Google has blocked The Great Suspender extension from the Chrome store "because it contains malware." The extension was very popular for users running Chrome with 8GB or less of RAM, as it would automatically suspend tabs you hadn't used in a while, freeing up precious memory and CPU power. It would then allow you to return to the tab and reload back to where you were. Mishaal Rahman writes via XDA Developers: For some people, this isn't news. Since November of 2020, close followers of the extension have warned that it may be running malicious code. The old maintainer of the extension sold it to an unknown party in June of 2020, and users alleged that the unknown party quietly slipped some trackers into version 7.1.8 of the extension. Although version 7.1.9 removed the tracker, many users were understandably suspicious of the extension. Then in early January of this year, multiple media outlets picked up on the news, and many, including myself, decided to ditch it. Earlier today, however, Google pulled the plug entirely on the popular Chrome extension, forcibly removing The Great Suspender from people's Chrome installations and removing the extension's listing on the Chrome Web Store. You can recover your suspended tabs by opening up your search history and searching for "klbibkeccnjlkjkiokjodocebajanakg." If that doesn't work, you can try the other options outlined in this GitHub post.

Some alternatives to The Great Suspender, as recommended by XDA Developers community member TheMageKing, include: Tabs Outliner, Auto Tab Discard, or Session Buddy.

In December, Ars reported that as many as 3 million people had been infected by Chrome and Edge browser extensions that stole personal data and redirected users to ad or phishing sites. Now, the researchers who discovered the scam have revealed the lengths the extension developers took to hide their nefarious deeds. Ars Technica reports: Researchers from Prague-based Avast said on Wednesday that the extension developers employed a novel way to hide malicious traffic sent between infected devices and the command and control servers they connected to. Specifically, the extensions funneled commands into the cache-control headers of traffic that was camouflaged to appear as data related to Google analytics, which websites use to measure visitor interactions. Referring to the campaign as CacheFlow, Avast researchers wrote: "CacheFlow was notable in particular for the way that the malicious extensions would try to hide their command and control traffic in a covert channel using the Cache-Control HTTP header of their analytics requests. We believe this is a new technique. In addition, it appears to us that the Google Analytics-style traffic was added not just to hide the malicious commands, but that the extension authors were also interested in the analytics requests themselves. We believe they tried to solve two problems, command and control and getting analytics information, with one solution."

The extensions, Avast explained, sent what appeared to be standard Google analytics requests to https://stats.script-protection[.]com/__utm.gif. The attacker server would then respond with a specially formed Cache-Control header, which the client would then decrypt, parse, and execute. Avoiding infecting users who were likely to be Web developers or researchers. The developers did this by examining the extensions the users already had installed and checking if the user accessed locally hosted websites. Additionally, in the event that an extension detected that the browser developer tools were opened, it would quickly deactivate its malicious functionality. Waiting three days after infection to activate malicious functionality. Checking every Google search query a user made. In the event a query inquired about a server the extensions used for command and control, the extensions would immediately cease their malicious activity.

Microsoft Defender Advanced Threat Protection (ATP), the commercial version of the ubiquitous Defender antivirus and Microsoft's top enterprise security solution, is currently having a bad day and labeling yesterday's Google Chrome browser update as a backdoor trojan. From a report: The detections are for Google Chrome 88.0.4324.146, the latest version of the Chrome browser, which Google released last night. As per the screenshot (embedded in the linked story), but also based on reports shared on Twitter by other dismayed system administrators, Defender ATP is currently detecting multiple files part of the Chrome v88.0.4324.146 update package as containing a generic backdoor trojan named "PHP/Funvalget.A." The alerts have caused quite a stir in enterprise environments in light of recent multiple software supply chain attacks that have hit companies across the world over the past few months. System administrators are currently awaiting a formal statement from Microsoft to confirm that the detection is a "false possitive" and not an actual threat.

Tech blogger Paul Thurrott writes: Firefox 85 now protects users against supercookies, which Mozilla says is "a type of tracker that can stay hidden in your browser and track you online, even after you clear cookies. By isolating supercookies, Firefox prevents them from tracking your web browsing from one site to the next." It also includes small improvements to bookmarks and password management.

Unfortunately, Mozilla has separately — and much more quietly — stopped work on Site Specific Browser (SSB) functionality... This feature allowed users to use Firefox to create apps on the local PC from Progressive Web Apps and other web apps, similar to the functionality provided in Chrome, Microsoft Edge, and other Chromium-based web browsers. "The SSB feature has only ever been available through a hidden [preference] and has multiple known bugs," Mozilla's Dave Townsend explains in a Bugzilla issue tracker. "Additionally, user research found little to no perceived user benefit to the feature and so there is no intent to continue development on it at this time. As the feature is costing us time in terms of bug triage and keeping it around is sending the wrong signal that this is a supported feature, we are going to remove the feature from Firefox."
Thurrott's conclusion? "Mozilla is walking away from a key tenet of modern web apps and, in doing so, they are making themselves irrelevant."

Apple yesterday released a new version of iCloud for Windows 10, and based on multiple reports and the update's release notes, it appears Apple is introducing an iCloud Passwords extension designed for Chrome, which will allow "iCloud" Keychain passwords to be used on Windows machines. MacRumors reports: As noted by The 8-Bit and a few other sources, the update adds support for an "iCloud" Passwords Chrome extension." After installing version 12 of "iCloud" for Windows, there's a new "Passwords" section in the app with an "iCloud" Keychain logo. When attempting to use the feature, though, the "iCloud" app prompts users to download a Chrome extension, but the extension is broken and clicking to install leads to a broken web page.

This is likely a bug that will be addressed in the near future, and it sounds like when it is functional, Windows users will be able to access their "iCloud" Keychain passwords on their Windows machines through the Chrome browser. It's not clear if Apple will offer this extension for Mac machines in the future as well, and it appears to be limited to Windows at this time.

Google has started rolling out Chrome OS 88. The update includes a couple of enhancements, the most notable of which is a new screen saver you can use to get more functionality out of your computer's lock screen. Engadget reports: By enabling the feature, your Chromebook will be able to display images from your Google Photos library, including those you've organized into specific albums. You can also choose from a selection of default images put together by Google. If you use the Google Photos functionality built into the Pixel Stand and Nest Hub, you'll have a good idea of how the screen saver works.

The lock screen also displays the time and local weather and provides you with easy to access media controls so you can pause or play a song. You'll find your WiFi and battery status on the bottom right corner and the option to sign out from your account if you want. You enable the feature by digging into the settings menu of Chrome OS and finding your way to the Personalization section. Once enabled, it will turn on when the operating system detects that your device has been idle for some time. The update also introduces a feature that allows you to use your pin or fingerprint, instead of a password, to log into websites that support the WebAuthn standard.

With Mozilla's release of Firefox 85 on Tuesday, Adobe's once ubiquitous Flash technology is really gone for good. The software had been widely used to expand gaming, video and animation on the web, though Adobe stopped supporting it at the end of 2020. Firefox was the last major browser to support Flash. From a report: Apple, whose late boss Steve Jobs helped sink Flash by banning it from iPhones and iPads, ditched Flash with Safari 14 in September 2020. Google Chrome, the most widely used browser, completely excised it on Jan. 19 with version 88. Microsoft's Edge 88 followed suit on Jan. 21. The schedule of removals shows just how hard it is to advance technology foundations as widely used as the web. Browser makers for years wanted to remove Flash, replacing it with more advanced standards built directly into the web. Jobs' "Thoughts on Flash" letter in 2010 solidified the opposition, and Adobe started recognizing the software's doom by scrapping the Android version of Flash in 2011. It's taken years of effort to drop Flash completely. Adobe took until 2017 to announce that Flash would be completely unsupported at the end of 2020, and still some are willing to jump through lots of hoops to keep Flash around a little longer.

Google says its new machine learning algorithms could replace cookie-based ad targeting without invading your privacy. Axios reports: Google has been testing a new API (a software interface) called Federated Learning of Cohorts (FLoC) that acts as an effective replacement signal for third-party cookies. The API exists as a browser extension within Google Chrome. The company said Monday that tests of FLoC to reach audiences show that advertisers can expect to see at least 95% of the conversions per dollar spent on ads when compared to cookie-based advertising. FLoC uses machine learning algorithms to analyze user data and then create a group of thousands of people based off of the sites that an individual visits. The data gathered locally from the browser is never shared. Instead, the data from the much wider cohort of thousands of people is shared, and that is then used to target ads.

It's a big deal that Google says it's close to coming up with a technology that will replace cookies, because one of the toughest parts of phasing cookies out of internet ad-targeting is that there hasn't been a great solution for what to replace them with. [...] Google has other proposals to replace cookies in the works, so it's not guaranteed that FLoC will be the answer, but the company said it's highly encouraged by what it has seen so far.

Google released Chrome 88 this week — and besides improving its dark mode support, they removed support for both Adobe Flash and FTP.

PC World calls it "the end of two eras." The most noteworthy change in this update is what's not included. Chrome 88 lays Adobe Flash and the FTP protocol to rest. RIP circa-2000 Internet.

Neither comes as a surprise, though it's poetic that they're being buried together. Adobe halted Flash Player downloads at the end of 2020, making good on a promise made years before, and began blocking Flash content altogether a couple weeks later. Removing Flash from Chrome 88 is just Google's way of flushing the toilet.

On the other hand, FTP isn't dead, but it is now for Chrome users. The File Transport Protocol has helped users send files across the Internet for decades, but in an era of prolific cloud storage services and other sharing methods, its use has waned. Google started slowly disabling FTP support in Chrome 86, per ZDNet, and now you'll no longer be able to access FTP links in the browser. Look for standalone FTP software instead if you need it, such as FileZilla.

That's not all. Mac users should be aware that Chrome 88 drops support for OS X 10.10 (OS X Yosemite). Yosemite released in 2014 and received its last update in 2017...

But Google killing Flash and FTP might be the footnotes that hit old-school web users in the feels.
Chrome 88 will also block non-encrypted downloads originating from an encrypted page, the article reports. And the Verge notes Chrome also offers less intrusive website permission requests (as an experimental feature enabled from chrome://flags/#permission-chip ), while Bleeping Computer describes Chrome 88's new experimental feature for searching through all your open tabs.

And Chrome's blog points out some additional features under the hood: Chrome 88 will heavily throttle chained JavaScript timers for hidden pages in particular conditions. This will reduce CPU usage, which will also reduce battery usage. There are some edge cases where this will change behavior, but timers are often used where a different API would be more efficient, and more reliable.

As of December 8, Apple has been requiring developers to provide privacy label information to their apps, outlining the data that each app collects from users when it is installed. Many app developers have included the labels, but there's one notable outlier -- Google. schwit1 shares a report from MacRumors: Google has not updated its major apps like Gmail, Google Maps, Chrome, and YouTube since December 7 or before, and most Google apps have to date have not been updated with the Privacy Label feature. The Google Translate, Google Authenticator, Motion Stills, Google Play Movies, and Google Classroom apps do include privacy labels even though they have not been updated recently, but Google's search app, Google Maps, Chrome, Waze, YouTube, Google Drive, Google Photos, Google Home, Gmail, Google Docs, Google Assistant, Google Sheets, Google Calendar, Google Slides, Google One, Google Earth, YouTube Music, Hangouts, Google Tasks, Google Meet, Google Pay, PhotoScan, Google Voice, Google News, Gboard, Google Podcasts, and more do not display the information.

On January 5, Google told TechCrunch that the data would be added to its iOS apps "this week or the next week," but both this week and the next week have come and gone with no update. It has now been well over a month since Google last updated its apps. "To lightly paraphrase former Google CEO Eric Schmidt: If your data harvesting is something that you don't want anyone to know, maybe you shouldn't be doing it in the first place," adds schwit1.

At WWDC last year, Apple announced it was going to support Chrome-style browser extensions (the WebExtensions API) in Safari. Months after Safari 14's release, are developers bothering with Safari? Jason Snell: The answer seems to be largely no -- at least, not yet. The Mac App Store's Safari extensions library seems to be largely populated with the same stuff that was there before Safari 14 was released, though there are some exceptions. [...] So in the end, what was the net effect of Apple's announcement of support for the WebExtensions API in Safari? It's a work in progress. A very small number of extensions have appeared in the App Store, and it seems quite likely that others will follow at their own pace. Other developers remain utterly unmoved by all the extra work moving to Safari would entail. It strikes me that Apple could rapidly drive adoption of Safari extensions if it would finally bring that technology to iOS. Targeting the Mac is nice, but if they could target iPads and iPhones, we might really have something.

Privacy-focused search engine DuckDuckGo reached a major milestone in its 12-year-old history last week when it recorded on Monday its first-ever day with more than 100 million user search queries. From a report: The achievement comes after a period of sustained growth the company has been seeing for the past two years, and especially since August 2020, when the search engine began seeing more than 2 billion search queries a month on a regular basis. The numbers are small in comparison to Google's 5 billion daily search queries but it's a positive sign that users are looking for alternatives. DuckDuckGo's popularity comes after the search engine has expanded beyond its own site and now currently offers mobile apps for Android and iOS, but also a dedicated Chrome extension. More than 4 million users installed these apps and extension, the company said in a tweet in September 2020.

Besides the intended differences, web browsers based on Chromium offer an underlying experience that's mostly identical to Chrome. Google recently discovered that users of third-party Chromium browsers have inadvertently been able to access data and other sync features reserved for Chrome. From a report: "Some" Chromium browsers today can leverage features and APIs that are "only intended for Google's use." This includes Click to Call and, notably, Chrome Sync. The latter is responsible for syncing bookmarks, extensions, history, settings, and more across signed-in devices running the first-party browser. As a result, users logged into Google sites on Chromium browsers are able to see their old bookmarks and other data from previous Chrome usage. This inadvertent access was discovered during a recent audit and Google will be "limiting access to [its] private Chrome APIs" from March 15th.

Just ahead of its launch for commercial PC-like devices, an install image of Windows 10X for single screens has leaked, giving us an early peek at Microsoft's new OS. And yes, it's just like Chrome OS. From a report: Let's just get that out of the way. Microsoft has been working for years on a Chromebook competitor, but it has been largely unsuccessful. Windows 10 S, which was originally called Windows 10 Cloud, was Terry Myerson's approach, and that, of course, crashed and burned, in part because it looked identical to Windows 10 but couldn't run downloaded Windows 10 desktop applications. And now we have Windows 10X. Microsoft tried to hide its true intent with this product by pretending last year that it was aimed at a new generation of dual-display PCs, but the software giant really created 10X to compete with Chrome OS on inexpensive single-display PCs. So after failing to get its container-based Windows desktop application compatibility solution to work, Microsoft scaled back and repositioned Windows 10X as was originally intended: It will now ship only on new traditional PCs aimed at education and other commercial markets.

Google published a six-part report this week detailing a sophisticated hacking operation that the company detected in early 2020 and which targeted owners of both Android and Windows devices. From a report: The attacks were carried out via two exploit servers delivering different exploit chains via watering hole attacks, Google said. "One server targeted Windows users, the other targeted Android," Project Zero, one of Google's security teams, said in the first of six blog posts. Google said that both exploit servers used Google Chrome vulnerabilities to gain an initial foothold on victim devices. Once an initial entry point was established in the user's browsers, attackers deployed an OS-level exploit to gain more control of the victim's devices. The exploit chains included a combination of both zero-day and n-day vulnerabilities, where zero-day refers to bugs unknown to the software makers, and n-day refers to bugs that have been patched but are still being exploited in the wild.

When a user attempts to load a Flash game or content in a browser such as Chrome, the content now fails to load and instead displays a small banner that leads to the Flash end-of-life page on Adobe's website. While this day has long been coming, with many browsers disabling Flash by default years ago, it is officially the end of a 25-year era for Flash, first introduced by Macromedia in 1996 and acquired by Adobe in 2005. Mac Rumors reports: "Since Adobe will no longer be supporting Flash Player after December 31, 2020 and Adobe will block Flash content from running in Flash Player beginning January 12, 2021, Adobe strongly recommends all users immediately uninstall Flash Player to help protect their systems," the page reads. Adobe has instructions for uninstalling Flash on Mac, but note that Apple removed support for Flash outright in Safari 14 last year.

Adobe first announced its plans to discontinue Flash in 2017. "Open standards such as HTML5, WebGL, and WebAssembly have continually matured over the years and serve as viable alternatives for Flash content," the company explained. Adobe does not intend to issue Flash Player updates or security patches any longer, so it is recommended that users uninstall the plugin.

EFF special consultant/blogger/science fiction writer Cory Doctorow warns in Locus magazine about the dangers of what Bruce Schneier calls "feudal security": Here in the 21st century, we are beset by all manner of digital bandits, from identity thieves, to stalkers, to corporate and government spies, to harassers... To be safe, then, you have to ally yourself with a warlord. Apple, Google, Facebook, Microsoft, and a few others have built massive fortresses bristling with defenses, whose parapets are stalked by the most ferocious cybermercenaries money can buy, and they will defend you from every attacker — except for their employers. If the warlord turns on you, you're defenseless.

We see this dynamic playing out with all of our modern warlords. Google is tweaking Chrome, its dominant browser, to block commercial surveillance, but not Google's own commercial surveillance. Google will do its level best to block scumbag marketers from tracking you on the web, but if a marketer pays Google, and convinces Google's gatekeepers that it is not a scumbag, Google will allow them to spy on you. If you don't mind being spied on by Google, and if you trust Google to decide who's a scumbag and who isn't, this is great. But if you and Google disagree on what constitutes scumbaggery, you will lose, thanks, in part, to other changes to Chrome that make it much harder to block the ads that Chrome lets through.

Over in Facebook land, this dynamic is a little easier to see. After the Cambridge Analytica scandal, Facebook tightened up who could buy Facebook's surveillance data about you and what they could do with it. Then, in the runup to the 2020 US elections, Facebook went further, instituting policies intended to prevent paid political disinformation campaigns at a critical juncture. But Facebook isn't doing a very good job of defending its users from the bandits. It's a bad (or possibly inattentive, or indifferent, or overstretched) warlord, though...

Back to Apple. In 2017, Apple removed all effective privacy tools from the Chinese version of the iPhone/iPad App Store, at the behest of the Chinese government. The Chinese government wanted to spy on Apple customers in China, and so it ordered Apple to facilitate this surveillance... If Apple chose not to comply with the Chinese order, it would either have to risk fines against its Chinese subsidiary and possible criminal proceedings against its Chinese staff, or pull out of China and risk having its digital services blocked by China's Great Firewall, and its Chinese manufacturing subcontractors could be ordered to sever their relations with Apple. In other words, the cost of noncompliance with the order is high, so high that Apple decided that putting its customers at risk was an acceptable alternative.

Therein lies the problem with trusting warlords to keep you safe: they have priorities that aren't your priorities, and when there's a life-or-death crisis that requires them to choose between your survival and their own, they will throw you to the bandits...
"The fact that Apple devices are designed to prevent users from overriding the company's veto over their computing makes it inevitable that some government will demand that this veto be exercised in their favor..." Doctorow concludes. "As with feudal aristocrats, the state is happy to lend these warlords their legitimacy, in exchange for the power to militarize the aristocrat's holdings... "

His proposed solution? What if Google didn't collect or retain so much user data in the first place -- or gave its users the power to turn off data-collection and data-retention altogether? And "What if Apple — by design — made is possible for users to override its killswitches?"

Google is the U.K.'s first big post-Brexit antitrust target as regulators opened a probe into the company's planned changes to curb publishers' collection of advertising data. From a report: The Competition and Markets Authority said it's investigating Google's so-called privacy sandbox changes that could "undermine the ability of publishers to generate revenue and undermine competition in digital advertising, entrenching Google's market power." The probe adds to Google's legal headaches around the world. The Mountain View, California-based company faces lawsuits from the U.S. Department of Justice and multiple states over allegedly anticompetitive practices. The U.K. probe focuses on Google's decision last year to phase out third-party cookies that help advertisers monitor customers' browsing habits and pinpoint the effectiveness of different advertising. Google's Chrome is the dominant web browser and the changes will be followed by rival products based on Google technology, such as Microsoft's Edge.

Browser makers Apple, Google, Microsoft, and Mozilla, have banned a root certificate that was being used by the Kazakhstan government to intercept and decrypt HTTPS traffic for residents in the country's capital, the city of Nur-Sultan (formerly Astana). From a report: The certificate had been in use since December 6, 2020, when Kazakh officials forced local internet service providers to block Nur-Sultan residents from accessing foreign sites unless they had a specific digital certificate issued by the government installed on their devices. While users were able to access most foreign-hosted sites, access was blocked to sites like Google, Twitter, YouTube, Facebook, Instagram, and Netflix, unless they had the certificate installed. Kazakh officials justified their actions claiming they were carrying out a cybersecurity training exercise for government agencies, telecoms, and private companies. Officials cited that cyberattacks targeting "Kazakhstan's segment of the internet" grew 2.7 times during the current COVID-19 pandemic as the primary reason for launching the exercise. The government's explanation did, however, make zero technical sense, as certificates can't prevent mass cyber-attacks and are usually used only for encrypting and safeguarding traffic from third-party observers. After today's ban, even if users have the certificate installed, browsers like Chrome, Edge, Mozilla, and Safari, will refuse to use them, preventing Kazakh officials from intercepting user data.

This week Google "quietly acquired a company called Neverware Inc. that sells software to transform old personal computers and Macs into Chromebook devices," reports SiliconANGLE: The acquisition was announced by Neverware on Twitter, and Google later confirmed the news in a statement. Google had taken part in the company's Series B funding round three years ago.

Neverware's software is called CloudReady OS, and though it's primarily aimed at schools and enterprises that want to transform fleets of machines into Chromebooks, there's also a free Home edition that anyone can use... Google's plan is to make CloudReady an official product. "We can confirm that the Neverware team is joining the Google Chrome OS team," Google said in a statement.