"After taking a look at Floorp Browser, I was left wondering whether there was a Chromium-based web browser that was as good, or even better than Chrome," writes a "First Look" reviewer at It's Foss News.

"That is when I came across Thorium, a web-browser that claims to be the 'the fastest browser on Earth'." [Thorium] is backed by a myriad of tweaks that include, compiler optimizations for SSE4.2, AVS, AES, various mods to CFLAGS, LDFLAGS, thinLTO flags, and more. The developer shares performance stats using popular benchmarking tools... I tested it using Speedometer 3.0 benchmark on Fedora 39 and compared it to Brave, and the scores were:

Thorium: 19.2; Brave: 19.5

So, it may not be the "fastest" always, probably one of the fastest, that comes close to Brave or sometimes even beats it (depends on the version you tested it and your system).

Alexander Frick, the lead developer, also insists on providing support for older operating systems such as Windows 7 so that its user base can use a capable modern browser without much fuss... As Thorium is a cross-platform web browser, you can find packages for a wide range of platforms such as Linux, Raspberry Pi, Windows, Android, macOS, and more.
Thorium can sync to your Google account to import your bookmarks, extensions, and themes, according to the article.

"Overall, I can confidently say that it is a web browser I could daily drive, if I were to ditch Chrome completely. It gels in quite well with the Google ecosystem and has a familiar user interface that doesn't get in the way."

The Chromium team is prototyping Web Monetization to allow websites to automatically receive micro payments from visitors for their content, bypassing traditional ad or subscription models. The Register reports: Earlier this month, Alexander Surkov, a software engineer at open source consultancy Igalia, announced the Chromium team's intent to prototype Web Monetization, an incubating community specification that would let websites automatically receive payments from online visitors, as opposed to advertisers, via a web browser and a designated payment service.

"Web monetization is a web technology that enables website owners to receive micro payments from users as they interact with their content," Surkov wrote in an explanatory document published last summer. "It provides a way for content creators and website owners to be compensated for their work without relying solely on ads or subscriptions. Notably, Web Monetization (WM) offers two unique features -- small payments and no user interaction -- that address several important scenarios currently unmet on the web."

"Open Payments API is an open HTTP-based standard created to facilitate micro transactions on the web," wrote Surkov. "It is implemented by a wallet and enables the transfer of funds between two wallets. It leverages fine-grained access grants, based on GNAP (Grant Negotiation and Authorization Protocol), which gives wallet owners precise control over the permissions granted to applications connected to their wallet." The basic idea is web users will get a digital wallet, provided by Gatehub and Fynbos presently, and web publishers will add a link tag to their site's block formatted like so: . Thereafter, site visitors who have linked their digital wallet to their browser will pay out funds to the requesting publisher, subject to the browser's permissions policy.

Remember "Servo," Mozilla's "next-generation browser engine," focused on performance and robustness?

"The developers of Servo are starting 2024 by going all in..." reports It's FOSS News, citing a social media post from FOSDEM. "[T]he Servo Project team were there showing off the work done so far." If you were not familiar, Servo is an experimental browser engine that leverages the power of Rust to provide a memory-safe and modular experience that is highly adaptable. After Mozilla created Servo back in 2012 as a research project, it saw its share of ups and downs over the years, with it making a comeback in 2023; thanks to a fresh approach by the developers on how Servo should move forward.

Even though there are plenty of open source Chrome alternatives, with this, there's a chance that we will get some really cool options based on Servo that just might give Blink and Gecko a run for the money! Just a few months back, in September 2023, after The Servo Project officially joined Linux Foundation Europe, the existing contributors from Igalia stepped up their game by taking over the project maintenance. To complement that, at Open Source Summit Europe last year, Manuel Rego from Igalia shared some really useful insights when he presented.

He showcased stuff like the WebGL support, cross-platform support including mobile support for Android and Linux, among other things. They have experimented with Servo for embedded applications use-cases (like running it on Raspberry Pi), and have plans to make advances on it. As far as I can see, it looks like, Servo is faster for Raspberry Pi compared to Chromium. You can explore more such demos on Servo's demo webpage.
2024's roadmap includes "Initial Android support, that will see Servo being made to build on modern Android versions," according to the article, "with the developers publishing nightly APKs on the official website some time in the future."

One fun fact? "Even though Mozilla dropped the experimental project, Firefox still utilizes some servo components in the browser"

Another FOSDOM update from social media: "Thunderbird is also embracing Rust."

An anonymous reader quotes a report from Ars Technica: Google is updating the warning on Chrome's Incognito mode to make it clear that Google and websites run by other companies can still collect your data in the web browser's semi-private mode. The change is being made as Google prepares to settle a class-action lawsuit that accuses the firm of privacy violations related to Chrome's Incognito mode. The expanded warning was recently added to Chrome Canary, a nightly build for developers. The warning appears to directly address one of the lawsuit's complaints, that the Incognito mode's warning doesn't make it clear that Google collects data from users of the private mode.

Many tech-savvy people already know that while private modes in web browsers prevent some data from being stored on your device, they don't prevent tracking by websites or Internet service providers. But many other people may not understand exactly what Incognito mode does, so the more specific warning could help educate users. The new warning seen in Chrome Canary when you open an incognito window says: "You've gone Incognito. Others who use this device won't see your activity, so you can browse more privately. This won't change how data is collected by websites you visit and the services they use, including Google." The wording could be interpreted to refer to Google websites and third-party websites, including third-party websites that rely on Google ad services. The new warning was not yet in the developer, beta, and stable branches of Chrome as of today. It also wasn't in Chromium. The change to Canary was previously reported by MSPowerUser.

Incognito mode in the stable version of Chrome still says: "You've gone Incognito. Now you can browse privately, and other people who use this device won't see your activity." Among other changes, the Canary warning replaces "browse privately" with "browse more privately." The stable and Canary warnings both say that your browsing activity might still be visible to "websites you visit," "your employer or school," or "your Internet service provider." But only the Canary warning currently includes the caveat that Incognito mode "won't change how data is collected by websites you visit and the services they use, including Google." The old and new warnings both say that Incognito mode prevents Chrome from saving your browsing history, cookies and site data, and information entered in forms, but that "downloads, bookmarks and reading list items will be saved." Both warnings link to this page, which provides more detail on Incognito mode.

Google has formally discontinued its efforts to bring the full Chrome browser experience to its Fuchsia operating system. 9to5Google reports: In 2021, we reported that the Chromium team had begun an effort to get the full Chrome/Chromium browser running on Google's in-house Fuchsia operating system. Months later, in early 2022, we were even able to record a video of the progress, demonstrating that Chromium (the open-source-only variant of Chrome) could work relatively well on a Fuchsia-powered device. This was far from the first time that the Chromium project had been involved with Fuchsia. Google's full lineup of Nest Hub smart displays is currently powered by Fuchsia under the hood, and those displays have limited web browsing capabilities through an embedded version of the browser.

In contrast to that minimal experience, Google was seemingly working to bring the full might of Chrome to Fuchsia. To observers, this was yet another signal that Google intended for Fuchsia to grow beyond the smart home and serve as a full desktop operating system. After all, what good is a laptop or desktop without a web browser? Fans of the Fuchsia project have anticipated its eventual expansion to desktop since Fuchsia was first shown to run on Google's Pixelbook hardware. However, in the intervening time -- a period that also saw significant layoffs in the Fuchsia division -- it seems that Google has since shifted Fuchsia in a different direction. The clearest evidence of that move comes from a Chromium code change (and related bug tracker post) published last month declaring that the "Chrome browser on fuchsia won't be maintained."

They create a dedicated desktop icon for your favorite web-based application — a simplified browser that opens to that single URL. Yet while Linux usually offers the same functionality as other operating systems, "Peppermint OS's Ice and its successor Kumo are the only free software versions of Site-Specific Browsers available on Linux," according to Linux magazine.

"Fortunately for those who want this functionality, Peppermint OS is a Debian derivative, and both can be installed on Debian and most other derivatives." Since SSBs first appeared in 2005, they have been available on both Windows and macOS. On Linux, however, the availability has come and gone. On Linux, Firefox once had an SSB mode, but it was discontinued in 2020 on the grounds that it had multiple bugs that were time-consuming to fix and there was "little to no perceived user benefit to the feature." Similarly, Chromium once had a basic SSB menu item, Create Application Shortcut, which no longer appears in recent versions. As for GNOME Web's (Epiphany's) Install Site as Web Application, while it still appears in the menu, it is no longer functional. Today, Linux users who want to try SSBs have no choices except Ice or Kumo.

Neither Ice or Kumo appears in any repository except Peppermint OS's. But because Peppermint OS installs packages from Debian 12 ("bookworm"), either can be installed to Debian or a derivative... To install successfully, at least one of Firefox, Chrome, Chromium, or Vivaldi also must be installed... Because both Ice and Kumo are written in Python, they can be run on any desktop.
The article concludes that Site-Specific Browsers might make more sense "on a network or in a business where their isolation provides another layer of security. Or perhaps the time for SSBs is past and there's a reason browsers have tried to implement them, and then discarded them."

The Browser Company's Chromium-based Arc browser, which aims to rethink the whole browser UI with a sidebar for tabs and lots of personalization options, is finally coming to Windows. In a post on X, the Browser Company says it's sent out the first Windows beta invites. It's currently only available for iOS and Mac users. Slashdot reader dokjest shares the email they received: Hey there,

Hursh here, CTO at the Browser Co, with some exciting news! A little while ago, you signed up for a brand new browser, Arc -- one that The Verge called "The Chrome replacement I've been waiting for" and Shopify's CEO named as "the best browser." Well, starting today, we're onboarding our very first beta testers to Arc on Windows. And you're next!

Over the coming weeks, our team will be onboarding hundreds of beta testers to Arc. And come January, we'll be welcoming 1,000s of you from the waitlist every week. If you don't mind a few bugs and some rough edges, sign up as a beta tester and we'll prioritize your invite to Arc! For us, this period leading up to our Windows release is about crafting the very best version of Arc that we can. And that means learning from you -- what you love, what's missing, what doesn't feel quite right. It still feels surreal to say, but it really does all begin today. Follow along for some fun on isarconwindowsyet.com -- And we'll see you very soon!

- Hursh and The Browser Co Crew

P.S. If you have a friend on Windows with one too many tabs, who could use a better browser -- forward this on to them, too! If you want to get on the beta waitlist, you can sign up here.

Liam Proven reports via The Register: One of the best FOSS text editors for Windows, Notepad++, is turning 20, while cross platform Geany just hit version 2.0 as it turns 18 years old. Notepad++'s version 8.6 is the twentieth anniversary release of one of the go-to FOSS text editors for Windows. [...] If you use an Arm-powered Windows machine, such as the ThinkPad X13S, there is now a native Arm64 version. It still supports x86-32 as well, and there are portable versions which work without being installed locally -- handy if you don't have admin rights. There is even a usefully recent version for Windows XP if you are still using that geriatric OS. This release adds multi-select, allowing you to manipulate multiple instances of the same text at once, which looks confusing but very powerful.

It is a staple on all of the Reg FOSS desk's Windows partitions, thanks to its inclusion in the essential Windows post-install setup tool Ninite. Ninite will install -- and update -- a whole swath of FOSS and freeware tools for Windows, making setup of a new machine doable in just a couple of clicks. And if you keep the Ninite installer file around, you can re-run it later and it will update everything it installed first time around. Ninite does offer other programmers' editors, such as Eclipse and Microsoft Visual Studio Code -- but they are behemoths by comparison. VSCode is implemented as an Electron app, meaning that it's huge, embeds an entire copy of Chromium, and scoffs RAM like it's going out of fashion. Notepad++ is a native Win32 app, making it tiny and fast: the download is less than 5MB, one twentieth the size of VSCode.

Sluggish, bloated editors are not just a problem on Windows. Gargantuan Electron apps are distressingly prevalent on Linux and macOS as well. This vulture is guilty of using some, and even recommending them -- because some of them can do things that nothing else can. That's not true in the case of plain text editors, though. You don't have to put up with apps that take a good fraction of a gigabyte for this. Geany is a good example. It straddles the line between a text editor and an IDE: it can manage multi-project files, automatically call out to compilers and suchlike, and parse their output to highlight errors. We last mentioned it nearly a decade ago but the project recently reached voting age -- at least for humans -- and after this milestone in maturity its developers called the latest release version 2.0. It has better support for dark mode, a new tree view in its sidebar, adds a bunch of new supported file types, and can detect if the user changes the type of a file and re-do its syntax highlighting to match.

An anonymous reader shares a report: The biggest benefit Samsung Internet on a desktop operating system will provide is the syncing of browsing data between your phone and PC, the lack of which has prevented many users from using Samsung Internet as their primary browser app on their phones and tablets. Unfortunately, Samsung hasn't yet implemented full-fledged sync support on Samsung Internet for Windows. While you can log in with your Samsung account, only browsing history, bookmarks, saved pages and open tabs can be synced at this time. Password syncing is not available, which hopefully won't remain the case for long.

The first time you run Samsung Internet on Windows, you can import browsing history, bookmarks/favorites, and search engines from other browsers, including Google Chrome and Microsoft Edge. You can also import bookmarks using an HTML file. As for other features, Samsung Internet on Windows has ad blocker support, a secret (incognito) mode, extension support, light and dark mode themes, and a few others. Since Samsung Internet is based on the open-source Chromium project like Chrome and Microsoft Edge, it should support extensions and add-ons that work on those browsers.

"The abolition of third-party cookies will make it possible to protect privacy-related data such as what sites users visit and what pages they view from advertising companies," notes the Japan-based site Gigazine.

And this month "Google has confirmed that it is on track to start disabling third-party cookies across its Chrome browser in a matter of weeks," writes TechRadar: An internal email published online sees Google software engineer Johann Hofmann share with colleagues the company's plan to switch off third-party cookies for 1% of Chrome users from Q1 2024 — a plan that was shared months ago and that, surprisingly, remains on track, given the considerable pushbacks so far... Hofmann explains that Google is still awaiting a UK Competition and Markets Authority consultation in order to address any final concerns before "Privacy Sandbox" gets the go-ahead.
The Register explores Google's "Privacy Sandbox" idea: Since 2019 — after it became clear that European data protection rules would require rethinking how online ads work — Google has been building a set of ostensibly privacy-preserving ad tech APIs known as the Privacy Sandbox... One element of the sandbox is the Topics API: that allows websites to ask Chrome directly what the user is interested in, based on their browser history, so that targeted ads can be shown. Thus, no need for any tracking cookies set by marketers following you around, though it means Chrome squealing on you unless you tell it not to...

Peter Snyder, VP of privacy engineering at Brave Software, which makes the Brave browser, told The Register in an email that the cookie cutoff and Privacy Sandbox remains problematic as far as Brave is concerned. "Replacing third-party cookies with Privacy Sandbox won't change the fact that Google Chrome has the worst privacy protections of any major browser, and we're very concerned about their upcoming plans," he said. "Google's turtle-paced removal of third-party cookies comes along with a large number of other changes, which when taken together, seriously harm the progress other browsers are making towards a user-first, privacy-protecting Web.

"Recent Google Chrome changes restrict the ability for users to modify, make private, and harden their Web experience (Manifest v3), broadcasting users' interests to websites they visit (Topics), dissolving privacy boundaries on the Web (Related Sites), offloading the battery-draining costs of ad auctions on users (FLEDGE/Protected Audience API), and reducing user control and Web transparency (Signed Exchange/WebBundles)," Snyder explained. "And this is only a small list of examples from a much longer list of harmful changes being shipped in Chrome."

Snyder said Google has characterized the removal of third-party cookies as getting serious about privacy, but he argued the truth is the opposite. "Other browsers have shown that a more private, more user-serving Web is possible," he said. "Google removing third-party cookies should be more accurately understood as the smallest possible change it can make without harming Google's true priority: its own advertising business."
The Register notes that other browser makers such as Apple, Brave, and Mozilla have already begun blocking third-party cookies by default, while Google Chrome and Microsoft Edge "provide that option, just not out of the box."

EFF senior staff technologist Jacob Hoffman-Andrews told The Register that "When Google Chrome finishes the project on some unspecified date in the future, it will be a great day for privacy on the web. According to the announcement, the actual phased rollout is slated to begin in Q3 2024, with no stated deadline to reach 100 percent. Let's hope Google's advertising wing does not excessively delay these critical privacy improvements."

TechRadar points out that after the initial testing period in 2024, Google will begin its phased rollout of the cookie replacement program — starting in June.

Thanks to long-time Slashdot reader AmiMoJo for sharing the news.

Firefox 120 will be available tomorrow, bringing support for the Global Privacy Control "Sec-GPC" request header to indicate whether a user consents to a website or service selling or sharing their personal information with third parties. It's also enabling the WebAssembly GC extension by default, opening up new languages like Dart and Kotlin to run in the browser. Phoronix's Michael Larabel highlights some of the other features included in this release: - Ubuntu Linux users now have the ability to import data from Chromium when both are installed as Snap packages. - Picture-in-Picture mode now supports corner snapping on Windows and Linux.
- Support for the light-dark() CSS color function that allows setting of colors for both light and dark without needing to use the prefers-color-scheme media feature. This allows conveniently specifying the preferred light color theme value followed by the dark color theme value.
- CSS support for the lh and rlh line height units.

An anonymous reader quotes a report from 9to5Google: With Manifest V3, Google wants to make extensions safer by prioritizing privacy, but was initially criticized for the impact to ad blockers. The Chrome team has since added new features in response and is ready to disable old Manifest V2 extensions in 2024. Google will begin automatically disabling Manifest V2 extensions in Chrome Dev, Canary, and Beta as early as June 2024 (Chrome 127+). Similarly, Chrome Web Store installs will no longer be possible. Developers are encouraged to update and migrate before then.

This will gradually roll out, with Google taking into account user feedback and data to "make sure Chrome users understand the change and what actions they can take to find alternative, up-to-date extensions." [Google said in a statement:] "We expect it will take at least a month to observe and stabilize the changes in pre-stable before expanding the rollout to stable channel Chrome, where it will also gradually roll out over time. The exact timing may vary depending on the data collected, and during this time, we will keep you informed about our progress." This was originally schedule to take place in 2023, but Google spent this year closing the functionality gap between Manifest V2 and V3 [...].

Andrew Cunningham writes via Ars Technica: If you or your employer uses Microsoft Teams for communication, good news: Microsoft is releasing a fully rewritten version today for Windows PCs and Macs that promises to run faster while using fewer system resources. A preview of this app was originally released for Windows in March, but the final release covers all types of Teams instances, re-adds support for features like breakout rooms and third-party app support, and supports macOS. The new Teams app is notable for improved performance and reduced disk space usage, especially when running on Windows PCs. Microsoft says that the reformulated version of Teams is "up to two times faster while using 50 percent less memory" on Windows systems. That sound you hear is old and underspecced work PCs in offices around the world breathing a sigh of relief.

Microsoft credits its Edge WebView2 backend with helping improve performance and reduce disk usage on Windows. That's possible partly because WebView2 can use many of the same system files and the same runtime as the Edge browser built into Windows 10 and Windows 11. The older Teams app used the Electron framework, also used by communication apps like Slack and Discord. Though Electron and WebView2 are based on the Chromium browser engine, each Electron app includes its own self-contained version of the browser files, which all must be stored and updated separately.

To complete one full rotation around its axis it takes the moon 655 hours. So a single "lunar day" is 13.64 earth days.

But sunset has finally come for India's Chandrayaan-3 spacecraft and its Pragyan rover, writes long-time Slashdot reader Geoffrey.landis , and the rover has switched off for the coming 655-hour night: With luck from the moon gods, it will wake up with the sunrise in 14 days. But, even if not, mission accomplished! It was designed for fourteen days of operation, the daylight period. In that time the rover accomplished just over a hundred meters (American units: one football field) of traverse, examining and chemically analyzing the surface.
"The Indian Express newspaper said the electronics on board the Indian moon mission werenâ(TM)t designed to withstand very low temperatures, less than -120 C (-184 F) during the nighttime on the moon," according to the Associated Press. But the rover's accomplishments already include making the first-ever measurements of the south pole's near-surface Lunar plasma, and confirming the presence of aluminum, calcium, chromium, titanium, manganese, and silicon. There's also sulphur, iron, oxygen and other elements on the moon, Reuters reports, citing a statement from the Indian Space Research Organisation (ISRO): The Pragyan rover from the Chandrayaan-3 spacecraft was "set into Sleep mode" but with batteries charged and receiver on, the ISRO said in a post on X, formerly Twitter, late on Saturday. "Hoping for a successful awakening for another set of assignments!" ISRO said. "Else, it will forever stay there as India's lunar ambassador."
Earlier this week the ISRO posted footage of the rover completing a near-pirouette to search for the safest route.

"The solar panel is oriented to receive the light at the next sunrise expected on September 22, 2023," the ISRO posted Saturday.

OS News' managing editor calls Firefox "the single most important desktop Linux application," shipping in most distros (with some users later opting for a post-installation download of Chrome).

But "I'm genuinely worried about the state of browsers on Linux, and the future of Firefox on Linux in particular..." While both GNOME and KDE nominally invest in their own two browsers, GNOME Web and Falkon, their uptake is limited and releases few and far between. For instance, none of the major Linux distributions ship GNOME Web as their default browser, and it lacks many of the features users come to expect from a browser. Falkon, meanwhile, is updated only sporadically, often going years between releases. Worse yet, Falkon uses Chromium through QtWebEngine, and GNOME Web uses WebKit (which are updated separately from the browser, so browser releases are not always a solid metric!), so both are dependent on the goodwill of two of the most ruthless corporations in the world, Google and Apple respectively.

Even Firefox itself, even though it's clearly the browser of choice of distributions and Linux users alike, does not consider Linux a first-tier platform. Firefox is first and foremost a Windows browser, followed by macOS second, and Linux third. The love the Linux world has for Firefox is not reciprocated by Mozilla in the same way, and this shows in various places where issues fixed and addressed on the Windows side are ignored on the Linux side for years or longer. The best and most visible example of that is hardware video acceleration. This feature has been a default part of the Windows version since forever, but it wasn't enabled by default for Linux until Firefox 115, released only in early July 2023. Even then, the feature is only enabled by default for users of Intel graphics — AMD and Nvidia users need not apply. This lack of video acceleration was — and for AMD and Nvidia users, still is — a major contributing factor to Linux battery life on laptops taking a serious hit compared to their Windows counterparts... It's not just hardware accelerated video decoding. Gesture support has taken much longer to arrive on the Linux version than it did on the Windows version — things like using swipes to go back and forward, or pinch to zoom on images...

I don't see anyone talking about this problem, or planning for the eventual possible demise of Firefox, what that would mean for the Linux desktop, and how it can be avoided or mitigated. In an ideal world, the major stakeholders of the Linux desktop — KDE, GNOME, the various major distributions — would get together and seriously consider a plan of action. The best possible solution, in my view, would be to fork one of the major browser engines (or pick one and significantly invest in it), and modify this engine and tailor it specifically for the Linux desktop. Stop living off the scraps and leftovers thrown across the fence from Windows and macOS browser makers, and focus entirely on making a browser engine that is optimised fully for Linux, its graphics stack, and its desktops. Have the major stakeholders work together on a Linux-first — or even Linux-only — browser engine, leaving the graphical front-end to the various toolkits and desktop environments....

I think it's highly irresponsible of the various prominent players in the desktop Linux community, from GNOME to KDE, from Ubuntu to Fedora, to seemingly have absolutely zero contingency plans for when Firefox enshittifies or dies...

"Teams across Google are working hard to prepare the web for the migration to quantum-resistant cryptography," writes Chrome's technical program manager for security, Devon O'Brien.

"Continuing with our strategy for handling this major transition, we are updating technical standards, testing and deploying new quantum-resistant algorithms, and working with the broader ecosystem to help ensure this effort is a success." As a step down this path, Chrome will begin supporting X25519Kyber768 for establishing symmetric secrets in TLS, starting in Chrome 116, and available behind a flag in Chrome 115. This hybrid mechanism combines the output of two cryptographic algorithms to create the session key used to encrypt the bulk of the TLS connection:

X25519 — an elliptic curve algorithm widely used for key agreement in TLS today
Kyber-768 — a quantum-resistant Key Encapsulation Method, and NIST's PQC winner for general encryption

In order to identify ecosystem incompatibilities with this change, we are rolling this out to Chrome and to Google servers, over both TCP and QUIC and monitoring for possible compatibility issues. Chrome may also use this updated key agreement when connecting to third-party server operators, such as Cloudflare, as they add support. If you are a developer or administrator experiencing an issue that you believe is caused by this change, please file a bug.
The Register delves into Chrome's reasons for implementing this now: "It's believed that quantum computers that can break modern classical cryptography won't arrive for 5, 10, possibly even 50 years from now, so why is it important to start protecting traffic today?" said O'Brien. "The answer is that certain uses of cryptography are vulnerable to a type of attack called Harvest Now, Decrypt Later, in which data is collected and stored today and later decrypted once cryptanalysis improves." O'Brien says that while symmetric encryption algorithms used to defend data traveling on networks are considered safe from quantum cryptanalysis, the way the keys get negotiated is not. By adding support for a hybrid KEM, Chrome should provide a stronger defense against future quantum attacks...

Rebecca Krauthamer, co-founder and chief product officer at QuSecure, told The Register in an email that while this technology sounds futuristic, it's useful and necessary today... [T]he arrival of capable quantum computers should not be thought of as a specific, looming date, but as something that will arrive without warning. "There was no press release when the team at Bletchley Park cracked the Enigma code, either," she said.

Google announced today that Chrome is now adopting weekly Stable channel updates in an effort to block major exploits quicker. 9to5Google reports: Google's browser gets major "milestone" updates every four (previously six) weeks, like going from version 100 to 101. In the past, Chrome would get a "Stable Refresh" update to "address security and other high impact bugs" in-between milestones every two weeks. This is now changing to occur weekly between milestones, starting with Google Chrome 116 on desktop and mobile, so that security updates get to end users much faster. Since Chromium is an open source project, "anyone can view the source code, submit changes for review, and see the changes made by anyone else, even security bug fixes." [...]

The current patch gap is around 15 days. It was previously 35 days before switching to patch updates every two weeks in 2020. Google expects weekly patch updates to result in security fixes shipping "3.5 days sooner on average, greatly reducing the already small window for n-day attackers to develop and use an exploit against potential victims and making their lives much more difficult." This new schedule will also result in fewer unplanned updates that occur when there are known in-the-wild exploits: "By now shipping stable updates weekly, we expect the number of unplanned updates to decrease since we'll be shipping updates more frequently."

Following two years of testing, The Browser Company's Arc is graduating from its waitlist phase, launching its version 1.0. Arc, the Mac and iOS browser, aims to redefine online interaction by incorporating tools for note-taking, collaboration, webpage personalisation, among others. The Verge adds: We've covered Arc a lot in recent months, both because it's a good browser and because it's a big new idea about how you use the internet. The Browser Company's ultimate plan is to build "the operating system for the internet." Arc isn't just a place to see webpages; it has tools for taking notes, making visual and collaborative easels with others, redesigning webpages to your liking, and more. (Personally, I love Arc's picture-in-picture mode above everything else, especially now that it works with Google Meet calls.) Arc 1.0 doesn't seem to come with any splashy new features. Rather, The Browser Company seems to just feel like it's ready to launch more widely. Arc has been pretty stable for me in recent months, though it does run into some of the same performance issues you'll find with any browser based on the Chromium engine -- you can always open a couple dozen tabs and watch your computer grind to a halt.

An anonymous reader quotes a report from MacRumors: The macOS Sonoma update that is in testing allows Mac owners who opt to use Google Chrome, Microsoft Edge, or another browser to use Apple's Password Manager for filling passwords. Developers and public beta testers running macOS Sonoma can use their iCloud Keychain passwords with non-Safari browsers at this time, autofilling passwords and one-time codes. Third-party browsers can also save new passwords.

Apple has made an iCloud Passwords Chrome extension available for macOS Sonoma users, and it can be downloaded and installed to access Apple passwords on the Chrome browser or any Chromium-based browser. Apple plans to release a similar extension for the Microsoft Edge browser in the near future. Google and other browser developers are also working on implementing support for Passkeys, the password alternative that Apple introduced last year.

An anonymous reader quotes a report from Gizmodo: Microsoft issued a Windows update that broke a Chrome feature, making it harder to change your default browser and annoying Chrome users with popups, Gizmodo has learned. An April Windows update borked a new button in Chrome -- the most popular browser in the world -- that let you change your default browser with a single click, but the worst was reserved for users on the enterprise version of Windows. For weeks, every time an enterprise user opened Chrome, the Windows default settings page would pop up. There was no way to make it stop unless you uninstalled the operating system update. It forced Google to disable the setting, which had made Chrome more convenient.

This petty chapter of the browser wars started in July 2022 when Google quietly rolled out a new button in Chrome for Windows. It would show up near the top of the screen and let you change your default browser in one click without pulling up your system settings. For eight months, it worked great. Then, in April, Microsoft issued Windows update KB5025221, and things got interesting. "Every time I open Chrome the default app settings of Windows will open. I've tried many ways to resolve this without luck," one IT administrator said on a Microsoft forum. A Reddit user noticed that the settings page also popped up any and every time you clicked on a link, but only if Chrome was your default browser. "It doesn't happen if we change the default browser to Edge," the user said. Others made similar complaints on Google support forums, some saying that entire organizations were having the issue. Users quickly realized the culprit was the operating system update.

For people on the regular consumer version of Windows, things weren't quite as bad; the one-click "Make Default" button just stopped working. Gizmodo was able to replicate the problem. In fact, we were able to circumvent the issue just by changing the name of the Chrome app on a Windows desktop. It seems that Microsoft threw up the roadblock specifically for Chrome, the main competitor to its Edge browser. [...] In response, Google had to disable its one-click default button; the issue stopped after it did. In other words, Microsoft seems to have gone out of its way to break a Chrome feature that made life easier for users. Google confirmed the details of this story, but declined to comment further.