redletterdave writes Dan Petro, a security analyst for the Bishop Fox IT consulting firm, built a proof of concept device that's able to hack into any Google Chromecasts nearby to project Rick Astley's "Never Gonna Give You Up," or any other video a prankster might choose. The "Rickmote," which is built on top of the $35 Raspberry Pi single board computer, finds a local Chromecast device, boots it off the network, and then takes over the screen with multimedia of one's choosing. But it gets worse for the victims: If the hacker leaves the range of the device, there's no way to regain control of the Chromecast. Unfortunately for Google, this is a rather serious issue with the Chromecast device that's not too easy to fix, as the configuration process is an essential part of the Chromecast experience.
Catch up on stories from the past week (and beyond) at the Slashdot story archive
Google I/O, the company's annual developer tracking^wdevelopers conference, has opened today in San Francisco. This year the company has reduced the number of conference sessions to 80, but also promised a broader approach than in previous years -- in other words, there may be a shift in focus a bit from Google's best known platforms (Chrome/Chrome OS and Android). Given its wide-ranging acquisitions and projects (like the recent purchase of Nest, which itself promptly bought Dropcam, the ever smarter fleet of self-driving cars, the growing number of Glass devices in the wild, and the announcement of a 3D scanning high end tablet quite unlike the Nexus line of tablets and phones), there's no shortage of edges to focus on. Judging from the booths set up in advance of the opening (like one with a sign announcing "The Physical Web," expect some of the stuff that gets lumped into "the Internet of Things." Watch this space -- updates will appear below -- for notes from the opening keynote, or follow along yourself with the live stream, and add your own commentary in the comments. In the days to come, watch for some video highlights of projects on display at I/O, too. Update: 06/25 17:41 GMT by T : Updates rolling in below on Android, wearables, Android in cars, Chromecast, smart watches, etc.Keep checking back! (Every few minutes, I get another chunk in there.)
An anonymous reader writes Two months after OpenBSD's LibReSSL was announced, Adam Langley introduces Google's own fork of OpenSSL, called BoringSSL. "[As] Android, Chrome and other products have started to need some subset of these [OpenSSL] patches, things have grown very complex. The effort involved in keeping all these patches (and there are more than 70 at the moment) straight across multiple code bases is getting to be too much. So we're switching models to one where we import changes from OpenSSL rather than rebasing on top of them. The result of that will start to appear in the Chromium repository soon and, over time, we hope to use it in Android and internally too." First reactions are generally positive. Theo de Raadt comments, "Choice is good!!."
DroidJason1 (3589319) writes "Microsoft is looking to create a more open dialog between the Internet Explorer team and the Web development community by announcing Internet Explorer Developer Channel. IE Dev Channel allows you to preview the next version of Internet Explorer (IE12) alongside and independently of IE11. Web developers can download and test drive the latest IE platform features, something developers were already able to do with Firefox and Chrome. This preview release even offers support of the emerging Gamepad API, allowing you to use your Xbox controller to play games in IE!"
An anonymous reader writes "We've known for a while now that Google is testing a new favoriting service called Google Stars, aimed at helping users save, share, and organize Web content. This is largely due to multiple leaks, detailing features as well as showing off the interface in a video and screenshots. Today, Google+ user Florian Kiersch, who has done the majority of the digging behind the service, has leaked the Google Stars extension for Google Chrome."
An anonymous reader writes "Google has begun blocking local Chrome extensions to protect Windows users. This means that as of today, extensions can be installed in Chrome for Windows only if they're hosted on the Chrome Web Store. Furthermore, Google says extensions that were previously installed 'may be automatically disabled and cannot be re-enabled or re-installed until they're hosted in the Chrome Web Store.' The company didn't specify what exactly qualifies the "may" clause, though we expect it may make exceptions for certain popular extensions for a limited time. Google is asking developers to reach out to it if they run into problems or if they 'think an extension was disabled incorrectly.'"
JimLynch (684194) writes "Mozilla has been in the news quite a lot over the last few months. This time the organization is being hammered by open source advocates for adding Adobe DRM to Firefox. But did the folks at Mozilla really have a choice when it comes adding DRM? An open source project like Mozilla is not immune to market pressures. And with so many competing browsers such as Chrome adding DRM for Netflix, etc. how could Firefox avoid adding it? Is it realistic to think that Firefox can simply ignore such things? I don't think so and the reason why is in Firefox's usage numbers over the last few years."
sfcrazy (1542989) writes "Chromecast is a great device, and concept, however it is more or less limited to Google's Chrome browser and supported apps. That seems to be changing: Mozilla is working on bringing Chromecast support to its Firefox browser. Mozilla meeting notes from 14 May clearly mention Chromecast support for the browser: 'Work week in SF, making good progress. Hoping to have Netcast and Chromecast support landed by the end of the week.'"
MojoKid (1002251) writes "The address bar in a Web browser has been a standard feature for as long as Web browsers have been around — and that's not going to be changing. What could be, though, is exactly what sort of information is displayed in them. In December, Google began rolling-out a limited test of a feature in Chrome called "Origin Chip", a UI element situated to the left of the address bar. What this "chip" does is show the name of the website you're currently on, while also showing the base URL. To the right, the actual address bar shows nothing, except a prompt to "Search Google or type URL". With this implementation, a descriptive URL would not be seen in the URL bar. Instead, only the root domain would be seen, but to the left of the actual address bar. This effectively means that no matter which page you're on in a given website, all you'll ever see when looking at the address bar is the base URL in the origin chip. What helps here is that the URL is never going to be completely hidden. You'll still be able to hit Ctrl + L to select it, and hopefully be able to click on the origin chip in order to reveal the entire URL. Google could never get rid of the URL entirely, because it's required in order to link someone to a direct location, obviously."
SmartAboutThings (1951032) writes "While we are still waiting for the official Windows 8.1 touch-enabled apps to get launched on the Windows Store, Microsoft went and decided that it's time to finally bring the Office online apps to the Chrome Web Store, instead. Thus, Microsoft is making the Web versions of its Word, Excel, PowerPoint and OneNote apps available to users through the Chrome Web Store and also improving all of them with new features, along with several bug fixes and performance improvements." More on the Microsoft front: an anonymous reader wrote in with a link to Ars Technica's review of the upcoming Windows Phone 8.1 release: "It is a major platform update even if it is just a .1 release. Updates include the debut of Cortana, using the same kernel as Windows 8.1 and the Xbox One, a notebook reminder app, inner circle friend management, IE 11, Nokia's camera app by default, lock screen and background customizations, a much improved email client with calendar support, more general Windows 8.1 API inclusion for better portability, and a notification center. Ars rated it more of a Windows Phone 9 release than .1 update."
Phil Shapiro often loans his Chromebook to patrons of the public library where he works. He says people he loans it to are happily suprised at how fast it is. He wrote an article earlier this month titled Teachers unite to influence computer manufacturing that was a call to action; he says that if 20,000 teachers demand a simple, low-cost Chromebook appliance -- something like a Chrome-powered Mac mini with a small SSD instead of a hard drive, and of course without the high Mac mini price -- some computer manufacturer will bite on the idea. Monitors? There are plenty of used ones available. Ditto speakers and keyboards, not that they cost much new. The bottom line is that Phil believes Chromebooks, both in their current form factor and in a simpler one, could be "the" computer for schools and students. Maybe so, not that Android tablets are expensive or hard to use. And wait! Isn't there already a Chromebox? And even a Chromebase all-in-one Chrome-based desktop? In any case, Chrome-based computers look pretty good for schools and libraries, especially if and when prices for the simplest members of the family get down to where Phil thinks they should be. (Alternate video link)
First time accepted submitter AllTheTinfoilHats (3612007) writes "A security flaw in Google Chrome allows any website you visit with the browser to listen in on nearby conversations. It doesn't allow sites to access your microphone's audio, but provides them with a transcript of the browser's speech-to-text transcriptions of anything in range. It was found by a programmer in Israel, who says Google issued a low-priority label to the bug when he reported it, until he wrote about it on his blog and the post started picking up steam on social media. The website has to keep you clicking for eight seconds to keep the microphone on, and Google says it has no timeline for a fix." However, as discoverer Guy Aharonovsky is quoted, "It seems like they started to look for a way to quickly mitigate this flaw."
An anonymous reader writes "Google today released Chrome version 34 for Windows, Mac, and Linux. The new version includes support for responsive images, an unprefixed version of the Web Audio API, and importing supervised users. You can update to the latest release now using the browser's built-in silent updater, or download it directly from google.com/chrome."
girlmad writes: "Google has scored a major win on the back of Microsoft's Windows XP support cut-off. The London Borough of Barking and Dagenham has begun moving all its employees over to Samsung Chromebooks and Chromeboxes ahead of the 8 April deadline. The council was previously running 3,500 Windows XP desktops and 800 XP laptops, and is currently in the process of retiring these in favour of around 2,000 Chromebooks and 300 Chromeboxes. It estimates the savings at around £400,000 compared to upgrading to newer Windows machines — no small change."