Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Security

Chrome 43 Should Help Batten Down HTTPS Sites 69

Posted by timothy
from the yes-yes-we-know dept.
River Tam writes The next version of Chrome, Chrome 43, promises to take out some of the work website owners — such as news publishers — would have to do if they were to enable HTTPS. The feature might be helpful for publishers migrating legacy HTTP web content to HTTPS when that old content can't or is difficult to be modified. The issue crops up when a new HTTPS page includes a resource, like an image, from an HTTP URL. That insecure resource will cause Chrome to flag an 'mixed-content warning' in the form of a yellow triangle over the padlock.
Google

Google To Propose QUIC As IETF Standard 83

Posted by timothy
from the ok-now-do-it-this-way dept.
As reported by TechCrunch, "Google says it plans to propose HTTP2-over-QUIC to the IETF as a new Internet standard in the future," having disclosed a few days ago that about half of the traffic from Chrome browsers is using QUIC already. From the article: The name "QUIC" stands for Quick UDP Internet Connection. UDP's (and QUIC's) counterpart in the protocol world is basically TCP (which in combination with the Internet Protocol (IP) makes up the core communication language of the Internet). UDP is significantly more lightweight than TCP, but in return, it features far fewer error correction services than TCP. ... That's why UDP is great for gaming services. For these services, you want low overhead to reduce latency and if the server didn't receive your latest mouse movement, there's no need to spend a second or two to fix that because the action has already moved on. You wouldn't want to use it to request a website, though, because you couldn't guarantee that all the data would make it. With QUIC, Google aims to combine some of the best features of UDP and TCP with modern security tools.
Chrome

Chrome 42 Launches With Push Notifications 198

Posted by Soulskill
from the douglas-adams-edition dept.
An anonymous reader writes: Google today launched Chrome 42 for Windows, Mac, and Linux with new developer tools. Chrome 42 offers two new APIs (Push API and Notifications API) that together allow sites to send notifications to their users even after the given page is closed. While this can be quite an intrusive feature for a browser, Google promises the users have to first grant explicit permission before they receive such a message.
Google

Google Is Too Slow At Clearing Junkware From the Chrome Extension Store 45

Posted by timothy
from the imperfect-world dept.
Mark Wilson writes Malware is something computer users — and even mobile and tablet owners — are now more aware of than ever. That said, many people do not give a second thought to installing a browser extension to add new features to their most frequently used application. Despite the increased awareness, malware is not something a lot of web users think of in relation to extensions; but they should.

Since the beginning of 2015 — just over three months — Google has already received over 100,000 complaints from Chrome users about 'ad injectors' hidden in extensions. Security researchers have also discovered that a popular extension — Webpage Screenshot — includes code that could be used to send browsing history back to a remote server. Google is taking steps to clean up the extension store to try to prevent things like this happening, but security still needs to be tightened up.
Android

Visual Studio 2015 Can Target Linux; Android Apps Anywhere Chrome Can Run 96

Posted by timothy
from the then-you-win-maybe dept.
jones_supa writes Phoronix has noticed that the Visual Studio 2015 product page mentions that the new IDE can target Linux out of the box. Specifically the page says "Build for iOS, Android, Windows devices, Windows Server or Linux". What this actually means is not completely certain at this point, but it certainly laces nicely with the company opening up the .NET Framework. And speaking of cross-platform software: new submitter mccrew writes Google has released a tool that lets Android apps run on any machine that can run its Chrome browser. Called Arc Welder, the tool acts as a wrapper around Android apps so they can run on Windows, OS X and Linux machines. The software expands the places that Android apps can run and might make it easier for developers to get code working on different machines.
China

Chinese Certificate Authority CNNIC Is Dropped From Google Products 176

Posted by timothy
from the reject-your-reality-and-substitute-our-own dept.
eldavojohn writes A couple weeks ago, Google contacted the CNNIC (China's CA) to alert them of a problem regarding the delegated power of issuing fraudulent certificates for domains (in fact this came to light after fraudulent certificates were issued for Google's domains). Following this, Google decided to remove the CNNIC Root and EV CA as trusted CAs in its Chrome browser and all Google products. Today, the CNNIC responded to Google: "1. The decision that Google has made is unacceptable and unintelligible to CNNIC, and meanwhile CNNIC sincerely urge that Google would take users' rights and interests into full consideration. 2. For the users that CNNIC has already issued the certificates to, we guarantee that your lawful rights and interests will not be affected." Mozilla is waiting to formulate a plan.
Google

Google Unveils the Chromebit: an HDMI Chromebook Dongle 50

Posted by Soulskill
from the still-waiting-on-hardware-called-chromedome dept.
An anonymous reader writes: Today Google unveiled a new device: the Chromebit. It's a small compute stick that contains the Rockchip 3288 processor, 2GB RAM, and 16GB of storage — much like a low-end Chromebook. It connects to a TV or monitor through an HDMI port. (It also has a USB port for power and plugging in peripherals.) Google says the Chromebit is their solution for turning any display into a computer, and it will cost under $100. Google also announced a couple of new Chromebooks as well. Haier and Hisense models will cost $150, and an ASUS model with a rotating display will cost $250.
Education

No Film At 11: the Case For the Less-Video-Is-More MOOC 87

Posted by Soulskill
from the better-learning-through-animated-GIFs dept.
theodp writes: In Why My MOOC is Not Built on Video, GWU's Lorena Barba explains why the Practical Numerical Methods with Python course she and colleagues put together has but one video: "Why didn't we have more video? The short answer is budget and time: making good-quality videos is expensive & making simple yet effective educational videos is time consuming, if not necessarily costly. #NumericalMOOC was created on-the-fly, with little budget. But here's my point: expensive, high-production-value videos are not necessary to achieve a quality learning experience." When the cost of producing an MOOC can exceed $100,000 per course, Barba suggests educators pay heed to Donald Bligh's 1971 observation that "dazzling presentations do not necessarily result in learning." So what would Barba do? "We designed the central learning experience [of #NumericalMOOC] around a set of IPython Notebooks," she explains, "and meaningful yet achievable mini-projects for students. I guarantee learning results to any student that fully engages with these!"
Chrome

Chrome OS Receives Extreme Makeover With Material Design and Google Now 112

Posted by samzenpus
from the latest-and-greatest dept.
MojoKid writes Late last week, Google quietly began inviting people to opt into the beta channel for ChromeOS to help the company "shape the future" of the OS. Some betas can be riskier than others, but Google says that opting into this one is just a "little risk", one that will pay off handsomely for those who crave new features. New in this version is Chrome Launcher 2.0, which gives you quick access to a number of common features, including the apps you use most often (examples are Hangouts, Calculator, and Files). Some apps have also received a fresh coat of paint, such as the file manager. Google notes that this is just the start, so there will be more updates rolling out to the beta OS as time goes on. Other key features available in this beta include the ability to extract pass protected Zip archives, as well as a perk for travelers. ChromeOS will now automatically detect your new timezone, and then update the time and date accordingly.
Classic Games (Games)

SuperMario 64 Coming To a Browser Near You! 97

Posted by samzenpus
from the play-time dept.
Billly Gates writes Since Unity has been given a liberal license and free for non commercial developers it has become popular. A computer science student Erik Roystan Ross used the tool to remake SuperMario 64 with a modern Unity 5 engine. There is a video here and if you want to play the link is here. You will need Firefox or Chrome which has HTML 5 for gamepad support if you do not want to use the keyboard. "I currently do not have any plans to develop this any further or to resolve any bugs, unless they're horrendously game-breaking and horrendously simple to fix," says Ross.
Internet Explorer

New Screenshots Detail Spartan Web Browser For Windows 10 Smartphones 62

Posted by timothy
from the evolution-continues dept.
MojoKid writes One of the most anticipated new features in Windows 10 is the Spartan web browser, which will replace the long-serving Internet Explorer. We've seen Spartan in action on the desktop/notebook front, but we're now getting a closer look at Spartan in action on the mobile side thanks to some newly leaked screenshots. Perhaps the biggest change with Spartan is the repositioning of the address bar from the bottom of the screen to the top (which is also in line with other mobile browsers like Safari and Chrome). The refresh button has also been moved from its right-hand position within the address bar to a new location to the left of the address bar. Reading Lists also make an appearance in this latest build of Spartan along with Microsoft's implementation of "Hubs" on Windows 10 for mobile devices.
Google

Google Quietly Launches Data Saver Extension For Chrome 39

Posted by timothy
from the keeping-track-of-things dept.
An anonymous reader writes Google has quietly released a Data Saver extension for Chrome, bringing the company's data compression feature to the desktop for the first time. You can download the extension, currently in beta, from the Chrome Web Store. We say "quietly" because there doesn't seem to be an announcement from Google. The extension was published on March 23 and appears to work exactly as advertised on the tin, based on what we've seen in our early tests.
Security

Chinese CA Issues Certificates To Impersonate Google 139

Posted by Soulskill
from the doing-trust-wrong dept.
Trailrunner7 writes: Google security engineers, investigating fraudulent certificates issued for several of the company's domains, discovered that a Chinese certificate authority was using an intermediate CA, MCS Holdings, that issued the unauthorized Google certificates, and could have issued certificates for virtually any domain. Google's engineers were able to block the fraudulent certificates in the company's Chrome browser by pushing an update to the CRLset, which tracks revoked certificates. The company also alerted other browser vendors to the problem, which was discovered on March 20. Google contacted officials at CNNIC, the Chinese registrar who authorized the intermediate CA, and the officials said that they were working with MCS to issue certificates for domains that it registered. But, instead of simply doing that, and storing the private key for the registrar in a hardware security module, MCS put the key in a proxy device designed to intercept secure traffic.
Bug

OS X Users: 13 Characters of Assyrian Can Crash Your Chrome Tab 119

Posted by timothy
from the cat-like-typing-detected dept.
abhishekmdb writes No browsers are safe, as proved yesterday at Pwn2Own, but crashing one of them with just one line of special code is slightly different. A developer has discovered a hack in Google Chrome which can crash the Chrome tab on a Mac PC. The code is a 13-character special string which appears to be written in Assyrian script. Matt C has reported the bug to Google, who have marked the report as duplicate. This means that Google are aware of the problem and are reportedly working on it.
Chrome

Every Browser Hacked At Pwn2own 2015, HP Pays Out $557,500 In Awards 237

Posted by Soulskill
from the another-four-bite-the-dust dept.
darthcamaro writes: Every year, browser vendors patch their browsers ahead of the annual HP Pwn2own browser hacking competition in a bid to prevent exploitation. The sad truth is that it's never enough. This year, security researchers were able to exploit fully patched versions of Mozilla Firefox, Google Chrome, Microsoft Internet Explorer 11 and Apple Safari in record time. For their efforts, HP awarded researchers $557,500. Is it reasonable to expect browser makers to hold their own in an arms race against exploits? "Every year, we run the competition, the browsers get stronger, but attackers react to changes in defenses by taking different, and sometimes unexpected, approaches," Brian Gorenc manager of vulnerability research for HP Security Research said.
Firefox

Analysis: People Who Use Firefox Or Chrome Make Better Employees 127

Posted by Soulskill
from the also-handsomer-and-better-at-darts dept.
HughPickens.com writes: In the world of Big Data, everything means something. Now Joe Pinsker reports that Cornerstone OnDemand, a company that sells software that helps employers recruit and retain workers, has found after analyzing data on about 50,000 people who took its 45-minute online job assessment, that people who took the test on a non-default browser, such as Firefox or Chrome, ended up staying at their jobs about 15 percent longer than those who stuck with Safari or Internet Explorer. They also tended to perform better on the job as well. Chief Analytics Officer Michael Housman offered an explanation for the results in an interview with Freakonomics Radio: "I think that the fact that you took the time to install Firefox on your computer shows us something about you. It shows that you're someone who is an informed consumer," says Housman. "You've made an active choice to do something that wasn't default." But why would a company care about something as seemingly trivial as the browser a candidate chooses to use? "Call centers are estimated to suffer from a turnover rate of about 45 percent annually (PDF), and it can cost thousands of dollars to hire new employees," says Pinsker. "Because of that, companies are eager to find any proxy for talent and dedication that they can."
Chrome

Google's Pricey Pixel Gets USB-C and a Lower Price 139

Posted by timothy
from the dang-I-say-dang dept.
The Register reports that Google's high-end Chromebook Pixel has gotten a few spec bumps, and a lower price. It's still a touchscreen with a resolution of 2,560 × 1,700, but now that screen is backed by 8GB RAM (rather than 4) as a base configuration, and the system is equipped with a Broadwell Core i5 chip, rather than the Ivy Bridge in the first rev. The price has dropped, too; it may still be the most expensive Chromebook, but now it's "only" $999 on the low end, which is $300 less than the first Pixels cost. ($1300, though, gets an i7, 64 gigs of SSD instead of 32, and 8GB of RAM. Perhaps most interesting is that it adds USB type C, and (topping Apple's latest entry) it's got two of them.
Google

TSYNC Not a Hard Requirement For Google Chrome After All 46

Posted by timothy
from the what-we-meant-was dept.
An anonymous reader writes A few days ago it appeared that Google began requiring new versions of the Linux kernel for the Chrome/Chromium web browser. To some people, such requirement smelled funny, and it turns out that those people had the right hunch. Google does not intend for there to be a hard requirement on the latest versions of the Linux kernel that expose SECCOMP_FILTER_FLAG_TSYNC, but instead many users are hitting an issue around it. A Chromium developer commented on the related bug: "Updating the title so that people who have been mislead into thinking non-TSYNC kernels were deprecated immediately understand that there is simply 'some unknown bug' hitting some users." Of course, a user having the TSYNC feature in his kernel will still get a security benefit.
Graphics

Google Introduces Freon, a Replacement For X11 On Chrome OS 166

Posted by timothy
from the low-level-churn-at-a-high-level dept.
An anonymous reader writes With this week's release of Chrome OS M41, there is the new Freon graphics stack to replace X11 on some platforms. Freon is a very limited graphics stack to replace Chrome OS usage of X11/X.Org by having the Chrome browser communicate directly with the Linux kernel's KMS/DRM API and OpenGL ES interfaces for drawing. This design is much simpler and yields various power and performance improvements though it's not based on Wayland nor Mir (though Chrome plans to support these display server models).
Bug

Google Chrome Requires TSYNC Support Under Linux 338

Posted by timothy
from the what-you-gotta-do dept.
An anonymous reader writes Google's Chrome/Chromium web browser does not support slightly older versions of the Linux kernel anymore. Linux 3.17 is now the minimum requirement. According to a thread on the Debian mailing list, a kernel feature called TSYNC is what makes the difference. When a backported patch for the Debian 8 kernel was requested, there were hostile replies about not wanting to support "Google spyware."