks reports: The feature, which is in testing at the moment, can be enabled by all users of the latest stable version of Firefox.

1. Load about:config in the browser's address bar.
2. Confirm that you will be careful to continue.
3. Search for browser.migrate.chrome.extensions.enabled.
4. Set the feature to True, which enables it.
5. Restart Firefox.

Mozilla has integrated it into the browser's import functionality, which users may use on first run or at any time from the Settings page. To do so, select Menu > Settings > Import Data (button), or load about:preferences#general in the browser's address bar and activate the import data button on the page. Select Chrome from the list, expand the available import options and make sure extensions are checked. Imports are usually limited to some data, such as bookmarks or the browsing history. Firefox is the first major browser, maybe the first browser at all, that adds extensions to the list of supported imports.

The feature is limited at the time to Google Chrome and select extensions. Even though Firefox and Chrome extensions use the same framework, WebExtensions, they are not compatible immediately. Firefox users who attempt to install extensions from Chrome's Web Store may notice that this is not working. Mozilla decided to create a list of extension pairs for extensions that are available on the Chrome Web Store and the Mozilla Add-ons Store. Instead of importing the Chrome extension directly, Firefox is installing the Firefox version of the extension from Mozilla's own extension store.
Chrome

Google Chrome To Warn When Installed Extensions Are Malware (bleepingcomputer.com) 27

Posted by BeauHD from the PSA dept.
Google is testing a new feature in the Chrome browser that will warn users when an installed extension has been removed from the Chrome Web Store, usually indicative of it being malware. BleepingComputer reports: An unending supply of unwanted browser extensions is published on the Chrome Web Store and promoted through popup and redirect ads. These extensions are made by scam companies and threat actors who use them to inject advertisements, track your search history, redirect you to affiliate pages, or in more severe cases, steal your Gmail emails and Facebook accounts. The problem is that these extensions are churned out quickly, with the developers releasing new ones just as Google removes old ones from the Chrome Web Store. Unfortunately, if you installed one of these extensions, they will still be installed in your browser, even after Google detects them as malware and removes them from the store.

Due to this, Google is now bringing its Safety Check feature to browser extensions, warning Chrome users when an extension has been detected as malware or removed from the store and that they should be uninstalled from the browser. This feature will go live in Chrome 117, but you can now test it in Chrome 116 by enabling the browser's experimental 'Extensions Module in Safety Check' feature. [...] Google says that extensions can be removed from the Chrome Web Store because they were unpublished by the developer, violated policies, or were detected as malware.
Firefox

Firefox Finally Outperforming Google Chrome In SunSpider (phoronix.com) 40

Posted by BeauHD from the would-you-look-at-that dept.
Michael Larabel writes via Phoronix: Mozilla developers are celebrating that they are now faster than Google Chrome with the SunSpider JavaScript benchmark, although that test has been superseded by the JetStream benchmark. Last week a new Firefox Nightly News was published that outlines that "We're now apparently beating Chrome on the SunSpider JavaScript benchmark!" The provided numbers now show Firefox easily beating Chrome in this decade-old JavaScript benchmark. The benchmarks come from AreWeFastYet.com. Meanwhile for the newer and more demanding JetStream 2.0 benchmark, Google Chrome continues to win easily over Firefox. You can learn more about the latest Firefox Nightly build advancements via Firefox Nightly News.
Google

Google Chrome Will Summarize Entire Articles For You With Built-in Generative AI (theverge.com) 54

Posted by msmash from the PSA dept.
Google's AI-powered Search Generative Experience (SGE) is getting a major new feature: it will be able to summarize articles you're reading on the web, according to a Google blog post. From a report: SGE can already summarize search results for you so that you don't have to scroll forever to find what you're looking for, and this new feature is designed to take that further by helping you out after you've actually clicked a link. You probably won't see this feature, which Google is calling "SGE while browsing," right away. Google says it's a new feature that's starting to roll out Tuesday as "an early experiment" in its opt-in Search Labs program. (You'll get access to it if you already opted in to SGE, but if you haven't, you can opt in to the feature on its own.) It will be available first in the Google app on Android and iOS, and the company is bringing it to the Chrome browser on desktop "in the days ahead."
Firefox

Does Desktop Linux Have a Firefox Problem? (osnews.com) 164

Posted by EditorDavid from the tangle-web dept.
OS News' managing editor calls Firefox "the single most important desktop Linux application," shipping in most distros (with some users later opting for a post-installation download of Chrome).

But "I'm genuinely worried about the state of browsers on Linux, and the future of Firefox on Linux in particular..." While both GNOME and KDE nominally invest in their own two browsers, GNOME Web and Falkon, their uptake is limited and releases few and far between. For instance, none of the major Linux distributions ship GNOME Web as their default browser, and it lacks many of the features users come to expect from a browser. Falkon, meanwhile, is updated only sporadically, often going years between releases. Worse yet, Falkon uses Chromium through QtWebEngine, and GNOME Web uses WebKit (which are updated separately from the browser, so browser releases are not always a solid metric!), so both are dependent on the goodwill of two of the most ruthless corporations in the world, Google and Apple respectively.

Even Firefox itself, even though it's clearly the browser of choice of distributions and Linux users alike, does not consider Linux a first-tier platform. Firefox is first and foremost a Windows browser, followed by macOS second, and Linux third. The love the Linux world has for Firefox is not reciprocated by Mozilla in the same way, and this shows in various places where issues fixed and addressed on the Windows side are ignored on the Linux side for years or longer. The best and most visible example of that is hardware video acceleration. This feature has been a default part of the Windows version since forever, but it wasn't enabled by default for Linux until Firefox 115, released only in early July 2023. Even then, the feature is only enabled by default for users of Intel graphics — AMD and Nvidia users need not apply. This lack of video acceleration was — and for AMD and Nvidia users, still is — a major contributing factor to Linux battery life on laptops taking a serious hit compared to their Windows counterparts... It's not just hardware accelerated video decoding. Gesture support has taken much longer to arrive on the Linux version than it did on the Windows version — things like using swipes to go back and forward, or pinch to zoom on images...

I don't see anyone talking about this problem, or planning for the eventual possible demise of Firefox, what that would mean for the Linux desktop, and how it can be avoided or mitigated. In an ideal world, the major stakeholders of the Linux desktop — KDE, GNOME, the various major distributions — would get together and seriously consider a plan of action. The best possible solution, in my view, would be to fork one of the major browser engines (or pick one and significantly invest in it), and modify this engine and tailor it specifically for the Linux desktop. Stop living off the scraps and leftovers thrown across the fence from Windows and macOS browser makers, and focus entirely on making a browser engine that is optimised fully for Linux, its graphics stack, and its desktops. Have the major stakeholders work together on a Linux-first — or even Linux-only — browser engine, leaving the graphical front-end to the various toolkits and desktop environments....

I think it's highly irresponsible of the various prominent players in the desktop Linux community, from GNOME to KDE, from Ubuntu to Fedora, to seemingly have absolutely zero contingency plans for when Firefox enshittifies or dies...
Encryption

Google's Chrome Begins Supporting Post-Quantum Key Agreement to Shield Encryption Keys (theregister.com) 13

Posted by EditorDavid from the quantum-leaps dept.
"Teams across Google are working hard to prepare the web for the migration to quantum-resistant cryptography," writes Chrome's technical program manager for security, Devon O'Brien.

"Continuing with our strategy for handling this major transition, we are updating technical standards, testing and deploying new quantum-resistant algorithms, and working with the broader ecosystem to help ensure this effort is a success." As a step down this path, Chrome will begin supporting X25519Kyber768 for establishing symmetric secrets in TLS, starting in Chrome 116, and available behind a flag in Chrome 115. This hybrid mechanism combines the output of two cryptographic algorithms to create the session key used to encrypt the bulk of the TLS connection:

X25519 — an elliptic curve algorithm widely used for key agreement in TLS today
Kyber-768 — a quantum-resistant Key Encapsulation Method, and NIST's PQC winner for general encryption

In order to identify ecosystem incompatibilities with this change, we are rolling this out to Chrome and to Google servers, over both TCP and QUIC and monitoring for possible compatibility issues. Chrome may also use this updated key agreement when connecting to third-party server operators, such as Cloudflare, as they add support. If you are a developer or administrator experiencing an issue that you believe is caused by this change, please file a bug.
The Register delves into Chrome's reasons for implementing this now: "It's believed that quantum computers that can break modern classical cryptography won't arrive for 5, 10, possibly even 50 years from now, so why is it important to start protecting traffic today?" said O'Brien. "The answer is that certain uses of cryptography are vulnerable to a type of attack called Harvest Now, Decrypt Later, in which data is collected and stored today and later decrypted once cryptanalysis improves." O'Brien says that while symmetric encryption algorithms used to defend data traveling on networks are considered safe from quantum cryptanalysis, the way the keys get negotiated is not. By adding support for a hybrid KEM, Chrome should provide a stronger defense against future quantum attacks...

Rebecca Krauthamer, co-founder and chief product officer at QuSecure, told The Register in an email that while this technology sounds futuristic, it's useful and necessary today... [T]he arrival of capable quantum computers should not be thought of as a specific, looming date, but as something that will arrive without warning. "There was no press release when the team at Bletchley Park cracked the Enigma code, either," she said.
Chrome

Google Chrome Switching To Weekly Security Patch Updates (9to5google.com) 28

Posted by BeauHD from the addressing-the-security-patch-gap dept.
Google announced today that Chrome is now adopting weekly Stable channel updates in an effort to block major exploits quicker. 9to5Google reports: Google's browser gets major "milestone" updates every four (previously six) weeks, like going from version 100 to 101. In the past, Chrome would get a "Stable Refresh" update to "address security and other high impact bugs" in-between milestones every two weeks. This is now changing to occur weekly between milestones, starting with Google Chrome 116 on desktop and mobile, so that security updates get to end users much faster. Since Chromium is an open source project, "anyone can view the source code, submit changes for review, and see the changes made by anyone else, even security bug fixes." [...]

The current patch gap is around 15 days. It was previously 35 days before switching to patch updates every two weeks in 2020. Google expects weekly patch updates to result in security fixes shipping "3.5 days sooner on average, greatly reducing the already small window for n-day attackers to develop and use an exploit against potential victims and making their lives much more difficult." This new schedule will also result in fewer unplanned updates that occur when there are known in-the-wild exploits: "By now shipping stable updates weekly, we expect the number of unplanned updates to decrease since we'll be shipping updates more frequently."
Google

Google Fails To End $5 Billion Consumer Privacy Lawsuit (reuters.com) 29

Posted by msmash from the tussle-continues dept.
A U.S. judge rejected Google's bid to dismiss a lawsuit claiming it invaded the privacy of millions of people by secretly tracking their internet use. From a report: U.S. District Judge Yvonne Gonzalez Rogers on Monday said she could not find that users consented to letting Google collect information about what they viewed online because the Alphabet unit never explicitly told them it would. David Boies, a lawyer for the plaintiffs in the proposed $5 billion class action, called the decision "an important step in protecting the privacy interests of millions of Americans."

The plaintiffs alleged that Google's analytics, cookies and apps let the Mountain View, California-based company track their activity even when they set Google's Chrome browser to "Incognito" mode and other browsers to "private" browsing mode. They said this let Google learn enough about their friends, hobbies, favorite foods, shopping habits, and "potentially embarrassing things" they seek out online, becoming "an unaccountable trove of information so detailed and expansive that George Orwell could never have dreamed it."
AI

Microsoft's AI-Powered Bing Chat Is Coming To Mobile Browsers 9

Posted by BeauHD from the open-access dept.
Microsoft is bringing its AI-powered Bing Chat to all mobile browsers as part of the broader changes to stop blocking Bing Chat on third-party browsers. The Verge reports: Bing Chat first launched in February, but it was restricted to Microsoft's own Edge browser. Microsoft started opening up to Chrome and Safari desktop browsers in late July as part of testing for full third-party browser support. "With so many new, useful features now a part of Bing, we're excited to announce you can start experiencing the new AI-powered Bing in third-party browsers on web and mobile soon," says the Bing team in a blog post. "This next step in the journey allows Bing to showcase the incredible value of summarized answers, image creation and more, to a broader array of people."
Piracy

Z-Library Rolls Out Browser Extensions In Anticipation of Domain Name Troubles (torrentfreak.com) 15

Posted by BeauHD from the no-signs-of-slowing-down dept.
Pirate eBook repository Z-Library has launched browser extensions that should make it easier for users to find the site if its current domains are seized in the future. While the site doesn't explicitly mention the U.S. Government crackdown, it likely plays a key role in the decision to make these extensions available. TorrentFreak reports: Since the shadow library is now well aware that its domain names could be taken away at any moment, numerous precautions are being taken to mitigate the risks. A few weeks ago, Z-Library released a dedicated desktop application that should make it easier to access the site. The software has the ability to redirect users to working domains and whenever necessary, connect over the Tor network, which also helps to evade blocking efforts. In an announcement this week, the operators of the shadow library unveiled new precautionary tools to redirect users to working domains, including any new ones, should they be needed.

The new browser extensions are available for both Chrome and Firefox and promise 'seamless access' to alternative domains in the event that existing ones run into trouble. "Say goodbye to searching for available domains, as this handy extension takes care of everything for you. Simplify your online library experience and enjoy seamless access to a world of knowledge, right at your fingertips. "After launching the extension, the process of searching for an available domain will begin. Within some seconds when the domain is found, you will be redirected to the library homepage," Z-Library explains.

While installing browser extensions should always happen with caution, in just a few hours thousands of Z-Library users have already installed the new software. According to the Chrome store, the Z-Library Finder currently has over 7,000 users. These extensions may indeed help to point users to new domain names, but the solution isn't bulletproof. The authorities may attempt to remove the listings from the Chrome and Firefox extension libraries, for example. Even if Z-Library decides to self-host these tools, they still rely on technical infrastructure that could be targeted in the future. That being said, the releases are still notable; it's rare to a service going full steam ahead in the face of an active criminal case.
Chrome

ChromeOS Is Splitting the Browser From the OS, Getting More Like Linux 19

Posted by BeauHD from the behind-the-scenes-changes dept.
Google's long-running project to split up ChromeOS and its Chrome browser is currently in beta and should be live in the stable channel later this month. The flags that turn on the feature by default were spotted by Kevin Tofel from About Chromebooks. Ars Technica reports: The project is called "Lacros" which Google says stands for "Linux And ChRome OS." This will split ChromeOS's Linux OS from the Chrome browser, allowing Google to update each one independently. Google documentation on the project says, "On Chrome OS, the system UI (ash window manager, login screen, etc.) and the web browser are the same binary. Lacros separates this functionality into two binaries, henceforth known as ash-chrome (system UI) and lacros-chrome (web browser)." Part of the project involves sprucing up the ChromeOS OS, and Google's docs say, "Lacros can be imagined as 'Linux chrome with more Wayland support.'"

On the browser side, ChromeOS would stop using the bespoke Chrome browser for ChromeOS and switch to the Chrome browser for Linux. The same browser you get on Ubuntu would now ship on ChromeOS. In the past, turning on Lacros in ChromeOS would show both Chrome browsers, the outgoing ChromeOS one and the new Linux one. Lacros has been in development for around two years and can be enabled via a Chrome flag. Tofel says his 116 build no longer has that flag since it's the default now. Google hasn't officially confirmed this is happening, but so far, the code is headed that way.
Businesses

GameStop To Remove Crypto Wallets Citing 'Regulatory Uncertainty' (coindesk.com) 11

Posted by msmash from the rolling-back-to-normal dept.
Video game retailer GameStop said it will remove its support for crypto wallets citing regulatory uncertainty in the United States, just one year after rolling out the service. From a report: "Due to the regulatory uncertainty of the crypto space, GameStop has decided to remove its iOS and Chrome Extension wallets from the market on November 1, 2023," according to its website. Customers will have access until October 1. The wallets, which were rolled out just about a year ago, allow users to manage crypto and non-fungible tokens (NFTs) throughout decentralized apps and enable transactions of GameStop's NFT marketplace.
The Internet

'Tor's Shadowy Reputation Will Only End If We All Use It' (engadget.com) 65

Posted by BeauHD from the not-what-you-think-it-is dept.
Katie Malone writes via Engadget: "Tor" evokes an image of the dark web; a place to hire hitmen or buy drugs that, at this point, is overrun by feds trying to catch you in the act. The reality, however, is a lot more boring than that -- but it's also more secure. The Onion Router, now called Tor, is a privacy-focused web browser run by a nonprofit group. You can download it for free and use it to shop online or browse social media, just like you would on Chrome or Firefox or Safari, but with additional access to unlisted websites ending in .onion. This is what people think of as the "dark web," because the sites aren't indexed by search engines. But those sites aren't an inherently criminal endeavor.

"This is not a hacker tool," said Pavel Zoneff, director of strategic communications at The Tor Project. "It is a browser just as easy to use as any other browser that people are used to." That's right, despite common misconceptions, Tor can be used for any internet browsing you usually do. The key difference with Tor is that the network hides your IP address and other system information for full anonymity. This may sound familiar, because it's how a lot of people approach VPNs, but the difference is in the details. VPNs are just encrypted tunnels hiding your traffic from one hop to another. The company behind a VPN can still access your information, sell it or pass it along to law enforcement. With Tor, there's no link between you and your traffic, according to Jed Crandall, an associate professor at Arizona State University. Tor is built in the "higher layers" of the network and routes your traffic through separate tunnels, instead of a single encrypted tunnel. While the first tunnel may know some personal information and the last one may know the sites you visited, there is virtually nothing connecting those data points because your IP address and other identifying information are bounced from server to server into obscurity.

Accessing unindexed websites adds extra perks, like secure communication. While a platform like WhatsApp offers encrypted conversations, there could be traces that the conversation happened left on the device if it's ever investigated, according to Crandall. Tor's communication tunnels are secure and much harder to trace that the conversation ever happened. Other use cases may include keeping the identities of sensitive populations like undocumented immigrants anonymous, trying to unionize a workplace without the company shutting it down, victims of domestic violence looking for resources without their abuser finding out or, as Crandall said, wanting to make embarrassing Google searches without related targeted ads following you around forever.
DRM

Google's Nightmare 'Web Integrity API' Wants a DRM Gatekeeper For the Web 163

Posted by msmash from the closer-look dept.
Google's newest proposed web standard is... DRM? Over the weekend the Internet got wind of this proposal for a "Web Environment Integrity API. " From a report: The explainer is authored by four Googlers, including at least one person on Chrome's "Privacy Sandbox" team, which is responding to the death of tracking cookies by building a user-tracking ad platform right into the browser. The intro to the Web Integrity API starts out: "Users often depend on websites trusting the client environment they run in. This trust may assume that the client environment is honest about certain aspects of itself, keeps user data and intellectual property secure, and is transparent about whether or not a human is using it."

The goal of the project is to learn more about the person on the other side of the web browser, ensuring they aren't a robot and that the browser hasn't been modified or tampered with in any unapproved ways. The intro says this data would be useful to advertisers to better count ad impressions, stop social network bots, enforce intellectual property rights, stop cheating in web games, and help financial transactions be more secure. Perhaps the most telling line of the explainer is that it "takes inspiration from existing native attestation signals such as [Apple's] App Attest and the [Android] Play Integrity API." Play Integrity (formerly called "SafetyNet") is an Android API that lets apps find out if your device has been rooted.

Root access allows you full control over the device that you purchased, and a lot of app developers don't like that. So if you root an Android phone and get flagged by the Android Integrity API, several types of apps will just refuse to run. You'll generally be locked out of banking apps, Google Wallet, online games, Snapchat, and some media apps like Netflix. [...] Google wants the same thing for the web. Google's plan is that, during a webpage transaction, the web server could require you to pass an "environment attestation" test before you get any data. At this point your browser would contact a "third-party" attestation server, and you would need to pass some kind of test. If you passed, you would get a signed "IntegrityToken" that verifies your environment is unmodified and points to the content you wanted unlocked. You bring this back to the web server, and if the server trusts the attestation company, you get the content unlocked and finally get a response with the data you wanted.
Chrome

Google Urges Gmail Users to Enable 'Enhanced Safe Browsing' for Faster, More Proactive Protection (msn.com) 58

Posted by EditorDavid from the click-no-evil dept.
The Washington Post's "Tech Friend" newsletter has the latest on Google's "Enhanced Safe Browsing" for Chrome and Gmail, which "monitors the web addresses of sites that you visit and compares them to constantly updated Google databases of suspected scam sites." You'll see a red warning screen if Google believes you're on a website that is, for example, impersonating your bank. You can also check when you're downloading a file to see if Google believes it might be a scam document. In the normal mode without Enhanced Safe Browsing, Google still does many of those same security checks. But the company might miss some of the rapid-fire activity of crooks who can create a fresh bogus website minutes after another one is blocked as a scam.

This enhanced security feature has been around for three years, but Google recently started putting a message in Gmail inboxes suggesting that people turn on Enhanced Safe Browsing.

Security experts told me that it's a good idea to turn on this safety feature but that it comes with trade-offs. The company already knows plenty about you, particularly when you're logged into Gmail, YouTube, Chrome or other Google services. If you turn on Enhanced Safe Browsing, Google may know even more about what sites you're visiting even if you're not signed into a Google account. It also collects bits of visual images from sites you're visiting to scan for hallmarks of scam sites.

Google said it will only use this information to stop bad guys and train its computers to improve security for you and everyone else. You should make the call whether you are willing to give up some of your privacy for extra security protections from common crimes.
Gmail users can toggle the feature on or off at this URL. Google tells users that enabling the feature will provide "faster and more proactive protection against dangerous websites, downloads, and extensions."

The Post's reporter also asked Google why it doesn't just enable the extra security automatically, and "The company told me that because Google is collecting more data in Enhanced Safe Browsing mode, it wants to ask your permission."

The Post adds as an aside that "It's also not your fault that phishing scams are everywhere. Our whole online security system is unsafe and stupid... Our goal should be to slowly replace the broken online security system with newer technologies that ditch our crime-prone password system for different methods of verifying we are who we say we are."
Chrome

ChromeOS 115 Rolling Out: Android App Streaming, PDF Signatures (9to5google.com) 4

Posted by BeauHD from the new-and-improved dept.
An anonymous reader quotes a report from 9to5Google: Google is rolling out ChromeOS 115 as a bigger-than-usual update with a number of user-facing additions over the coming days. Amidst I/O 2023, Google announced the beta availability of Android App Streaming from your Pixel (4a+) or Xiaomi (12T, 12T Pro, 13, 13 Pro) phone running Android 13 and newer with Cross-Device Services installed. It's now entering stable with ChromeOS 115 so that you can stream apps from your mobile device to your Chromebook. This is framed as letting you "complete quick tasks like replying to a conversation, checking on the status of a rideshare or delivery, and editing your shopping list."

Android apps, which open in a phone-sized window, can be launched via the Phone Hub where you get a row of Recent apps at the bottom of the panel with the ability to browse all compatible "Apps from your phone." Applications can also open when you tap through a messaging notification. When opening PDFs in the Gallery app, ChromeOS 115 adds a signature tool. Appearing next to Draw in the top toolbar, you can add a signature, which is much easier with a touchscreen than a trackpad and save it for future use. You can place it in any document and resize the signature to ensure line fit. Lastly, Google has updated the keyboard Shortcuts app with "new navigation and taxonomy," improved search, and a "refreshed shortcut visualization" that better shows what to press.

Meanwhile, this is unmentioned in the stable release notes, but ChromeOS 115 is testing better windowing options in the beta channel. Hovering over the expand/minimize button in the top-right corner control group will show you a new layout menu. There's Split (half), Partial, Full and Float. That last option is new and makes it so that the window is always on top, just like Picture-in-Picture (PiP) for video. The other options were previously accessed by dragging a window and moving to the left/right side of the screen until an overlay appears. This approach is much more accessible and hopefully sees a wide launch soon. The announcement can be read here.
Google

Google Starts the GA Rollout of Its Privacy Sandbox APIs To All Chrome Users (techcrunch.com) 11

Posted by msmash from the PSA dept.
Google continues the rollout of its Privacy Sandbox APIs -- its replacement for tracking cookies for the online advertising industry. From a report: Today, right on schedule and in time for the launch of Chrome 115 into the stable release channel, Google announced that it will now start enabling the relevance and measurement APIs in its browser. This will be a gradual rollout, with Google aiming for a 99% availability by mid-August. At this point, Google doesn't expect to make any major changes to the APIs. This includes virtually all of the core Privacy Sandbox features, including Topics, Protected Audience, Attribution Reporting, Private Aggregation, Shared Storage and Fenced Frames. It's worth noting that for the time being, Privacy Sandbox will run in parallel with third-party cookies in the browser. It won't be until early 2024 that Google will deprecate third-party cookies for 1% of Chrome users. After that, the process will speed up though and Google will deprecate these cookies for all users by the second half of 2024.
Encryption

macOS Sonoma Brings Apple Password Manager To Third-Party Browsers (macrumors.com) 19

Posted by BeauHD from the what-to-expect dept.
An anonymous reader quotes a report from MacRumors: The macOS Sonoma update that is in testing allows Mac owners who opt to use Google Chrome, Microsoft Edge, or another browser to use Apple's Password Manager for filling passwords. Developers and public beta testers running macOS Sonoma can use their iCloud Keychain passwords with non-Safari browsers at this time, autofilling passwords and one-time codes. Third-party browsers can also save new passwords.

Apple has made an iCloud Passwords Chrome extension available for macOS Sonoma users, and it can be downloaded and installed to access Apple passwords on the Chrome browser or any Chromium-based browser. Apple plans to release a similar extension for the Microsoft Edge browser in the near future. Google and other browser developers are also working on implementing support for Passkeys, the password alternative that Apple introduced last year.
Firefox

Firefox 115 Released (mozilla.org) 61

Posted by msmash from the moving-forward dept.
williamyf writes: Today, Mozilla released Firefox 115. Changes most visible to users include:

* Hardware video decoding is now enabled for Intel GPUs on Linux..

* Migrating from another browser? Now you can bring over payment methods you've saved in Chrome-based browsers to Firefox.

* The Tab Manager dropdown now features close buttons, so you can close tabs more quickly.

* The Firefox for Android address bar's new search button allows you to easily switch between search engines and search your bookmarks and browsing history.

* We've refreshed and streamlined the user interface for importing data in from other browsers.

* Users without platform support for H264 video decoding can now fallback to Cisco's OpenH264 plugin for playback.

But the most important feature is that this release is the new ESR. Why this is important? y'all ask, well:

* Many a "downstream" project depends on Firefox ESR, for example the famous email client Thunderbird, or KaiOS (a mobile OS very popular in India, SE Asia, Africa and LatAm), so, for better or worse, whatever made it to (or is lacking from) this version of the browser, those projects have to use for the next year.

* Firefox ESR is the default browser of many distros, like Debian and Kali Linux, so, whatever made it to this version will be there for next year, ditto to whatever is lacking.

* If you are on old -- unsupported OSs, like Windows 7, 8-8.1 or MacOS 10.14 (Mojave, the last MacOS with support for 32 Bit Apps), 10.13 or 10.12 you will automatically be migrated to Firefox ESR, so this will be your browser until Sept. 2024.

Slashdot Top Deals