#browsers

claralistensprechen3rd@friendica.myportal.social

Somebody needs to mention that Firefox has halted support for any Windows under 8, which stinks.


Avoid the Hack! :donor: - 2024-10-10 18:04:07 GMT

#Mozilla fixes #Firefox zero-day actively exploited in attacksTracked as CVE-2024-9680. A use-after-free vulnerability in part of Firefox’s Web Animations API, which could give the attacker code execution abilities.

Exploited in the wild, but not a lot of information on how users are targeted.

Mozilla has released a fix - users should update ASAP as upgrading is the best defense here against potential exploitation.

#cybersecurity #security #infosec #browsers

bleepingcomputer.com/news/secu…

danie10@squeet.me

Arc Search’s iOS browser is finally coming to Android

Hand holding a smartphone. The screen is blue and a caption in white says “Get what you want twice as fast”.
Arc Search brings a fresh approach with its collapsible menu, making it easier to manage your tabs. Instead of juggling multiple open tabs, everything you need is neatly tucked away in one place, cutting down on the mental clutter and saving you time.

Arc Search’s upcoming arrival on Android was confirmed by the company itself on Threads in response to a user query (via 9to5Google). The Android version will presumably come with the same feature set.

See androidpolice.com/the-web-brow…
#Blog, #browsers, #technology

danie10@squeet.me

How to Browse the Web in Your Linux Terminal With Lynx

A Terminal window showing how a website renders in plain text. There are various links in green font, and the text of post excerpts is shown below the links.
There is no shortage of feature-rich browsers available today, but most offer largely the same experience. Lynx is a web browser that only displays text, offering a unique and ad-free way to browse the Internet in the Linux terminal.

Lynx is a text-only browser that is designed to allow terminal-based systems to access web pages on the Internet. As it relates to Linux, Lynx is a web browser that runs in the Terminal. Lynx can access any web page available on the Internet just like your normal browser can, though it does have some limitations.

Well, this was certainly a “blast from the past” experience for me! I remember first logging on to BBSs back in the day when everything was text based. I still remember the excitement of the first graphical browser, which arrived whilst sites were all still only serving text.

But apart from the retro feel of all of this, there is something to be said about the speed of just loading text vs tons of graphics and JavaScript code. And yes, tracking code and cookies etc just don’t exist with this interface.

I found it already installed on my Manjaro Linux (not sure if I installed it a time back) and it actually loaded my local news site and I could navigate articles. But yes, it is going to break on many of the modern sites, so it’s not going to replace graphical browsers I’m sure.

Wonder if we will see some demand in future that sites are required to still serve usable text versions as well? This form of browsing is ideal for example for people with sight impairments, or those with very limited data connections.

I tested it on my own blog, and the featured image for this post (at my blog site) shows what the site renders as in Lynx. It is perfectly usable, and I can navigate easily in and out of my blog posts.

See howtogeek.com/browse-the-web-w…
#Blog, #browsers, #Lynx, #retro, #technology

danie10@squeet.me

Cross-Industry Giants Unite for Speedometer 3.0 browser benchmark

A benchmark result showing a speedometer with a reading underneath of 5.83
Since its inception in 2014 by the WebKit team, Speedometer has served as an essential barometer for browser engines, propelling performance enhancements to meet the escalating demands for more dynamic and seamless online experiences.

Its latest release, Speedometer 3.0, developed through the collective efforts of leading tech giants Apple, Google, Microsoft, and Mozilla, offers a refined tool to gauge web application responsiveness by emulating real-user interactions on web pages and ushers a new era for browser performance testing.

Thanks to the collaboration of the major browser engines (Blink, Gecko, and WebKit), it introduces a superior methodology for measuring performance alongside a more encompassing set of tests that mirror the complexities of the modern Web.

We often blame our Internet connection for bad “speed experiences” but it can also be from the browser, or the various extensions added. Having a good benchmark can also serve to show whether adding or removing some extensions would make any significant difference.

On my Linux PC my Brave Beta browser scored 5.83 whilst Edge Dev scored 9.45. This gives me something to work with now whilst trying a few optimisations out.

At the end of the linked article is a link to the browser benchmark itself, if you want to try it out.

See https://linuxiac.com/cross-industry-giants-unite-for-speedometer-3-0/
#Blog, #benchmark, #browsers, #technology

danie10@squeet.me

The Sad Reality: Firefox 123 is out with broken site reporting tool

Rough textured surface with a chain of paperclips linked together. One link is broken with a piece of the paperclip lying loose.
Users of the Firefox web browser may report broken sites to Mozilla. The main idea behind the feature is to help Mozilla address compatibility issues in Firefox.

Firefox has a much smaller userbase than the Chromium-based browsers. Multiple companies, including Google and Microsoft, find and deal with compatibility issues in the Chromium source.

The new reporting tool involves the Firefox community. Select Firefox Menu > Report broken site to open the reporting tool. Select a reason, e.g., site slow or not working, ad blockers, or sign-in or sign-out and hit the send button. You may add text to the report, which you should do to provide additional details that describe the issue that you experience on the site.

Mozilla announces the new website compatibility reporter in the following way: “Having any issues with a website on Firefox, yet the site seems to be working as expected on another browser? You can now let us know via the Web Compatibility Reporting Tool! By filing a web compatibility issue, you’re directly helping us detect, target, and fix the most impacted sites to make your browsing experience on Firefox smoother.”

This is a bit sad that the web is becoming so dominated by Chromium based browsers, that Firefox users have to suffer. This reminds me very much of the old Internet Explorer days, when companies often developed specifically for that browser. It breaks compatibility, and the web really does need to have open standards adhered to in order to be future-proof and allow competition.

Any business surely wants to allow the maximum possible number of customers to view and interact with their site? The problem is that executives rarely understand this, and devs just want to get their job done ASAP.

This reporting tool looks like it is going to alert the Firefox team, so that they can attempt to “make Firefox” work with the reported site (in other words, bending Firefox to work with some non-standard implementation).

See https://www.ghacks.net/2024/02/20/firefox-123-is-out-with-broken-site-reporting-tool/
#Blog, #browsers, #interoperability, #technology

danie10@squeet.me

Thorium Browser claims to be the fastest browser on Earth

Thorium logo looks like the Chrome logo but is in shades of blue
They claim an 8-38% improvement over vanilla Chrome. It is not a completely de-Googled browser, but their focus has been on improving performance as well as a number of patches to restrict what is passed back to Google and generally improve security and privacy.

I know Firefox (and Tor and derivatives) do achieve the latter, but they mostly do not achieve the fastest performance, and sometimes websites don’t work well for them (not Firefox’s fault, but the website devs who are not designing to be compatible with open web standards).

They have also created a number of their own Chrome extensions, which seem quite unique.

See https://thorium.rocks/
#Blog, #browsers, #opensource, #technology

danie10@squeet.me

Researchers show how Chrome extensions can steal plaintext passwords for popular sites such as Gmail, Cloudflare, Facebook, etc

Google Chrome logo with what looks like a red sunset and darkish bottom third, in the background
In case one thinks this is just for three or four websites, the research measurements showed that from the top 10k websites (as per Tranco), roughly 1,100 are storing user passwords in plain text form within the HTML DOM. Another 7,300 websites from the same set were deemed vulnerable to DOM API access and direct extraction of the user’s input value.

The researchers explain that the problem concerns the systemic practice of giving browser extensions unrestricted access to the DOM tree of sites they load on, which allows accessing potentially sensitive elements such as user input fields. Given the lack of any security boundary between the extension and a site’s elements, the former has unrestricted access to data visible in the source code and may extract any of its contents.

It certainly needs a fix, and the vulnerability lies with a user installing an extension that deliberately exploits this weakness. So only using reputable extensions will help. But certainly, two other improvements are needed: The Manifest V3 protocol (that many Chromium-based browsers adopted, not just Chrome itself), should have some security boundary between the extensions and the web pages, and of course most importantly, websites should not be storing their passwords in the HTML DOM in plain text.

See https://www.bleepingcomputer.com/news/security/chrome-extensions-can-steal-plaintext-passwords-from-websites/
#Blog, #browsers, #security, #technology

prplcdclnw@diasp.eu

France’s browser-based website blocking proposal will set a disastrous precedent for the open internet

https://blog.mozilla.org/netpolicy/2023/06/26/france-browser-website-blocking/

In a well-intentioned yet dangerous move to fight online fraud, France is on the verge of forcing browsers to create a dystopian technical capability. Article 6 (para II and III) of the SREN Bill would force browser providers to create the means to mandatorily block websites present on a government provided list. Such a move will overturn decades of established content moderation norms and provide a playbook for authoritarian governments that will easily negate the existence of censorship circumvention tools.

#censorship #security #privacy #freedom #liberty #web #website #websites #web-browsers #browsers #mozilla #firefox #france

danie10@squeet.me

Which Browser Offers the Best Privacy Protection? No, Google Chrome is not on the List

Bild/Foto
Each website visit yields valuable data, sold to marketers so targeted ads can follow us around the web — unless you’re using the right browser. But what’s the best browser for privacy? There are myriad options other than Chrome or Safari if you’re concerned about online privacy and security.

If you aren’t mindful of your browsing data, you should be. We use our browsers for everything from banking to social media to email to online shopping, and a lot of sensitive data gets shared. We should be mindful of where that information is going, who can see it, and how (or if) our data is stored.

Because our data is the main source of profit for big tech, they’re incentivised to collect as much of it as possible, which they then sell to advertisers. Marketers then target us with ads, which follow us around the web for days or weeks at a time. Privacy-focused browsers can cut most or all of that intrusive data collection out of the online experience.

Even with cookies blocked, browser fingerprinting can still create a snapshot of your online behaviour. In the wrong hands, that can be used to identify or impersonate you, even though companies claim to anonymise collected user data. Even if bad actors don’t get into your bank account, they may get enough info to commit identity theft.

The best browsers for privacy depends on your needs and know-how, but Firefox, Tor, and Epic all offer unique features and functions that will help keep your data private online. Test drive each to learn which is best for you and for which situations.

See https://www.howtogeek.com/892396/which-browser-offers-the-best-privacy-protection/
#Blog, #browsers, #privacy, #technology

danie10@squeet.me

Mullvad browser : The Tor Project’s new privacy-focused browser doesn’t use the Tor network, but VPNs instead

Bild/Foto
The Mullvad browser’s main goal is to make it harder for advertisers and other companies to track you across the internet. It does this by working to reduce your browser’s “fingerprint,” a term that describes all the metadata that sites can collect to uniquely identify your device. Your fingerprint can be made up of simple things, like what browser and operating system you’re using, to more invasive info, like what fonts and extensions you have installed, and what input / output devices your browser has access to.

It’s possible to configure a browser like FireFox, which Mullvad browser (and the Tor Browser) is based on, to have similar protections. However, doing so would require at least some level of technical savvy, as you have to know which switches to flip and have the confidence that you’ve caught everything.

According to Pavel Zoneff, a spokesperson for The Tor Project, Mullvad browser is very similar to the Tor Browser, it just connects to the internet through a VPN rather than the Tor network. (It doesn’t have to be Mullvad’s VPN either; if you use another service you trust, or if you have made your own then you can use that.) Mullvad browser also doesn’t offer the Tor browser’s censorship circumnavigation user experience, access to onion sites or services, or “circuit isolation and the integration with new-identity.” But again, if you don’t know what those things are, it’s probably not a huge concern.

See https://www.theverge.com/2023/4/3/23665477/mullvad-browser-tor-vpn-privacy-browser
#Blog, #browsers, #Mullvadbrowser, #privacy, #technology, #tor

danie10@squeet.me

We need browser profile primary password logins to help prevent session hijacking

Bild/Foto
Seeing what happened this week to the Linus Tech Tips YouTube channel made me realise how well we have secured in transit data, password managers, etc (LastPass was also hacked via an end user session) but we appear to have the session data left wide open on our local machines.

I see that Firefox and Edge have profile logins, but mainly to protect the login passwords. Most Chromium based browsers do have profiles, but do not even appear to have any form of login attached to them.

Surely not just the logins can be protected, and we could have 1st party and session cookie access also protected behind a profile password? Whenever you start up your browser the first time, you are prompted for the profile primary password to unlock access to passwords, extension data, and cookies? In this way, if some bad (or good) actor stole your session data (the session data would be in use and unlocked), they’d still be prompted for a password before being able to actually use it on a freshly started browser elsewhere?

Maybe this is not the best way to do it, but clearly some improvement is needed to protect against this form of data hijacking.
#Blog, #browsers, #security, #sessionhijacking, #technology

garryknight@diasp.org

June 15: It's the end of the Internet Explorer era | ZDNet

Microsoft is ending support for IE 11 on June 15, as planned. Here's which versions will no longer get security updates and what Microsoft says will happen next.

Of course, no one in the Fediverse would use IE. But it's a happy ending to an era that lasted far too long.

#technology #tech #Windows #Microsoft #internet #browsers #IE #InternetExplorer

https://www.zdnet.com/article/june-15-its-the-end-of-the-internet-explorer-era/

willowrose@vampy.systems

Has anyone done a privacy study of Vivaldi in comparison to Chrome or Firefox? I've been using Vivaldi for a while, and like it's performance, but I'm not sure what is a reliable source of information regarding it's take on privacy.
#browsers #chrome #vivaldi

danie10@squeet.me

Apple’s grip on iOS browser engines disallowed under latest draft EU rules, in the interests of true competition

Bild/Foto
Apple requires that competing mobile browsers distributed through the iOS App Store use its own WebKit rendering engine, which is the basis of its Safari browser. The result is that Chrome, Edge, and Firefox on iOS are all, more or less, Safari.

Apple’s browser engine requirement has vexed web developers, who have been limited to using only the web APIs implemented in WebKit for their web apps. Many believe this barrier serves to steer developers toward native iOS app development, which Apple controls.

“The potential for a capable web has been all but extinguished on mobile because Apple has successfully prevented it until now,” said Russell. “Businesses and services will be able to avoid building ‘apps’ entirely when enough users have capable browsers.” “There’s a long road between here and there,” he said. “Apple has spent enormous amounts to lobby on this, and they aren’t stupid. Everyone should expect them to continue to play games along the lines of what they tried in Denmark and South Korea.”

See https://www.theregister.com/2022/04/26/apple_ios_browser/

#technology #browsers #apple #competition #EU
#Blog, ##apple, ##browser, ##competition, ##eu, ##technology

danie10@squeet.me

Apple’s grip on iOS browser engines disallowed under latest draft EU rules, in the interests of true competition

Bild/Foto
Apple requires that competing mobile browsers distributed through the iOS App Store use its own WebKit rendering engine, which is the basis of its Safari browser. The result is that Chrome, Edge, and Firefox on iOS are all, more or less, Safari.

Apple’s browser engine requirement has vexed web developers, who have been limited to using only the web APIs implemented in WebKit for their web apps. Many believe this barrier serves to steer developers toward native iOS app development, which Apple controls.

“The potential for a capable web has been all but extinguished on mobile because Apple has successfully prevented it until now,” said Russell. “Businesses and services will be able to avoid building ‘apps’ entirely when enough users have capable browsers.” “There’s a long road between here and there,” he said. “Apple has spent enormous amounts to lobby on this, and they aren’t stupid. Everyone should expect them to continue to play games along the lines of what they tried in Denmark and South Korea.”

See https://www.theregister.com/2022/04/26/apple_ios_browser/

#technology #browsers #apple #competition #EU
#Blog, ##apple, ##browser, ##competition, ##eu, ##technology