Items tagged with browsers
Which do you prefer when browsing the web—raw speed or a combination of security and privacy? Generally speaking, modern browsers deliver the whole kit and caboodle, which is the way it should be. That said, Microsoft is testing a new "Super Duper Secure Mode" for its Edge browser that puts more of an emphasis on the latter. Or to put it another way, an experimental feature in Edge sacrifices a bit of speed to make the browser more secure and to enhance user privacy. It does this by tooling around with the V8 JavaScript engine that motors the Chromium foundation of Edge. Microsoft's reasoning for experimenting in this manner is because "JavaScript engine bugs are a mainstay for attackers."...
Read more...
Coping and pasting content from the web is about to become a whole lot more flexible, courtesy of some new APIs (application programming interfaces) Microsoft and Google are working on for their respective browsers. Once in place, Edge and Chrome users will be able to copy content from a wider range of sources, including .docx. What is at play here are a set of Pickle Clipboard APIs. As things currently stand, Edge and Chrome users are only able to copy content from a limited selection of file types, like .jpg and .png. But that is going to change. As described in a Google Chromium conversation, Pickle Clipboard APIs will expand the copy and paste capability to non-standard web formats. "Pickle...
Read more...
There was a time when a surefire way to get us to roll our eyeballs all the way to the back of our heads was for Microsoft to tout the sheer performance of its Internet Explorer browser, and then later its Edge browser. Not anymore. Microsoft's retooled Edge browser is the real deal. it's also a work in progress, with Microsoft testing a new Performance mode on a pre-release build. As it does with Windows 10, Microsoft maintains Insider channels for its Edge browser, including Beta (the most stable of the test builds, with major updates rolling out every six weeks), Dev (updated on a weekly basis with new features and improvements), and Canary (nightly releases infused with the latest things...
Read more...
If you have not given it a test drive yet, Microsoft's retooled Edge browser is pretty good. As it should be, considering it is based on Chromium, the same underlying platform that power's Google's own Chrome browser. Edge also just got a little bit better, because the public version can now sync tabs, bookmarks, and your browsing history across multiple devices. Microsoft is not exactly blazing a new trail here. Syncing is supported on all the major browsers, including Chrome, Firefox, and Safari. But until now, the ability to sync settings across multiple PCs was absent from Edge, at least to the general public. Insiders testing pre-release builds have had access to the feature for a few months...
Read more...
Have you updated to the latest version of Google's popular Chrome browser yet? You should, because as far Google is concerned, this month's update delivers the biggest performance gain in years, the result of several tweaks and improvements it made underneath the hood of the Chromium-based browser. Google is also touting better battery life on laptops. The update to Chrome version 87 also represents the last Chrome release until next year, Google says. On most PCs, Chrome will eventually get around to automatically updating itself, but if you want to force the issue (or simply check which version you are running), click the three dots in the upper-right corner of the browser and navigate to Help...
Read more...
Microsoft Explains Why Chromium Edge Browser Was Crashing With Google Set As Default Search Provider
Something weird and seemingly fishy was going on with Microsoft's retooled Edge browser, whereby changing the default search engine from Bing to Google was causing it to crash. Was that by nefarious design? The answer is no, even if some people will never believe it. Instead, the culprit turned out to be a change in Google's search service, and not a tweak to Edge. The suspicious issue manifested around a week ago, when Edge users noticed that typing in the browser's address bar would cause it to crash, though only if Google was set as the default search option. At the time, Microsoft offered up a temporary workaround while it investigated the cause, and worked out a fix, which is now available....
Read more...
As far as Mozilla is concerned, its Firefox browser is becoming more secure by being the only one to enable encrypted DNS over HTTPS (DoH) by default for users in the United States. The gradual rollout has already begun and will continue over the new few weeks, so long as no major issues rear their ugly heads. "Today, we know that unencrypted DNS is not only vulnerable to spying but is being exploited, and so we are helping the internet to make the shift to more secure alternatives. We do this by performing DNS lookups in an encrypted HTTPS connection. This helps hide your browsing history from attackers on the network, helps prevent data collection by third parties on the network that ties your...
Read more...
Starting next month, Google will tighten the controls on its Chrome browser by limiting cross-site tracking, and within the next two years, it plans on eliminating third-party cookies from the equation. These and other steps are part of a larger initiative Google is calling "Privacy Sandbox," which entails open standards to enhance user privacy when surfing the web. "Our goal for this open source initiative is to make the web more private and secure for users, while also supporting publishers," Google said. On the surface, getting rid of third-party cookies may seem to go against the latter part of that statement, but Google believes there is a better way of satisfying both users and publishers....
Read more...
Mozilla is pushing out an incremental update to its Firefox browser to mitigate a critical security vulnerability. If left unpatched, the zero day threat could allow an attacker to gain full control of PC. Indeed, Mozilla is aware of malicious actors leveraging the flaw in the wild, so if you use Firefox, it is in your best interest to update right away. "Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw," Mozilla stated in a security document. A type confusion attack consists of accessing data in memory that is supposed be out of bounds. This could lead to a crash, or...
Read more...
Several white hat hackers in China spent the weekend infiltrating some of the top web browsers and other applications, as part of the Tianfu Cup. Similar to Pwn2Own, hackers attempt to exploit various software in ways that have not been discovered before, with prizes and bragging rights on the line (as well as better security for us all). The rules between Tianfu Cup and Pwn2Own are pretty much the same. During the two-day event, hackers racked up points by exposing zero-day vulnerabilities in Microsoft's Edge, Apple's Safari, and Google's Chrome browsers, as well as other applications. Here's how it broke down on the first day of the competition... Microsoft Edge (old version, not Chromium):...
Read more...
Security researchers at Kaspersky have identified a new strain of malware affecting Chrome and Firefox browsers. The researchers say the malware's authors "put a lot of effort" into how it manipulates digital certificates and mucks with outbound TLS traffic, which ultimate compromises encrypted communications. "Analysis of the malware allowed us to confirm that the operators have some control over the target’s network channel and could replace legitimate installers with infected ones on the fly. That places the actor in a very exclusive club, with capabilities that few other actors in the world have," Kaspersky says. The malware allows an attacker to wreak havoc on a victim's PC remotely....
Read more...
Google is putting the final touches on a handful of new features headed to its Chrome browser, and today we get a glimpse of a few of them. For power surfers, the most interesting changes are those that apply to tab management. This is going to be more convenient on both desktop and mobile, with iOS users already having access to a tab grid layout. That same feature will arrive on Android sometime in the "next few weeks." Here is what it looks like on an iPhone running iOS 13 (with the new dark mode in IOS enabled)... You can rearrange tabs, but when it rolls out on Android, users will be able to group them as well. They can do this simply by tapping and dragging a tabbed page onto another within...
Read more...
Google has begun rolling out a new version of its popular Chrome browser for all available platforms, including Windows, Linux, Mac on the desktop, and Android and iOS on mobile. The new Chrome 76 update brings with it some nifty changes. Chief among them is a tougher stance against Adobe's troublesome Flash plugin—it is now blocked by default. Flash is essentially a dead platform and browser plugin walking. Around this time in 2017, Adobe announced that it was putting Flash on life support until 2020, at which point it plans on pulling the plug. The web at large has moved on to HTML5. However, there are still sites and services that use Flash. As such, Google still gives users the option...
Read more...
Not all browser extensions are used for good. It was recently discovered that several Chrome and Firefox browser extensions were stealing data from individual users and corporations. The data included everything from passwords to genetic information. Sam Jadali of securitywithsam.com revealed that the following browser extensions were leaking data: Chrome Extensions Branded Surveys HoverZoom Panel Community Surveys PanelMeasurement SpeakIt! Firefox Extensions SaveFrom.net Helper Chrome and Firefox Extensions FairShare Unlock SuperZoom The extensions affected macOS, Windows, Chrome OS, and Ubuntu operating systems and Chromium-based browsers like Opera and Yandex. The collected...
Read more...
Google is testing an new media control button in its Chrome browser that, when enabled, would allow users to pause and resume playing videos in tabs. As shown in the image above, the button appears in the upper-right side of the browser, next to the URL bar, and is accessible even for videos that are playing in background tabs. The feature is called Global Media Controls (GMC) and is available to test in the Canary build. You can install the Canary version of Chrome without overwriting your main Chrome installation (if you use that browser), as they can coexist without interrupting each other—it is like having a totally separate browser installed. As currently implemented, the play/pause...
Read more...
It is common knowledge that websites like to track your activity through cookies, but might we be giving up a bit too much privacy when surfing the web? The answer may depend on the specific browser you are using. In a recent examination of Google Chrome, a tech expert said he uncovered some startling differences in how Chrome and Mozilla's Firefox browsers treat user privacy. Geoffrey A. Fowler is a technology journalist for The Washington Post. It was there that he posted an opinion piece on why he feels that "Chrome has become surveillance software," and why he made the switch to Firefox. The article sits behind a paywall, but has been reprinted at a few other places (hit the link in the Via...
Read more...
You may have only recently updated your Firefox browser to build 67.0, but guess what? You should mash the update button once gain. The latest version, build 67.0.3, contains a fix for a major security vulnerability that is being actively exploited in the wild, according to Mozilla. Leaving Firefox unpatched is not a good idea. Listed as "CVE-2019-11707: Type confusion in Array.pop," Mozilla considers the vulnerability to be a critical one. It was discovered by a member of Google's Project Zero team and Coinbase Security, and promptly addressed with an update. "A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable...
Read more...
Have you updated your web browser lately? If the answer is "no" and you are running Firefox (or Firefox Quantum, as Mozilla calls it these days), there is a new build available, version 67.0. This is a finalized release and not a beta build, and it brings with it improved performance and some new features, including a cryptocurrency mining blocker. The latter would have been more useful when cryptocurrency mining was booming, but hey, better late than never, right? To Mozilla's credit, the crypto-market is highly volatile, and who knows if we will see another surge in interest. If so, it's nice to know that the latest version of Firefox offers some level of protection against unwittingly mining...
Read more...
Mozilla this week offered an apology to Firefox users over for temporarily breaking add-ons last weekend, and then issuing a temporary fix that collected telemetry data. Simply put, Mozilla admits it "failed" its users. That said, the company says it has a permanent fix in place, and promises to delete usage data that was collected. "An error on our part prevented new add-ons from being installed, and stopped existing add-ons from working. Now that we’ve been able to restore this functionality for the majority of Firefox users, we want to explain a bit about what happened and tell you what comes next," Mozilla stated in a blog post. Mozilla went on to explain that it wanted to push out...
Read more...
I used to think that a toaster would be the final frontier for RGB lighting, but apparently Razer has that covered, or at least it is planning to. So what else does that leave? I'm not sure, maybe washing machines and dryers are on the radar. In the meantime, companies are coming up with new ways of leveraging RGB lights, with Vivaldi baking in support for Razer's Chroma lighting into the latest version of its web browser. In case you've never heard of it, Vivaldi is a cross-platform browser developed by a company founded by Opera Software co-founder Jon Stephenson von Tetzchner and Tatsuki Tomita. The idea was to re-introduce a bunch of features that had been axed during Opera's transition to...
Read more...
In an ongoing effort to stay one step ahead of the bad guys (or at least keep pace with them), Google has decided to block sign-ins from embedded browser frameworks, such as the Chromium Embedded Framework (CEF). The new policy will go into effect in June, so developers have a couple of months to adjust. This is intended as yet another layer of protection to keep users safe from phishing attempts, malware, and so forth. In this particular instance, blocking sign-ins from embedded browser frameworks is intended to protect against man-in-the-middle (MITM) attacks, which is basically when an attacker is able to eavesdrop communication between two parties. Enabling two-factor authentication can help,...
Read more...
At a cursory glance, it may seem like cryptocurrency mining is firmly in the rear view mirror, along with all of the unwanted side effects (GPU shortages, browser hijacking, and so forth), but not so fast. Bitcoin and other virtual currencies have seen a sharp rise in recent weeks. Does that mean we have to worry about sneaky web code using our browsers to mine cryptocurrencies? That remains to be seen, though to prevent that sort of thing, Mozilla is making some changes to Firefox. Mozilla stated in a blog post that it has added a feature to block fingerprinting and cryptomining in Firefox Nightly, as an option for users to turn on. Firefox Nightly is a pre-release version of Firefox that gets...
Read more...
