Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Chrome

Firefox 37 To Check Security Certificates Via Blocklist 21

Posted by timothy
from the making-a-list-pushing-it-multiple-times dept.
An anonymous reader writes The next version of Firefox will roll out a 'pushed' blocklist of revoked intermediate security certificates, in an effort to avoid using 'live' Online Certificate Status Protocol (OCSP) checks. The 'OneCRL' feature is similar to Google Chrome's CRLSet, but like that older offering, is limited to intermediate certificates, due to size restrictions in the browser. OneCRL will permit non-live verification on EV certificates, trading off currency for speed. Chrome pushes its trawled list of CA revocations every few hours, and Firefox seems set to follow that method and frequency. Both Firefox and Chrome developers admit that OCSP stapling would be the better solution, but it is currently only supported in 9% of TLS certificates.
Chrome

Ask Slashdot: Most Useful Browser Extensions? 353

Posted by Soulskill
from the still-waiting-on-an-extension-that-makes-me-lunch dept.
An anonymous reader writes: One of the most powerful features of modern browsers is the ability to install third-party extensions. They allow third-party developers to work on really useful niche functionality, and let users customize their browser with the tools they need. Unfortunately, this environment has the same discover-ability and security problems as standalone software. Thus, my question: what are your most useful (and safe) browser extensions? I can't live without some privacy basics like NoScript, AdBlock, and Ghostery. I also find FoxyProxy helpful for getting around geolocation requirements for media streaming. OneTab works pretty well for saving groups of browser tabs, and Pushbullet keeps getting better at managing my phone while I'm at my PC.
Technology

Nanotech Makes Steel 10x Stronger 106

Posted by Soulskill
from the everyone-thank-wil-wheaton dept.
An anonymous reader writes: A new metal-making process currently in testing at oil fields uses nano-scale plating to make metals like steel as much as ten times stronger than they would be without it. "[The process] uses an advanced form of electroplating, a process already used to make the chrome plating you might see on the engine and exhaust pipes of a motorcycle. Electroplating involves immersing a metal part in a chemical bath containing various metal ions, and then applying an electrical current to cause those ions to form a metal coating. The company uses a bath that contains more than one kind of metal ion and controls how ions are deposited by varying the electrical current. By changing the current at precise moments, it can create a layered structure, with each layer being several nanometers thick and of different composition. The final coating can be up to a centimeter thick and can greatly change the properties of the original material."
Chrome

Google Chrome Will Adopt HTTP/2 In the Coming Weeks, Drop SPDY Support 88

Posted by Soulskill
from the onward-and-upward dept.
An anonymous reader writes: Google today announced it will add HTTP/2, the second major version of Hypertext Transfer Protocol (HTTP), to Google Chrome. The company plans to gradually roll out support to the latest version of its browser, Chrome 40, "in the upcoming weeks." At the same time, Google says it will remove support for SPDY in early 2016. SPDY, which is not an acronym but just a short version for the word "speedy," is a protocol developed primarily at Google to improve browsing by forcing SSL encryption for all sites and speeding up page loads. Chrome will also lose support for the TLS extension NPN in favor of ALPN.
Firefox

Firefox Succeeded In Its Goal -- But What's Next? 296

Posted by Soulskill
from the building-actual-foxes-made-of-fire dept.
trawg writes: It's been more than 10 years since Mozilla released version 1.0 of Firefox, one of their first steps in their mission to 'preserve choice and innovation on the Internet'. Firefox was instrumental in shattering the web monoculture, but the last few years of development have left users uninspired. "Their goal was never to create the most popular browser in the world, or the one with the best UX, or the one with the most features, or the one with the best developer mode. ... It would be foolish to say a monoculture will never arise again (Google are making some scary moves with Chrome-only web applications). But at this point in time while Chrome is the ascendant browser (largely at the expense of Firefox), Mozilla’s ability to impact the web in general is greatly reduced." Perhaps it is time to move on to the next challenge — ensuring there is a strong Thunderbird to help preserve a free and open email ecosystem.
Advertising

Ask Slashdot: Gaining Control of My Mobile Browser? 223

Posted by Soulskill
from the lagging-utility dept.
An anonymous reader writes: I run Firefox with NoScript and FlashBlock at home. Browsing is easy, and I only have to enable scripts on a few sites. If they have 20+ scripts, I just surf somewhere else. Fast forward to the mobile experience. I had an Android device, but now I have an iPhone. In addition to the popup problem, and the fake "X" on ads, the iPhone browsers (Safari, Chrome, Opera) will start to show a site, then they will lock up for 10-30 seconds before finally becoming responsive. If I switch back to another app and then return to the browser, Safari and Chrome have a little delay, but Opera delays 20+ seconds before becoming responsive again.

Firefox is not available on the iPhone, so I can't simply run NoScript. Chrome does not appear to have a NoScript equivalent for mobile. What solutions are you using to make mobile browsing work?
Businesses

Massive Layoff Underway At IBM 331

Posted by Soulskill
from the hope-you-land-on-your-feet dept.
Tekla Perry writes: Project Chrome, a massive layoff that IBM is pretending is not a massive layoff, is underway. At more than 100,000 people, it is projected to be the largest mass layoff by any U.S. corporation in at least 20 years. Alliance@IBM, the IBM employees' union, says it has so far collected reports of 5000 jobs eliminated, but those are just numbers of those getting official layoff notices. According to anecdotal reports, IBM appears to be abusing the performance appraisal system to cut additional employees without officially laying them off.
Youtube

YouTube Ditches Flash For HTML5 Video By Default 225

Posted by Soulskill
from the now-if-they-can-ditch-the-commenters dept.
An anonymous reader writes: YouTube today announced it has finally stopped using Adobe Flash by default. The site now uses its HTML5 video player by default in Google's Chrome, Microsoft's IE11, Apple's Safari 8, and in beta versions of Mozilla's Firefox browser. At the same time, YouTube is now also defaulting to its HTML5 player on the web. In fact, the company is deprecating the "old style" Flash object embeds and its Flash API, pointing users to the iFrame API instead, since the latter can adapt depending on the device and browser you're using.
Opera

Opera Founder Is Back, WIth a Feature-Heavy, Chromium-Based Browser 158

Posted by timothy
from the sink-within-a-sink dept.
New submitter cdysthe writes Almost two years ago, the Norwegian browser firm Opera ripped out the guts of its product and adopted the more standard WebKit and Chromium technologies, essentially making it more like rivals Chrome and Safari. But it wasn't just Opera's innards that changed; the browser also became more streamlined and perhaps less geeky. Many Opera fans were deeply displeased at the loss of what they saw as key differentiating functionality. So now Jon von Tetzchner, the man who founded Opera and who would probably never have allowed those drastic feature changes, is back to serve this hard core with a new browser called Vivaldi. The project's front page links to downloads of a technical preview, available for Linux, Mac OS X, and Windows. Firefox users who likewise prefer a browser with more rather than fewer features (but otherwise want to stick with Firefox) might also consider SeaMonkey, which bundles not just a browser but email, newsgroup client and feed reader, HTML editor, IRC chat and web development tools.
Software

Windows 10 IE With Spartan Engine Performance Vs. Chrome and Firefox 181

Posted by Soulskill
from the attempting-to-battle-back dept.
MojoKid writes: In Microsoft's latest Windows 10 preview build released last week, Cortana made an entrance, but the much-anticipated Spartan browser did not. However, little did we realize that some of Spartan made the cut, in the form of an experimental rendering engine hidden under IE's hood. Microsoft has separated its Trident rendering engine into two separate versions: one is for Spartan, called EdgeHTML, while the other remains under its legacy naming with Internet Explorer. The reason Microsoft doesn't simply forego the older version is due to compatibility concerns. If you're running the Windows 10 9926 build, chances are good that you're automatically taking advantage of the new EdgeHTML engine in IE. To check, you can type 'about:flags' into the address bar. "Automatic" means that the non-Spartan Trident engine will be called-upon only if needed. In all other cases, you'll be taking advantage of the future Spartan web rendering engine. Performance-wise, the results with IE are like night and day in certain spots. Some of the improvements are significant. IE's Sunspider result already outperforms the competition, but it has been further improved. And with Kraken, the latency with the Spartan-powered Trident engine dropped 40%. Similar results are seen with a boost in the Octane web browser test as well.
Google

Google Just Made It Easier To Run Linux On Your Chromebook 169

Posted by timothy
from the danger-in-keeping-that-little-fulcrum-in-place dept.
TechCurmudgeon writes A story in PCWorld's "World beyond Windows" column outlines coming improvements in Chrome OS that will enable easily running Linux directly from a USB stick: "Have you ever installed a full desktop Linux system on your Chromebook? It isn't all [that] hard, but it is a bit more complex than it should be. New features in the latest version of Chrome OS will make dipping into an alternative operating system easier. For example, you'll be able to easily boot a full Linux system from a USB drive and use it without any additional hassle!"
Security

Adobe Patches One Flash Zero Day, Another Still Unfixed 49

Posted by timothy
from the cross-platform dept.
Trailrunner7 writes Adobe has released an emergency update for Flash to address a zero-day vulnerability that is being actively exploited. The company also is looking into reports of exploits for a separate Flash bug not fixed in the new release, which is being used in attacks by the Angler exploit kit. The vulnerability that Adobe patched Thursday is under active attack, but Adobe officials said that this flaw is not the one that security researcher Kafeine said Wednesday was being used in the Angler attacks. The patch for Flash comes just a day after Kafeine disclosed that some instances of the Angler exploit kit contained an exploit for a previously unknown vulnerability in the software. Adobe officials said Wednesday that they were investigating the reports. Kafeine initially saw Angler attacking the latest version of Flash in IE on Windows XP, Vista, 7 and 8, but said the exploit wasn't being used against Chrome or Firefox. On Thursday he said on Twitter that the group behind Angler had changed the code to exploit Firefox as well as fully patched IE 11 on Windows 8.1.
Internet Explorer

Time For Microsoft To Open Source Internet Explorer? 165

Posted by Soulskill
from the if-you-can't-beat-'em dept.
An anonymous reader writes: Ars Technica's Peter Bright argues that it's time for Microsoft to make Internet Explorer open source. He points out that IE's major competitors are all either fully open source (Firefox), or partially open source (Chrome, Safari, and Opera), and this puts Microsoft at a huge disadvantage. Bright says, "It's time for Microsoft to fit in with the rest of the browser industry and open up Trident. One might argue that this argument could be made of any software, and that Microsoft should by this logic open source everything. But I think that the browser is special. The community that exists around Web standards does not exist in the same way around, say, desktop software development, or file system drivers, or user interfaces. Development in the open is integral to the Web in an almost unique way. ... Although Microsoft has endeavored to be more open about how it's developing its browser, and which features it is prioritizing, that development nonetheless takes place in private. Developing in the open, with a public bug tracker, source code repositories, and public discussion of the browser's future direction is the next logical step."
Chrome

With Community Help, Chrome Could Support Side Tabs Extension 117

Posted by timothy
from the thinking-along-different-axes dept.
jones_supa writes The lack of a vertical tab strip (or "Tree Style Tab" as the Firefox extension is called) has been under a lot of discussion under Chrome/Chromium bug tracker. Some years ago, vertical tabs existed as an experimental feature enabled with a "secret" command line parameter, but that feature was eventually removed from the browser. Since then, Google has been rather quiet about whether such feature is still on the roadmap. Now, a Google engineer casts some light on the issue. He says that a tree-style interface for tabs would be overly complex as a native implementation, but Google would back the idea of improving the extensions interface to support a sidebar-like surface to render the tab UI on, if someone from the open source community would step forward to do the work to drive the feature to completion.
Movies

Silicon Valley Security Experts Give 'Blackhat' a Thumbs-Up; Do You? 98

Posted by timothy
from the but-nothing-beats-wargames dept.
HughPickens.com writes Cade Metz writes that last week Parisa Tabriz, head of Google's Chrome security team, helped arrange an early screening of Michael Mann's Blackhat in San Francisco for 200-odd security specialists from Google, Facebook, Apple, Tesla, Twitter, Square, Cisco, and other parts of Silicon Valley's close-knit security community, and their response to the film was shockingly positive. "Judging from the screening Q&A—and the pointed ways this audience reacted during the screening—you could certainly argue Blackhat is the best hacking movie ever made," writes Metz. "Many info-sec specialists will tell you how much they like Sneakers—the 1992 film with Robert Redford, Sidney Poitier, Dan Ackroyd, Ben Kingsley, and River Phoenix—but few films have so closely hewed to info-sec reality as Mann's new movie, fashioned in his characteristic pseudo-documentary style." "Unlike others, this is a film about a real person, not a stereotype—a real guy with real problems thrust into a real situation," says Mark Abene. "The technology—and the disasters—in the film were real, or at least plausible.

Director Michael Mann worked closely with Kevin Poulsen in researching, writing, and shooting the film. Like Hemsworth's character, Poulsen spent time in prison for his hacking exploits, and Mann says his input was invaluable. "It's the first crime-thriller to hinge so heavily on hacking without becoming silly." says Poulson. "We put a lot of work into finding plausible ways that malware and hosting arrangements and all these other things could be used to advance the plot and all of that I think turned out pretty nice."
I'm a fan of Michael Mann, and the previews I've seen of Blackhat make it look at least like a passable thriller. For anyone who's seen the film already, what did you think?
Security

Adobe Patches Nine Vulnerabilities In Flash 95

Posted by samzenpus
from the protect-ya-neck dept.
jones_supa writes Adobe has patched nine vulnerabilities in Flash Player — four of which are considered "critical" — in order to protect against malicious attackers who could exploit the bugs to take control of an affected system. Adobe acknowledged security researchers from Google, McAfee, HP, and Verisign. Flash's security bulletin contains more information on the vulnerabilities. The issues are fixed in mainline Flash Player 16.0.0.257 (incl. Google Chrome Linux version), extended support release 13.0.0.260, and Linux standalone plugin 11.2.202.429.
Chrome

Chrome For OS X Catches Up With Safari's Emoji Support 104

Posted by timothy
from the luckily-only-words-here dept.
According to The Next Web, Emoji support has landed in the latest developer builds of Chrome for OS X, meaning that emoji can be seen on websites and be entered into text fields for the first time without issues. ... Users on Safari on OS X could already see emoji on the Web without issue, since Apple built that in. The bug in Chrome was fixed on December 11, which went into testing on Chrome’s Canary track recently. From there, we can expect it to move to the consumer version of Chrome in coming weeks.
Technology

Four Facepalm Bugs In USPS Label-Printing Site 182

Posted by timothy
from the will-immediately-sell-my-stock-in-usps dept.
"The United States Postal Service "Click-N-Ship" site suffered no outages or slowdowns during Christmas rush," writes Bennett Haselton. "It just has bugs that make the process more annoying than just standing in line at the post office, which defeats the purpose. The most frustrating part is that most of these bugs could have been fixed, just by having some testers run through the ordering process and make a note of anything that seems confusing or wrong. (Although I've included notes on how to work around all the bugs, so you really can print your own labels and skip the line.)" Read on for the rest; what other gripes do you have about the current package delivery regime, and how would you resolve them?
Cloud

Ask Slashdot: Best Options For a Standalone Offline Printing Station? 190

Posted by timothy
from the your-baby-has-printing-pains dept.
An anonymous reader writes My father is considering a Chromebook, but there is a problem: He occasionally wants to print. Chrome OS only talks to physical printers by Google Cloud Print, so the printer has to be online one way or another. But my father wants to surf over 3G, so he has no network infrastructure. Now what are the best options for a standalone printing station that works offline? I have a Raspberry Pi and a small touch display that I could spare, how about I prepared some scripts and called that the dedicated printing computer? Then what printers have ARM drivers available? Does anybody know a consumer-grade or small-office-grade printer that can print ordinary PDF docs directly from flash drives or memory cards? I have looked, but could not find one yet. The devices I found that print PDF docs directly only do so if the docs were made by the (proprietary) printer-related software or the printer itself. There are ways to turn PDF docs into series of JPG files. A lot of ordinary printers can print JPG files directly from flash media, should my father stick with this option? Also, what are secondary options in case the offline printing station does not work out? Should he consider buying a 3G-capable WiFi router (there are enough available) and set up a home network, then use Google Cloud Print? Should I just send my father to a copy shop? Or should he simply forget about the Chromebook and get an ordinary laptop with a common OS that can talk to printers by USB?
Microsoft

Microsoft Is Building a New Browser As Part of Its Windows 10 Push 248

Posted by samzenpus
from the brand-new dept.
mpicpp sends word that Microsoft may be working on a new browser. "There's been talk for a while that Microsoft was going to make some big changes to Internet Explorer in the Windows 10 time frame, making IE 'Spartan' look and feel more like Chrome and Firefox. It turns out that what's actually happening is Microsoft is building a new browser, codenamed Spartan, which is not IE 12 — at least according to a couple of sources of mine. Thomas Nigro, a Microsoft Student Partner lead and developer of the modern version of VLC, mentioned on Twitter earlier this month that he heard Microsoft was building a brand-new browser. Nigro said he heard talk of this during a December episode of the LiveTile podcast. Spartan is still going to use Microsoft's Chakra JavaScript engine and Microsoft's Trident rendering engine (not WebKit), sources say. As Neowin's Brad Sams reported back in September, the coming browser will look and feel more like Chrome and Firefox and will support extensions. Sams also reported on December 29 that Microsoft has two different versions of Trident in the works, which also seemingly supports the claim that the company has two different Trident-based browsers. However, if my sources are right, Spartan is not IE 12. Instead, Spartan is a new, light-weight browser Microsoft is building. Windows 10 (at least the desktop version) will ship with both Spartan and IE 11, my sources say. IE 11 will be there for backward-compatibility's sake. Spartan will be available for both desktop and mobile (phone/tablet) versions of Windows 10, sources say."