Half of All Google Chrome Extensions Have Fewer Than 16 Installs (zdnet.com) 56
Google's Plans for Chrome Extensions 'Won't Really Help Security', Argues EFF (eff.org) 35
As both security experts and the developers of extensions that will be greatly harmed by Manifest V3, we're here to tell you: Google's statement just isn't true. Manifest V3 is a blunt instrument that will do little to improve security while severely limiting future innovation... The only part of Manifest V3 that goes directly to the heart of stopping DataSpii-like abuses is banning remotely hosted code. You can't ensure extensions are what they appear to be if you give them the ability to download new instructions after they're installed.
But you don't need the rest of Google's proposed API changes to stop this narrow form of bad extension behavior. What Manifest V3 does do is stifle innovation...
The EFF makes the following arguments Google's proposal:
- Manifest V3 will still allow extensions to observe the same data as before, including what URLs users visit and the contents of pages users visit
- Manifest V3 won't change anything about how "content scripts" work...another way to extract user browsing data.
- Chrome will still allow users to give extensions permission to run on all sites.
In response Google argued to Forbes that the EFF "fails to account for the proposed changes to how permissions work. It is the combination of these two changes, along with others included in the proposal, that would have prevented or significantly mitigated incidents such as this one."
But the EFF's technology projects director also gave Forbes their response. "We agree that Google isn't killing ad-blockers. But they are killing a wide range of security and privacy enhancing extensions, and so far they haven't justified why that's necessary."
And in the same article, security researcher Sean Wright added that Google's proposed change "appears to do little to prevent rogue extensions from obtaining information from loaded sites, which is certainly a privacy issue and it looks as if the V3 changes don't help."
The EFF suggests Google just do a better job of reviewing extensions.
Google Just Stopped Displaying 'www' and 'https' In Chrome's Address Bar (techrepublic.com) 185
However the announcement provoked a fresh wave of criticism, from those who say the move will confuse users and even potentially make it easier for them to inadvertently connect to fake sites... There are also some who claim Google's motivation in changing how the URL is displayed may be to make it harder for users to tell whether they are on a page hosted on Google's Accelerated Mobile Pages subdomain...
Google says it has also built a Chrome extension that doesn't obfuscate the URL to "help power users recognize suspicious sites and report them to Safe Browsing". Despite the backlash from some online, Chrome isn't the first browser to truncate the URL in this way, with Apple's Safari similarly hiding the full address.
Chrome 76 Arrives With Flash Blocked By Default (venturebeat.com) 87
'Never-Googlers' Take Extreme Measures To Avoid Data Tracking (startribune.com) 255
These intrepid Web users say they'd rather deal with daily inconveniences than give up more of their data. That means setting up permanent vacation responders on Gmail and telling friends to resend files or video links that don't require Google software. More than that, it takes a lot of discipline.
While there's no data on how many people are avoiding Google, the article points out that DuckDuckGo is now averaging 42.4 million searches every day -- up from 23.5 million a year ago.
But at least one Berkeley tech consultant acknowledged that "the improvement is mostly in the category of self-righteousness." Seeking an office software with better privacy protections, he's now paying $100 a year for a subscription to Microsoft Office 365.
In 80 Days, Google Will Require Chrome Extensions To Request 'The Least Amount of Data' (pcmag.com) 40
The risks prompted Google to work toward securing the 180,000+ Chrome extensions on the company's official web store. "We're requiring extensions to only request access to the least amount of data," the company said in a Tuesday blog post. "While this has previously been encouraged of developers, now we're making this a requirement for all extensions."
Chrome 76 Prevents NYT and Other News Sites From Detecting Incognito Mode (arstechnica.com) 63
If websites find new loopholes to detect private mode, Google said they will close those, too. "Chrome will likewise work to remedy any other current or future means of Incognito Mode detection," Google's blog post said.
My Browser, the Spy: How Extensions Slurped Up Browsing Histories From 4M Users (arstechnica.com) 43
Web histories may not sound especially sensitive, but a subset of the published links led to pages that are not protected by passwords -- but only by a hard-to-guess sequence of characters (called tokens) included in the URL. Thus, the published links could allow viewers to access the content at these pages. (Security practitioners have long discouraged the publishing of sensitive information on pages that aren't password protected, but the practice remains widespread.) Further reading: More on DataSpii: How extensions hide their data grabs -- and how they're discovered.
Sneaky Chrome Extension Disguises Netflix As a Google Hangout To Help You Slack Off At Work 33
Privacy-First Browsers Look To Take the Shine Off Google's Chrome (nbcnews.com) 56
And in something of a poetic role reversal, Microsoft is positioning itself to pick up the slack from people who may be fed up with Google's Chrome browser and its questionable privacy practices. Microsoft is expected to release an overhaul of its latest browser, called Edge, in the coming months. Microsoft is just one of a number of companies and organizations looking to take a piece out of Google -- some using the company's own open-source software. One name that might be familiar to most consumers -- Mozilla's Firefox browser -- is also a veteran of the "browser wars" of two decades ago. The nonprofit Mozilla, which has been biting at the heels of leading browsers for most of its existence, is introducing more aggressive privacy settings to try to stand out and take advantage of the privacy stumbles by Google and other tech giants.
Google Earth Ported To Browsers With WebAssembly (infoq.com) 51
Ask Slashdot: What's Your 'Backup' Browser? (komando.com) 237
But Slashdot reader koavf asks an interesting follow-up question: "What's everyone's go-to Plan B browser and why?"
To start the conversation, here's how James Gelinas (a contributor at Kim Komando's tech advice site) recently reviewed the major browsers:
- He calls Chrome "a safe, speedy browser that's compatible with nearly every page on the internet" but also says that Chrome "is notorious as a resource hog, and it can drastically slow your computer down if you have too many tabs open."
"Additionally, the perks of having your Google Account connected to your browser can quickly turn into downsides for the privacy-minded among is. If you're uncomfortable with your browser knowing your searching and spending behaviors, Chrome may not be the best choice for you."
- He calls Firefox "the choice for safety".
"Predating Chrome by 6 years, Firefox was the top choice for savvy Netizens in the early Aughts. Although Chrome has captured a large segment of its user base, that doesn't mean the Fox is bad. In fact, Mozilla is greatly appreciated by fans and analysts for its steadfast dedication to user privacy... Speedwise, Firefox isn't a slouch either. The browser is lighter weight than Chrome and is capable of loading some websites even faster."
- He calls Apple's Safari and Microsoft Edge "the default choice...because both of these browsers come bundled with new computers."
"Neither one has glaring drawbacks, but they tend to lack some of the security features and extensions found in more popular browsers. Speedwise, however, both Edge and Safari are able to gain the upper hand against their competition. When it comes to startup time and functions, the apps are extremely lightweight on your system's resources. This is because they're part of the Mac and Window's operating systems, respectively, and are optimized for performance in that environment."
Finally, he gives the Tor browser an honorable mention. ("It's still one of the best anonymous web browsers available. It's so reliable, in fact, that people living under repressive governments often turn to it for their internet needs -- installing it on covert USB sticks to use on public computers.") And he awards a "dishonorable mention" to Internet Explorer. ("Not only is the browser no longer supported by Microsoft, but it's also vulnerable to a host of malware and adware threats.")
But what do Slashdot's readers think? Putting aside your primary desktop browser -- what's your own go-to "Plan B" web browser, and why? Leave your best answers in the comments.
What's your "backup" browser?
Firefox To Get a Random Password Generator, Like Chrome and Safari (zdnet.com) 51
Microsoft Brings Tracking Prevention To Its Edge Browser (engadget.com) 67
Mozilla Launches GeckoView-Powered Firefox Preview For Android (venturebeat.com) 62
On desktop, Firefox is the second most popular browser after Chrome. Firefox holds about 10% desktop market share, according to Net Applications. On mobile, however, Firefox has less than 0.5% share. Despite regular releases alongside the desktop browser over the years, Firefox's mobile share has not improved.
Firefox Will Give You a Fake Browsing History To Fool Advertisers (vice.com) 177
Alphabet's Sidewalk Labs Unveils Its High-Tech 'City-Within-a-City' Plan for Toronto (theverge.com) 46
The plan includes: Ten new buildings of mixed-use development consisting primarily of thousands of new residential units, as well as retail and office spaces, all made from mass timber. A proposal to extend the city's light-rail system to serve the new neighborhood. Redesigning streets to reduce car use and promote biking and walking. Installation of public Wi-Fi, in addition to other sensors to collect "urban data" to better inform housing and traffic decisions, for example. Proposal to reduce greenhouse gases by up to 89 percent. Building the new Canadian headquarters of Google on the western edge of Villiers Island. Further reading: Former Firefox VP on What It's Like To Be Both a Partner of Google and a Competitor via Google Chrome; Sidewalk Labs' 1,500-Page Plan for Toronto Is a Democracy Grenade.
Chrome 'Has Become Surveillance Software. It's Time to Switch' (inquirer.com) 190
My tests of Chrome vs. Firefox unearthed a personal data caper of absurd proportions. In a week of Web surfing on my desktop, I discovered 11,189 requests for tracker "cookies" that Chrome would have ushered right onto my computer but were automatically blocked by Firefox. These little files are the hooks that data firms, including Google itself, use to follow what websites you visit so they can build profiles of your interests, income and personality... And that's not the half of it. Look in the upper right corner of your Chrome browser. See a picture or a name in the circle? If so, you're logged in to the browser, and Google might be tapping into your Web activity to target ads. Don't recall signing in? I didn't, either. Chrome recently started doing that automatically when you use Gmail.
Chrome is even sneakier on your phone. If you use Android, Chrome sends Google your location every time you conduct a search. (If you turn off location sharing it still sends your coordinates out, just with less accuracy.)
The columnist concludes that "having the world's biggest advertising company make the most popular Web browser was about as smart as letting kids run a candy shop," and argues that through its Doubleclick and other ad businesses, Google "is the No. 1 cookie maker -- the Mrs. Fields of the web."
He also reports that Firefox is now working on ways to block browser "fingerprinting".