MojoKid writes Late last week, Google quietly began inviting people to opt into the beta channel for ChromeOS to help the company “shape the future” of the OS. Some betas can be riskier than others, but Google says that opting into this one is just a “little risk”, one that will pay off handsomely for those who crave new features. New in this version is Chrome Launcher 2.0, which gives you quick access to a number of common features, including the apps you use most often (examples are Hangouts, Calculator, and Files). Some apps have also received a fresh coat of paint, such as the file manager. Google notes that this is just the start, so there will be more updates rolling out to the beta OS as time goes on. Other key features available in this beta include the ability to extract pass protected Zip archives, as well as a perk for travelers. ChromeOS will now automatically detect your new timezone, and then update the time and date accordingly.

Read more of this story at Slashdot.

darthcamaro writes: Every year, browser vendors patch their browsers ahead of the annual HP Pwn2own browser hacking competition in a bid to prevent exploitation. The sad truth is that it’s never enough. This year, security researchers were able to exploit fully patched versions of Mozilla Firefox, Google Chrome, Microsoft Internet Explorer 11 and Apple Safari in record time. For their efforts, HP awarded researchers $557,500. Is it reasonable to expect browser makers to hold their own in an arms race against exploits? “Every year, we run the competition, the browsers get stronger, but attackers react to changes in defenses by taking different, and sometimes unexpected, approaches,” Brian Gorenc manager of vulnerability research for HP Security Research said.

Read more of this story at Slashdot.

The Register reports that Google’s high-end Chromebook Pixel has gotten a few spec bumps, and a lower price. It’s still a touchscreen with a resolution of 2,560 × 1,700, but now that screen is backed by 8GB RAM (rather than 4) as a base configuration, and the system is equipped with a Broadwell Core i5 chip, rather than the Ivy Bridge in the first rev. The price has dropped, too; it may still be the most expensive Chromebook, but now it’s “only” $999 on the low end, which is $300 less than the first Pixels cost. ($1300, though, gets an i7, 64 gigs of SSD instead of 32, and 8GB of RAM. Perhaps most interesting is that it adds USB type C, and (topping Apple’s latest entry) it’s got two of them.

Read more of this story at Slashdot.

An anonymous reader writes The next version of Firefox will roll out a ‘pushed’ blocklist of revoked intermediate security certificates, in an effort to avoid using ‘live’ Online Certificate Status Protocol (OCSP) checks. The ‘OneCRL’ feature is similar to Google Chrome’s CRLSet, but like that older offering, is limited to intermediate certificates, due to size restrictions in the browser. OneCRL will permit non-live verification on EV certificates, trading off currency for speed. Chrome pushes its trawled list of CA revocations every few hours, and Firefox seems set to follow that method and frequency. Both Firefox and Chrome developers admit that OCSP stapling would be the better solution, but it is currently only supported in 9% of TLS certificates.

Read more of this story at Slashdot.

An anonymous reader writes: One of the most powerful features of modern browsers is the ability to install third-party extensions. They allow third-party developers to work on really useful niche functionality, and let users customize their browser with the tools they need. Unfortunately, this environment has the same discover-ability and security problems as standalone software. Thus, my question: what are your most useful (and safe) browser extensions? I can’t live without some privacy basics like NoScript, AdBlock, and Ghostery. I also find FoxyProxy helpful for getting around geolocation requirements for media streaming. OneTab works pretty well for saving groups of browser tabs, and Pushbullet keeps getting better at managing my phone while I’m at my PC.

Read more of this story at Slashdot.




An anonymous reader writes: Google today announced it will add HTTP/2, the second major version of Hypertext Transfer Protocol (HTTP), to Google Chrome. The company plans to gradually roll out support to the latest version of its browser, Chrome 40, “in the upcoming weeks.” At the same time, Google says it will remove support for SPDY in early 2016. SPDY, which is not an acronym but just a short version for the word “speedy,” is a protocol developed primarily at Google to improve browsing by forcing SSL encryption for all sites and speeding up page loads. Chrome will also lose support for the TLS extension NPN in favor of ALPN.

Read more of this story at Slashdot.




jones_supa writes The lack of a vertical tab strip (or “Tree Style Tab” as the Firefox extension is called) has been under a lot of discussion under Chrome/Chromium bug tracker. Some years ago, vertical tabs existed as an experimental feature enabled with a “secret” command line parameter, but that feature was eventually removed from the browser. Since then, Google has been rather quiet about whether such feature is still on the roadmap. Now, a Google engineer casts some light on the issue. He says that a tree-style interface for tabs would be overly complex as a native implementation, but Google would back the idea of improving the extensions interface to support a sidebar-like surface to render the tab UI on, if someone from the open source community would step forward to do the work to drive the feature to completion.

Read more of this story at Slashdot.




According to The Next Web, Emoji support has landed in the latest developer builds of Chrome for OS X, meaning that emoji can be seen on websites and be entered into text fields for the first time without issues. … Users on Safari on OS X could already see emoji on the Web without issue, since Apple built that in. The bug in Chrome was fixed on December 11, which went into testing on Chrome’s Canary track recently. From there, we can expect it to move to the consumer version of Chrome in coming weeks.

Read more of this story at Slashdot.




An anonymous reader writes Google today provided an update on its plan to remove Netscape Plugin Application Programming Interface (NPAPI) from Chrome, which the company says will improve the browser’s security, speed, and stability, as well as reduce complexity in the code base. In short, the latest timeline is as follows: Block all plugins by default in January 2015, disable support in April 2015, and remove support completely in September 2015. For context, Google first announced in September 2013 that it was planning to drop NPAPI. At the time, Google said anonymous Chrome usage data showed just six NPAPI plugins were used by more than 5 percent of users, and the company was hoping to remove support from Chrome “before the end of 2014, but the exact timing will depend on usage and user feedback.”

Read more of this story at Slashdot.




An anonymous reader writes “Google today released Chrome 39 for Windows, Mac, and Linux. The biggest addition in this release is 64-bit support for OS X, which first arrived in Chrome 38 beta. Unlike on Windows, where 32-bit and 64-bit versions will both continue to be available (users currently have to opt-in to use the 64-bit release), Chrome for Mac is now only available in 64-bit. There are also a number of security fixes and developer features. Here’s the full changelog.

Read more of this story at Slashdot.




An anonymous reader writes Chrome OS is based on the Linux kernel and designed by Google to work with web applications and installed applications. Chromebook is one of the best selling laptops on Amazon. However, devs decided to drop support for ext2/3/4 on external drivers and SD card. It seems that ChromiumOS developers can’t implement a script or feature to relabel EXT volumes in the left nav that is insertable and has RW privileges using Files.app. Given that this is the main filesystem in Linux, and is thereby automatically well supported by anything that leverages Linux, this choice makes absolutely no sense. Google may want to drop support for external storage and push the cloud storage on everyone. Overall Linux users and community members are not happy at all.

Read more of this story at Slashdot.




An anonymous reader writes: In addition to updating Chrome for iOS, Google has released Chrome 38 for Windows, Mac, and Linux. While Chrome 38 beta brought a slew of new features, the stable release is pretty much just a massive security update. This means that, with Chrome 38, Google isn’t adding any features to the stable channel (full changelog). That said, Chrome 38 does address 159 security issues (including 113 “relatively minor ones”). Google spent $75,633.70 in bug bounties for this release.

Read more of this story at Slashdot.


darthcamaro (735685) writes “Forget about HTML5, that’s already passe — Google is already moving on to HTML5.1 support for the upcoming Chrome 38 release. Currently only a beta, one of the biggest things that web developers will notice is the use of the new “picture” tag which is a container for multiple image sizes/formats. Bottom line is it’s a new way to think about the “IMG” tag that has existed since the first HTML spec.”

Read more of this story at Slashdot.




Gamoid writes At VMworld today, VMware introduced the Workplace Suite, a platform for securely delivering applications and content across desktops and mobile devices from the cloud. The really cool part, though, is a partnership with Google and NVIDIA to deliver even graphics-intensive Windows applications on a Chromebook. From the article: “The new VMware Workplace Suite takes advantage of three existing VMware products: Tools for application, device, and content management as well as secure cloud file storage that comes from the January acquisition of enterprise mobile management company AirWatch; VMware Horizon for desktop-as-a-service; and brand-new acquisition CloudVolumes for app delivery. “

Read more of this story at Slashdot.




New submitter nrjperera (2669521) submits news of a new laptop from HP that’s in Chromebook (or, a few years ago, “netbook”) territory, price-wise, but loaded with Windows 8.1 instead. Microsoft has teamed up with HP to make an affordable Windows laptop to beat Google Chromebooks at their own game. German website Mobile Geeks have found some leaked information about this upcoming HP laptop dubbed Stream 14, including its specifications. According to the leaked data sheet the HP Stream 14 laptop will share similar specs to HP’s cheap Chromebook. It will be shipped with an AMD A4 Micro processor, 2GB of RAM, 32GB of flash storage and a display with 1,366 x 768 screen resolution. Microsoft will likely offer 100GB of OneDrive cloud storage with the device to balance the limited storage option.

Read more of this story at Slashdot.




An anonymous reader writes “Google is toying with a complete revamp of the user account system in its browser. Google is essentially pulling the user management system from Chrome OS back into Chrome. The company’s thinking is likely two-layered. First, it wants users to stay in the browser for as long as possible, and thus it wants the switching process to be part of Chrome as opposed to Windows, Mac, or Linux. Second, if it can teach users to have accounts in Chrome (as well as use incognito and guest modes), the learning curve will have been flattened for when they encounter Chrome OS.”

Read more of this story at Slashdot.




An anonymous reader writes “Beginning with the Chrome 38 Beta it’s now possible to watch Netflix without any Wine/Silverlight plug-ins but will work natively using Chrome’s DRM-HTML5 video capabilities with Netflix. The steps just involve using the latest beta of Chrome and an HTTP user-agent switcher to tell Netflix you’re a Windows Chrome user, due to Netflix arbitrarily blocking the Linux build.”

Read more of this story at Slashdot.




Nexus Unplugged (2495076) writes ‘On their security blog today, Google announced a new Chrome extension called “End-To-End” intended to make browser-based encryption of messages easier for users. The extension, which was rumored to be “underway” a couple months ago, is currently in an “alpha” version and is not yet available pre-packaged or in the Chrome Web Store. It utilizes a Javascript implementation of OpenPGP, meaning that your private keys are never sent to Google. However, if you’d like to use the extension on multiple machines, its keyring is saved in localStorage, which can be encrypted with a passphrase before being synced. The extension still qualifies for Google’s Vulnerability Reward Program, and joins a host of PGP-related extensions already available for Chrome.’ Google also published a report showing how much email is encrypted in transit between Gmail addresses and those from other providers.

Read more of this story at Slashdot.




An anonymous reader writes “Google has begun blocking local Chrome extensions to protect Windows users. This means that as of today, extensions can be installed in Chrome for Windows only if they’re hosted on the Chrome Web Store. Furthermore, Google says extensions that were previously installed ‘may be automatically disabled and cannot be re-enabled or re-installed until they’re hosted in the Chrome Web Store.’ The company didn’t specify what exactly qualifies the “may” clause, though we expect it may make exceptions for certain popular extensions for a limited time. Google is asking developers to reach out to it if they run into problems or if they ‘think an extension was disabled incorrectly.’”

Read more of this story at Slashdot.




An anonymous reader writes “Google today released Chrome version 35 for Windows, Mac, Linux, and Android. The new version is mainly for developers, especially those building Web content and apps for mobile devices – this release doesn’t appear to have any new features targeted at the end user. “

Read more of this story at Slashdot.