H264 or no, the rest of the world pretty much continues to spin, which also means new iterations of the programs central to this whole debate: browsers. While Google released an ambitious new Chrome beta release, Microsoft shipped the second platform preview release for Internet Explorer 9.
The new Google Chrome beta comes with the usual speed improvements, but it also carries with it a whole load of new features. Bookmark syncing has been expanded to include browser preferences as well, including things like themes, homepage settings, and so on. You can now also install and use extensions while in private browsing mode.
This new release also improves Chrome’s HTML5 support, adding features such as Geolocation APIs, App Cache, web sockets, and file drag-and-drop. This also happens to be the first release which includes Flash by default, but I’m not entirely sure if this extends towards the Linux and Mac OS X versions, or if it might be limited to 32bit versions only. To try this out, I removed both Chrome as well as Flash from my computer entirely, and then proceeded to download the new beta release (64bit .deb package), but Flash was not included.
I’ve also encountered a small but incredibly annoying bug in this new release – one of those bugs that doesn’t break the application but nevertheless really, really works on your nerves: Chrome’s UI fonts are rendered incorrectly – far too large compared to the rest of my GNOME environment. I haven’t yet made a bug report, because I first want to see if maybe some of you have experienced something similar.
In any case, you can get this new release by subscribing to the beta channel (Windows, Mac, and Linux).
Microsoft also offered yet another sneak preview into its browser’s future by releasing the second platform preview for Internet Explorer 9. The main focus of this update is performance, while also further improving standards support. IE9 now sits firmly in the middle of the pack when it comes to performance.
Support for standards continues to increase as well – the Acid3 score in this second preview is 68, up from 55. Internet Explorer 8 only scores 20. Support for the video tag has not yet been added to Internet Explorer 9, so you can’t yet test Microsoft’s H264-browser implementation.
Get the new release here – for Windows Vista and 7 only.
I understand that Chrome has several security features such as:
* sandbox per tab
* upload protection using user-intervention whitelist
* code inspection
* attaches to different screen (aside from desktop and login screen) to prevent key/mouse/window attacks
* additional file system security when run over NTFS (under windows)
* no ActiveX
Are there others? resource management (kills or limits high CPU pages?)
Are they documented anywhere? I can’t find any official information – only second hand blogs.
There’s the original Google Chrome comic that they produced at the initial launch, that goes over security in some detail.
http://www.google.com/googlebooks/chrome/
They also sensibly sandbox ffmpeg.
Is this sandboxing of a plugin or sandboxing of any media decoder?
Is there any documentation?
Thanks for the link to the “comic” – great material. Did google update it since 2007?
The Chromium Blog features “Security in Depth” articles from time to time:
http://blog.chromium.org/
opera 10.53 linux executable is 14.5 MB (libraries are too tiny and can be ignored)
chromium 5.x linux executable is 35.5 MB (libraries are too tiny and can be ignored)
firefox 3.6 linux executable is 50.9 KB and hence most of its code is in libraries and they add up to 24MB
why is chromium this large while not doing that much?
why is opera so tiny while is packaged with so much features?
Probabily Opera has good experienced browser developers and use some commercial compiler.
Chrome added flash to the package, even if it is disabled on some OS.
i dont know about other operating systems but in linux, flash is not bundled into the executable and hence its size wasnt counted, it exists as a shared library called “libgcflashplayer.so” and it is 11.2MB.
Static compile and, since 5.x is a development branch, presumably has debugging features enabled?
Is 10MB really that significant?
The chrome version i checked can be downloaded here: http://www.google.com/chrome/index.html?brand=CHNQ&utm_campaign=en&…
It is the official current linux version.
opera is also statically build, just like chrome but chrome is bigger than twice the size of opera.
disk size isnt that important but opera is usually accused of trying to do too much. How could it do all it does its that binary size? why is chrome as large as it is while shipping with practically nothing compared to opera?
I took a look at the latest Mac OS X versions for contrast:
Chrome 5.0.375.29 beta was 131.2 MB
Firefox 3.6.3 was 55.9 MB
Opera 10.53 was 36.0 MB
Safari 4.0.5 was 45.4 MB
It’s interesting to me that Safari and Chrome started from WebKit and Chrome is around 3 times the size.
Is like light speed browsing when you use it with OpenDNS in Linux.
I’m looking forward to the final release, since it’s my default browser of choice. I really like the bookmark sync feature, being one of a my favourites.
For me Chrome improvement is not surprising, But IE 9 does. I having been thanking all the browsers in the world for making IE better. Now also the same, thanks a lot every one. One IE became reasonabily at par with all other browsers I can uninstall all other browsers from my PC and same some little bit of Hard Disk space. Seems like IE 9 would be.
This time Microsoft Seems to be desperate.
Way to go Microsoft & Google!!!
I wish you (OSAlert editors) would stop going on and on and on about H.264. This site used to (and still does) have lots of interesting news, but it’s turning into a tediously rambling blog. The licensing situation is not ideal, true. But your end-of-the-world ranting is somewhat rabid and crazily exaggerated. Besides, complaining about it isn’t going to change the fact that it is the de facto video codec for basically everything.
Seriously, get over it.
Queue lemur2.
PS: I hate to be critical, normally you do an excellent job.
So, on an article that is not about H264 you complain about… H264. The logic eludes me. Please enlighten me?
No, please don’t always be so god damn sensitive to criticism. I’ve noticed the same thing: almost all news here are now about Apple, h264/Flash, browsers, and some weirdo gadgets.
You are good writer and can write about a lot of subjects. Please continue to do so.
Edited 2010-05-06 06:25 UTC
I hate to be critical, but this thread is about new versions of IE and Chrome.
I’m actually very encouraged by the improving acid3 score of IE9, up to 68 now reportedly, and I would encourage the IE developers to aim for as much compliance with inter-operable web satndards as they can possibly be achieved.
The more compliance and interoperability in IE9, the better off EVERYONE is.
Chrome is already compliant and interoperable, and it is just getting faster and more secure.
Edited 2010-05-05 23:37 UTC
Oh, do ignore this. The H264 issue really is a big deal, and btw, Eugenia’s recent expose was excellent. What, relaying us something about the latest test release of IE9 is journalism when western culture is at stake? Keep up the good work!
I didn’t meant to say that it wouldn’t be important. (Although I find Eugenia’s predictions too far-fetched.)
What I mean is that there is a lot of readers who want to read something else for a while.
Edited 2010-05-06 17:35 UTC
And yet the YouTube video they embedded with Flash stutters on my notebook, really badly.
Try HTML5
That browser flip demo in the video was impressive.
Some of the commenters were pissy over IE9 requiring Vista/7 but I’m glad they are skipping out on an XP version. There are millions of compromised XP boxes out there that need to be dumped in the trash. That’s the only way they will get fixed.
those machines will continue to be compromised and not fixed precisely BECAUSE of shit like this.
how will they be compromised when they are in the dump?
Umm, exactly why should working hardware be dumped? If those PCs are compromised it’s because of the user or the system administrator, not the hardware. Even XP can be perfectly fine for use and secure in the right hands. And anything whatsoever can be insecure in the wrong hands.
Oh really werecat? Computers can be fixed? That’s for the info /massive sarcasm.
It’s not that working hardware should be dumped. It’s that there are millions of XP machines that will only be removed from bot nets when they are replaced. There is no magic super nerd that will go and save them. Tomorrow they will serve bot nets, and the day after, and so forth until they break or the owner buys a new computer.
It’s not that working hardware should be dumped. It’s that there are millions of XP machines that will only be removed from bot nets when they are replaced. There is no magic super nerd that will go and save them. Tomorrow they will serve bot nets, and the day after, and so forth until they break or the owner buys a new computer.
A new computer or OS will not fix the problem if the problem is the person using the computer. As such, getting a new computer would just temporarily remove that person from the botnet, only to be added to one or more on another day.
Vista and 7 are more secure than XP and come with windows defender set to auto-scan. That’s a massive improvement over a compromised XP box that has updates turned off.
It’s not so much a question of the OS, as it is a question of users. Sure, Vista/7 are more secure, but they can become as easily infected by the grandma clicking on “Pen1s enlargement for grandpa!!1” and “Funny kittens.jpg.exe”, then “Allow” in the annoying black screen.
People like this don’t care if they can’t use IE9. And besides, XP was a good OS.
No they do not become as easily infected with UAC and Windows defender. But more importantly a lot of malware is spread by looking for existing XP vulnerabilities.
There should be a general movement away from XP by Microsoft to encourage new computer purchases. XP users should not feel confident in the longevity of their OS.
Vista and 7 are much better for security, especially when compared to older releases of XP. Windows firewall didn’t come out until SP2 and millions of computers still haven’t installed it.
Not that easy, but trust me, users always find a way.
I’ve been running an un-updated Win XP SP2 box for 3 or 4 years connected directly to the internet as my home server. The only thing between it and the internet is the default XP firewall (no antivirus). I’ve taken the HDD out of it a couple of weeks ago and scanned it in a clean computer and there wasn’t any infection or any malware of any kind.
This was more of an experiment and a bad idea to use on a computer you care about (I don’t condone it), but the conclusion I drew from this is that XP (especially updated) is good enough. The problem lays with the part of the users that are irremediably stupid or ignorant about computers and unwilling to learn. No matter what version of Windows or any other OS, for that matter, they’ll use, they will undoubtedly, somehow, break it or get it infected.
Should we push IE9 and Win7 down their throats? Yes. Will they care/notice? No. Will it make them safer? I doubt it.
Perhaps your scanning software is not good enough.
Whatever … the point remains that in the hands of ordinary people, XP is nowhere near good enough. It leaks like a sieve, and becomes so overtaken by malware it is unuseable in less than a year.
AVG Free and MS Security Essentials. Any suggestions?
Neither is any other OS (just slightly better, because I think the biggest security hole is the user, and you can’t patch that). Still, you are right, XP should go the way of the dodo.
Still, you are right, XP should go the way of the dodo.
Nah. I like XP. It’s small and lean compared to the newer Windows versions. Besides, XP runs fine on my hardware, Vista or 7 wouldn’t.
Yes … don’t use Windows.
There are hundreds of thousands of different malware programs out there in the wild … no scanning software is EVER going to be able to correctly identify them all. No matter what scanning software you use, there will be Windows malware it doesn’t detect. There is a small, but definite, chance that your Windows system is compromised, even though it “scans clean”.
The vast, overwhelming majority of this malware is Windows software. Almost all of it, in fact. By far the easiest way to avoid it all is to not run Windows.
I have a number of “average, ordinary” users for whom I am unofficial “tech support”. Actually most of them are relatives of some kind, some close and others not-so-close. Some of them I have convinced to run Linux. Not one of the Linux machines has ever come back to me not working … I certainly cannot make that same observation for the machines which run Windows. In the field, with non-savvy users, a clean install of Windows XP (even with AVG and Windows security essentials, which are reasonable choices BTW) typically doesn’t last more than 6 months. Vista and Windows 7 seem to be a fair bit better, but by no means are they as robust as a Linux install.
Edited 2010-05-06 13:48 UTC
You seem to be very active when Windows bashing or Linux advocating are involved, but I think you might be a little bit biased. I wouldn’t go as far as to say that you can’t make Windows boxes safe.
You can lock everything down and educate the user a bit and in most cases he/she will be fine. If that doesn’t work and the user just doesn’t get it, you can move all their documents to another partition and use Norton Ghost or Acronis True Image to restore the OS in minutes.
Windows might or might not be the best OS available (I personally think Win 7 is), but it works the way ordinary users expect it to and has the most and best commercial applications (some for which there might not be an adequate open source replacement).
Other OSes have the “advantage” of not having enough market share to be an attractive enough target for malware writers. I don’t think there is anything stoping you to write trojans for Linux.
Edited 2010-05-06 16:36 UTC
You also vist a website called OSAlert, not exactly the user we are talking about.
It would make them safer and also make life more difficult for criminal botnets. As we saw with conficker there are millions of XP boxes with updates turned off which makes it incredibly easy for them to be taken over. Hackers don’t even have to look for new exploits, they can just play the numbers and target unpatched machines. There are even GUI utilities for hackers that help them setup software on a website to look for these machines. It’s a free for all.
A big problem is that so many XP machines were sold pre-SP2 and were never properly hardened. There’s also pirate installs that have updates turned off to avoid detection. These machines are often running IE6 which makes the situation even worse.
If every XP user went and set updates to auto-install and then installed Windows defender or AVG it would make a huge difference overnight. Most botnets would be broken up and the amount of spam would decrease by at least half. But we can’t expect the users to do this that haven’t done so already. There’s too many compromised XP machines that will only stop serving spam when they are tossed in the dump (or recycled). Thus XP users should be pressured to by new computers.
One could make a fairly respectable supercomputer out of millions of XP boxes, compromised or not (provided you started by wiping the disk of each one and installing a different OS).
Alternatively, one could donate them to Helios Solutions.
http://www.fixedbylinux.com/about
http://www.heliosinitiative.org/news.php
Why clog up the trash with computers that could be put to good use?
In theory yes in reality you don’t have access to those computers.
It’s not a pro-trash comment, I would recycle them all if I could. The issue is that there are millions of compromised XP boxes that cannot be expected to be repaired. The owners will not take them in to get fixed because they are unaware that their computers are compromised. They need to be pulled out of the bot net and put on new computers.
My niece came to me recently with a second-hand laptop that she had got from an acquaintance. It was reasonably recent, but she got it for $50 because it would only get part-way into the startup sequence and then it would re-boot, and then re-boot again, and again.
I said I would restore it for her if she had the original Windows restore disk … but of course she didn’t have that. Both the original owners, and her, have baulked at the price of taking it to a Windows shop to get “repaired”.
I’m now going to offer to put Ubuntu 10.4 on it for her instead, but I don’t know if she will go for it because she uses iDevices, and would probably insist she needs to run iTunes. I will tell her about libmobiledevice, but I think that she will be so brainwashed by her “friends” that she will just give up on the $50.
It is a shame, really, that people have been so hoodwinked by the commercial OSes. It makes it difficult to help them.
Edited 2010-05-06 09:14 UTC
She is brainwashed because she wants to run iTunes?
Linux doesn’t meet the computing needs of the vast majority. You’re going to have to accept this and move on.
So the skies aren’t falling after all? Whew! Thanks for a good news.
I’m spending too much time using Chrome. What’s the point having a fast JS engine if you waste your time doing your tasks? It badly lacks Clippings: https://addons.mozilla.org/firefox/addon/1347
20. Seriously, isn’t that a shame! when at the same time other current browsers are above 90. I may be mistaken but hasn’t Opera reported a perfect 100 in the past months?
While writing this comment, I just checked on fr.wikipedia, that 20 is lower than the score of any other browser’s (except IE 7.0… of course) latest stable version by march 2008. What’s the problem with Microsoft?
Just to be nasty:
Nobody patented “private browsing”? Too bad!
Vive Opera!
Chrome’s performance on Javascript benchmarks may well be the leader of the pack, but for me, Firefox actually loads pages faster.
This is due to adblock. If you block flashy graphics ads using Adblock on Firefox, they never actually get downloaded. If you block the exact same ads over the exact same net connection also using Adblock running under Chrome … then the data is downloaded and simply not displayed to you.
The ad servers are still using up your bandwidth, and it still incurs a delay penalty to you in loading the page.
This makes Firefox actually a bit faster in normal use. Chrome is only faster for sites heavy with javascript, and even then only if you stay at that same site.