Chrome

Auto Added by WPeMatico

Millions of Chrome Users Have Installed Malware Posing as Ad Blockers

Millions of Chrome Users Have Installed Malware Posing as Ad Blockers

Kaleigh Rogers, writing for Motherboard: Andrey Meshkov, the cofounder of ad-blocker AdGuard, recently got curious about the number of knock-off ad blocking extensions available for Google’s popular browser Chrome. These extensions were deliberately styled to look like legitimate, well-known ad blockers, but Meshkov wondered why they existed at all, so he downloaded one and took a look at the code. “Basically I downloaded it and checked what requests the extension was making,” Meshkov told me over the phone. “Some strange requests caught my attention.” Meshkov discovered that the AdRemover extension for Chrome — which had over 10 million users — had code hidden inside an image that was loaded from the remote command server, giving the extension creator the ability to change its functions without updating. This alone is against Google’s policy, and after Meshkov wrote about a few examples on AdGuard’s blog, many of which had millions of downloads, Chrome removed the extensions from the store. I reached out to Google, and a spokesperson confirmed that these extensions had been removed.

Read more of this story at Slashdot.

Go to Source

Posted by amiller in Blog, Chrome
Google Chrome To Boost User Privacy by Improving Cookies Handling Procedure

Google Chrome To Boost User Privacy by Improving Cookies Handling Procedure

Catalin Cimpanu, writing for BleepingComputer: Google engineers plan to improve user privacy and security by putting a short lifespan on cookies delivered via HTTP connections. Google hopes that the move will force website developers and advertisers to send cookies via HTTPS, which “provides significant confidentiality protections against [pervasive monitoring] attacks.” Sending cookies via plaintext HTTP is considered both a user privacy and security risk, as these cookies could be intercepted and even modified by an attacker. Banning the sending of cookies via HTTP is not yet an option, so Chrome engineers hope that by limiting a cookie’s lifespan, they would prevent huge troves of user data from gathering inside cookies, or advertisers using the same cookie to track users across different sites.

Read more of this story at Slashdot.

Go to Source

Posted by amiller in Blog, Chrome
Biometric and App Logins Will Soon Be Pushed Across the Web

Biometric and App Logins Will Soon Be Pushed Across the Web

Soon, it will be much easier to log into more websites using a hardware key plugged into your laptop, a dedicated app, or even the fingerprint scanner on your phone. Motherboard: On Tuesday, a spread of organizations and businesses, including top browser vendors such as Microsoft and Google, announced a new standards milestone that will streamline the process for web developers to add extra login methods to their sites, potentially keeping consumers’ accounts and data more secure. “For users, this will be a natural transition. People everywhere are already using their fingers and faces to ‘unlock’ their mobile phones and PCs, so this will be natural to them — and more convenient,” Brett McDowell, executive director at the FIDO Alliance, one of the organizations involved in setting up the standard, told Motherboard in an email. “What they use today to ‘unlock’ will soon allow them to ‘login’ to all their favorite websites and a growing number of native apps that already includes Bank of America, PayPal, eBay and Aetna,” he added. Passwords continue to be one of the weaker points in online security. A hacker may phish a target’s password and log into their account, or take passwords from one data breach and use them to break into accounts on another site. The login standard, called Web Authentication (WebAuthn), will let potentially any website or online service use apps, security keys, or biometrics as a login method instead of a password, or use those alternative approaches as a second method of verification. The key here is making it easy and open for developers to use, and for it to work across all different brands of browsers. The functionality is already available in Mozilla’s Firefox, and will be rolled out to Microsoft’s Edge and Google Chrome in the new few months. Opera has committed to supporting WebAuthn as well.

Read more of this story at Slashdot.

Go to Source

Posted by amiller in Blog, Chrome
Chrome Is Scanning Files on Your Computer, and People Are Freaking Out

Chrome Is Scanning Files on Your Computer, and People Are Freaking Out

Some cybersecurity experts and regular users were surprised to learn about a Chrome tool that scans Windows computers for malware. But there’s no reason to freak out about it. From a report: Last year, Google announced some upgrades to Chrome, by far the world’s most used browser — and the one security pros often recommend. The company promised to make internet surfing on Windows computers even “cleaner” and “safer” adding what The Verge called “basic antivirus features.” What Google did was improve something called Chrome Cleanup Tool for Windows users, using software from cybersecurity and antivirus company ESET. […] Last week, Kelly Shortridge, who works at cybersecurity startup SecurityScorecard, noticed that Chrome was scanning files in the Documents folder of her Windows computer. “In the current climate, it really shocked me that Google would so quietly roll out this feature without publicizing more detailed supporting documentation — even just to preemptively ease speculation,” Shortridge told me in an online chat. “Their intentions are clearly security-minded, but the lack of explicit consent and transparency seems to violate their own criteria of âuser-friendly software’ that informs the policy for Chrome Cleanup [Tool].” Her tweet got a lot of attention and caused other people in the infosec community — as well as average users such as me — to scratch their heads.

Read more of this story at Slashdot.

Go to Source

Posted by amiller in Blog, Chrome
Google Bans Chrome Extensions That Mine Cryptocurrencies From the Web Store

Google Bans Chrome Extensions That Mine Cryptocurrencies From the Web Store

An anonymous reader writes: Google announced that effective today, the Chrome Web Store review staff would stop accepting new extensions on the Web Store that perform cryptocurrency mining. Existing Chrome extensions that perform cryptocurrency mining will be delisted sometime in late June. The decision came after Google saw a rise in extensions that performed hidden in-browser mining (cryptojacking) behind the users’ backs, in background processes. Even if Google has not said it outright, the company has taken this step to protect Chrome’s image. Cryptojacking scripts have a huge impact on a computer’s responsiveness, and when most users investigate, they see Chrome’s processes hogging CPU resources. Very few of these users will be able to track the spike in CPU usage back to an extension. Google has worked incredibly hard to create the image that Chrome is today’s fastest browser, and the company isn’t going to stand by and watch some extension developers ruin Chrome’s brand so that some devs can make a few Monero on the side.

Read more of this story at Slashdot.

Go to Source

Posted by amiller in Blog, Chrome
Chrome 65 Arrives With Material Design Extensions Page, New Developer Features

Chrome 65 Arrives With Material Design Extensions Page, New Developer Features

An anonymous reader quotes a report from VentureBeat: Google today launched Chrome 65 for Windows, Mac, Linux, and Android. Additions in this release include Material Design changes and new developer features. You can update to the latest version now using the browser’s built-in silent updater or download it directly from google.com/chrome. Chrome 65 comes with a few visual changes. The most obvious is related to Google’s Material Design mantra. The extensions page has been completely revamped to follow it. Next up, Chrome 65 replaces the Email Page Location link in Chrome for Mac’s File menu with a Share submenu. As you might expect, Mac users can use this submenu to share the URL of a current tab via installed macOS Share Extensions. Speaking of Macs, Chrome 65 is also the last release for OS X 10.9 users. Chrome 66 will require OS X 10.10 or later. Moving on to developer features, Chrome 65 includes the CSS Paint API, which allows developers to programmatically generate an image, and the Server Timing API, which allows web servers to provide performance timing information via HTTP headers.

Read more of this story at Slashdot.

Go to Source

Posted by amiller in Blog, Chrome
Chrome On Windows Ditches Microsoft's Compiler, Now Uses Clang

Chrome On Windows Ditches Microsoft's Compiler, Now Uses Clang

An anonymous reader quotes a report from Ars Technica: Google’s Chrome browser is now built using the Clang compiler on Windows. Previously built using the Microsoft C++ compiler, Google is now using the same compiler for Windows, macOS, Linux, and Android, and the switch makes Chrome arguably the first major software project to use Clang on Windows. Chrome on macOS and Linux has long been built using the Clang compiler and the LLVM toolchain. The open-source compiler is the compiler of choice on macOS, making it the natural option there, and it’s also a first-class choice for Linux; though the venerable GCC is still the primary compiler choice on Linux, by using Clang instead, Google ensured that it has only one set of compiler quirks and oddities to work with rather than two. But Chrome on Windows has instead used Microsoft’s Visual C++ compiler. The Visual C++ compiler is the best-supported, most widely used compiler on Windows and, critically, is the compiler with the best support for Windows’ wide range of debugging and diagnostic tools. The Visual Studio debugger is widely loved by the C++ community, and other tools, such as the WinDbg debugger (often used for analyzing crash dumps), are core parts of the Windows developer experience.

Read more of this story at Slashdot.

Go to Source

Posted by amiller in Blog, Chrome

Simple music-making for everyone

We started Chrome Music Lab to make learning music more accessible to everyone through fun, hands-on experiments. And we’ve loved hearing from teachers who have been using it in exciting ways, like exploring music and its connections to science, math, art, dance, and more.

For this year’s Music in Our Schools Month, we’ve added a new experiment to the website called Song Maker. It’s a simple way for anyone to make a song, then share it with a link—no need to log in or make an account. Anyone can instantly hear what you made, and even riff on it to make their own song. It lives on the web, so you don’t need to install any apps to try it. And, it works across devices—phones, tablets, computers.

Check it out here and have fun making some music.

Go to Source

Posted by amiller in Blog, Chrome, education
End of Flash? Its Usage Among Chrome Users Has Declined From 80% in 2014 to Under 8% as of Early 2018

End of Flash? Its Usage Among Chrome Users Has Declined From 80% in 2014 to Under 8% as of Early 2018

An anonymous reader writes: The percentage of daily Chrome users who’ve loaded at least one page containing Flash content per day has gone down from around 80% in 2014 to under 8% in early 2018. These statistics on Flash’s declining numbers were shared with the public by Parisa Tabriz, Director of Engineering at Google, one of the Google bigwigs in charge of Chrome’s security. Google plans to ship Flash disabled-by-default with Chrome 76 (July 2019) and remove it completely in Chrome 87 (December 2020).

Read more of this story at Slashdot.

Go to Source

Posted by amiller in Blog, Chrome
Chrome 64 Now Trims Messy Links When You Share Them

Chrome 64 Now Trims Messy Links When You Share Them

Google’s latest consumer version of Chrome, version number 64, just started cleaning up messy referral links for you. From a report: Now, when you go to share an item, you’ll no longer see a long tracking string after a link, just the primary link itself. This feature now happens automatically when sharing links in Chrome, either by the Share menu or by copying the link and pasting it elsewhere. Even though it slices off the extra bit of the URL, this doesn’t affect referral information. If you choose, you can copy and paste directly from the URL bar to grab the link in entirety.

Read more of this story at Slashdot.

Go to Source

Posted by amiller in Blog, Chrome