Mark Wilson shares a report from BetaNews: Acknowledging that we are now very much in the streaming age, BitTorrent has launched the first version of Torrent Web. The aim of the browser-based tool is to make torrenting as simple as possible and -- most importantly -- support torrent streaming. It remains to be seen how many people are willing to switch from a dedicated app to a browser-based torrenting experience, but the promise that you can "play while you download, no more staring at progress bars" is certainly alluring. Files are streamable near-instantly as they download, but they are also saved locally in the way you're used to. uTorrent Web is available for Chrome, Firefox, Internet Explorer, Microsoft Edge and Opera and the release finds BitTorrent partnering with Adaware to check torrents for signs of malware, and even download torrents without having to visit websites. Warning: the installer includes (optional) bundleware in the form of Adaware Internet Security and the Opera web browser.

An anonymous reader writes: Mozilla today released Firefox 62 for Windows, Mac, Linux, and Android. The release builds on Firefox Quantum, which the company calls "by far the biggest update since Firefox 1.0 in 2004." Version 62 brings variable fonts, automatic dark theme on macOS, and better scrolling on Android. Firefox 62 for the desktop is available for download now on Firefox.com, and all existing users should be able to upgrade to it automatically. As always, the Android version is trickling out slowly on Google Play. The latest iOS version is available on Apple's App Store.

Google first released its Chrome browser 10 years ago today. Marketed as a "fresh take on the browser," Chrome debuted with a web comic from Google to mark the company's first web browser. From a report: It was originally launched as a Windows-only beta app before making its way to Linux and macOS more than a year later in 2009. Chrome debuted at a time when developers and internet users were growing frustrated with Internet Explorer, and Firefox had been steadily building momentum. Google used components from Apple's WebKit rendering engine and Mozilla's Firefox to help bring Chrome to life, and it made all of Chrome's source code available openly as its Chromium project. Chrome focused on web standards and respected HTML5, and it even passed both the Acid1 and Acid2 tests at the time of its release. This was a significant step as Microsoft was struggling to adhere to open web standards with its Internet Explorer browser.

Another significant part of Chrome's first release was the idea of "sandboxing" individual browser tabs so that if one crashed it wouldn't affect the others. This helped improve the speed and stability of Chrome in general, alongside Google's V8 JavaScript engine that the company constantly tweaked to try and push the web forwards. After a decade of Chrome, this browser now dominates as the primary way most people browse the web. Chrome has secured more than 60 percent of browser market share on desktop, and Google's Chrome engineers continue to improve it with new features and push the latest web standards. To mark the milestone, Google said it would make a surprise announcement on Tuesday -- some improvements coming to Chrome.

Mozilla announced today plans to remove all Firefox legacy add-ons from the official Mozilla add-ons portal in early October. From a report: The move comes after Mozilla updated the Firefox core to use a new add-ons system based on the Chrome-compatible WebExtensions API. This new add-ons API replaced Firefox's old XUL-based add-ons API in November 2017, with the release of Firefox 57. All Firefox legacy add-ons stopped working in Firefox 57, but Mozilla continued to support them in the Firefox Extended Support Release (ESR) 52 branch. Support for Firefox ESR 52 will end on September 5, in two weeks, meaning there won't be any official Firefox version that supports legacy add-ons anymore.

Long-time Slashdot reader tdailey spotted a new version of Pale Moon, a customised version of Firefox optimized for speed and efficiency. Beta News reports it's the first major update since November of 2016:

There are virtually no visual or obvious changes in this new major build, but the under-the-hood changes are both extensive and necessary.... Despite all the updates, Moonchild is keen to stress certain things haven't changed -- unlike Firefox, for example, Pale Moon continues to support NPAPI plugins, complete themes and a fully customizable user interface. There is also no DRM built into the browser, although third-party plugins such as Silverlight are supported. It will also continue to work with certain "legacy" plugins of the type abandoned by Firefox.
Pale Moon strips out what one reviewer calls "little-used components" of Firefox, including parental controls and accessbility features, as well as crash reports and support for Internet Explorer's ActiveX and ActiveX scripting technology.

"Proving that open source leads to great development, Pale Moon takes the already decent Firefox web browser and makes it even better and a faster."

An anonymous reader writes: Mozilla has removed 23 Firefox add-ons from its add-on store that snooped on users and sent data to remote servers, a Mozilla engineer told Bleeping Computer Friday. The list of blocked add-ons includes "Web Security," a security-centric Firefox add-on with over 220,000 users, which was at the center of a controversy this week after it was caught sending users' browsing histories to a server located in Germany. "The mentioned add-on has been taken down, together with others after I conducted a thorough audit of [the] add-ons," Rob Wu, a Mozilla Browser Engineer and Add-on review, told Bleeping Computer via email. "These add-ons are no longer available at AMO and [have been] disabled in the browsers of users who installed them," Wu said.

The encryption that protects your browser's connection to websites is getting a notch faster and a notch safer to use. From a report: That's because the Internet Engineering Task Force (IETF) on Friday finished a years-long process of modernizing the technology used to secure website communications. You may never have heard of Transport Layer Security -- TLS for short -- but version 1.3 is now complete and headed to websites, browsers and other parts of the internet that rely on its security. "Publishing TLS 1.3 is a huge accomplishment. It is one the best recent examples of how it is possible to take 20 years of deployed legacy code and change it on the fly, resulting in a better internet for everyone," said Nick Sullivan, head of cryptography for Cloudflare, which helps customers distribute their websites and other content around the world, in a blog post.

TLS 1.3 brings some significant improvements over TLS 1.2, which was finished 10 years ago. Perhaps first on the list is that it'll mean websites load faster. Setting up an encrypted connection on the web historically has caused delays since your browser and the website server must send information back and forth in a process called a handshake. The slower your broadband or the more congested your mobile network is, the more you'll notice these delays. Firefox and Chrome already support a draft version of TLS 1.3.

Google has removed the open-source Ahoy! extension from the Chrome store with little explanation. The tool facilitated access to more than 1,700 blocked sites in Portugal by routing traffic through its own proxies. TorrentFreak reports: After servicing 100,000 users last December, Ahoy! grew to almost 185,000 users this year. However, progress and indeed the project itself is now under threat after arbitrary action by Google. "Google decided to remove us from Chrome's Web Store without any justification," team member Henrique Mouta informs TF. "We always make sure our code is high quality, secure and 100% free (as in beer and as in freedom). All the source code is open source. And we're pretty sure we never broke any of the Google's marketplace rules."

Henrique says he's tried to reach out to Google but finding someone to help has proven impossible. Even re-submitting Ahoy! to Google from scratch hasn't helped the situation. "I tried and resubmitted the plugin but it was refused after a few hours and without any justification," Henrique says. "Google never reached us or notified us about the removal from Chrome Web Store. We never got a single email justifying what happened, why have we been removed from the store, or/and what are we breaching and how can we fix it." TorrentFreak reached out to Google asking why this anti-censorship tool has been removed from its Chrome store. Despite multiple requests, the search giant failed to respond to us or the Ahoy! team. Thankfully, the Ahoy! extension is still available on Firefox.

Mozilla on Tuesday began testing a Firefox extension that shows you its best guesses for what you want to see on the web. From a report: The Advance web extension is available for anyone from today and can analyze content on current active web pages to recommend related tidbits you may want to "read next" from other websites. It will also surface recommendations based on your recent browsing history in a "for you" section. With the extension installed, you just browse the web as you normally would and the little sidebar will show things that are relevant to what you've been looking at. The extension is powered by Laserlike, a VC-funded, machine learning-powered "interest search engine" that delivers personalized content. As such, Laserlike will receive users' browsing history -- something Mozilla wants people to understand before they install the extension. But the company has also built in some tools to boost control and data transparency.

With their next patch Mozilla will introduce two new features to their Firefox browser they call "DNS over HTTPs" (DoH) and Trusted Recursive Resolver (TRR). Mozilla says this is an additional feature which enables security. Researchers think otherwise. From a report: So let's get to the new Firefox feature called "Trusted Recursive Resolver" (TRR). When Mozilla turns this on by default, the DNS changes you configured in your network won't have any effect anymore. At least for browsing with Firefox, because Mozilla has partnered up with Cloudflare, and will resolve the domain names from the application itself via a DNS server from Cloudflare based in the United States. Cloudflare will then be able to read everyone's DNS requests.

From our point of view, us being security geeks, advertising this feature with slogans like "increases security" is rather misleading because in many cases the opposite is the case. While it is true that with TRR you may not expose the websites you call to a random DNS server in an untrustworthy network you don't know, it is not true that this increases security in general. It is true when you are somewhere in a network you don't know, i. e. a public WiFi network, you could automatically use the DNS server configured by the network. This could cause a security issue, because that unknown DNS server might have been compromised. In the worst case it could lead you to a phishing site pretending to be the website of your bank: as soon as you enter your personal banking information, it will be sent straight to the attackers.

But on the other hand Mozilla withholds that using their Trusted Recursive Resolver would cause a security issue in the first place for users who are indeed in a trustworthy network where they know their resolvers, or use the ISP's default one. Because sharing data or information with any third party, which is Cloudflare in this case, is a security issue itself.

Google Maps has been updated to present you with a 3D globe of the planet when you zoom out. Previously, Maps would have shown you a flat map of the world. An anonymous Slashdot reader shares a report from VentureBeat: About two weeks ago, however, Google quietly rolled out (hehe) a change so that the service now presents you with a 3D globe. You can manipulate the globe as you'd expect -- spin it, zoom in, and zoom back out. Google Earth, watch out -- Google Maps is coming for you. Globe mode only works on desktop, but all major browsers are supported, we're told. We tested it on Chrome, Firefox, and Edge -- they all showed the globe just fine. This is all thanks to WebGL.

An anonymous reader writes: Mozilla is rebranding Firefox. The company is asking for feedback on the new look, which will try to cover the various Firefox offerings. For most people, Firefox refers to a browser, but the company wants the brand to encompass all the various apps and services that the Firefox family of internet products cover, "from easy screenshotting and file sharing to innovative ways to access the internet using voice and virtual reality." The fox with a flaming tail "doesn't offer enough design tools to represent this entire product family," Mozilla believes.

An anonymous reader writes: "The Mozilla Foundation, the organization behind the Firefox browser, is working on adding a new feature to its browser that is similar to the Site Isolation feature that Google rolled out to Chrome users this year," reports Bleeping Computer. "[Chrome's] Site Isolation works by opening a new browser process for any domain/site the user loads in a tab." The feature has been recently rolled out to 99% of the Chrome userbase. "But Chrome won't be the only browser with Site Isolation," adds Bleeping Computer. "Work on a similar feature also began at Mozilla headquarters back in April, in a plan dubbed Project Fission." Mozilla engineers say that before rolling out Project Fission (Site Isolation), they need to optimize Firefox's memory usage first. Work has now started on shaving off 7MB of RAM from each Firefox content process in order to bring down per-process RAM usage to around 10MB, a limit Mozilla deems sustainable for rolling out Site Isolation.

An anonymous reader shares a report: Mozilla engineers are preparing to remove one of the Firefox browser's oldest features -- its built-in support for RSS and Atom feeds, and inherently, the "Live Bookmarks" feature. All Firefox users are probably well accustomed to this feature, albeit not many have ever used it. This feature powers the browser's ability to detect when users are accessing an RSS/Atom feed and then show a special page that lets them subscribe to the feed with a custom feed reader or the browser's built-in "Live Bookmarks" feature. [...] In a recent discussion on the company's bug tracker, Mozilla engineers said they plan to remove feed support sometime later this year, with the release of Firefox 63 or Firefox 64 --scheduled for October and December, respectively.

Catalin Cimpanu, writing for Bleeping Computer: An investigation by AdGuard has revealed a common link between several Chrome and Firefox extensions and Android and iOS apps that were caught collecting highly personal user data through various shady tactics. The common link between all extensions and mobile apps is a company named Big Star Labs. AdGuard estimates these apps had been installed on around 11 million devices.

Usama Jawad, writing for Neowin: Early last year, YouTube received a design refresh with Google's own Polymer library which enabled "quicker feature development" for the platform. Now, a Mozilla executive is claiming that Google has made YouTube slower on Edge and Firefox by using this framework. In a thread on Twitter, Mozilla's Technical Program Manager has stated that YouTube's Polymer redesign relies heavily on the deprecated Shadow DOM v0 API, which is only available in Chrome. This in turn makes the site around five times slower on competing browsers such as Microsoft Edge and Mozilla Firefox. Further reading: Safari Users Unable to Play Newer 4K Video On YouTube in Native Resolution.

Mozilla's latest Nightly builds for Firefox now include an option to mute autoplaying audio. The feature was recently added to the Chrome browser, but Mozilla's update offers a few more options. According to Engadget, "You can turn the feature off entirely, force it to ask for permission, and make exceptions for specific sites." Keep in mind that these are nightly releases, so you will most likely run into some bugs. The "polished version" is likely weeks away.

An anonymous reader quotes VentureBeat: It's been more than 20 months since our last browser benchmark battle, and we really wanted to avoid letting two years elapse before getting a fresh set of a results. Google Chrome, Mozilla Firefox, and Microsoft Edge have all improved significantly over the past year and a half, and as I've argued before, the browser wars are back. You can click on the individual test to see the results:

SunSpider: Edge wins!
Octane: Chrome wins!
Kraken: Firefox wins!
JetStream: Edge wins!
MotionMark: Edge wins!
Speedometer: Chrome wins!
BaseMark: Chrome wins!
WebXPRT: Firefox wins!
HTML5Test: Chrome wins!

Chrome looks to be ahead of the pack according to these tests. That said, browser performance was solid across all three contestants, and it shouldn't be your only consideration when picking your preferred app for consuming internet content.
Chrome wins in four tests, beating Edge's three wins, and Firefox's two wins.

Security researchers have discovered a new malicious campaign that utilizes stolen D-Link certificates to sign malware. From a report: A lesser-known cyber-espionage group known as BlackTech was caught earlier this month using a stolen D-Link certificate to sign malware deployed in a recent campaign. "The exact same certificate had been used to sign [official] D-Link software; therefore, the certificate was likely stolen," says Anton Cherepanov, a security researcher for Slovak antivirus company ESET, and the one who discovered the stolen cert. Cherepanov says BlackTech operators used the stolen cert to sign two malware payloads -- the first is the PLEAD backdoor, while the second is a nondescript password stealer. According to a 2017 Trend Micro report, the BlackTech group has used the PLEAD malware in the past. Just like in previous attacks, the group's targets for these most recent attacks were again located in East Asia, particularly in Taiwan. The password stealer isn't anything special, being capable of extracting passwords from only four apps -- Internet Explorer, Google Chrome, Mozilla Firefox, and Microsoft Outlook.

Web monoculture is well and truly alive when Google cannot be bothered to make a full-featured cross-browser mobile search page. From a report: It has been over five years since Firefox really turned a corner and started to morph from its bloated memory-munching ways into the lightning-quick browser it is today. Buried in Mozilla's issue tracker is a bug that kicked off in February 2014, and is yet to be resolved: Have Google treat Firefox for Android as a first-class citizen and serve up comparable content to what the search giant hands Chrome and Safari. After years of requests, meetings, and to and fro, it has hit a point where the developers of Firefox are experimenting by manipulating the user agent string in its nightly development builds to trick Google into thinking that Firefox Mobile is a Chrome browser. Not only does Google's search page degrade for Firefox on Android, but some new properties like Google Flights have occasionally taken to outright blocking of the browser.