Archive for the ‘browsers’ Category

Microsoft’s plan for Edge: Integrated IE compatibility, better privacy

May 6th, 2019

Microsoft has outlined its plans for the next stage of development for the new Chromium-based Edge browser, and those plans include a trio of new features.

The first is a big nod to enterprise customers: a built-in Internet Explorer mode. Chrome has a number of extensions that accomplish much the same thing—they create a new tab in the browser and use the Internet Explorer 11 engine, rather than the Chrome engine, to draw that tab. For Edge, this capability will be built in.

Enterprises can already create a compatibility list, the Enterprise Mode Site List, which the current Edge browser uses to know which (internal, line-of-business) sites should be shown in Internet Explorer 11. The new Edge will use this same list to determine when to use Internet Explorer.

Read 3 remaining paragraphs | Comments

Posted in browsers, build 2019, chrome, Chromium, EDGE, microsoft, Open Source, Tech | Comments (0)

Ex-YouTube engineer reveals how video site worked to kill off Internet Explorer 6

May 2nd, 2019
Ex-YouTube engineer reveals how video site worked to kill off Internet Explorer 6

(credit: Aurich Lawson)

The year is 2009. YouTube, four years old, has become the Web's leading video site. Though Internet Explorer 6 was far from current—it had been superseded by versions 7 and 8—it nonetheless made up some 18 percent of YouTube's traffic. These were, after all, the dark days of Windows XP; corporations had overwhelmingly stuck with Windows XP in spite of the release of Windows Vista, and Windows 7 was still some months from release. Many organizations still running XP appeared to be wishing for a kind of computational stasis: they wanted to be able to run Windows XP and Internet Explorer 6 forever, unchanging, which would greatly simplify their maintenance and support costs.

But Internet Explorer 6 was nearly eight years old and seriously showing its age. On its release, the browser had a legitimate claim to be the best, fastest, most standards compliant, and most stable mainstream browser around. But those days were long gone. Compared to the alternatives—Firefox 3.5, Internet Explorer 8, and Google's Chrome—it was slow, unstable, and riddled with proprietary, non-standard behaviors. This was causing the team developing YouTube considerable pain, with weeks of extra work each development cycle to ensure that the site still worked correctly in the old browser.

According to former YouTube developer Chris Zacharias, this pain prompted the YouTube team to take renegade action to drive users away from Internet Explorer 6 and onto something newer and better. Though YouTube had been under Google's ownership for about three years, YouTube's engineers were suspicious and wary of being integrated into Google's corporate machine. They had their own special set of permissions named "OldTuber," and anyone with OldTuber permissions could freely modify the YouTube site without going through Google's usual change management process of code reviews, testing, adherence to coding standards, and so on. It was cowboy territory, where developers could do as they liked. Only the risk of breaking things—and hence losing OldTuber permissions, if not their job—kept them on the straight and narrow.

Read 6 remaining paragraphs | Comments

Posted in browsers, chrome, development, google, Internet Explorer, Internet Explorer 6, microsoft, standards, Tech, YouTube | Comments (0)

Hands-on: First public previews of Chromium-based Edge are now out

April 8th, 2019
There's really no difference between how the Ars front page looks in Edge and Chrome.

Enlarge / There's really no difference between how the Ars front page looks in Edge and Chrome.

Microsoft's switch to using the Chromium engine to power its Edge browser was announced in December last year, and the first public preview build is out now. Canary builds, updated daily, and Dev builds, updated weekly, are available for Windows 10. Versions for other operating systems and a beta that's updated every six weeks are promised to be coming soon.

Chromium is the open source browser project run by Google. It includes the Blink rendering engine (Google's fork of Apple's WebKit), V8 JavaScript engine, Google's software-based sandboxing, and the browser user interface. Google builds on Chromium for its Chrome browser, and a number of third-party browsers, including Opera, Vivaldi, and Brave, also use Chromium.

As a result, every Chromium browser offers more or less the same performance and Web compatibility. Indeed, this is a big part of why Microsoft made the switch: the company had grown tired of updating its own EdgeHTML engine to ensure it behaved identically to Chrome and is now offering Chrome-equivalent behavior in the most direct way possible. I've been using a version 74 build (which is a little out of date at this point) for the last week, and I have yet to see any difference between Edge and Chromium Dev when it comes to displaying Web pages. In principle, a page could treat Edge differently (it reports its identity as a rather ugly "Edg/74.1.96.14"; I'm presuming the misspelling is an attempt to ensure it isn't identified as a variation of the current Edge browser), but in general there's little reason to do so.

Read 5 remaining paragraphs | Comments

Posted in browsers, Chromium, development, EDGE, microsoft, Open Source, Tech, the web, Windows | Comments (0)

Edge-on-Chromium approaches; build leaks, extensions page already live

March 25th, 2019

The Edge Insider extension.

The Edge Insider extension. (credit: Microsoft)

Microsoft's first public release of a Chromium-based version of its Edge browser is fast approaching. Microsoft has published an early version of its extension market for the new browser, and the Windows Store includes a new extension for Edge-on-Chromium. On top of all this, a build of the browser has leaked.

The new build confirms much of what we've seen before: the browser is a minimally changed rebranded version of Chrome, replacing integration with Google's accounts with integration with Microsoft's accounts. This integration is still at an early stage; bookmarks can be synced between systems, but history, passwords, open tabs, autocomplete information, and open tabs don't yet sync.

Google has multiple release channels for Chrome; beyond the Stable channel, there's a Beta channel previewing the next release, the Dev channel previewing the release after that, and the Canary channel, which provides nightly builds. Microsoft's new extension for Edge Insider appears to offer easy switching between channels, announcements, known issues, and asking users for focused testing on particular areas.

Read 4 remaining paragraphs | Comments

Posted in browsers, chrome, Chromium, EDGE, google, microsoft, Open Source, Tech, Web, Windows | Comments (0)

A “serious” Windows zeroday is being actively exploited in the wild

March 8th, 2019
As a reminder, here's what the default Start menu looked like in Windows 7.

As a reminder, here's what the default Start menu looked like in Windows 7. (credit: Microsoft)

Google security officials are advising Windows users to ensure they’re using the latest version 10 of the Microsoft operating system to protect themselves against a “serious,” unpatched vulnerability that attackers have been actively exploiting in the wild.

Unidentified attackers have been combining an exploit for the unpatched local privilege escalation in Windows with one for a separate security flaw in the Chrome browser that Google fixed last Friday. While that specific exploit combination won’t be effective against Chrome users who are running the latest browser version, the Windows exploit could still be used against people running older versions of Windows. Google researchers privately reported the vulnerability to Microsoft, in keeping with its vulnerability disclosure policy.

“Today, also in compliance with our policy, we are publicly disclosing its existence, because it is a serious vulnerability in Windows that we know was being actively exploited in targeted attacks,” Clement Lecigne, a member of Google’s Threat Analysis Group, wrote in a blog post published Thursday. “The unpatched Windows vulnerability can still be used to elevate privileges or combined with another browser vulnerability to evade security sandboxes. Microsoft have told us they are working on a fix.”

Read 7 remaining paragraphs | Comments

Posted in Biz & IT, browsers, chrome, exploits zeroday, google, microsoft windows vulnerabilities | Comments (0)

Google turbo-charging the back button with Chrome’s new “back/forward cache”

February 28th, 2019
Now that's some shiny chrome.

Enlarge / Now that's some shiny chrome. (credit: Marc Ellis / Flickr)

Google is developing a new cache for Chrome (via CNET)that should make some page loads extremely fast. The only catch? They'll have to be pages you've already seen and are revisiting after hitting the browser's back button.

Chrome already caches the files that make up a page, so revisiting a page in most circumstances shouldn't force the browser to retrieve the images, JavaScripts, and CSS that are used to build the page. But currently, the browser has to re-parse the HTML and re-build the page's programmatic representation, uncompress the images, re-execute all the JavaScript, reapply all the stylesheets, and so on. It's just the networking step that gets skipped.

The new bfcache (for "back/forward cache") changes that: it lets the browser capture the entire state of a running page—including scripts that are in the middle of execution, the rendered images, and even the scroll position—and reload that state later. With bfcache, rather than having to reload the page from scratch, the page will look as if it was paused when you click a link to a new page and subsequently resumed when you hit back.

Read 4 remaining paragraphs | Comments

Posted in browsers, chrome, Chromium, development, google, Tech | Comments (0)

Microsoft culls secret Flash whitelist after Google points out its insecurity

February 20th, 2019
Microsoft culls secret Flash whitelist after Google points out its insecurity

Enlarge (credit: Aurich Lawson)

In 2017, Microsoft changed its Edge browser so that Flash content would be click-to-run (or disabled outright) on virtually every site on the Web. A handful of sites were to be whitelisted, however, due to a combination of Flash dependence and high popularity.

The whitelist was intended to make it easier to move to a world using HTML5 for rich interactive content and to limit the impact of any future Flash vulnerabilities. At the same time, the list would still allow sites with complex Flash-dependent content to keep on running. If only a few trusted sites can run Flash content by default, it should be much harder for bad actors to take advantage of Flash flaws. A similar approach was adopted by other browsers; Google, for example, whitelisted the top-10 Flash-using sites for one year after switching Chrome to "click-to-run."

But Google figured out how Edge's whitelist worked (via ZDNet) and found that its implementation left something to be desired. The list of 58 sites (56 of which have been identified by Google) including some that were unsurprising; many of the entries are sites with considerable numbers of Flash games, including Facebook. Others seemed more peculiar; a Spanish hair salon, for example, was listed.

Read 2 remaining paragraphs | Comments

Posted in browsers, EDGE, flash, microsoft, Tech, Web | Comments (0)

Opera shows off its smart new redesign that’s just like all the other browsers

February 14th, 2019
Both the new dark view and light view look good.

Enlarge / Both the new dark view and light view look good. (credit: Opera)

Opera has unveiled a new look and feel for its browser. Expected to ship in version 59 and codenamed "Reborn 3" (R3), the new appearance adopts the same square edges and clean lines that we've seen in other browsers, giving the browser a passing similarity to both Firefox and Edge.

The principles of the new design? "We put Web content at center stage," the Opera team writes on its blog. The design is pared down so that you can browse "unhindered by unnecessary distractions." Borders and dividing lines have been removed, flattening out parts of the browser's interface and making them look more uniform and less eye-catching. The new design comes with the requisite dark and light modes, a welcome trend that we're glad to see is being widely adopted.

Being Web-centric is not a bad principle for an application such as a browser, where the bulk of the functionality and interest comes from the pages we're viewing rather than the browser itself. At first blush, I think that Opera has come up with something that looks good, but it does feel like an awfully familiar design rationale.

Read 3 remaining paragraphs | Comments

Posted in browsers, opera, redesign, Tech, Web | Comments (0)

With experimental “Never slow mode,” Chrome tries to stop Web devs making it slow

February 6th, 2019
The word SLOW has been painted on a street for the benefit of drivers.

Enlarge / Google wants less of this. (credit: Vegansoldier / Flickr)

Since Chrome's very first release, performance has been one of Google's top priorities. But Google is against a competing force: Web developers. The Web of today is a more-complex, bandwidth-intensive place than it was when Chrome was first released, which means that—although Internet connections and the browser itself are faster than they've ever been—slow pages remain an everyday occurrence.

Google engineers have been developing "Never Slow Mode" in a bid to counter this. Spotted at Chrome Story (via ZDNet), the new mode places tight limitations on Web content in an effort to make its performance more robust and predictable.

The exact design and rationale of Never Slow Mode aren't public—the changelog for the feature mentions a design document but says it's currently Google-internal. But taken together, that design and rationale will ensure that the browser's main thread never has to do too much work and will never get too delayed. They will also ensure that only limited amounts of data are pulled down over the network. This should make the browser more responsive to user input, lighter on the network, and a bit less of a memory hog than it would otherwise be.

Read 4 remaining paragraphs | Comments

Posted in browsers, chrome, Chromium, google, HTML, Open Source, Tech, Web | Comments (0)

Firefox taking a hard line against noisy video, banning it from autoplaying

February 5th, 2019
No red pandas were harmed in the making of this image, I promise.

Enlarge / No red pandas were harmed in the making of this image, I promise. (credit: Aurich / Getty)

Last year, Chrome introduced changes to try to prevent the persistent nuisance that is pages that automatically play noisy videos. Next month, Firefox will be following suit; Firefox 66, due on March 19, will prevent the automatic playback of any video that contains audio.

Mozilla's plan for Firefox is a great deal simpler, and a great deal stricter, than Chrome's system. In Chrome, Google has a heuristic that tries to distinguish between those sites where autoplaying is generally welcome (Netflix and YouTube, for example) and those where it isn't (those annoying sites that have autoplaying video tucked away in a corner to startle you when it starts making unexpected sounds). Firefox isn't doing anything like that; by default, any site that tries to play video with audio will have that video playback blocked.

Firefox users will be able to grant autoplay audio permission on a site-by-site basis.

Firefox users will be able to grant autoplay audio permission on a site-by-site basis.

Firefox users will be able to override this block on a site-by-site basis, so those sites where autoplay is inoffensive can have it re-enabled. This permission is automatically extended to sites that have previously been granted access to microphones or webcams, so that audio and video communications apps built using WebRTC will work as expected. Firefox will also allow muted video to play back automatically.

Read on Ars Technica | Comments

Posted in browsers, development, Firefox, Open Source, Tech, Web | Comments (0)