Google will charge smartphone makers a licensing fee for using its popular Google Play app store and also allow them to use rival versions of its Android mobile operating system to comply with an EU antitrust order, it said Tuesday. From a report: Google, an Alphabet subsidiary, announced the changes on Tuesday, three months after the European Commission handed it a landmark 4.34 billion euro ($5 billion) fine for using its popular Android mobile operating system to hinder rivals. The company said the licensing fees will offset revenue lost as a result of its compliance efforts. "Since the pre-installation of Google Search and Chrome together with our other apps helped us fund the development and free distribution of Android, we will introduce a new paid licensing agreement for smartphones and tablets shipped into the EEA," Hiroshi Lockheimer, senior vice president for platforms and ecosystems, said in a blog. In a blog post, Lockheimer wrote: Second, device manufacturers will be able to license the Google mobile application suite separately from the Google Search App or the Chrome browser. Since the pre-installation of Google Search and Chrome together with our other apps helped us fund the development and free distribution of Android, we will introduce a new paid licensing agreement for smartphones and tablets shipped into the EEA. Android will remain free and open source. Third, we will offer separate licenses to the Google Search app and to Chrome.

We'll also offer new commercial agreements to partners for the non-exclusive pre-installation and placement of Google Search and Chrome. As before, competing apps may be pre-installed alongside ours. These new licensing options will come into effect on October 29, 2018, for all new smartphones and tablets launched in the EEA.

An anonymous reader shares a report: Earlier this year, Google made a seemingly crowd-pleasing tweak to its Chrome browser and created a crisis for web game developers. Its May release of Chrome 66 muted sites that played sound automatically, saving internet users from the plague of annoying auto-playing videos. But the new system also broke the audio of games and web art designed for the old audio standard -- including hugely popular games like QWOP, clever experiments like the Infinite Jukebox, and even projects officially showcased by Google. After a backlash over the summer, Google kept blocking autoplay for basic video and audio, but it pushed the change for games and web applications to a later version. That browser version, Chrome 70, is on the verge of full release -- but the new, autoplay-blocking Web Audio API isn't part of it yet. Google communications manager Ivy Choi tells The Verge that Chrome will start learning the sites where users commonly play audio, so it can tailor its settings to their preferences. The actual blocking won't start until Chrome 71, which is due in December.

Microsoft today said it plans to disable support for Transport Layer Security (TLS) 1.0 and 1.1 in Edge and Internet Explorer browsers by the first half of 2020. From a report: "January 19th of next year marks the 20th anniversary of TLS 1.0, the inaugural version of the protocol that encrypts and authenticates secure connections across the web," said Kyle Pflug, Senior Program Manager for Microsoft Edge. "Two decades is a long time for a security technology to stand unmodified," he said. "While we aren't aware of significant vulnerabilities with our up-to-date implementations of TLS 1.0 and TLS 1.1 [...] moving to newer versions helps ensure a more secure Web for everyone."

The move comes as the Internet Engineering Task Force (IETF) -- the organization that develops and promotes Internet standards -- is hosting discussions to formally deprecated both TLS 1.0 and 1.1. Microsoft is currently working on adding support for the official version of the recently-approved TLS 1.3 standard. Edge already supports draft versions of TLS 1.3, but not yet the final TLS 1.3 version approved in March, this year. Microsoft engineers don't seem to be losing any sleep over their decision to remove both standards from Edge and IE. The company cites public stats from SSL Labs showing that 94 percent of the Internet's sites have already moved to using TLS 1.2, leaving very few sites on the older standard versions. "Less than one percent of daily connections in Microsoft Edge are using TLS 1.0 or 1.1," Pflug said, also citing internal stats. You can check public stats on the usage of TLS 1.0 and 1.1 here.

An anonymous reader quotes a report from The Wall Street Journal: Alphabet's Google on Tuesday said it filed an appeal of the European Union's $4.97 billion antitrust fine (Warning: source may be paywalled; alternative source) for allegedly abusing the dominance of its Android operating system for mobile phones. But Google said it has no plans to ask for so-called interim measures to pause application of the decision. Without further action, Google will have to meet a deadline at the end of October to end the behavior the EU says is anticompetitive or face additional fines of up to 5% of average daily global revenue for each day it doesn't comply. Google had promised that it would appeal the decision when the European Commission, the bloc's antitrust regulator, delivered it in mid-July. The commission said that Google broke the block's competition laws in part by strong-arming phone makers that use its free Android operating system to pre-install its namesake search engine, from which the company makes the bulk of its advertising revenue.

In the Android case, the European Commission has ordered Google to stop making phone manufacturers pre-install its search app and the Chrome web browser if they want to pre-install Google's Play store, which is the main way to download Android apps. The bloc also ordered Google to end restrictions that discourage manufacturers from selling devices that run unofficial versions of Android. It contends both restrictions illegally constrained competing search engines and operating systems. Google has argued that Android, which is free for manufacturers to use, has increased competition among smartphone makers, lowering prices for consumers. The company has said the allegation that it stymied competing apps is false because manufacturers typically install many rival apps on Android devices, and consumers can easily download others.

In addition to announcing new flagship phones today, Google took the wraps off a new premium tablet called the Pixel Slate. It's a Chrome OS-powered slate with a 12.3-inch display that's supposed to be the sharpest in its class. Google claims this isn't just a laptop pretending to be a tablet or a phone pretending to be a computer. From a report: It has a resolution of 3,000 x 2,000 -- i.e., a pixel density of 293 ppi, which Google says is the highest for a premium 12-inch tablet. For reference, the Surface Pro 6 and iPad Pro (12.9 inch) come in at 267 ppi and 264 ppi, respectively. Google was able to make the screen so sharp because of an energy-efficient LCD technology called Low Temperature PolySilicon (LTPS), which let the company pack in more pixels without sacrificing size or battery. In fact, the Pixel Slate is supposed to last up to 12 hours on a charge, which is impressive for its skinny 7mm profile. [...] What stands out about the Pixel Slate is the version of Chrome OS it runs. When docked to a mouse or a keyboard accessory with a trackpad, it runs the regular desktop interface most people are familiar with by now. Disconnect peripherals, though, and it switches automatically to tablet mode, which is optimized for touch. In this profile, the home screen features icons for installed apps, much like the app drawer on Android phones. You can split the screen between up to two apps or drag and drop browser tabs to place them side by side. The Pixel Slate will be available with an Intel Celeron or Core M3, i5 or i7 processor, and 4GB to 16GB of RAM at a starting price of $599. The keyboard will cost an additional $200, should you wish to buy one, and the pen accessory will similarly cost $99.

When Chrome 70 arrives on October 16th, it will drop trust for a major HTTPS certificate provider, putting hundreds of popular websites at risk of breaking. "Chrome 70 is expected to be released on or around October 16, when the browser will start blocking sites that run older Symantec certificates issued before June 2016, including legacy branded Thawte, VeriSign, Equifax, GeoTrust and RapidSSL certificates," reports TechCrunch. From the report: [D]espite more than a year to prepare, many popular sites are not ready. Security researcher Scott Helme found 1,139 sites in the top one million sites ranked by Alexa, including Citrus, SSRN, the Federal Bank of India, Pantone, the Tel-Aviv city government, Squatty Potty and Penn State Federal to name just a few. Ferrari, One Identity and Solidworks were named on the list but recently switched to new certificates, escaping any future outages.

HTTPS certificates encrypt the data between your computer and the website or app you're using, making it near-impossible for anyone -- even on your public Wi-Fi hotspot -- to intercept your data. Not only that, HTTPS certificates prove the integrity of the the site you're visiting by ensuring the pages haven't been modified in some way by an attacker. Most websites obtain their HTTPS certificates from a certificate authority, which abide by certain rules and procedures that over time become trusted by web browsers. If you screw that up and lose their trust, the browsers can pull the plug on all of the certificates from that authority. For these reasons, Google stopped supporting Symantec certificates last year after it was found to be issuing misleading and wrong certificates, as well as allowing non-trusted organizations to issue certificates without the proper oversight.

"There are signs that Chromebooks are a bigger long-term threat to Microsoft than you might imagine," reports ITWorld, arguing that "long term, they'll likely be a serious competitor." The reason? Chromebooks sell big in education. They've unseated the Mac in schools. Two years ago, for the first time, Chromebooks outsold Macs in schools. Schools are a great market for Google, but Chromebooks are also Trojan horses. Children and teens use them for schoolwork and more. And when they get Chromebooks, they also get free subscriptions to Google's G suite of apps. If kids grow up using G Suite and Chromebooks, there's a reasonable chance they'll use them when they get older.

Where I live, in Cambridge, Mass., the public Cambridge Rindge and Latin High School gives out free Chromebooks to every one of the more than 2,000 teens in the school, in a bid to close the digital divide between families who can afford to buy computers for their children and those who can't... Cambridge isn't unique. According to a 2017 article in The New York Times, "More than half the nation's primary- and secondary-school students -- more than 30 million children -- use Google education apps like Gmail and Docs... And Chromebooks, Google-powered laptops that initially struggled to find a purpose, are now a powerhouse in America's schools. Today they account for more than half the mobile devices shipped to schools...."

When students graduate, Google makes it easy for them to move all their mail and documents from their school accounts to their personal accounts. And schools sometimes even act as inadvertent salespeople for Google. The Times reports that some schools tell graduating seniors to move all their documents from their school to their personal accounts... The upshot of all this? Windows hardware continues to rule in enterprises. But Chromebooks may one day prove a serious competitor, as students make their way into the workforce.

Firefox has joined Google's WebP party, another endorsement for the internet giant's effort to speed up the web with a better image format. From a report: Google revealed WebP eight years ago and since then has built it into its Chrome web browser, Android phone software and many of its online properties in an effort to put websites on a diet and cut network data usage. But Google had trouble encouraging rival browser makers to embrace it. Mozilla initially rejected WebP as not offering enough of an improvement over more widely used image formats, JPEG and PNG. It seriously evaluated WebP but chose to try to squeeze more out of JPEG. But now Mozilla -- like Microsoft with its Edge browser earlier this week -- has had a change of heart. "Mozilla is moving forward with implementing support for WebP," the nonprofit organization said. WebP will work in versions of Firefox based on its Gecko browser engine, Firefox for personal computers and Android but not for iOS.

Earlier this year, we heard rumors that Google was working on a game-streaming service. It looks like those rumors were true. From a report: The company today unveiled "Project Stream," and while Google calls this a "technical test" to see how well game streaming to Chrome works, it's clear that this is the foundational technology for a game-streaming service.

To sweeten the pot, Google is launching this test in partnership with Ubisoft and giving a limited number of players free access to Assassin's Creed Odyssey for the duration of the test. You can sign up for the test now; starting on October 5, Google will invite a limited number of participants to play the game for free in Chrome. As Google notes, the team wanted to work with a AAA title because that's obviously far more of a challenge than working with a less graphics-intense game. And for any game-streaming service to be playable, the latency has to be minimal and the graphics can't be worse than on a local machine.

Google is finally turning its attention to Chrome Web Store. On Monday, the company announced a range of big changes that would make the online store more secure for customers. From a report: The first two are happening now: Developers are being subjected to a more rigorous review process, and the Chrome Web Store no longer accepts obfuscated JavaScript files. In a couple of weeks, Chrome users will get the option to restrict host access for their extensions. And in 2019, two more changes will take effect: Chrome Web Store developer accounts will require 2-step verification, and Google will introduce manifest version 3 of the extensions platform.

[...] Effective today, extensions that request powerful permissions will be subject to additional compliance review. Google doesn't offer much detail here, but it does say your extension's permissions should be as narrowly scoped as possible and all your code should be included directly in the extension package to minimize review time. If your extension uses remotely hosted code, Google will also be taking a closer look (and will monitor on an ongoing basis).

Michael Larabel, writing for Phoronix: Apple announced the Magic Trackpad 2 almost three years ago to the day while the mainline Linux kernel will finally be supporting this multi-touch device soon. The Magic Trackpad 2 is a wired/wireless touchpad with haptic feedback support and is a much larger touchpad compared to the original Magic Trackpad. There unfortunately hasn't been any mainline Linux kernel support for the Magic Trackpad 2, but some out-of-tree options. [...] However, as seen by this bug report there have been plenty of people since 2015 interested in using the Magic Trackpad 2 on Linux. Fortunately, Sean O'Brien of Google's Chrome OS team has been working on Magic Trackpad 2 support with a focus on getting it mainlined. The patch, which was also reviewed by other Google/ChromeOS developers, is now up to its third and perhaps final revision.

Google, on the defensive from concerns raised about how Chrome tracks its users, has promised changes to its web browser. From a report: Two complaints in recent days involve how Google stores data about browsing activity in files called cookies and how it syncs personal data across different devices. Google representatives said Monday and Tuesday there's nothing to be worried about but that they'll be changing Chrome nevertheless. "We've heard -- and appreciate -- your feedback from the last few days, and we'll be making some product changes," tweeted Parisa Tabriz, a security team leader at Google. Google added in a blog post Tuesday evening that it will add new options and explanations for its interface and reverse one Chrome cookie-hoarding policy that undermined people's attempts to clear those cookies.

Vivaldi announced Wednesday it has released a major update to its namesake desktop web browser, remaining as one of the rare companies that is still attempting to fight Google's monopoly in the space. Major features in Vivaldi 2.0 include: Syncing browsers across computers:Version 2.0 allows users to sync data, including bookmarks, passwords, autofill information, and history. Vivaldi uses its own servers to store the data, which is all encrypted end-to-end.
Panels: These are expandable, multi-tasking dashboards that can be opened in the sidebar.
Tab management: Additional features are included that allow for better searching through tabs, stacking them, and even renaming them.
History: Offers new ways to track your usage, including generating statistics and a visual history feature. Vivaldi was founded by Jon von Tetzchner, who also co-founded Opera and served as its chief executive for a number of years. Jon has been vocal about what many find unfair tactics employed by Google and Microsoft to aggressively expand the user bases of their respective browsers. Slashdot had a chance to speak with Jon recently: Slashdot: One of the biggest complaints that people have about browsers today is just how much memory they consume. Is it a lost-cause? What is Vivaldi doing to address this?
Jon: This is very true. Browsers can use a lot of memory. We have worked hard to reduce that load. The most important thing we have done there is the lazy loading of tabs. When you have a lot of tabs, you use a lot of memory, but with Vivaldi, we will only load the tabs once you need them. We also have the ability to hibernate background tabs, by right clicking the tab bar, which will free up a lot of memory. Besides this we are always looking at how to make the browser use less memory and be faster. There is a lot of details there, but with the feedback from our users, we continue to improve every single part of the browser.

Slashdot: You are offering a browser, and a web email client and service provider. Is Vivaldi attempting to offer a catalog of services? And if so, what more could we expect from the company in the long-term?
Jon: The focus for us is the browser, but we believe the browser should be able to do more than it does today, so we will continue to expand on the features we offer in the browser. We have been open about the fact that we aim to provide an email client in the browser, but that will come in the future, but we are, as you pointed out, providing the free email service. This is in addition to our free blog, forums and sync service. We feel there is a need for these services, free from ads and free from building of super profiles. Our free webmail service is thus without ads and we do not scan mails, except for spam and viruses. We will continue to add services to support the browser or where we feel a service supplements the browser in a good way.

Slashdot: You have been vocal about some of the tactics Google and Microsoft use to promote their own browsers. Following the news cycle, we don't think things have changed much. What's your view on it?
Jon: No, sadly things have not changed much. Microsoft continues to push their browser in their operating system, at times taking over the default browser as well. They also block competing browsers on their Windows 10S. Google sadly blocks some competing browsers from using their services, even browsers such as Vivaldi, that is based on Chromium. We need to change our identity when visiting many Google services. I guess my feeling is that those large companies should not and should not need to behave this way.

Slashdot: Chrome continues to be a market leader. Firefox, despite some of its recent changes, has lost some of the market. How hard is it for a browser company to survive these days? And why is it important that someone continues to fight back?
Jon: We all know that browser choice is a good thing, even more so than for most other products. The browser is your view into the Internet and we all spend a lot of time there. Healthy competition means product innovation and lower prices (this is not only about the price of the product, but also what you have to give up in other ways, such as your private information). Monopolies tend slow down innovation and also there is a tendency for them to use their position in one market to attack another.
It is not trivial to compete with these large corporations, but it is something we enjoy. We fight for our users and for the future of the Internet. That is definitely something worth fighting for.

Slashdot: Are you folks still working on a mobile browser?
Jon: Indeed we are. We aim to get it out there as soon as we can. We are ramping up the team after then 2.0 release to move faster. Further reading: The Next Web, and VentureBeat.

Catalin Cimpanu, writing for ZDNet: Starting with Chrome 69, whenever a Chrome user would access a Google-owned site, the browser would take that user's Google identity and log the user into the Chrome in-browser account system -- also known as Sync. This system, Sync, allows users to log in with their Google accounts inside Chrome and optionally upload and synchronize local browser data (history, passwords, bookmarks, and other) to Google's servers. Sync has been present in Chrome for years, but until now, the system worked independently from the logged-in state of Google accounts. This allowed users to surf the web while logged into a Google account but not upload any Chrome browsing data to Google's servers, data that may be tied to their accounts.

Now, with the revelations of this new auto-login mechanism, a large number of users are angry that this sneaky modification would allow Google to link that person's traffic to a specific browser and device with a higher degree of accuracy. That criticism proved to be wrong, as Google engineers have clarified on Twitter that this auto-login operation does not start the process of synchronizing local data to Google's servers, which will require a user click. Furthermore, they also revealed that the reason why this mechanism was added was for privacy reasons in the first place. Chrome engineers said the auto-login mechanism was added in the browser because of shared computers/browsers. Well-respected cryptographer Matthew Green was disappointed by the move. In a post, he wrote: [...] In the rest of this post, I'm going to talk about why this matters. From my perspective, this comes down to basically four points:
1. Nobody on the Chrome development team can provide a clear rationale for why this change was necessary, and the explanations they've given don't make any sense.
2. This change has enormous implications for user privacy and trust, and Google seems unable to grapple with this.
3. The change makes a hash out of Google's own privacy policies for Chrome.
4. Google needs to stop treating customer trust like it's a renewable resource, because they're screwing up badly.

Chaim Gartenberg, writing for The Verge: Times Newer Roman, a font from internet marketing firm MSCHF (which you may remember from the Tabagotchi Chrome extension). Times Newer Roman looks a lot like the go-to academic font, but each character is subtly altered to be 5 to 10 percent wider, making your essays look longer without having to actually make them longer. According to Times Newer Roman's website, a 15-page, single-spaced document in 12 point type only requires 5,833 words, compared to 6,680 for the standard Times New Roman. (That's 847 words you don't need to write, which is more than twice the length of this post!)

Google has released a Chrome OS 69 update that introduces a range of new features. From a report: Most notably, there's now support for running Linux apps. You'll need a supported machine (a handful of machines from Acer, ASUS, HP, Lenovo, Samsung and Google itself). Still, this could be more than a little helpful if you want to run a conventional desktop app or command line terminal without switching to another PC or a virtual environment. The new software also adds the long-in-the-making Night Light mode to ease your eyes at the end of the day. Voice dictation is now available in any text field, and there's a fresh Files interface that can access Play files and Team Drives.

An anonymous reader quotes a report from Bloomberg: Tesla is under investigation by the Justice Department over public statements made by the company and Chief Executive Officer Elon Musk. The criminal probe is running alongside a previously reported civil inquiry by securities regulators. Federal prosecutors opened a fraud investigation after Musk tweeted last month that he was contemplating taking Tesla private and had "funding secured" for the deal. The tweet initially sent the company's shares higher. Tesla confirmed it has been contacted by the Justice Department. The investigation by the U.S. attorney's office in the Northern District of California follows a subpoena issued by the Securities and Exchange Commission seeking information from the electric-car maker about Musk's plans to go private, which he has since abandoned. Tesla said in a statement following Bloomberg's report: "Last month, following Elon's announcement that he was considering taking the company private, Tesla received a voluntary request for documents from the DOJ and has been cooperative in responding to it. We have not received a subpoena, a request for testimony, or any other formal process. We respect the DOJ's desire to get information about this and believe that the matter should be quickly resolved as they review the information they have received."

Accelerated Mobile Pages, or AMP, has been a controversial project since its debut. Critics say AMP is a Google-specific project and it is creating a walled-garden, which would only serve Google's best interests. On its part, Google has insisted that AMP's mission is to benefit the open web, and that many who contribute to AMP are non-Googlers. On Tuesday, Google announced that it would be giving up some control of how the code behind AMP is managed. A report adds: It plans to move the AMP Project to a "new governance model," which is to say that decisions about the code will be made by a committee that includes non-Googlers. Until now, final decisions about AMP's code have been made by Malte Ubl, the tech lead for the AMP Project at Google. A model with a single person in charge is not actually all that rare in open source. That person is often cheekily referred to as the BDFL, or "benevolent dictator for life." Ubl's been that person for AMP, but, he writes, "we've found that it doesn't scale to the size of the AMP Project today. Instead, we want to move to a model that explicitly gives a voice to all constituents of the community, including those who cannot contribute code themselves, such as end-users."

[...] Google has already signed up non-Google people for the Advisory Committee, which will include representatives from The Washington Post, AliExpress, eBay, Cloudflare, and Automattic (which makes WordPress). Ubl says that it will also include "advocates for an open web," including "Leonie Watson of The Paciello Group, Nicole Sullivan of Google / Chrome, and Terence Eden." Of course, as anybody who's taken part in a committee knows, it's neither a fun solution nor a guarantee that a single company or person won't dominate it. But it's a step in the right direction, and Google is encouraging people to comment on the plan at the AMP Contributor Summit on September 25th.

Earlier last week, several users with a new Windows 10 build reported that they were seeing a warning when they attempted to install Chrome or Firefox browser. It turns out, Microsoft has listened to the complaints and is reversing course. CNET reports: A new "fast-ring" test version of Windows, Insider Preview Build 17760, no longer interrupts the installation of rival browsers, a CNET test shows. Earlier this week, an earlier test version of Windows would warn people who tried to install the Chrome, Firefox, Opera or Vivaldi web browsers, "You already have Microsoft Edge -- the safer, faster browser for Windows 10." The dialog box presented two options: "Open Microsoft Edge" -- the default -- and "Install anyway." The feature raised some hackles and brought back memories of Microsoft's strong-arm tactics promoting its old Internet Explorer browser in the first browser wars two decades ago. But Microsoft isn't alone in such tactics: Google promotes its Chrome browser as faster and safer to people who visit its own websites with other browsers.

An anonymous reader quotes Digital Trends: With the launch of Chrome 69, Google stunned users last week with a surprising decision to no longer display the "www" and "m" part of the URL in the Chrome search bar, but user backlash forced Google to soften its stance. Google's course reversal, although welcomed by users, is only short term, and the search giant said it will change course once again with the release of the Chrome 70 browser....

Critics have argued that by not displaying the special-case subdomains, it was harder for users to identify sites as legitimate, and the move could lead to more scams on the internet. Others go as far as questioning Google's motives for not displaying the "www" and "m" portion of a web address, and these users speculated that the move may be to disguise Google's AMP -- or Accelerated Mobile Pages -- subdomain to make it indistinguishable for the actual domain....

With the launch of Chrome 70, Google plans on hiding the 'www' portion of a web address inside the search bar, but it will continue to display the 'm' subdomain. "We are not going to elide 'm' in M70 because we found large sites that have a user-controlled 'm' subdomain," Google Chromium product manager Emily Schecter said. "There is more community consensus that sites should not allow the 'www' subdomain to be user controlled."
ZDNet notes that while Chrome's billion-plus users were surprised, "Apple's Safari likewise hides the www and m but it hasn't caused as much concern, likely because of Google's outsized influence over the web and Chrome's dominance of the browser market."

TechRepublic quotes a community feedback post that had argued that "Lying about the hostname to novices and power users alike in the name of simplifying the UI seems imprudent from a security perspective."