Google Chrome is a fast moving name in the web browser world now. It is undoubtedly the best web browser around and with the Google backing; it has made a reputed position for itself. The development cycle has undergone a considerable change and Chrome has attracted bug fix bounty hunters just like Firefox. In short, Google Chrome is on a perfect roadmap.
Keeping up with this, Google Chrome has moved to the next version with the release of a development version of Google Chrome 7, named 7.0.497.0. A test version of this is available already and the dev channel version is scheduled to arrive this week.
The settings and the look and feel of version 7 is the same as that of Chrome 6 till now. However, expected features like the support for web applications and the Chrome store are missing as well! They are scheduled to arrive later in September this year.
Google recently fixed ten security bugs in Chrome and spiced up the process with bounties amounting to a total of ten thousand dollars.
With the chrome web store coming in October and web-application support coming in September, Chrome has a busy year ahead of itself.
What do you think of the new version of Google Chrome? Try it out and do let us know.
Web browser manufacturers are taking the cue from Google and offshoring the tedious task of finding critical bugs and vulnerabilities to the users and enthusiasts. This simple yet effective method is called crowdsourcing. To make things hotter, they have included a reward system according to which, the user finding the bug is awarded a handsome sum of money.
Recently, Mozilla Firefox raised the bounty amount to $3000 and Google had to get the better of Mozilla. Therefore, it increased the maximum bounty for Chrome vulnerabilities to $3133.70 last month.
Ten bugs were fixed. However, none of the bug fixes received the top bounty from Google, which amounts at $3133.70. Google only gave away a total valuation of $10K of rewards.
The security update was released for Chrome 5.0.375.125. While one of the bugs allowed revealing passwords or spoofing the address bar content, another bug allowed hacks through malicious files.
As Gregg Keizer at Computerworld says,
Sergey Glazunov banked $4,674 for reporting four bugs, including the previous maximum $1,337 each for two of the quartet. A researcher known as “kuzzcc,” who has also reported flaws in Opera to that browser‘s Norwegian maker, took home $2,000 for uncovering a pair of Chrome vulnerabilities.
This is a record update from Google, as it has never given away such a huge amount in overall bounties at the same time. Get Google Chrome version 5.0.375.125 and other versions from here.
Google Chrome dev version has been updated to 6.0.490.1 and this version now has out-of-the-box Apps support and also adds a new feature called Click-to-play which is similar to a Flash blocker and can be used to block content served by browser plugins like Flash, Shockwave etc.
Google Chrome dev build users (and future stable users), here is some good news for you. The latest dev build of Google Chrome now includes an integrated Plugin blocker in the form of Click-to-play, which can block Flash content and content served by other plugins used by Google Chrome.
Click-to-play is a really welcome feature since it will allow you to control what content is shown in the browser and block content on a plugin to plugin basis. To enable the Click-to-play feature in Google Chrome, just add the "–enable-click-to-play" command line switch to the Chrome shortcut.
Once you do that, you will be able to block plugin content by visiting "Options -> Under the Hood" and clicking on the "Content Settings" button.
Once you do that, click on the "Plug-ins" tab and select the radio button next to "Do not allow any site to use plug-ins" and save the settings. You can also disable individual plug-ins by clicking on the link. The plugin page is also accessible via chrome://plugins/.
Once you save the settings all plugin related content will be blocked, however, you can view or run the plugin content by clicking on the Run plug-in this time placeholder link.
The latest dev build has also enabled Out-of-the-box Apps support for Google Chrome. Users who upgraded to this version will now see apps above the most visited website on opening a new tab. There were also other bug fixes which you can view here.
Google Chrome 6.0.490.1 has been released for Windows, Mac and Linux based PCs.
Mozilla has just released the third beta release of Firefox 4.0. As discussed in our earlier posts, Firefox 4.0 is a major stepup for the popular open source browser. It introduces a host of new features like WebM video support and improved Windows 7 integration, besides featuring a completely revamped skin.
The latest beta adds touch support on Windows 7. This is a big deal as Windows 7 is expected to be used in several upcoming tablet devices. Firefox 4 now supports multi-touch gestures, which can also be leveraged by touchscreen optimised web applications.
[ Download Firefox 4.0 Beta 3 for Windows, Mac and Linux]
As a designer or website developer, you would want to try and vary the fonts you use on a webpage to get the best typography for it, however, doing this through CSS could take a little effort.
Google Font API Tester is a Google Chrome extension which will allow you to test the fonts made available through Google Font Directory on any website without having to make any physical changes to the code.
Techie Buzz Verdict
The Google Font API Tester Google Chrome extension is a pretty neat extension which will save developers and designers some work when they want to make use of fonts from the Google Font Directory, however, this extension is not useful for testing other fonts.
My advise to the developer would be to extend this extension and allow users to somehow also use other popular fonts currently being used on websites, that way it could be used by people who want to test websites with fonts like Arial, Verdana and so on without having to make physical changes to the code.
Techie Buzz Rating: 3/5
Downloads for this post – Download Google Font API Tester
Web designers and developers have a constant need to find out image sizes and even though there are a number of browser extensions that let you measure pixels on a web page, however, they all require multiple steps. On the other hand, ImageResolution is a Chrome extension that lets you find the size of an image by simply placing your mouse over it.
As soon as you hover your mouse on any image, whether its a thumbnail or a full-size image, the extension immediately displays its size on the top right corner of the browser. No buttons to click and no lines to draw. Just a dead simple functionality with a no-hassle interface.
You can also change the font size and background color of the display by changing the options. It is a must-have extensions for anybody who constantly work with images. The upcoming version of the extension will also add a feature to allow users to quickly view the weight (KB) of any image by just placing your mouse over it.
Download ImageResolution for Chrome here.
Google Chrome has announced that it will release two major versions every three months now unlike the earlier one every three months. The Chrome blog announces this saying,
Running under ideal conditions, we will be looking to release a new stable version about once every six weeks, roughly twice as often as we do today.
So why the change? We have three fundamental goals in reducing the cycle time:
- Shorten the release cycle and still get great features in front of users when they are ready
- Make the schedule more predictable and easier to scope
- Reduce the pressure on engineering to makea release
However, they are holding up the words “under ideal conditions” strongly and have mentioned again that,
when we faced a deadline with an incomplete feature, we had three options, all undesirable: (1) Engineers had to rush or work overtime to complete the feature by the deadline, (2) We delayed the release to complete that feature (which affected other un-related features), or (3) The feature was disabled and had to wait approximately 3 months for the next release. With the new schedule, if a given feature is not complete, it will simply ride on the the next release train when it’s ready. Since those trains come quickly and regularly (every six weeks), there is less stress.
Thus, a lot of load will be taken off the engineers and the time window of six
months weeks will give developers ample time to work on any incomplete feature. In addition, with every new release, the software version will increase as 6.0, 7.0, 8.0 and so on. This marks a continuous development of Google Chrome and clearly indicates how seriously Google is taking the web-browser market.
In a surprising move, Dell has launched its own web browser. Even though the browser market is already fiercely competitive, its obvious that a lot of people still believe that there is still room for niche browsers. The new browser, which is called Dell KACE Secure Browser, is based on Firefox.
The standout feature of Secure Browser is sandboxing. It utilizes KACE’s Virtual Kontainer to provide a secure browsing environment. In other words, the browser runs in its own separate compartment which is completely insulated from the rest of the system. As a result, even if you pick up malwares while browsing, your system won’t get infected. As far as the virtual environment is concerned, you can clean it up by simply using the reset functionality.
The Secure Browser is probably the bulkiest browser in the market. The installer itself takes up more than seventy megabytes! Even more annoyingly, the Secure Browser can’t be installed if you don’t uninstall Firefox. It’s hard to imagine too many people adopting this browser. However, that probably doesn’t matter to Dell. In all likelihood, we will soon see Secure Browser being preinstalled on Dell systems powered by Windows.
[ Download Dell KACE Secure Browser ]
Next week, the Black Hat Security Conference is scheduled to take place at Las Vegas. Undoubtedly, hackers attending the event are getting ready with their proof of concepts and exploits. In fact, one security analyst is already making the headlines for discovering security holes in Firefox, Internet Explorer, Chrome and Safari.
In the run up to the event, Mozilla is doing its best to keep hackers at bay by patching up as many vulnerabilities as possible. Yesterday, they released Firefox 3.6.7, which is a recommended stability and security update. This release patches 8 critical vulnerabilities including some that could allow remote arbitrary code execution.
The full change log along with information about each of the fixed vulnerabilities is available here. Earlier this month, Google had also patched as many as 10 vulnerabilities in a Chrome security update.
[ Download Firefox 3.6.7 ]
Most of us don’t think twice before saving sensitive information in our browser’s auto-fill database. After all, browsers are desktop applications that reside on our system. So, any data we store in our browser should remain private, right? Wrong.
Jeremiah Grossman, CTO of White Hat Security, has managed to uncover security holes in each of the major browsers that can be exploited by booby trapped websites to gain access to sensitive information.
Internet Explorer 6 and 7 can also be exploited in a similar fashion. However, Internet Explorer 8 appears to be safe for the moment. If you are using the any of the affected browsers, it’s highly recommended that you disable the in-built AutoFill functionality for the time being.
The Register is also reporting that Grossman has discovered critical XSS (cross-site scripting) vulnerabilities in Firefox and Chrome, which can be exploited to gain access to stored website passwords. Grossman is expected to reveal more at the Black Hat Security Conference, which is going to be held next week.