Youtube

YouTube Ditches Flash For HTML5 Video By Default 222

Posted by Soulskill
from the now-if-they-can-ditch-the-commenters dept.
An anonymous reader writes: YouTube today announced it has finally stopped using Adobe Flash by default. The site now uses its HTML5 video player by default in Google's Chrome, Microsoft's IE11, Apple's Safari 8, and in beta versions of Mozilla's Firefox browser. At the same time, YouTube is now also defaulting to its HTML5 player on the web. In fact, the company is deprecating the "old style" Flash object embeds and its Flash API, pointing users to the iFrame API instead, since the latter can adapt depending on the device and browser you're using.
Opera

Opera Founder Is Back, WIth a Feature-Heavy, Chromium-Based Browser 158

Posted by timothy
from the sink-within-a-sink dept.
New submitter cdysthe writes Almost two years ago, the Norwegian browser firm Opera ripped out the guts of its product and adopted the more standard WebKit and Chromium technologies, essentially making it more like rivals Chrome and Safari. But it wasn't just Opera's innards that changed; the browser also became more streamlined and perhaps less geeky. Many Opera fans were deeply displeased at the loss of what they saw as key differentiating functionality. So now Jon von Tetzchner, the man who founded Opera and who would probably never have allowed those drastic feature changes, is back to serve this hard core with a new browser called Vivaldi. The project's front page links to downloads of a technical preview, available for Linux, Mac OS X, and Windows. Firefox users who likewise prefer a browser with more rather than fewer features (but otherwise want to stick with Firefox) might also consider SeaMonkey, which bundles not just a browser but email, newsgroup client and feed reader, HTML editor, IRC chat and web development tools.
Internet Explorer

Time For Microsoft To Open Source Internet Explorer? 165

Posted by Soulskill
from the if-you-can't-beat-'em dept.
An anonymous reader writes: Ars Technica's Peter Bright argues that it's time for Microsoft to make Internet Explorer open source. He points out that IE's major competitors are all either fully open source (Firefox), or partially open source (Chrome, Safari, and Opera), and this puts Microsoft at a huge disadvantage. Bright says, "It's time for Microsoft to fit in with the rest of the browser industry and open up Trident. One might argue that this argument could be made of any software, and that Microsoft should by this logic open source everything. But I think that the browser is special. The community that exists around Web standards does not exist in the same way around, say, desktop software development, or file system drivers, or user interfaces. Development in the open is integral to the Web in an almost unique way. ... Although Microsoft has endeavored to be more open about how it's developing its browser, and which features it is prioritizing, that development nonetheless takes place in private. Developing in the open, with a public bug tracker, source code repositories, and public discussion of the browser's future direction is the next logical step."
Chrome

Chrome For OS X Catches Up With Safari's Emoji Support 104

Posted by timothy
from the luckily-only-words-here dept.
According to The Next Web, Emoji support has landed in the latest developer builds of Chrome for OS X, meaning that emoji can be seen on websites and be entered into text fields for the first time without issues. ... Users on Safari on OS X could already see emoji on the Web without issue, since Apple built that in. The bug in Chrome was fixed on December 11, which went into testing on Chrome’s Canary track recently. From there, we can expect it to move to the consumer version of Chrome in coming weeks.
The Almighty Buck

The Billionaires' Space Club 235

Posted by samzenpus
from the small-club dept.
theodp writes Silicon sultans are the new robber barons, writes The Economist, adding that "they have been diversifying into businesses that have little to do with computers, while egotistically proclaiming that they alone can solve mankind's problems, from aging to space travel." Over at Slate, NYU journalism prof Charles Seife is less-than impressed with The Billionaires' Space Club. "It's an old trick," begins Seife. "Multimillionaires regularly try to spin acts of crass ego gratification as selfless philanthropy, no matter how obviously self-serving. They jump out of balloons at the edge of the atmosphere, take submarines to the bottom of the ocean, or shoot endangered animals on safari, all in the name of science and exploration. The more recent trend is billionaires making fleets of rocket ships for private space exploration. What makes this one different is that the public actually seems to buy the farce." Seife goes on to argue that "neither [Elon] Musk's nor [Richard] Branson's goals really seem to break new ground, despite all the talk of exploration."
Hardware Hacking

Many DDR3 Modules Vulnerable To Bit Rot By a Simple Program 138

Posted by Soulskill
from the flipping-bits-for-fun-and-profit dept.
New submitter Pelam writes: Researchers from Carnegie Mellon and Intel report that a large percentage of tested regular DDR3 modules flip bits in adjacent rows (PDF) when a voltage in a certain control line is forced to fluctuate. The program that triggers this is dead simple — just two memory reads with special relative offset and some cache control instructions in a tight loop. The researchers don't delve deeply into applications of this, but hint at possible security exploits. For example a rather theoretical attack on JVM sandbox using random bit flips (PDF) has been demonstrated before.
Media

Valve Rolls Out Game Broadcasting Service For Steam 92

Posted by Soulskill
from the it's-the-new-espn dept.
An anonymous reader writes: Streaming live video game footage has become increasingly popular over the past several years — popular enough that Amazon was willing to shell out $970 million for Twitch.tv. Now, Valve has announced a rival: Steam Broadcasting. Users signing up for the beta test have the option to broadcast the game they're playing. They have several options about who can see their stream: invite-only, friends only, and publicly visible. Viewing a stream is currently supported by the Steam client itself, Google Chrome, and Apple Safari. It only works on Windows 7 and 8 at this point, but Valve promises support on Linux, OS X, and Windows Vista in the future.
Communications

New Trial Brings Skype to (Some) Browsers 55

Posted by timothy
from the video-chat-not-yet-standard-browser-feature dept.
Ars Technica reports that Microsoft has begun giving some users a taste of a new version of Skype, with a big difference compared to previous ones: the new one (tested by users on an invitation basis) is browser based. Rather than using the existing WebRTC standard, though (eschewed as too complex), Microsoft has developed a separate spec called ORTC (Object RTC), which is designed to offer similar capabilities but without mandating this same call setup system. Both Microsoft and Google are contributing to this spec, as are representatives from companies with video conferencing, telephony, and related products. ORTC isn't currently blessed as a W3C project, though the ORTC group has proposed integrating ORTC into WebRTC to create WebRTC 1.1 and including parts of ORTC into WebRTC 1.0. For now at least, video or audio chat therefore requires a plug-in, and requires Internet Explorer 10, or recent Firefox or Chrome browsers, and a current Safari on Mac OS X. Also at TechCrunch, among others, which notes that text chat (though as mentioned, not video or audio) will work with the new Skype under ChromeOS, too.
Android

Popular Smartphones Hacked At Mobile Pwn2Own 2014 52

Posted by timothy
from the keep-it-in-a-faraday-cage dept.
wiredmikey writes Researchers have hacked several popular smartphones during the Mobile Pwn2Own 2014 competition that took place alongside the PacSec Applied Security Conference in Tokyo this week. The competition, organized by HP's Zero Day Initiative (ZDI) targeted the Amazon Fire Phone, iPhone 5s, iPad Mini, BlackBerry Z30, Google Nexus 5 and Nexus 7, Nokia Lumia 1520, and Samsung Galaxy S5. Using various attacks, some Mobile Pwn2Own 2014 Pwnage included: Apple's iPhone 5s (hacked via the Safari Web browser, achieving a full sandbox escape); Samsung's Galaxy S5 (hacked multiple times using near-field communications attacks); Amazon's Fire Phone (Web browser exploited); Windows Phone (partial hacks using a browser attack), andthe Nexus 5 (a Wi-Fi attack, which failed to elevate privileges). All the exploits were disclosed privately to the affected companies. HP promised to reveal details in the upcoming weeks.
Mozilla

Mozilla Launches Browser Built For Developers 74

Posted by samzenpus
from the made-just-for-you dept.
HughPickens.com writes "Mozilla announced that they are excited to unveil Firefox Developer Edition, the first browser created specifically for developers that integrates two powerful new features, Valence and WebIDE that improve workflow and help you debug other browsers and apps directly from within Firefox Developer Edition. Valence (previously called Firefox Tools Adapter) lets you develop and debug your app across multiple browsers and devices by connecting the Firefox dev tools to other major browser engines. WebIDE allows you to develop, deploy and debug Web apps directly in your browser, or on a Firefox OS device. "It lets you create a new Firefox OS app (which is just a web app) from a template, or open up the code of an existing app. From there you can edit the app's files. It's one click to run the app in a simulator and one more to debug it with the developer tools."

Firefox Developer Edition also includes all the tools experienced Web developers are familiar with including: Responsive Design Mod, Page Inspector, Web Console, JavaScript Debugger, Network Monitor, Style Editor, and Web Audio Editor. At launch, Mozilla is starting off with Chrome for Android and Safari for iOS. and the eventual goal is to support more browsers, depending on what developers tell Mozilla they want, but the primary focus is on the mobile Web. "One of the biggest pain points for developers is having to use numerous siloed development environments in order to create engaging content or for targeting different app stores. For these reasons, developers often end up having to bounce between different platforms and browsers, which decreases productivity and causes frustration," says the press release. "If you're a new Web developer, the streamlined workflow and the fact that everything is already set up and ready to go makes it easier to get started building sophisticated applications."
Mozilla released a teaser trailer for the browser last week.
Chromium

Building All the Major Open-Source Web Browsers 106

Posted by Soulskill
from the who-needs-packages dept.
An anonymous reader writes: Cristophe de Dinechin, long-time software developer, has an interesting article on the processes involved in building the major browsers. From the article:

"Mozilla Firefox, Chromium (the open-source variant of Chrome) and WebKit (the basis for Safari) are all great examples of open-source software. The Qt project has a simple webkit-based web browser in their examples. So that's at least four different open-source web browsers to choose from. But what does it take to actually build them? The TL;DR answer is that these are complex pieces of software, each of them with rather idiosyncratic build systems, and that you should consider 100GB of disk space to build all the browsers, a few hours of download, and be prepared to learn lots of new, rather specific tools."
Encryption

Why Google Is Pushing For a Web Free of SHA-1 108

Posted by Soulskill
from the collision-course dept.
An anonymous reader writes: Google recently announced Chrome will be gradually phasing out support for certificates using SHA-1 encryption. They said, "We need to ensure that by the time an attack against SHA-1 is demonstrated publicly, the web has already moved away from it." Developer Eric Mill has written up a post explaining why SHA-1 is dangerously weak, and why moving browsers away from acceptance of SHA-1 is a lengthy, but important process. Both Microsoft and Mozilla have deprecation plans in place, but Google's taking the additional step of showing the user that it's not secure. "This is a gutsy move by Google, and represents substantial risk. One major reason why it's been so hard for browsers to move away from signature algorithms is that when browsers tell a user an important site is broken, the user believes the browser is broken and switches browsers. Google seems to be betting that Chrome is trusted enough for its security and liked enough by its users that they can withstand the first mover disadvantage. Opera has also backed Google's plan. The Safari team is watching developments and hasn't announced anything."
Cloud

Hackers Behind Biggest-Ever Password Theft Begin Attacks 107

Posted by Soulskill
from the 123456-letmein-iloveyou-trustno1 dept.
An anonymous reader writes Back in August, groups of Russian hackers assembled the biggest list of compromised login credentials ever seen: 1.2 billion accounts. Now, domain registrar Namecheap reports the hackers have begun using the list to try and access accounts. "Overnight, our intrusion detection systems alerted us to a much higher than normal load against our login systems. ... The group behind this is using the stored usernames and passwords to simulate a web browser login through fake browser software. This software simulates the actual login process a user would use if they are using Firefox/Safari/Chrome to access their Namecheap account. The hackers are going through their username/password list and trying each and every one to try and get into Namecheap user accounts." They report that most login attempts are failing, but some are succeeding. Now is a good time to check that none of your important accounts share passwords.
Windows

Windows XP Falls Below 25% Market Share, Windows 8 Drops Slightly 336

Posted by Soulskill
from the year-of-something-on-the-somethingtop dept.
An anonymous reader writes: Despite support for Windows XP finally ending three months ago, the ancient OS has only now fallen below the 25 percent market share mark. To add to the bad news for Microsoft, after only nine full months of availability, its latest operating system version, Windows 8.1, has lost share for the first time. For desktop browser share, Chrome is up, taking mostly from Internet Explorer and Firefox. For mobile browsers, Safari continues to fall while Chrome maintains strong growth.
DRM

Netflix Ditches Silverlight For HTML5 On Macs 202

Posted by Unknown Lamer
from the giving-up-freedom-for-tv dept.
An anonymous reader writes "Netflix yesterday furthered its plans to ditch Silverlight for HTML5 on Macs, having already done so last year in IE11 on Windows 8.1. HTML5 video is now supported by Netflix in Safari on OS X Yosemite, meaning you can stream your favorite movies and TV shows without having to install any plugins." Courtesy of encrypted media extensions.
Firefox

Firefox Was the Most Attacked & Exploited Browser At Pwn2own 2014 207

Posted by Soulskill
from the foxes-provide-the-best-sport dept.
darthcamaro writes "Though IE, Chrome and Safari were all attacked and all were exploited, no single web browser was exploited at this year's Pwn2own hacking challenge as Mozilla Firefox. A fully patched version of Firefox was exploited four different times by attackers, each revealing new zero-day vulnerabilities in the open-source web browser. When asked why Mozilla was attacked so much this year, Sid Stamm, senior engineering manager of security and privacy said, 'Pwn2Own offers very large financial incentives to researchers to expose vulnerabilities, and that may have contributed in part to the researchers' decision to wait until now to share their work and help protect Firefox users.' The Pwn2own event paid researchers $50,000 for each Firefox vulnerability. Mozilla now pays researcher only $3,000 per vulnerability."
Microsoft

"Microsoft Killed My Pappy" 742

Posted by timothy
from the and-in-my-day-we-just-modulated-the-electricity-with-our-tongues dept.
theodp writes "A conversation with an angry young developer prompts Microsoft Program Manager Scott Hanselman to blog about 'Microsoft Haters: The Next Generation.' 'The ones I find the most interesting,' says Hanselman, are the 'Microsoft killed my Pappy' people, angry with generational anger. My elders hated Microsoft so I hate them. Why? Because, you wronged me.' The U.S. and Japan managed to get over the whole World War II thing, Hanselman notes, so why can't people manage to get past the Microsoft antitrust thing, which was initiated in 1998 for actions in 1994? 'At some point you let go,' he suggests, 'and you start again with fresh eyes.' Despite the overall good-humored, why-can't-we-get-along tone of his post, Hanselman can't resist one dig that seems aimed at putting things into perspective for those who would still Slashdot like it's 1999: 'I wonder if I can swap out Chrome from Chrome OS or Mobile Safari in iOS.'"
Security

Pwn2own 2014 Set To Hunt Unicorns 66

Posted by samzenpus
from the crack-it-if-you-can dept.
darthcamaro writes "The annual Pwn2own hacking competition has always made short work of all browser vendors' security, shredding perception of safety by hacking IE, Firefox, Safari and Chrome in minutes. This year the competition is adding a twist — for IE on Windows 8.1, hackers will also have to bypass Microsoft EMET, which is a seemingly bulletproof type of sandbox. The competition is calling this the 'Unicorn Exploit' and the first researcher to successful exploit it will pocket $150,000."
Chromium

Google Planning To Remove CSS Regions From Blink 249

Posted by Unknown Lamer
from the good-riddance dept.
mikejuk writes "Google and Opera split from WebKit to create Blink, their own HTML rendering engine, and everyone was worried about the effect on standards. Now we have the first big example of a split in the form of CSS Regions support. Essentially Regions are used to provide the web equivalent of text flow, a concept very familiar to anyone who has used a desktop publishing program. The basic idea is that you define containers for a text stream which is then flowed from one container to another to provide a complex multicolumn layout. The W3C standard for Regions has mostly been created by Adobe — a long time DTP company. Now the Blink team has proposed removing Regions support to save 10,000 lines of code in 350,000 in the name of efficiency. If Google does remove the Regions code, which looks highly likely, this would leave Safari and IE 10/11 as the only two major browsers to support Regions. Both Apple and Microsoft have an interest in ensuring that their hardware can be used to create high quality magazine style layouts — Google and Opera aren't so concerned. I thought standards were there to implement not argue with." Although mikejuk thinks this is a bad thing, a lot of people think CSS Regions are awful. Mozilla has never intended to implement them, instead offering the CSS Fragmentation proposal as an alternative. One major flaw of CSS Regions is its reliance upon markup that is used solely for layout, violating the separation of content and style that CSS is intended to enforce.
Google

Google Seeks To Throw Out UK Safari Tracking Suit 70

Posted by Unknown Lamer
from the international-relations dept.
judgecorp writes "In the latest twist to the saga of Google's tracking of Safari users, the tech giant has asked to have a U.K. lawsuit dismissed. Google says it is bound by California laws, so plaintiffs will have to come to the U.S. and sue there. Law firm Olswang is bringing the suit on behalf of British users whose Safari browser settings were overridden to help Google target ads; it argues that international organizations should respect the laws that apply where their customers live."