Tag Archive | "Chrome"

Google Chrome 69 Makes Your Passwords Harder to Hack

Google Chrome is a decade old and the company celebrated with a new look, a revamped password manager, a slew of develop-centric changes, plenty of security enhancements, and an improved omnibox.

Google rolled out Chrome 69 just in time for its 10th anniversary on September 2, bringing with it an updated interface that’s more aligned to the Material Design principles that powers other Google products. A recent post on Google’s company blog described the latest Chrome update as having “more rounded shapes, new icons, and a new color palette.” It also emphasized how menus, prompts, and the address bar were simplified to enhance the user’s browsing time.

One change that caught users’ attention was the browser’s password manager. While Chrome had previously offered to store user passwords, the new password manager will now be able to create strong passwords when required.

Let’s say you’re about to join a new site, Chrome can generate a new password for you. Simply click the “Use suggested password” button. The created password will include the conventional requirements of a capital letter, small letter, and a number. It can even include a symbol if necessary.

Image courtesy of Google

[Gif via Google]

You don’t even have to remember new passwords as Chrome will automatically save it to your vault. You will be able to check all your saved passwords on Chrome’s main toolbar and even have the option to export passwords as a CSV file.

There are several advantages to the enhancements that Google made to its password manager. First, the passwords generated are strong and will not be vulnerable to hacking. Next, the user not knowing their new password provides them some security from phishing attacks. After all, how can you reveal your password when you don’t know what it is or can’t remember it?

Chrome 69 promises improved auto filling capacities as well. The feature should work on more websites and make it easier for the tool to manage details like addresses, personal details, contact information, and payment options.

Some sectors have pointed out that Chrome’s password updates are similar to what tools like 1Password and LastPass provide. However, the updated features are not yet available on mobile. This can be a big turn-off for some users and could drive them to use other compatible password managers.

Users can update to Chrome 69 by utilizing the browser’s built-in updater. They can also download it from google.com/chrome, the Apple App Store and Google Play.

[Featured image via sketchappsource]

The post Google Chrome 69 Makes Your Passwords Harder to Hack appeared first on WebProNews.


WebProNews

Posted in IM NewsComments Off

Google Chrome, Mozilla Firefox Leaked Facebook User Data Caused by Browser Vulnerability

Google Chrome and Mozilla Firefox might have inadvertently leaked the Facebook usernames, profile pictures and even the likes of their users because of a side-channel vulnerability.

A side-channel vulnerability was discovered in a CSS3 feature dubbed the “mix-blend-mode.” This allowed a hacker to discover the identity of a Facebook account holder using Chrome or Firefox by getting them to visit a specially-designed website.

This critical flaw was discovered in 2017 by security researchers Dario Weißer and Ruslan Habalov and also by independent researcher Max May.

The researchers created a proof-of-concept (POC) exploit to show how the vulnerability could be misused. Weißer and Habalov’s concept showed how they were able to visually harvest data like username, profile picture, and “like” status of a user. What’s more, this insidious hack could be accomplished in the background when the user visits a malicious website.

The visual leak could happen on sites using iFrames that connect to Facebook in via login buttons and social plugins. Due to a security feature called the “same-origin policy,” sites can’t directly access iFrame content. But the researchers were able to get the information by developing an overlay on the cross-origin iFrame in order to work with the underlying pixels.

It took Habalov and Weißer’s POC about 20 seconds to get the username and about five minutes to create a vague copy of the profile picture. The program also took about 500 milliseconds to check the “like” status. Keep in mind, however, that for this vulnerability to work, the user should be logged into their Facebook account.

Habalov and Weißer privately notified both Google and Mozilla and steps were taken to contain the threat. Google was able to fix the flaw on their end when version 63 was released last December. On Firefox’s end, a patch was made available 14 days ago with the release of the browser’s version 60. The delay was due to the researchers’ late disclosure of their findings to Mozilla.

IE and Edge browsers weren’t exposed to the side-channel exploit as they don’t support the needed feature. Safari was also safe from the flaw.

[Featured image via Pixabay]

The post Google Chrome, Mozilla Firefox Leaked Facebook User Data Caused by Browser Vulnerability appeared first on WebProNews.


WebProNews

Posted in IM NewsComments Off

SearchCap: Bing Ads Editor, Chrome HTTPS, HomePod & Google Home

Below is what happened in search today, as reported on Search Engine Land and from other places across the web.
Please visit Search Engine Land for the full article.



Please visit Search Engine Land for the full article.


Search Engine Land: News & Info About SEO, PPC, SEM, Search Engines & Search Marketing

Posted in IM NewsComments Off

Google’s Chrome browser to drop secure label for all HTTPS sites

In addition, Chrome will mark all HTTP web sites as not secure.
Please visit Search Engine Land for the full article.



Please visit Search Engine Land for the full article.


Search Engine Land: News & Info About SEO, PPC, SEM, Search Engines & Search Marketing

Posted in IM NewsComments Off

Google Confirms Chrome Usage Data Used to Measure Site Speed

Posted by Tom-Anthony

During a discussion with Google’s John Mueller at SMX Munich in March, he told me an interesting bit of data about how Google evaluates site speed nowadays. It has gotten a bit of interest from people when I mentioned it at SearchLove San Diego the week after, so I followed up with John to clarify my understanding.

The short version is that Google is now using performance data aggregated from Chrome users who have opted in as a datapoint in the evaluation of site speed (and as a signal with regards to rankings). This is a positive move (IMHO) as it means we don’t need to treat optimizing site speed for Google as a separate task from optimizing for users.

Previously, it has not been clear how Google evaluates site speed, and it was generally believed to be measured by Googlebot during its visits — a belief enhanced by the presence of speed charts in Search Console. However, the onset of JavaScript-enabled crawling made it less clear what Google is doing — they obviously want the most realistic data possible, but it’s a hard problem to solve. Googlebot is not built to replicate how actual visitors experience a site, and so as the task of crawling became more complex, it makes sense that Googlebot may not be the best mechanism for this (if it ever was the mechanism).

In this post, I want to recap the pertinent data around this news quickly and try to understand what this may mean for users.

Google Search Console

Firstly, we should clarify our understand of what the “time spent downloading a page” metric in Google Search Console is telling us. Most of us will recognize graphs like this one:

Until recently, I was unclear about exactly what this graph was telling me. But handily, John Mueller comes to the rescue again with a detailed answer [login required] (hat tip to James Baddiley from Chillisauce.com for bringing this to my attention):

John clarified what this graph is showing:

It’s technically not “downloading the page” but rather “receiving data in response to requesting a URL” – it’s not based on rendering the page, it includes all requests made.

And that it is:

this is the average over all requests for that day

Because Google may be fetching a very different set of resources every day when it’s crawling your site, and because this graph does not account for anything to do with page rendering, it is not useful as a measure of the real performance of your site.

For that reason, John points out that:

Focusing blindly on that number doesn’t make sense.

With which I quite agree. The graph can be useful for identifying certain classes of backend issues, but there are also probably better ways for you to do that (e.g. WebPageTest.org, of which I’m a big fan).

Okay, so now we understand that graph and what it represents, let’s look at the next option: the Google WRS.

Googlebot & the Web Rendering Service

Google’s WRS is their headless browser mechanism based on Chrome 41, which is used for things like “Fetch as Googlebot” in Search Console, and is increasingly what Googlebot is using when it crawls pages.

However, we know that this isn’t how Google evaluates pages because of a Twitter conversation between Aymen Loukil and Google’s Gary Illyes. Aymen wrote up a blog post detailing it at the time, but the important takeaway was that Gary confirmed that WRS is not responsible for evaluating site speed:

Twitter conversation with Gary Ilyes

At the time, Gary was unable to clarify what was being used to evaluate site performance (perhaps because the Chrome User Experience Report hadn’t been announced yet). It seems as though things have progressed since then, however. Google is now able to tell us a little more, which takes us on to the Chrome User Experience Report.

Chrome User Experience Report

Introduced in October last year, the Chrome User Experience Report “is a public dataset of key user experience metrics for top origins on the web,” whereby “performance data included in the report is from real-world conditions, aggregated from Chrome users who have opted-in to syncing their browsing history and have usage statistic reporting enabled.”

Essentially, certain Chrome users allow their browser to report back load time metrics to Google. The report currently has a public dataset for the top 1 million+ origins, though I imagine they have data for many more domains than are included in the public data set.

In March I was at SMX Munich (amazing conference!), where along with a small group of SEOs I had a chat with John Mueller. I asked John about how Google evaluates site speed, given that Gary had clarified it was not the WRS. John was kind enough to shed some light on the situation, but at that point, nothing was published anywhere.

However, since then, John has confirmed this information in a Google Webmaster Central Hangout [15m30s, in German], where he explains they’re using this data along with some other data sources (he doesn’t say which, though notes that it is in part because the data set does not cover all domains).

At SMX John also pointed out how Google’s PageSpeed Insights tool now includes data from the Chrome User Experience Report:

The public dataset of performance data for the top million domains is also available in a public BigQuery project, if you’re into that sort of thing!

We can’t be sure what all the other factors Google is using are, but we now know they are certainly using this data. As I mentioned above, I also imagine they are using data on more sites than are perhaps provided in the public dataset, but this is not confirmed.

Pay attention to users

Importantly, this means that there are changes you can make to your site that Googlebot is not capable of detecting, which are still detected by Google and used as a ranking signal. For example, we know that Googlebot does not support HTTP/2 crawling, but now we know that Google will be able to detect the speed improvements you would get from deploying HTTP/2 for your users.

The same is true if you were to use service workers for advanced caching behaviors — Googlebot wouldn’t be aware, but users would. There are certainly other such examples.

Essentially, this means that there’s no longer a reason to worry about pagespeed for Googlebot, and you should instead just focus on improving things for your users. You still need to pay attention to Googlebot for crawling purposes, which is a separate task.

If you are unsure where to look for site speed advice, then you should look at:

That’s all for now! If you have questions, please comment here and I’ll do my best! Thanks!

Sign up for The Moz Top 10, a semimonthly mailer updating you on the top ten hottest pieces of SEO news, tips, and rad links uncovered by the Moz team. Think of it as your exclusive digest of stuff you don’t have time to hunt down but want to read!


Moz Blog

Posted in IM NewsComments Off

SearchCap: India fines Google, Bing Webmaster Tools login & Chrome on HTTP

Below is what happened in search today, as reported on Search Engine Land and from other places across the web.

The post SearchCap: India fines Google, Bing Webmaster Tools login & Chrome on HTTP appeared first on Search Engine Land.



Please visit Search Engine Land for the full article.


Search Engine Land: News & Info About SEO, PPC, SEM, Search Engines & Search Marketing

Posted in IM NewsComments Off

Is Microsoft Edge Better Than Google Chrome?

If you value your internet browser’s speed and security, you might have to ditch your current one. There’s a new kid on the block, one that claims to be even faster and more secure than the world’s leading browser, Google Chrome.

Currently, the Chrome browser is a lot more popular than its rivals, controlling 58 percent market share. However, Microsoft plans to knock Chrome off its perch with a bold new claim for its Edge browser. The company started its assault on New Year’s Eve by releasing two new ads highlighting Windows 10 Edge’s superiority over Google Chrome in terms of speed, security, and battery efficiency.

The 30-second ads claimed that “Microsoft Edge is up to 48 percent faster than Google Chrome” and also “The faster way to get things done on the web.”

Microsoft also claims that its Edge browser is even safer than the Google Chrome. In the ad, the company points out that “Microsoft Edge blocks 18 percent more phishing sites than Google Chrome,” adding that using Edge is  “The safer way to get things done on the web.”

Apparently, Edge is better on battery life too.

While Microsoft has not exactly explained how it arrived at these two conclusions, it is possible that it may have based its statements on tests done by cybersecurity firm NSS Labs back in October of 2017. Based on the result of NSS Labs’ tests, Microsoft Edge showed the strongest browsing security by blocking 92.3 percent of phishing sites. Meanwhile, Google Chrome managed to block only 74.5 of the sites while Mozilla Firefox had a 61.1 percent block rate.

At the moment, Google has not yet released a statement in response to Microsoft claims.

[Featured image via YouTube]

The post Is Microsoft Edge Better Than Google Chrome? appeared first on WebProNews.


WebProNews

Posted in IM NewsComments Off

Mozilla Launches Firefox Quantum, Poses Real Threat to Google Chrome

Mozilla has been quietly sitting on the sidelines for a while now, content to slowly work on improving Firefox. But the release of the Firefox Quantum shows that the company is now ready to join the big league once again and take on Google’s Chrome.

Mozilla unveiled the new and improved version 57 of Firefox on Tuesday, claiming that the browser is now twice as fast as before. The company also revealed a new user interface (UI) that looks decidedly minimalist.

According to Mozilla executive Mark Mayo, the latest update is the biggest one they’ve rolled out since the company launched Firefox 1.0 in 2004. It’s also the apex of six years worth of research and development, as well as engineering work that ran for about a year and a half.

The Firefox Quantum touts a revamped rendering engine along with a new CSS layout engine. The engine and other components are written in Rust, a programming language developed by Mozilla’s own research group with the goal of increasing speed. Mozilla also claims that Quantum uses 30% less memory than Chrome and that it has been designed to meet the needs of people who surf the internet by switching from various tabs.

Firefox’s release notes also listed changes in active tab prioritization, a switch-over from legacy add-ons to those developed via the WebAssembly API, and Pocket integration. The reworked browser is also sporting a new UI, its first redesign since Firefox 4. The changes in the browser’s UI and UX (user experience) puts significant emphasis on giving it a speed boost.

It’s clear that the new UI compliments the austere look that rivals Edge and Chrome sport. Firefox Quantum integrates the search and address bars in a bid to reduce the clutter usually found on top of the window. A revamped new tab page was also revealed.  

Users in Canada, Hong Kong, Taiwan, and the U.S, also quickly noticed that Mozilla has foregone using Yahoo as its default search engine. Instead, the company has reverted back to using Google, its partner and main financier before the two companies had a falling out in 2014. However, Firefox will continue using its default search engine in other countries. For instance, China will still be using Baidu while Belarus and Russia will continue using Yandex.

Mozilla is hoping that the changes Firefox Quantum carries will be more than enough to challenge Chrome and other browsers. But it’s admittedly an uphill battle at the moment. However, Firefox’s stance to be tech neutral and the groundwork it has laid down can make Mozilla’s bid to return to the top easier.

[Featured image via Mozilla]

The post Mozilla Launches Firefox Quantum, Poses Real Threat to Google Chrome appeared first on WebProNews.


WebProNews

Posted in IM NewsComments Off

Mozilla’s Firefox Quantum Aims to Dethrone Google Chrome as Fastest Internet Browser

Google Chrome, the leading U.S. browser at the moment, is about to face some serious competition up ahead. Mozilla just unveiled an improved version of its browser called the Firefox Quantum touted to be drastically faster than its predecessor and offering browsing speeds said to even surpass that of Chrome.

During the late 2000’s, Mozilla Firefox had one of the fastest user growth among Internet browsers according to Forbes. Unfortunately, the browser’s growth lost steam and is now lagging behind rivals Google Chrome and Apple Safari. Chrome is currently leading the pack in the U.S. with a market share of 44.5 percent followed by Safari at 25.4 percent. Firefox, in the meantime, only managed to secure a 7.4 percent share.

Posted in IM NewsComments Off

Search Buzz Video Recap: Google Ad Exploit, Black Hat Tools, Search Console Updates & Chrome Warning

This week in search I covered one possible answer for how the AdSense and AdWords exploit happened…


Search Engine Roundtable

Posted in IM NewsComments Off

Advert