An anonymous reader quotes an associate technology editor at Fast Company's Co.Design: While the amount of data about me may not have caused harm in my life yet -- as far as I know -- I don't want to be the victim of monopolistic internet oligarchs as they continue to cash in on surveillance-based business models. What's a concerned citizen of the internet to do? Here's one no-brainer: Stop using Chrome and switch to Firefox... [W]hy should I continue to use the company's browser, which acts as literally the window through which I experience much of the internet, when its incentives -- to learn a lot about me so it can sell advertisements -- don't align with mine....?

Unlike Chrome, Firefox is run by Mozilla, a nonprofit organization that advocates for a "healthy" internet. Its mission is to help build an internet in an open-source manner that's accessible to everyone -- and where privacy and security are built in. Contrast that to Chrome's privacy policy, which states that it stores your browsing data locally unless you are signed in to your Google account, which enables the browser to send that information back to Google. The policy also states that Chrome allows third-party websites to access your IP address and any information that site has tracked using cookies. If you care about privacy at all, you should ditch the browser that supports a company using data to sell advertisements and enabling other companies to track your online movements for one that does not use your data at all.... Firefox protects you from being tracked by advertising networks across websites, which has the lovely side effect of making sites load faster...

Ultimately, Firefox's designers have the leeway to make these privacy-first decisions because Mozilla's motivations are fundamentally different from Google's. Mozilla is a nonprofit with a mission, and Google is a for-profit corporation with an advertising-based business model.. While Firefox and Chrome ultimately perform the same service, the browsers' developers approached their design in a radically different way because one organization has to serve a bottom line, and the other doesn't.
The article points out that ironically, Mozilla supports its developers partly with revenue from Google, which (along with other search engines) pays to be listed as one of the search engines available in Firefox's search bar.

"But because it relies on these agreements rather than gathering user data so it can sell advertisements, the Mozilla Corporation has a fundamentally different business model than Google."

Google has quietly crept out of the tablet business, removing the "tablets" heading from its Android page. It was there yesterday, but it's gone today. TechCrunch reports: Google in particular has struggled to make Android a convincing alternative to iOS in the tablet realm, and with this move has clearly indicated its preference for the Chrome OS side of things, where it has inherited the questionable (but lucrative) legacy of netbooks. They've also been working on broadening Android compatibility with that OS. So it shouldn't come as much surprise that the company is bowing out.

Sales have dropped considerably, since few people see any reason to upgrade a device that was originally sold for its simplicity and ease of use, not its specs. Google's exit doesn't mean Android tablets are done for, of course. They'll still get made, primarily by Samsung, Amazon and a couple of others, and there will probably even be some nice ones. But if Google isn't selling them, it probably isn't prioritizing them as far as features and support. Android Police was first to break the news.

An anonymous reader shares a report: Google released earlier today Chrome 67, the latest stable release of its web browser. According to changelogs released with Chrome 67, this version adds support for a Generic Sensors API, improves AR and VR experiences, and deprecates the HTTP-Based Public Key Pinning (HPKP) security feature. Probably the biggest change in Chrome 67 is the addition of the Generic Sensors API. As the name implies, this is an API that exposes data from device sensors to public websites. The new API is based on the Generic Sensor W3C standard. This API is meant primarily for mobile use, and in its current version, websites can use Chrome's Generic Sensors API to access data from a device's accelerometer, gyroscope, orientation and motion sensors. Another API that shipped with Chrome is the WebXR Device API. Developers can use this API to build virtual and augmented reality experiences on Chrome for mobile-based VR headsets like Google Daydream View and Samsung Gear VR, as well as desktop-hosted headsets like Oculus Rift, HTC Vive, and Windows Mixed Reality Headsets.

Unknown third parties appear to be exploiting the Chrome Store's 'theme' section to offer visitors access to a wide range of pirate movies including "Black Panther", "Avengers: Infinity War" and "Rampage." From a report: When clicking through to the page offering Ready Player One, for example, users are presented with a theme that apparently allows them to watch the movie online in "Full HD Online 4k." Of course, the whole scheme is a dubious scam which eventually leads users to Vioos dot co, a platform that tries very hard to give the impression of being a pirate streaming portal but actually provides nothing of use. In fact, as soon as one clicks the play button on movies appearing on Vioos dot co, visitors are re-directed to another site called Zumastar which asks people to "create a free account" to "access unlimited downloads and streaming." Google services have a history of being exploited.

The latest installment of Microsoft's browser battery challenge shows once again that Edge consumes less energy than Chrome and Firefox. From a report: With the Windows 10 April 2018 Update rolling out across the globe, Microsoft thinks it's once again time to square Edge up against Chrome and Firefox in a new battery-life test. Microsoft's browser experiment shows a time-lapse of "three identical devices, three different browsers, streaming one video." Firefox, Edge, and Chrome play what appears to be a Netflix video on three Surface Books. As usual, the Edge device lasts the longest, depleting the battery after 14 hours and 20 minutes. The Chrome device lasted 12 hours and 32 minutes, while the Firefox laptop ran out of steam after just seven hours and 15 minutes.

An anonymous reader quotes a report from The Verge: Microsoft and Google are jointly disclosing a new CPU security vulnerability that's similar to the Meltdown and Spectre flaws that were revealed earlier this year. Labelled Speculative Store Bypass (variant 4), the latest vulnerability is a similar exploit to Spectre and exploits speculative execution that modern CPUs use. Browsers like Safari, Edge, and Chrome were all patched for Meltdown earlier this year, and Intel says "these mitigations are also applicable to variant 4 and available for consumers to use today." However, unlike Meltdown (and more similar to Spectre) this new vulnerability will also include firmware updates for CPUs that could affect performance. Intel has already delivered microcode updates for Speculative Store Bypass in beta form to OEMs, and the company expects them to be more broadly available in the coming weeks. The firmware updates will set the Speculative Store Bypass protection to off-by-default, ensuring that most people won't see negative performance impacts.

"If enabled, we've observed a performance impact of approximately 2-8 percent based on overall scores for benchmarks like SYSmark 2014 SE and SPEC integer rate on client 1 and server 2 test systems," explains Leslie Culbertson, Intel's security chief. As a result, end users (and particularly system administrators) will have to pick between security or optimal performance. The choice, like previous variants of Spectre, will come down to individual systems and servers, and the fact that this new variant appears to be less of a risk than the CPU flaws that were discovered earlier this year.

The popular Gboard keyboard app for iOS and Android devices has a fundamental flaw. According Reddit user SurroundedByMachines, the red underline has stopped appearing for incorrectly spelled words since November of last year -- and it doesn't appear to be limited to any one device. Issues with the spell checker have been reported on multiple devices across Android and iOS. A simple Google search brings up several different threads where people have reported issues with the feature.

What's more is that nobody at Google seems to get the memo. The Reddit user who first brought this to our attention filed several bug reports, left a review, and joined the beta channel to leave feedback there, yet no response was given. "Many people have been having the issue, and it's even been escalated to the community manager," writes SurroundedByMachines. Since the app has over 500 million downloads on the Play Store alone, this issue could be frustrating a lot of users, especially those who use their phones to send work emails or write documents. Have you noticed Gboard's broken spell checker on your device? If so, you may want to look into another third-party keyboard, such as SwiftKey or Cheetah Keyboard.

Google announced Thursday it plans to drop the "Secure" indicator from the Chrome URL address bar -- starting with Chrome v68, set for release in July -- and only show a lock icon when the user is navigating to an HTTPS-secured website. From a report: The move is scheduled to take effect with the release of Chrome 69, scheduled for September, this year. Emily Schechter, Product Manager for Chrome Security, said the company is now comfortable making this move as a large chunk of Chrome's traffic is now via HTTPS. Since most traffic is HTTPS anyway, it's not necessary to draw the user's attention to the "Secure" indicator anymore.

Google this week rolled out an update to Chrome to patch a bug that had rendered millions of web-based games useless. From a report: The bug was introduced in mid-April when Google launched Chrome 66. One of this release's features was its ability to block web pages with auto-playing audio. [...] Not all games were affected the same. For some HTML5 games, users could re-enable audio by interacting with the game's canvas via a click-to-play interaction. Unfortunately, older games and those that weren't coded with such policy remained irrevocably broken, no matter what Chrome options users tried to modify in their settings sections. [...] With today's release of Chrome for Desktop v66.0.3359.181, Google has now fixed this issue, but only temporarily. John Pallett, a product manager at Google, admitted that Google "didn't do a good job of communicating the impact of the new autoplay policy to developers using the Web Audio API." He said, for this reason, the current version of Chrome, v66, will no longer automatically mute Web Audio objects.

Currently, you can head to the "History and Privacy" settings in YouTube and toggle on the options to pause watch and search history if you don't want the site to track your searches and watched videos, but that can be a bit complicated each time you want to search for something weird. According to Android Police, "YouTube will make it a little easier to go into incognito without digging into many settings and without having to disable it later." A new "Incognito Mode" will appear when you tap your account avatar in the top right of the app. From the report: With "Incognito Mode" on, all your activity from the current session is not saved and subscriptions are hidden too. It's as if you were signed out without being so, and there's a neat incognito icon replacing your avatar. If you turn off Incognito or become inactive on YouTube, you'll be back to using your own account.

Browser makers are working on a new W3C API that will standardize Picture-in-Picture (PiP) mode and allow websites to show a floating video popup outside the browser window itself. From a report: In the past, picture-in-picture has only been supported inside a web page's canvas as a floating window that only appeared inside the current website, as the user scrolled up and down the page. Some platforms added support for a picture-in-picture mode, but those were OS-specific APIs that worked with all sorts of video apps, not just browsers. Now, the Web Platform Incubator Community Group (WICG) at the World Wide Web Consortium (W3C), has released details about a browser-specific API for standardizing picture-in-picture interactions that allow websites to open an external "floating video" popup outside the browser window itself. [...] Chrome and Safari have already shipped out the new Picture-in-Picture API.

An anonymous reader quotes Ars Technica: Criminals infected more than 100,000 computers with browser extensions that stole login credentials, surreptitiously mined cryptocurrencies, and engaged in click fraud. The malicious extensions were hosted in Google's official Chrome Web Store. The scam was active since at least March with seven malicious extensions known so far, researchers with security firm Radware reported Thursday. Google's security team removed five of the extensions on its own and removed two more after Radware reported them. In all, the malicious add-ons infected more than 100,000 users, at least one inside a "well-protected network" of an unnamed global manufacturing firm, Radware said...

The extensions were being pushed in links sent over Facebook that led people to a fake YouTube page that asked for an extension to be installed. Once installed, the extensions executed JavaScript that made the computers part of a botnet. The botnet stole Facebook and Instagram credentials and collected details from a victim's Facebook account. The botnet then used that pilfered information to send links to friends of the infected person. Those links pushed the same malicious extensions. If any of those friends followed the link, the whole infection process started all over again. The botnet also installed cryptocurrency miners that mined the monero, bytecoin, and electroneum digital coins.

An anonymous reader quotes a report from Ars Technica: An update Google rolled out for its popular Chrome browser this weekend helps prevent those annoying auto-playing video ads on many websites from disturbing your day with unwanted sound as well. But that update is causing consternation for many Web-based game developers who are finding that the change completely breaks the audio in their online work. The technical details behind the problem involve the way Chrome handles WebAudio objects, which are now automatically paused when a webpage starts up, stymying auto-playing ads. To get around this, Web-based games now have to actively restart that pre-loaded audio object when the player makes an action to start the game, even if that audio wasn't autoplaying beforehand. "The standard doesn't require you to do this, so no one would have thought to do this before today," developer Andi McClure told Ars Technica. "With Chrome's new autoplay policies, developers shouldn't assume that audio can be played before a user gesture," Google told The Daily Dot in a statement. "With gaming in Chrome, this may affect Web Audio. We have shared details on what developers can do to address this, and the design for the policy was published last year."

Google today announced Chrome OS is getting Linux support. "As a result, Chromebooks will soon be able to run Linux apps and execute Linux commands," reports VentureBeat. "A preview of Linux on the Pixelbook will be released first, with support for more devices coming soon." From the report: "Just go to wherever you normally get those apps, whether it's on the websites or through apt-get in the Linux terminal, and seamless get those apps like any other Linux distribution," Chrome OS director of product management Kan Liu told VentureBeat.

Support for Linux apps means developers will finally be able to use a Google device to develop for Google's platforms, rather than having to depend on Windows, Mac, or Linux machines. And because Chrome OS doesn't just run Chrome OS-specific apps anymore, developers will be able to create, test, and run any Android or web app for phones, tablets, and laptops all on their Chromebooks. Without having to switch devices, you can run your favorite IDE -- as long as there is a Debian Linux version (for the curious, Google is specifically using Debian Stretch here -- code in your favorite language and launch projects to Google Cloud with the command line.

When Google released Chrome 66 just over two weeks ago, it received lots of attention and praise for introducing the ability to mute autoplaying videos with sound until you press play. Today, Chrome product manager John Pallett revealed that "the new policy blocks about half of unwanted autoplays." VentureBeat reports: Pallett also shared that "a significant number" of autoplays are paused, muted, or have their tab closed within six seconds by Chrome users. He didn't say how many exactly, as the number varies significantly from site to site. But that shouldn't surprise anyone, given how much work Google put into this latest feature. Chrome decides which autoplaying content to stop in its tracks by learning your preferences and ranking each website according to your past behavior. If you don't have browsing history with a site, Chrome allows autoplay for over 1,000 sites where Google says the highest percentage of visitors play media with sound (sites where media is the main point of visiting the site). As you browse the web, Chrome updates that list by enabling autoplay on sites where you play media with sound during most of your visits, and disables it on sites where you don't.

Several users who have updated their computers to Windows 10 April 2018 Update are reporting that Chrome is freezing their machines. From a report: I have now used the April 2018 Update for nearly 24 hours and the same problem has presented itself no less than five times. For a machine - which was working perfectly prior to the update - with a Core i7 CPU, 16GB of RAM, and a 512GB SSD, I naturally resorted to Reddit and Microsoft forum threads to see if others were experiencing the issue. It appears that several users on Reddit (spotted by Softpedia) with machines sporting varying configurations are experiencing the problem as well, and the only fix to it is the one I found too; that is, putting the laptop to sleep using the power button or closing the lid.

Starting today, Google Chrome will show a full-page warning whenever users are accessing an HTTPS website that's using an SSL certificate that has not been logged in a public Certificate Transparency (CT) log. From a report: By doing so, Chrome becomes the first browser to implement support for the Certificate Transparency Log Policy. Other browser makers have also agreed to support this mechanism in the future, albeit they have not provided more details. This new policy was first proposed by Google engineers in 2016, and was scheduled to enter into effect in October 2017, but was later delayed for 2018.

Remember that popular browser extension that let you sync your bookmarks on multiple devices? Launched in 2006 by Foxmarks (a company created by EFF co-founder Mitch Kapor), it was saved from death in 2010 when it was acquired by the password-management service LastPass. But now BetaNews reports: If you're a user of Xmarks, there's some bad news for you -- the service is closing down... The bookmark syncing tool, which is available as an addon for Chrome, Firefox, Internet Explorer and Safari, is to be shuttered on May 1... Emails have also been sent out to registered users notifying them of the impending closure.

"On May 1, 2018, we will be shutting down Xmarks... After this date, your bookmarks should remain available in any previously accessed browser, but they will no longer sync and your Xmarks account will be deactivated... After careful consideration and evaluation, we have decided to discontinue the Xmarks solution so that we can continue to focus on offering the best possible password vaulting to our community."
It was apparently especially popular with long-time Slashdot reader vm, who writes "I have held on to my Xmarks account over the years because I can always get to them despite changes in operating systems, browsers, employers, etc.

"What do other folks use that may also have a mobile option?"

Catalin Cimpanu, writing for BleepingComputer: Google engineers have rolled out a new Chrome user interface (UI). Work on the new Refresh UI has been underway since last year, Bleeping Computer has learned. The new UI is in early testing stages, and only available via the Google Chrome Canary distribution, a version of the Chrome browser used as a testing playground. Users who are interested in giving the new UI a spin must install Chrome Canary, and then access chrome://flags, a section that contains various experimental options not included in Chrome's default settings section.