Jump to content

Search the Community

Showing results for tags 'Chrome'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station


  • Drivers
  • Filesharing
    • BitTorrent
    • eDonkey & Direct Connect (DC)
    • NewsReaders (Usenet)
    • Other P2P Clients & Tools
  • Internet
    • Download Managers & FTP Clients
    • Messengers
    • Web Browsers
    • Other Internet Tools
  • Multimedia
    • Codecs & Converters
    • Image Viewers & Editors
    • Media Players
    • Other Multimedia Software
  • Security
    • Anti-Malware
    • Firewalls
    • Other Security Tools
  • System
    • Benchmarking & System Info
    • Customization
    • Defrag Tools
    • Disc & Registry Cleaners
    • Management Suites
    • Other System Tools
  • Other Apps
    • Burning & Imaging
    • Document Viewers & Editors
    • File Managers & Archivers
    • Miscellaneous Applications
  • Linux Distributions


  • General News
  • File Sharing News
  • Mobile News
  • Software News
  • Security & Privacy News
  • Technology News

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...

  1. Google will release an update to the mobile version of Chrome, which promises to decrease data usage while browsing by as much as 50%. Google announced the upcoming changes to its browser Wednesday in a blog post, saying, "Chromes data compression and bandwidth management can reduce data usage by up to 50% while browsing the web on Chrome for Android and iOS." To reduce data usage, users must enable the data-savings option in Chrome's "settings" menu. After enabling this setting, users will also be able to track the amount of data they're saving each month. This update, set to roll out over the next few days, will be available for both Android and iOS. The iOS update will also include Google Translate, which translates webpages while browsing (it is already available on the desktop and Android versions of Chrome). For its part, the Android version of Chrome will add home-screen shortcuts. Have something to add to this story? Share it in the comments. http://mashable.com/2014/01/15/google-chrome-update-decrease-data-usage
  2. Turk

    Chrome 32 v Windows

    By Paul Thurrott Jan. 15, 2014 Google extends the middle finger towards Redmond, again The latest update to Google's web browser, called Chrome 32, adds a number of useful new features and changes, such as the ability to mute individual tabs (perfect for annoying web sites). But Windows users are going to notice two more dramatic changes, neither of which are very welcome. Google describes some of the changes in Chrome 32 in a blog post. But the big changes for Windows users are sort of glossed over or at least deemphasized. The first of the two Windows-based changes applies only to Windows 8.x: On those versions of the OS the "Metro" mode gets a new look, as Google explains, that basically brings the Chrome OS user experience to Windows. This means that when you run Chrome in Metro mode, you're basically running Chrome OS: You get the Windows 7-style launcher, floating browser windows and inefficient Chrome OS-style windowing controls. Oh the innovation! So why is this a problem? Metro apps run full screen, and Chrome for Metro does not, instead providing its own non-standard windowing environment. It's like a shell within a shell. The second of the new changes, however, is perhaps even more alarming. In this release of Chrome, even the desktop version of the browse now dispenses with native, standard UI controls like radio buttons and scrollbars. Instead, it uses non-standard UI controls that match the look and feel of Chrome for Metro and thus Chrome OS. Here's a shot of the new Chrome 32 scrollbar control with native scrollbar controls seen in other windows behind it. The Chrome 32 scrollbar thumb is only 10 pixels wide—50 percent skinnier than the native control in Windows 8.x—and thus much harder to click with the mouse. And there are no directional arrows for smaller scroll movements. Even more problematic for me are the tiny new radio buttons and checkboxes, which I need to use every day while managing this site. I use Chrome for this, and they're much harder to click now. This is a huge problem. And Google's complete disrespect for Windows, while understandable, is bad for its own users. As with its crazy decision to stop supporting Exchange ActiveSync (EAS), Google's actions continue to be hostile to users on Microsoft's platforms. And like that EAS episode, it's alarming because this literally impacts hundreds of millions of people. (To be fair, Microsoft is no stranger to using non-standard UI controls. If you look at applications like the Zune PC software or modern versions of Office, you'll see similar non-standard controls that are not part of the stock set built into Windows. But the Mac version of Office in no way resembles Office for the PC, which is perhaps a better comparison.) I'm kind of hoping there's a way to revert Chrome to the standard UI controls. http://winsupersite.com/cloud/chrome-32-vs-windows
  3. A few months back, Google had released an extension for Chrome that would allow you to use search simply by using your voice and saying the phrase “Ok Google”. Now, that functionality is being built-in to the browser and is available first through the new beta. If you install or update to the latest Chrome beta, you will be able to do a voice search from the Google homepage or from the new tab page. You can use it the same way you’d use it on your Android phone, by starting with “Okay Google” and then saying your query. You can also use it to set a timer or a reminder. You will just have to go to Google.com, click on the mic icon and click on “Enable Ok Google”. -|Download Link|- Google Chrome Beta Via Google Chrome Blog
  4. geeteam

    [Infographic] Browser Wars

    According to New Relic’s data, which analyzed more than 16.8 million page loads from early October through early November last year, BlackBerry 10 devices loaded web pages in 1.55 seconds on average. The second-fastest web browser, Opera Mini 4.2, wasn’t even close, with page load times that averaged 4.78 seconds. In other words, the BlackBerry 10 browser is more than three times faster than its next-closest competitor. Apple’s Safari browser on the iPad came in at No. 3 with an average page load time of 4.91 seconds, and no other native web browser was even included in New Relic’s top-9 rankings. An infographic showcasing the company’s test results follows below. Source
  5. Prashant Prabhu On 7th February, 2014 Tired of animated GIF images that take forever to load? Check out these Firefox addons, which make the wait bearable. Or, if you’ve spotted a video that could be the next viral GIF on the Web, read on for an addon that lets you convert HTML5 videos to GIFs. We’ve got alternatives for Google Chrome, too GIF Delayer A GIF that hasn’t finished downloading often starts from the beginning and keeps playing in loop. GIF Delayer helps you avoid these headache-inducing short loops by hiding the image until it has been downloaded completely. Once you install the addon, there will be blank spaces where GIFs be – until they load. The extension isn’t perfect: a frame or a “loading” symbol would improve things, because you’d know where the GIFs are going to be. It also may not work well if you have a slow Internet connection (less than 1 Mbps). When I opened multiple GIF images on a slow connection, a couple failed to download outright. I did not face this issue when I opened one GIF at a time, or when I switched to a faster connection. The extension also doesn’t work in private browsing mode. Still, if unfinished GIFs really bother you, this extension is great. You can also get GIF Delayer for Chrome. Toggle Animated GIFs If GIF Delayer’s limitations are a deal-breaker for you, Toggle Animated GIFs is a simple, yet effective, alternative. Just press ctrl+M (or shift+M) to pause all GIFs on any webpage. When the page has finished loading, hit the same keys again to play the GIFs. The above is enabled by default – the addon also allows you to pause all GIFs by default, then toggle play/pause with just a click. An alternative to this is ESCapeFromThemGIFs, which lets you pause or resume GIFs by hitting the Esc key. However, the Esc key also stops pages from loading in Firefox, so it might cause problems. Chrome users can instead check out Stop Animations. MakeGIF Video Capture This addon converts HTML5 videos from any website to GIF images. All you have to do is right-click on the background (any blank space will do) and click “Convert To GIF”. A prompt will appear on the top-right of the browser to let you select the quality of the GIF, number of frames, etc. Once that is done, hit start. I created a 200-frame GIF from a YouTube video in 15 seconds. You can save the GIF to your computer or upload it to MakeGIF.com (4 MB upload limit) if you want to share it. Non-Firefox fans should check out MakeGIF Video Capture for Chrome. Or, if you don’t mind leaving the browser window to create GIF images, check out this Photoshop CS5 tutorial to make animated GIFs, or use GifCam, the easiest way to create animated GIFs. Which addons or apps do you use to create or manage GIF images? Leave a comment so others can find out. Source Title has been modified as Chrome is also covered in.
  6. By Casey Johnston - Jan 28 2014, 7:00am AUSEST Updates turned some Chrome add-ons maliciousnot all browsers allow that. Customers complain about activity tracking in CRXMouse on Chrome, a particularly invasive add-on. In a recent revelation by OMG Chrome and the developer of the Chrome extension Add to Feedly, it came to light that Chrome extensions are capable of changing service or ownership under a users nose without much notification. In the case of Add to Feedly, a buyout meant thousands of users were suddenly subjected to injected adware and redirected links. Chromes regulations for existing extensions are set to change in June 2014. The changes should prevent extensions from being anything but simple and single-purpose in nature, with a single visible UI surface in Chrome and a single browser action or page action button, like the extensions made by Pinterest or OneTab. This has always been the policy, per a post to the Chromium blog back in December. But going forward, it will be enforced for all new extensions immediately and for all existing extensions retroactively beginning in June. Given how Chromes system of updates, design restrictions, and ownership seemed to have gotten ahead of itself, we decided to take a look at the policies of other browsers to see if their extensions could be subjected to a similar fate. While Chrome isnt the only browser where an Add To Feedly tale could be spun, it seems to be the most likely place for such an outcome. Firefox Mozillas Firefox differs from Chrome in that it has an involved review system for all extensions that go from developers to the front-end store. Reviewers will reject an extension if it violates any of the rules in Firefoxs extension development documents. One of these rules is no surprisesan add-on cant do anything it doesnt disclose to users, and existing add-ons cant change their functionality without notifying the user and getting their permission. Firefox puts add-ons with unexpected features, like advertising that supports the add-on financially, into a separate category. Users have to explicitly opt-in to these features, says Jonathan Nightingale, vice president of Firefox. This means that in these cases, users will see a screen offering them the additional features, says Nightingale. One example is FastestFox, which pops a tab at first install asking the user to enable ad injection from Superfish. It's how developers implement these opt-in screens that could provide for a possible loophole; the addition of advertising might be obscurable by language, and data tracking could be, too (it's permitted under Firefoxs rules, but it must be disclosed in a privacy policy). Still, the review policy and need for opt-in for these more pernicious features both help prevent users from having new functionality sprung on them. Safari Safari has extensive design documents for its extensions but no central clearinghouse for them like other browsers. Apple keeps a gallery of a chosen few extensions that must meet certain regulations, but these represent a small fraction of the extensions available. Data tracking of an extensions users is possible, per the design docs, as is ad manipulation. Unlike Chrome, but like Firefox, the download and installation of Safari extension updates must be manually approved by the user. There are no regulations for disclosing functionality changes or changes of ownership, however. Internet Explorer Microsofts browser absolves itself of responsibility for add-ons on a support page where it states, "While add-ons can make your browsing experience better by giving you access to great Web content, some add-ons can pose security, privacy, or performance risks. Make sure any add-ons you install are from a trusted source." Add on at your own risk. Like Apple, Microsoft maintains an exclusive gallery of vetted add-ons. The company encourages extension makers to get user consent for unexpected add-on functionality, but it doesnt require it or block extensions that dont do it. Markup-based extensions can only be installed from within the browser, and therefore these must have the users explicit consent according to Microsoft. Other than this infrastructure, nothing prevents IE add-ons from doing things like injecting ads or redirecting a browsing experience (remember, this was the former home of the invasive toolbar add-on). IE10 does have an add-on management window, but some add-ons, like the ad-injecting Buzzdcock, have to be removed as if they are full-fledged applications. Uninstalling a particularly invasive IE add-on. Opera The latest versions of Opera are able to use Chromium extensions, but unlike Chrome ones, they get a review process thats similar to Firefoxs. Most importantly in Opera, there are restrictions on the types of scripts an extension can run and how they handle ads. Andreas Bovens, head of developer relations at Opera Software, told Ars in an e-mail that Opera doesnt allow extensions that include ads or tracking in content scripts, so extensions that, for example, inject ads inside webpages the user visits are not allowed. Extensions can, however, have ads in their options pages or in the pop-up that is triggered by their button in the browsers interface. Every extension gets a review, and the review team takes special care to suss out the nature of any obfuscated JavaScript code. If some of the code is obfuscated, reviewers ask the developers for the unobfuscated code to look at as well as a link to the obfuscation tool. That way we can check that the input and output indeed match, Bovens says. When an extensions ownership is transferred or the extension is updated, its subject to the same rigorous review process as an extension thats being submitted for the first time, according to Bovens. An extension that goes from having no ads to injecting ads, as some Chrome extensions do, simply would not pass [Operas] review process, Bovens says. Retiring to the not-so-Wild West? While Chrome extensions may have a better ideology than those of some other browsers, the breadth and depth of functionality that Chrome extensions can have without any kind of review process means that Chrome users trust can get taken for granted. Its similar to the Google Play app store, in that way: pretty much anything can make it to the market, but enough user complaints can get it taken down, as in the case of Add to Feedly and Tweet This Page. Based on policy and practice, users who heavily rely on extensions or have been made wary of them by developers recent transgressions may be safer on browsers like Firefox and Opera, where regulations are a bit stricter and there are people to police them. But there can be downsides to a vetting process, too, mainly in terms of rate-limiting iteration and improvements, so its a matter of weighing options. Former home? This is the current home for an awful lot of crapware add-ons, like Conduit's search hijacker, or the Ask.com toolbar that still hasn't died a thousand deaths, even though it should. http://arstechnica.com/business/2014/01/seeking-higher-ground-after-chrome-extension-adwaremalware-problems
  7. Hi all: I realized I have different versions of Chrome on my work's laptop and PC, at home. In laptop I have 32.0.1700.41 m Aura but at home is 31.0.1650.63 m. If I go to About Google Chrome it looks for new version but says it its up to date. I downloaded Chrome from official page but it installs 31.0.1650.63 m again. Really don't know why in the laptop the version is newest when I didn't configure any special in Chrome. Thanks
  8. By Tom Warren on January 14, 2014 05:53 pm Google started dropping hints about its Chrome OS-like plans for Windows 8 back in October. At the time it was merely an experiment in the developer version of Chrome, but today Google is rolling out a new user interface to all Chrome Windows users alongside a noisy tabs tracking feature. The new "Metro" mode essentially converts Chrome for Windows 8 into Chrome OS. Just like Google's full Chrome OS, you can create multiple browser windows and arrange them using a snap to the left or right of the display or full-screen modes. There's even a shelf with Chrome, Gmail, Google, Docs, and YouTube icons that can be arranged at the bottom, left, or right of the screen. An app launcher is also available in the lower left-hand corner, providing access to search and recent apps. It’s all clearly designed to work well with touch on Windows 8, something that the traditional desktop version of Chrome has not focused on so far. The "Metro" mode presents the keyboard automatically, and also includes the ability to navigate and resize windows within the Chrome OS-like environment. Some UI elements still require some touch optimization, but overall it’s a better experience than the existing desktop version with touch. While the Chrome browser acts as a Windows 8 application, it's using a special mode that Microsoft has enabled specifically for web browsers. The software maker allows browsers on Windows 8 to launch in its "Metro-style" environment providing they're set as default. The applications are listed in the Windows Store and they're still desktop apps, but the exception allows them to mimic Windows 8 apps and access the app and snapping features of the OS. While Chrome runs in this mode on Windows 8, Microsoft does not permit this type of behavior on Windows RT. A true Trojan horse Google’s latest update for Windows 8 is clearly a big step forwards in its Chrome Apps initiative. The search giant is working with developers to create apps that exist outside of the browser and extend Chrome’s reach into more of a platform for third parties to build upon. Having a Chrome OS-like environment directly inside of Windows 8 extends Google’s browser into a Trojan horse to eventually convince users to download more and more Chrome Apps and possibly push them towards Chrome OS in the future. We’ve reached out to Microsoft for comment on whether Google’s latest Chrome OS update conforms with the Metro-style browser policies, and we’ll update you accordingly. http://www.theverge.com/2014/1/14/5309326/google-chrome-windows-update-chrome-os-interface
  9. jasonliul

    SpeedyFox 2.0.6 Build 68

    SpeedyFox 2.0.6 Build 68 http://crystalidea.com/downloads/speedyfox.exe SeaMonkey browser support. SQlite 3.8.1 update
  10. By Ron Amadeo - Jan 18 2014, 10:10am AUSEST Once in control, they can silently push new ad-filled "updates" to those users. One of the coolest things about Chrome is the silent, automatic updates that always ensure that users are always running the latest version. While Chrome itself is updated automatically by Google, that update process also includes Chrome's extensions, which are updated by the extension owners. This means that it's up to the user to decide if the owner of an extension is trustworthy or not, since you are basically giving them permission to push new code out to your browser whenever they feel like it. To make matters worse, ownership of a Chrome extension can be transferred to another party, and users are never informed when an ownership change happens. Malware and adware vendors have caught wind of this and have started showing up at the doors of extension authors, looking to buy their extensions. Once the deal is done and the ownership of the extension is transferred, the new owners can issue an ad-filled update over Chrome's update service, which sends the adware out to every user of that extension. We ought to clarify here that Google isn't explicitly responsible for such unwanted adware, but vendors are exploiting Google's extension system to create a subpar—and possibly dangerous—browsing experience. Ars has contacted Google for comment, but we haven't heard back yet. We'll update this article if we do. A first-hand account of this, which was first spotted by OMGChrome, was given by Amit Agarwal, developer of the "Add to Feedly" extension. One morning, Agarwal got an e-mail offering "4 figures" for the sale of his Chrome extension. The extension was only about an hour's worth of work, so Agarwal agreed to the deal, the money was sent over PayPal, and he transferred ownership of the extension to another Google account. A month later, the new extension owners released their first (and so far only) update, which injected adware on all webpages and started redirecting links. Chrome's extension auto-update mechanism silently pushed out the update to all 30,000 Add to Feedly users, and the ad revenue likely started rolling in. While Agarwal had no idea what the buyer's intention was when the deal was made, he later learned that he ended up selling his users to the wolves. The buyer was not after the Chrome extension, they were just looking for an easy attack vector in the extension's user base. This isn't a one-time event, either. About a month ago, I had a very simple Chrome extension called "Tweet This Page" suddenly transform into an ad-injecting machine and start hijacking Google searches. A quick search for the Chrome Web Store reveals several other extensions that reviewers say suddenly made a U-turn from useful extension to ad-injector. There is even an extension that purports to stop other extensions from injecting ads. Injected ads are allowed in Chrome extensions, but Google's policy states that which app the ads are coming from must be clearly disclosed to the user, and they cannot interfere with any native ads or the functionality of the website. When malicious apps don't follow Google's disclosure policy, diagnosing something like this is extremely difficult. When Tweet This Page started spewing ads and malware into my browser, the only initial sign was that ads on the Internet had suddenly become much more intrusive, and many auto-played sound. The extension only started injecting ads a few days after it was installed in an attempt to make it more difficult to detect. After a while, Google search became useless, because every link would redirect to some other webpage. My initial thought was to take an inventory of every program I had installed recently—I never suspected an update would bring in malware. I ran a ton of malware/virus scanners, and they all found nothing. I was only clued into the fact that Chrome was the culprit because the same thing started happening on my Chromebook—if I didn't notice that, the next step would have probably been a full wipe of my computer. The difficult part of this for users is that normal removal techniques will not work. Virus scanners are unlikely to flag ad-injecting JavaScript as malicious. Extensions are synced to your Google account, which means that even wiping out a computer and reinstalling the OS will not remove the malware—signing-in to Chrome will just download it again. The only way to be rid of the malware is to find the extension in chrome://extensions and remove it—and to make sure the removal gets propagated to your account and down to all your other devices. Even when you have it narrowed down to Chrome, since nothing detects a malicious Chrome extension, the best course of action is to meticulously check the latest reviews of every extension and hope that someone else has figured out where the ads are coming from. What can users do to protect themselves? It's very hard to keep yourself in the loop with Chrome extension updates. Extensions usually don't have changelogs, and there is currently no way to disable extension auto-updating. One way to stay a least slightly informed of what is going on is to install an extension that will notify you when your other extensions get updated. Other than that, the only other option is to stop using extensions entirely, which is a little extreme. Just keep an eye on the simpler extensions from smaller extension makers—those are the ones at most risk of being gobbled up by a malicious entity. Chrome will require your approval if an extension adds new permissions, but the magic permission that allows ad-injecting is called "access your data on all web pages," which many legitimate extensions already use. A malicious extension buyer could even look for an extension that already uses this permission so that their update will arouse the least suspicion among current users. The reality, though, is that while it's extremely easy for a novice user to install an extension, it's nearly impossible for them to diagnose and remove an extension that has turned sour, and Chrome Sync will make sure that extension hangs around on all their devices for a long time. The author of Add to Feedly stated that his extension had around 30,000 users before it was sold and packed full of ads. Today, despite the flood of unhappy user reviews, the Chrome Web Store shows 31,548 users. Auto-updating from a trusted source is one thing, but when that user trust can be bought and sold—and extension ownership can change hands without the users being informed—something needs to be done. http://arstechnica.com/security/2014/01/malware-vendors-buy-chrome-extensions-to-send-adware-filled-updates/?
  11. By Sanjeev Radhakrishnan Friday, January 17, 2014 Cross-platform app development is more important than ever. 10 years ago, you just whipped out your Visual Studio when you needed a client application, but not anymore. With “app-ification” going mainstream on Android, iOS, Windows, and Mac, what is a developer to do? Web apps are a good solution some of the time (except for that little detail called IE!). But what about when you need the features and performance of native code, across platforms? And you’re a startup with a small team and impossible deadlines? Well, at MobileSpan we’ve been living in this world for the past 2 years, and we want to share our approach. We chose to build our application by integrating with the source code of Chromium. Chromium is the open-source base of Google Chrome. My co-founder and I are Xooglers from the Chrome team, so we were very familiar with it and it was an easy choice for us. But you don't have to spend 4 years at Google to take advantage of Chrome's rich code base. But... I'm not building a browser! So, why would Chrome source be useful to me for cross-platform app development? I'm not building a browser... In reality, Chrome is much more than just a browser. Chrome code is highly tuned for performance, reliability, and cross-platform compatibility across PCs and iOS + Android devices. Out of necessity, the Chrome team has created cross-platform abstractions for many low-level platform features. We use this source as the core API on which we build our business logic, and it's made the bulk of our app cross-platform with little effort. Most importantly -- Chrome code has been battle-tested like almost nothing else, with an installed base in the hundreds of millions. That makes all the difference when you want to spend your days working on your company’s business logic instead of debugging platform issues. Basically, you can structure your code like the diagram below, where you only write your application logic, and let Chromium do the heavy lifting. So what's in Chrome that's so great? Well, consider the parts of a modern browser. Chrome contains high-performance, cross-platform implementations of: •Concurrency handling •Compression •Encryption •Certificate handling •Low-level socket interfaces •High-level protocol implementations like HTTP, HTTPS, FTP) •DNS resolution •Proxy handling •Complex disk caching •Cookie handling ... and more What it lets you do is build a single, cross-platform application layer, on top of all this goodness. Chrome code also has other unexpected, higher-level goodies like: •Chrome Remote Desktop, •a full P2P (TURN, STUN, etc) stack (used by the Chrome Remote Desktop code), •an XMPP client (used by Chrome Sync as well as Chrome Remote Desktop) Where Do I Start? First Things First: The right tools to generate your project The first step in starting your project is to create the appropriate project file for your platform (Visual Studio, XCode etc). Chromium uses GYP to declaratively specify files and project settings in a platform independent manner. I strongly recommend starting your project as a GYP file. GYP generates project files for each platform (Visual Studio solution and project files, XCode project files and Android .mk files). In addition, powerful dependency options in GYP allow compiler and linker settings needed by the various Chromium project files to automatically flow into the projects that depend on them. This drastically reduces your own build headaches, as well as problems when you update your checkout of Chrome sources. A basketful of helpers prevent your project from becoming a basket-case. Once you get to the meat of your app, you will find yourself needing all sorts of helper libraries for everything ranging from string manipulation, concurrency handling, synchronization, thread pools, message loops, logging, file manipulation, timers, shared memory management, and more. If you find yourself starting to write a generic helper class or library, search the Chromium sources first. Chances are very high that you will find just the class you want, with very good unit-test coverage to boot. The base library in the Chromium sources (found in src/base) provides a vast array of cross-platform tools that cover all the areas mentioned above and a lot more. There are also helpers for platform-specific areas such as the Windows registry or the iOS keychain. It has become quite the game for developers at MobileSpan to search the Chromium sources for helpers they need. Network stack, anyone? Unless you are building your app for Windows 3.1, chances are that you want to talk to a server of some kind. This might involve simple HTTP or HTTPS API calls or low-level socket calls or anything in between. The net library in Chromium (src/net) is your friend here. You’ll find a full cross-platform HTTP and HTTPS stack, code for cookie handling, caching, TCP and UDP sockets and socket pools, SSL certificate handling, DNS resolution, proxy server resolution ..., well, you get the idea, pretty much anything network related. Encryption Need to handle public/private keys, encrypt data store secrets? The crypto library (src/crypto) is another excellent cross-platform library that is almost sure to have the encryption or key management routine you are looking for. By now, you get the picture of how the sources are organized. XMPP, P2P, Protocol Buffers etc. These aren’t things you would normally expect to find in a web browser but Chromium includes an extensive XMPP and P2P client library built on top of libjingle (look at src/jingle and src/remoting). If you use protocol buffers in your code, GYP has support for .proto files. Just add the .proto files to your GYP file and it will do the right thing of building the protoc compiler and generate wrapper code for your protobufs. This even works for iOS projects. Testing Your code is only as good the unit-tests you write for them, right? Though not strictly a part of the Chrome, the GTest and GMock libraries that are part of the Chrome checkout provide an excellent framework for writing unit-tests and mocking your C++ classes. All Chrome tests are written using these frameworks so you have a big sample codebase to get inspired by. GYP even creates platform-appropriate containers for your tests. For example, on iOS, it will automatically create an iOS app to contain your tests so you can run them in the simulator. You just write your tests in cc files, add them to a gyp file, add the right dependencies and viola, you have cross-platform unit-tests. At MobileSpan, we implemented the core of our business logic in a cross-platform library that is built using Chrome. We then built our UI per platform that uses this underlying library. Porting our app to a new platform means mainly building the UI layer on the new platform and then tying it together with the cross-platform client library. Conclusion: Tying It Together If I am sounding like a Chrome fan-boy, that’s because I am one. Since we embraced Chromium more than 2 years ago, we have found it to work really well for us as a dev platform, saving countless person-hours. It has allowed us to reuse some really well-written and, more importantly, well-tested code across several client platforms, and to concentrate our efforts on making a solid product that works equally well on multiple platforms. Items for a future post This just scratches the surface of using Chrome source as a development platform. What should I cover in a next post? Some options include: •Deep dive into specific libraries like Network, Crypto, etc. •Keeping up to date with Chromium sources •How to fork and keep your sanity (and knowing when to fork certain sources) •Process of checking out Chromium sources •More details on cross-platform UI development Have you poked at Chrome's codebase or used it to build a cool product? Tell us about it in the comments section. https://www.mobilespan.com/content/chrome-is-the-new-c-runtime
  12. Google Chrome 31.0.1650.48 Stable https://www.google.com/intl/ru/chrome/browser/index.html?msi=true#eula http://dl.google.com/chrome/win/31.0.1650.48_chrome_installer.exe https://dl.google.com/edgedl/chrome/install/GoogleChromeStandaloneEnterprise.msi This update includes 5 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information. • $500 [268565] Medium CVE-2013-6621: Use after free related to speech input elements. Credit to Khalil Zhani.• $2000 [272786] High CVE-2013-6622: Use after free related to media elements. Credit to cloudfuzzer.• $500 [282925] High CVE-2013-6623: Out of bounds read in SVG. Credit to miaubiz.• $1000 [290566] High CVE-2013-6624: Use after free related to “id” attribute strings. Credit to Jon Butler.• $2000 [295010] High CVE-2013-6625: Use after free in DOM ranges. Credit to cloudfuzzer.[295695] Low CVE-2013-6626: Address bar spoofing related to interstitial warnings. Credit to Chamal de Silva.• $4000 [299892] High CVE-2013-6627: Out of bounds read in HTTP parsing. Credit to skylined.• $1000 [306959] Medium CVE-2013-6628: Issue with certificates not being checked during TLS renegotiation. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco of INRIA Paris.We would also like to thank miaubiz and Atte Kettunen of OUSPG for working with us during the development cycle to prevent security bugs from ever reaching the stable channel. $2000 in additional rewards were issued.As usual, our ongoing internal security work responsible for a wide range of fixes:• [315823] Medium-Critical CVE-2013-2931: Various fixes from internal audits, fuzzing and other initiatives.• [258723] Medium CVE-2013-6629: Read of uninitialized memory in libjpeg and libjpeg-turbo. Credit to Michal Zalewski of Google.• [299835] Medium CVE-2013-6630: Read of uninitialized memory in libjpeg-turbo. Credit to Michal Zalewski of Google.• [296804] High CVE-2013-6631: Us
  13. Google is changing the way its browser handles PDF files, starting with the Chrome Canary channel. Citing security concerns, the company wants Chrome to open PDF files by default, bypassing any third-party programs such as Adobe Reader or Foxit Reader. The modification was first noted by developer and Google open-source Chromium evangelist François Beaufort. He points to a Chromium code review that argues browsers, rather than PDF applications, should handle the opening of such documents. Google’s argument is worth quoting in full: PDFs in particular are safer to open in the browser. This patch changes the handling of downloads to open such files in the browser by default instead of the system handler for the file type. A “Open with system handler” menu item will be available so that users can still use the system application if needed. The determination that a file is safer to handle in the browser is done as follows: a) DownloadTargetDeterminer determines whether the MIME type corresponding to the target filename of the download is one which is handled by the renderer or one that is handled by a sandboxed pepper plugin. If so, then the file is considered safely handled by the browser. b) ChromeDownloadManagerDelegate determines whether opening in the browser is preferred for the file type assuming the browser is able to handle it safely. Currently this is true for .pdf files. Opening behavior for a download will default to opening in the browser if both results from a) and b) are true. Google first added a PDF viewer to Chrome back in December 2010. While it can handle most PDFs and even opens them by default in some situations (such as when no PDF viewer is detected), it is very much a bare bones solution. Most users are perfectly okay with viewing PDFs in the browser, as they only need to see a document for a short period of time and don’t want to wait for, nor need, a full-blown application. Those that work extensively with the file format, however, likely won’t be pleased with the new policy. Google says Canary is “the most bleeding-edge official version of Chrome and somewhat of a mix between Chrome dev and the Chromium snapshot builds.” While opening PDFs by default in Canary doesn’t guarantee the change will ship in Chrome one day, Google’s lengthy explanation suggests the company has already made up its mind. Source
  14. Google’s Chromium team never ceases to amaze. Its latest project is a Chrome app-based Integrated Development Environment (IDE) codenamed Spark. The new app was first noted by developer and Google open-source Chromium evangelist François Beaufort. Here are his observations for the new IDE project: It is built with Dart, the “new language for scalable web app engineering”.It contains a GUI widgets library powered by PolymerIt’s public on GitHub and therefore interesting for anyone who wants to know how Dart and Polymer can be used to build the next generation of Chrome Apps. Here is the progress so far: For those who don’t know, Chrome packaged apps are written in HTML, JavaScript, and CSS, but launch outside the browser, work offline by default, and access certain APIs not available to Web apps. In other words, they’re Google’s way of pushing the limits of the Web as a platform. Dart meanwhile is Google’s open-source Web programming language, which has an ultimate goal of replacing JavaScript. Polymer is Google’s library for the Web, built on top of Web Components, and “designed to leverage the evolving web platform on modern browsers.” It’s not clear if Google will actually support this Chrome App and update it on a regular basis when it’s done, or it will be simply used as an example to show what is possible with the aforementioned technologies. We’re leaning towards the former, but given how often Google cans projects, you never know. You can check out the IDE and widgets user interface separately over here and here. Clearly there is still a lot of work to be done, but then again, this is a massive undertaking. Source
  15. There are a number of different ways to do this, but when you get down to it all they all do the same thing, which is change your IP address so it looks like you’re in another country. Some use proxy servers, others use VPNs, and there are hundreds of different options in each category. But arguably the easiest way to unblock movies on Netflix and take a peek at what’s available in other regions is to install a browser extension called Hola. Here’s a quick rundown of how to do it: Download and install Hola for your browser of choice and complete the free sign up process if you’re prompted to. Head over to Netflix. (Everything should look the same). Click on the Hola icon (looks like a flaming smiley face) and change your location to a different country of your choice. Refresh and the selection should include a bunch of new movies and TV shows you didn’t previously have access to.Enjoy...
  16. By exploiting bugs in Google Chrome, malicious sites can activate your microphone, and listen in on anything said around your computer, even after you’ve left those sites. Even while not using your computer - conversations, meetings and phone calls next to your computer may be recorded and compromised. While we’ve all grown accustomed to chatting with Siri, talking to our cars, and soon maybe even asking our glasses for directions, talking to our computers still feels weird. But now, Google is putting their full weight behind changing this. There’s no clearer evidence to this, than visiting Google.com, and seeing a speech recognition button right there inside Google’s most sacred real estate - the search box. Yet all this effort may now be compromised by a new exploit which lets malicious sites turn Google Chrome into a listening device, one that can record anything said in your office or your home, as long as Chrome is still running. Check out the video, to see the exploit in action Google’s Response I discovered this exploit while working on annyang, a popular JavaScript Speech Recognition library. My work has allowed me the insight to find multiple bugs in Chrome, and to come up with this exploit which combines all of them together. Wanting speech recognition to succeed, I of course decided to do the right thing… I reported this exploit to Google’s security team in private on September 13. By September 19, their engineers have identified the bugs and suggested fixes. On September 24, a patch which fixes the exploit was ready, and three days later my find was nominated for Chromium’s Reward Panel (where prizes can go as high as $30,000.) Google’s engineers, who’ve proven themselves to be just as talented as I imagined, were able to identify the problem and fix it in less than 2 weeks from my initial report. I was ecstatic. The system works. But then time passed, and the fix didn’t make it to users’ desktops. A month and a half later, I asked the team why the fix wasn’t released. Their answer was that there was an ongoing discussion within the Standards group, to agree on the correct behaviour - “Nothing is decided yet.” As of today, almost four months after learning about this issue, Google is still waiting for the Standards group to agree on the best course of action, and your browser is still vulnerable. By the way, the web’s standards organization, the W3C, has already defined the correct behaviour which would’ve prevented this… This was done in their specification for the Web Speech API, back in October 2012. How Does it Work? A user visits a site, that uses speech recognition to offer some cool new functionality. The site asks the user for permission to use his mic, the user accepts, and can now control the site with his voice. Chrome shows a clear indication in the browser that speech recognition is on, and once the user turns it off, or leaves that site, Chrome stops listening. So far, so good. But what if that site is run by someone with malicious intentions? Most sites using Speech Recognition, choose to use secure HTTPS connections. This doesn’t mean the site is safe, just that the owner bought a $5 security certificate. When you grant an HTTPS site permission to use your mic, Chrome will remember your choice, and allow the site to start listening in the future, without asking for permission again. This is perfectly fine, as long as Chrome gives you clear indication that you are being listened to, and that the site can’t start listening to you in background windows that are hidden to you. When you click the button to start or stop the speech recognition on the site, what you won’t notice is that the site may have also opened another hidden popunder window. This window can wait until the main site is closed, and then start listening in without asking for permission. This can be done in a window that you never saw, never interacted with, and probably didn’t even know was there. To make matters worse, even if you do notice that window (which can be disguised as a common banner), Chrome does not show any visual indication that Speech Recognition is turned on in such windows - only in regular Chrome tabs. You can see the full source code for this exploit on GitHub. Speech Recognition's Future Speech recognition has huge potential for launching the web forward. Developers are creating amazing things, making sites better, easier to use, friendlier for people with disabilities, and just plain cool… As the maintainer of a popular speech recognition library, it may seem that I shot myself in the foot by exposing this. But I have no doubt that by exposing this, we can ensure that these issues will be resolved soon, and we can all go back to feeling very silly talking to our computers… A year from now, it will feel as natural as any of the other wonders of this age. http://talater.com/chrome-is-listening
  17. Google has removed two Chrome extensions from its store due to the way they were serving ads to users. The extensions in question, Add to Feedly and Tweet This Page, both started life as useful additions to Google's web browser, but were soon serving users pop-ups and other intrusive ads. The reason for the sudden change in behavior? In Add to Feedly's case, at least, it was purchased from its developer and quickly began serving ads to its 30,000 users. In a blog post, Add to Feedly developer Amit Agarwal describes how he got an email presenting "a four-figure offer for something that had taken an hour to create." As you'd expect, the developer decided to cash in, but a month on realized the new owners of the extension silently updated it to serve ads. "These aren't regular banner ads," says Agarwal, "these are invisible ads that work [in] the background and replace links." The issue was picked up by OMG Chrome and Ars Technica, both of which suspect the issues aren't limited to Add to Feedly and Tweet This Page. The suggestion is that advertisers regularly buy popular extensions and transform them into adware. This appears to be backed up by the developer of the popular Honey extension, who claimed last weekend he too was approached by advertisers about selling the add-on. Shortly after the articles were published, Google took action against the rogue extensions, citing a December change to its policies that outlaws complex changes to websites by extensions, according to The Wall Street Journal. Although the changes aren't due to be enforced until June, Google has clearly taken a harder stance on such flagrant abuse. Agarwal, for his part, admits "it was probably a bad idea" to sell Add to Feedly, and apologizes to users affected by the adware. Source
  18. hitminion


    Your Firefox/Skype/Chrome/Thunderbird is working slowly? Boost them all in a single click with SpeedyFox absolutely for free! You get: - Boost Startup in up to 3 times! - Speed-up browsing history - Overall quicker operation - Smaller profile size Version history: 2.0.4 - SQLite engine updated to 3.7.17 version 2.0.3 - Added Epic Browser support. SQLite engine updated to 3.7.14 version 2.0.2 - Fixed incorrect drawing of profiles tree with Windows themes turned off 2.0.1 - SRWare Iron and Pale Moon browsers support 2.0 - New awesome user interface; support Skype, Chrome, Mozilla Thunderbird profiles; custom profiles: drag & drop support; remember custom profiles, detailed optimization log, latest SQLITE engine 3.7.11 1.6 - Added option to run Firefox after optimization (also when running using command line). SQLite engine is updated to 3.7.4 version. 1.5 - SpeedyFox for Mac! Latest SQLite engine (3.7.3) support 1.4.3 - Latest SQLite engine (3.7.1) support 1.4.2 - Unicode profile/path names support 1.4.1 - Windows 2000 support, main icon display is fixed, small bug fixes 1.4 - Command line support, see menu Help->Command line syntax for details 1.3 - Better optimization (all databases), fixed issue of detecting if Firefox is running 1.2 - Ability to select custom Firefox profiles 1.1 - Portable and 5 times smaller executable 1.0 - Initial release
  19. Google on Tuesday updated Chrome to version 30, patching 50 vulnerabilities and paying outsider researchers $27,000 in bounties along the way. The Mountain View, Calif. company highlighted only one change in the newest desktop Chrome: Image search. "Starting this week, all Chrome users will be able to search by image," said Kibeom Kim, a Chrome engineer, in a short post to a company blog. By right-clicking an image displayed in Chrome, then selecting "Search Google for this image," the browser will show other image results culled from Google's search engine. Google typically calls out only some of the new features or improvements in an upgrade, but this month's list was abnormally short. The company has been criticized in the past for barely moving the needle with each iteration. Along with the new feature and the usual collection of stability and performance fixes, Chrome 30 patched 50 security vulnerabilities. Until July 30, Google had not revealed the number of patched flaws in each Chrome update. Prior to May, the company published what appeared to be a complete list -- although minus an official count -- but from late May though late July, it disclosed a subset of quashed bugs, those deemed "particularly interesting," or which called out researchers who reported issues or who had been awarded bounties. Starting two months ago, Google began naming the number of fixed flaws, though it continued to provide information about only a subset. On Tuesday, for example, it listed 19 the 50 patched vulnerabilities in its advisory. Ten of the 19 were rated "high," Google's second-most-serious threat ranking, with seven of the 10 marked as "use-after-free" bugs, a type of memory management flaw that Google's researchers -- both those employed by the company and independent bug hunters -- have shown expertise in rooting out. That's in large part because Google makes its AddressSanitizer memory error detector available to everyone. Google paid 13 different researchers a total of $27,000 in bounties, with more than a quarter -- $7,500 -- going to Atte Kettunen of Finland's Oulu University. Nearly a third -- $8,000 -- went to a threesome of Kettunen and frequent bounty recipients "cloudfuzzer" and "miaubiz," for reporting bugs during earlier stages of development so that they were squashed before work on the "stable" build began. The bug bounty payout total for 2013 stands at nearly $283,000, about $90.000 shy of last year's record. Google also updated Chrome for Android Tuesday with support for three new touchscreen gestures, including swiping horizontally to switch tabs and dragging down from the toolbar to see the tab switcher view. Chrome for Android hasn't replaced the more bare-bones stock Android browser in user share, according to metric company Net Applications, but it has been on a rapid climb: By the end of September, Chrome accounted for 6.3% of all mobile browsers, up 5.1 percentage points in the past 12 months. Google's browser is also available for iOS. Those who haven't tried Chrome on the desktop can download version 30 for Windows, OS X and Linux from Google's website. Current users can simply let the automatic updater retrieve the new version. Original Article: http://www.computerworld.com/s/article/9242942/Google_adds_pix_search_to_Chrome_squashes_50_bugs
  20. keyman

    OldChromeRemover v.0.5

    Thanks for the share, I didn't know about it.
  21. A recent report shed light on a major bug in Google’s Chrome web browser that causes the batteries in Windows laptops to drain much faster than normal. In fact, the issue could cause laptop batteries to die 25% quicker. The bug causes laptops’ processors to wake up and look for tasks 1,000 times each second instead of 64 times per second, as they should, and users have been advised to avoid using Chrome on Windows machines if they value battery life. But help is on the way: A new report states that Google has acknowledged the issue and is currently working to fix it. A report on Thursday from PCWorld stated that Google is not only aware of the issue, it has a team working to fix it and has made it a top priority. “In a statement to PCWorld, the company noted that the bug has been assigned internally, and that the Chrome team is working to fix it—though only after Morris shined a spotlight on the issue,” PCWorld’s Jared Newman reported. “The long-standing bug report has been bumped up to priority one.” Unfortunately, no timeline was given for a fix. Source
  22. Google's Chrome browser has started to block downloads of the popular BitTorrent client uTorrent. Those who attempt to download the software are told that it's malicious and harmful, hinting that the website might have been hacked. With millions of new downloads per month uTorrent is without a doubt the most used BitTorrent client around. However, since this weekend the number of installs must have dropped quite a bit after Google Chrome began warning users away from the software. According to Chrome the BitTorrent client poses a serious risk. “uTorrent.exe is malicious and Chrome has blocked it,” the browser informs those who attempt to download the latest stable release. Chrome does give users the option to restore the file but not without another warning. The browser is convinced that the file is harmful and suggests that the uTorrent website may have been hacked. “This file will harm your computer. Even if you have downloaded files from this website before, the website may have been hacked. Instead of recovering this file you can retry the download later.” Blocked The first reports of Chrome’s block came in three days ago and at the time of writing the problems persist. The warnings appear for the latest stable release ( and no other releases appear to be affected. Currently there is no indication why the software has been flagged, but a scan by more than 50 of the most popular anti-virus services reveals no active threats. Google’s safe browsing diagnostic page claims that the uTorrent website was involved in malware distribution in recent months, but no further details on the nature of the supposed malware are provided. “This site has hosted malicious software over the past 90 days. It infected 4 domain(s), including kioskea.net/, ziggi.uol.com.br/, majorgeeks.com/,” the diagnostics page reads. This isn’t the first time that uTorrent has reported problems with Chrome. The same happened late last year when the malware blocking feature was still in beta. At the time uTorrent parent company BitTorrent Inc. managed to resolve the issues after several days. Thus far, none of the developers have responded to user complaints in the uTorrent forums. Update: We discovered that uTorrent occasionally serves other versions as well, these are not blocked. The vast majority of the downloads are still blocked though. Source: TorrentFreak
  23. With one of the largest eBook collections, Amazon is the place to shop for many paying readers. However, eBook pirates can now get their fix at the popular store too, via a new Chrome extension that places links to pirated copies into Amazon's pages. As one of the largest online retailers, Amazon is the go-to store for many people. Amazon became big by selling books and in recent years eBooks have become some of the fastest selling items. However, pirates are now directly targeting the company’s successful business model. With a new Chrome extension pirates are entering Amazon, effectively transforming it into a pirate ‘store.’ When the LibGen extension is installed, it adds a new row on top of the Amazon product page of books that are also available through unauthorized sources. The plugin uses data from the Libgen.org search engine which lists over a million books. Below is a screenshot of an Amazon book page, with a new row on the top linking to pirated downloads of the same title. LibGen, short for Library Genesis, lists a wide variety of pirate sources for most books, including direct downloads, torrents and magnet links. It appears to work well, although there are occasional mismatches where links to books with similar titles are listed. Needless to say book publishers are not going to be pleased with Amazon’s unofficial feature. Whether Amazon plans to take any action to stop the extension has yet to be seen. The idea to transform Amazon into a pirate site is not entirely new. A few years ago a Firefox plugin integrated Pirate Bay download links into the site, which also worked for music and movies. This plugin was quickly taken offline quickly after the news was picked up by the mainstream media. There are still other extensions floating around with the same functionality. Torrent This, for example, enhances Amazon with links to Pirate Bay download pages for all sorts of media, much like the “Pirates of the Amazon” plugin did. Source: TorrentFreak
  24. Google has fixed 23 security vulnerabilities in Chrome, including three high-risk flaws, and handed out $9,500 in rewards to researchers. Among the vulnerabilities that the company fixed in Chrome 35 are use-after-free flaws and an integer overflow, all of which are rated high. Google didn’t disclose the details of all of the various security vulnerabilities, but of the eight that it listed in its advisory, those three are the most serious. The full list of vulnerabilities patched in Chrome 35 will be published later, but here are the ones that Google has published and received bug bounties: [$3000][356653] High CVE-2014-1743: Use-after-free in styles. Credit to cloudfuzzer. [$3000][359454] High CVE-2014-1744: Integer overflow in audio. Credit to Aaron Staple. [$1000][346192] High CVE-2014-1745: Use-after-free in SVG. Credit to Atte Kettunen of OUSPG. [$1000][364065] Medium CVE-2014-1746: Out-of-bounds read in media filters. Credit to Holger Fuhrmannek. [$1000][330663] Medium CVE-2014-1747: UXSS with local MHTML file. Credit to packagesu. [$500][331168] Medium CVE-2014-1748: UI spoofing with scrollbar. Credit to Jordan Milne. Users running Chrome should upgrade as soon as possible in order to avoid attacks against these flaws. Source
  25. Just imagine, you are sitting in front of your laptop and your laptop is listening to your nearby conversations. What if the recorded audio from the system’s microphone is being instantly uploaded to a malicious website? Google has created a speech-recognition Application Programming Interface (API) that allows websites to interact with Google Chrome and the computer’s microphone allows you to speak instead of typing into any text box, to make hands-free web searches, quick conversions, and audio translator also work with them. In January, a flaw was discovered in Google Chrome that enabled malicious websites with speech recognition software to eavesdrop on users’ conversations from background without their knowledge using an outdated Google speech API. CHROME IS LISTENING YOU A new similar vulnerability in Google Chrome has been discovered by Israeli security researcher, Guy Aharonovsky, claimed that the Chrome’s speech-recognition API has a vulnerability that allows attackers to turn victim's machine into a listening port without asking for any permission, even if your microphone is completely disabled. "Even blocking any access to the microphone under chrome://settings/content will not remedy this flaw." he said in a blog post. Reported vulnerability exploits the “-x-webkit-speech” feature of Chrome’s speech-recognition API and allows a malicious web application to eavesdrop in the background without any indication to the user that their microphone is enabled. He has also published a Proof-of-Concept webpage and a video demonstration, designed to work on Chrome for Mac operating system, but the exploit only works for Chrome for any operating system. In demonstration, he has used HTML5 full screen feature to the indication box. “In Chrome all one need in order to access the user’s speech is to use this line of HTML5 code: <input -x-webkit-speech="" /> that’s all; there will be no fancy confirmation screens. When the user clicks on that little grey microphone he will be recorded. The user will see the ‘indication box’ telling him to “Speak now” but that can be pushed out of the screen and / or obfuscated.” He has reported the flaw to Google via Chromium bug tracker. They confirmed the existence of the vulnerability, but assigned it 'low' severity level, that means Google will not offer any immediate fix for this flaw.Source
  • Create New...