msgbartop
All about Google Chrome & Google Chrome OS
msgbarbottom

29 Dec 12 Google to scan Chrome extensions, bans auto-install


Google has taken two steps to prevent its Chrome browser becoming an attack vector for malware that runs as extensions to the browser.

Like many other browsers, Chrome allows users to install “extensions”, apps that add functionality. Google even runs the “Chrome Web Store” to promote extensions.

Security outfit Webroot recently pointed out that some of the extensions in the store are illegitimate, data-sucking privacy invaders that trick users with offers to do things like change the colour of Facebook and then suck out all their data.

Google has responded in two ways, one of which is a new service “To help keep you safe on the web” that will see the company “analyzing every extension that is uploaded to the Web Store and take down those we recognize to be malicious.”

Changes are also coming in the forthcoming version 25 of the browser, which will no longer allow extensions to install without users’ knowledge. That’s currently possible because Chrome, when running on Windows, can is designed to allow unseen installs “to allow users to opt-in to adding a useful extension to Chrome as a part of the installation of another application.”

“Unfortunately,” Google now says in a blog post, “this feature has been widely abused by third parties to silently install extensions into Chrome without proper acknowledgement from users.”

Chrome 25 will therefore remove the auto-install feature, replacing it with a new system that presents the Windows Vista-esque screen below when extensions try to ingratiate themselves with the browser.

A new dialogue box in Chrome 25 will ask users if they want to install extensions

Hi! I’m the ghost of Windows Vista! Would you like to install this extension?

As ever, Google’s blog posts and support notice on the changes position them as responsible enhancements that show, yet again, Google is doing the world a favour.

A more critical analysis could consider the announcements in light of malware found in Google Play and take Google’s decision to more aggressively curate the Chrome Web Store as an admission it needs to devote more attention to this stuff, lest Chrome and other Google products become malware-ridden quagmires that users don’t trust. ®

Article source: http://www.theregister.co.uk/2012/12/23/google_bans_auto_install_chrome_extensions/

Tags: , , ,

28 Dec 12 Chrome 25 blocks sneaky add-ons


Computerworld - Google on Friday said Chrome 25, now in development, automatically blocks browser add-ons installed on the sly by other software.

The measure mimics what rival Mozilla did for Firefox over a year ago.

Auto-blocking has already appeared in Chrome 25 for Windows on the “dev” channel — Google’s least-polished public version — which debuted last month. By the browser’s semi-regular release schedule, Chrome 25 will reach the final “stable” channel, and thus the bulk of users, in the second half of February 2013.

According to Peter Ludwig, a Chrome product manager, Chrome 25 will automatically disable any browser extensions silently installed by other software. Extensions previously installed by third-party software will also be barred from running.

Chrome users can switch on such extensions manually, or remove them from the browser and their PC.

Although Ludwig never used the word “security” in his Dec. 21 blog post, the change’s provenance was clear.

“[Silent installation] was originally intended to allow users to opt-in to adding a useful extension to Chrome as a part of the installation of another application,” Ludwig explained. “Unfortunately, this feature has been widely abused by third parties to silently install extensions into Chrome without proper acknowledgment from users.”

Google was more than a year behind rival Mozilla in banning extensions installed behind users’ backs. In Aug. 2011, Mozilla said Firefox 8 would automatically block browser add-ons installed by other software. Firefox 8 shipped three months later.

Add-ons bundled with third-party software had been a problem for Firefox users, who complained loudly when they found mysterious extensions on their computers.

A toolbar installed in Firefox alongside Skype, for example, caused so many crashes in Jan. 2011 — 40,000 in only one week — that Mozilla blocked the add-on after calling the Internet phone company a “repeat offender.” In 2009, Microsoft silently slipped an add-on into Firefox that left browser users open to attack.

Google has also made other moves this year to lock down extensions. As of Chrome 21, which launched last July, the browser will not accept add-ons installed directly from websites, but only from the Chrome Web Store. Previously, any website could prompt a Chrome user to install an extension.

“Online hackers may create websites that automatically trigger the installation of malicious extensions,” Google noted in a Chrome Help page that explained the new rules. “Their extensions are often designed to secretly track the information you enter on the web, which the hackers can then reuse for other ill-intended purposes.”

That security measure has not been foolproof, however, as a Facebook-theme scam detailed by Webroot last week illustrated: The rogue add-on was placed on the Chrome Web Store, even though Google had said on the same Help page that, “We have started analyzing every extension that is uploaded to the Web Store and take down those we recognize to be malicious.”

Chrome 25′s dev version for Windows can be downloaded from Google’s website.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at Twitter@gkeizer, or subscribe to Gregg’s RSS feed Keizer RSS. His e-mail address is gkeizer@ix.netcom.com.

More: Browser Topic Center

Read more about Internet in Computerworld’s Internet Topic Center.

Article source: http://www.computerworld.com/s/article/9235021/Chrome_25_blocks_sneaky_add_ons

Tags: , , , , ,

27 Dec 12 Google Acts Against Malicious Chrome Extensions


Google Chrome Extension

Google’s latest steps will make it harder for malicious developers trying to exploit Chrome users via browser extensions.

Extensions are plugins for Google Chrome and allow developers to add extra functionality to the Web browser. Many Chrome extensions are supremely useful, such as Ghostery, which quickly and easily detects and blocks Web trackers tagging your movements across the Web, the goo.gl URL shortener, and ViewThru, which displays the full URL when mouse-overing a shortenend link. Others, like the “Change Your Facebook Color” extension pointed out by Webroot, are privacy-violating scams peeping at the browsing history and data from other Web sites. Spam-spewing extensions also exist.

While many of the extensions are accidentally installed by users who were tricked into downloading it, many were installed without the user’s knowledge by other dodgy applications using Chrome’s auto-install feature. To address that problem, Google has removed auto-installs in the latest version of Chrome.

No More Auto-Installs
Google originally included the auto-install feature to allow applications to install an additional Chrome extension during its own installation process. This was intended to simplify the installation process so that users didn’t have to add the extension manually afterwards. 

“Unfortunately, this feature has been widely abused by third parties to silently install extensions into Chrome without proper acknowledgement from users,” Peter Ludwig, a product manager at Google, wrote on the Chrmoium blog

Chrome (version 25 for those counting) will now block an application trying to auto-install an extension Google and display an alert informing the user about the new extension and list some of the things it can do (such as “Access your data on all Websites” and “Read and modify your bookmarks”).

Chrome 25 also automatically disables any extensions that were previously installed using the auto-install feature. If the user wants to re-enable the extension, the browser will display a one-time prompt explaining what each extension wants to do before allowing them to be turned back on. 

Stopping Malicious Extensions
Google also appears to have a new service which analyzes “every extension that is uploaded to the Web Store and take down those we recognize to be malicious,” according to the support pages for the Chrome Web Store. There isn’t a lot of information about the service at this time, so it’s not known whether Google is using an automated scanner similar to Google Bouncer checking app in Google Play (or if Bouncer itself is handling both markets).

Google has recently cracked down on extensions. Back in July, Google changed Chrome so that users could only install extensions found in the Chrome Web Store, and not from third-party sites. 

Article source: http://securitywatch.pcmag.com/none/306341-google-acts-against-malicious-chrome-extensions

Tags: , , , , ,

14 Apr 12 Work offline on Google Docs


The advantages keeping documents online are obvious. No longer are your documents or presentations locked in the belly of one machine, but instead liberated to freely roam wherever internet connections abound. But if should find yourself somewhere where Wi-Fi isn’t available, such as on a train, plane, or a deserted log cabin, then the weaknesses become immediately apparent.

Google Docs

Google offers the facility to view your documents offline via the Google Docs app in the Chrome App store (easily found by launching Chrome and clicking on the Web Store icon) but this is restricted to your more recent creations and doesn’t allow editing.

A more traditional way around this problem is to download the files you wish to work on and then open them in an office suite such as Microsoft Office or the free LibreOffice (www.libreoffice.org). Google Docs supports an excellent range of formats in its download section, most of which LibreOffice handles very well.

If you’re working on an iPad then emailing the documents to the device and then opening them with Pages is probably the best, if not most elegant, solution. Android tablet owners can use similar methods with apps like QuickOffice Pro or Kingsoft Office to take their work on the road. It’s certainly not ideal and hopefully Google will address the issue soon.

1. To find the Google Docs app, launch the Chrome browser (available free from chrome.google.com. You’ll see an icon called Chrome Web Store (click on Apps at the bottom if you can’t see it). Click on it then search for Google Docs.

Google Web Store

2. To set up offline viewing click on the settings icon on the right of the Google Docs home screen (the gear icon) then select ‘Set up Docs offline’. Click the ‘Allow offline docs’ button and your latest documents will be stored locally.

Set up offline docs

3. If you want to edit or continue to work on your documents then you’ll need to download them to your hard drive. From the file menu select ‘Download as’, and choose whichever format best suits your Office Suite.

Download files from Google Docs

4. For tablet users one solution is sending your documents via email. Go to the file menu then select ‘Email as Attachment’. Just remember to open them on your tablet before you leave a Wi-Fi area to ensure you have them stored locally.

Email files from Google Docs

Article source: http://www.pcadvisor.co.uk/how-to/internet/3351000/work-offline-on-google-docs/

Tags: , , , , ,

04 Apr 12 Google Chrome Web Store Gets Trending View, App Badges


Google Chrome Web Store Gets Trending View, App Badges

Google has just announced some improvements to the Chrome Web Store that they hope will make “finding the right app and extension easier.”

Over the past few weeks, we’ve introduced several new features to make it easier to discover new apps and extensions. These can be especially helpful, as the number of apps and extensions in the Chrome Web Store has grown to the tens of thousands.

One of those new features, subcategories for apps, was added to the Web Store recently. Now, a new crop of improvements like Trending view, autocomplete search, and app badges join the party.

First, Trending view is currently an “early version” of what it will eventually be, says Google. Located under the “Popular” tab on the left hand side, the Trending view shows apps and extensions that are “growing fastest” in the Web Store. The speed of their growth is ranked from “warm” to “on fire.”

Chrome Web Store Trending View

The new app badges appear on the landing pages of some apps. They are clickable, and generate a list of similar apps – or “apps that have the same functionality.” The two types of app badges you can currently see in the store are “playable on Google+” and “offline,” meaning that particular app will work offline.

Lastly, the search box now has autocomplete – a helpful addition indeed. The Chrome blog also adds that in the next few weeks, most all of the Google+ games will hit the Web Store.

Article source: http://www.webpronews.com/google-chrome-web-store-updates-2012-04

Tags: ,

05 Dec 11 New Chrome Web Store Proves To Be A Boon For Developers Above (And Below) The Fold


Chrome-Store

It’s been a busy year for Google — in more ways than one. Larry Page took over the reins from Eric Schmidt as CEO; there have been a steady stream of products hitting the deadpool (see the first graf here for some examples), while on the flip side, we’ve seen the arrival of Google+, Google Music, Google Wallet, and the purchase of Motorola — just to name few.

We’ve heard a lot about the success of Android, too, as well as Google’s ongoing redesign of its products: Search, Maps, Reader, Gmail — each are getting a new coat of paint. Android.com got a new look in November, YouTube launched “the biggest redesign in its history” yesterday with serious G+ integration, and on and on.

For all the coverage of smartphone proliferation, Android, search, G+, and so on, we haven’t heard as much about Google’s fledgling web apps market. We’re quietly sneaking up on the first birthday of the Chrome Web App Store. Google’s browser itself has been quickly gaining ground amongst the competition, as Robin reported last week that Chrome had passed Firefox to become the second largest browser in marketshare, with 25.7 percent. Based on those numbers, both Firefox and IE (which has the top share) have been in seemingly aggressive declines, while Chrome has been growing steadily.

As to Chrome’s app store, the early reports showed slow growth and sales, but in September the Web Store passed 30 million aggregate users. Then came the redesign.

In October, Google brought its wide-ranging redesign to its browser’s web app store, completely overhauling the store’s look and its user experience. In contrast to its launch, the web app store’s remake seemed to catalyze a big increase in traffic, across downloads, users, and total number of apps, with The Independent reporting that the web store’s apps have now hit ‘millions of downloads a day’.

Chris Sorensen, Founder of ChromeOSApps.org, an independent website that monitors CWS app performance, shared some interesting numbers with us: In the month prior to redesign, the Chrome Web Store saw an average of 33 million app users, and the month after redesign CWS is now seeing 55 millon users. Downloads per day prior to redesign were about 525K, compared to the month after, when they’d jumped to 1.2 million, and the monthly growth of users prior was 20 percent, compared to 63 percent after.

Taking a look at these numbers, one would think that Google’s redesign has, in just over a month, already had significant impact. Not exactly “millions per day”, but it has.

But how? What’s important to remember is that, during the month surrounding the web store’s redesign, Google synchronized its downloaded apps across its platforms. What counted as one app download (when the app store launched, for example), now may count as multiple downloads as the store began synching apps across browsers on users’ desktops, laptops, and devices.

As such, Sorensen tells me that he thinks the Web Store’s download numbers (and user numbers) are likely inflated. This isn’t a deliberate move on Google’s part to mislead, the truth is that they’re learning on the fly.

What’s more, before its redesign, Chrome Web Store was showing just over 6,000 apps total. Since redesign, we’ve seen the total number of apps jump to over 18K — a threefold increase in about six weeks. It his a dramatic sign that all of a sudden developers have fallen in love with Chrome’s Web App Store? Not exactly.

Certainly, the new app store has significant new potential for app developers, but this increase is due to the fact that the old Chrome Web Store had an inherent limit to the number of apps that could be displayed in each category, like 50 pages of 20 apps, for example. So, for the “Games” category, there were 1,000 apps that could be accessed and downloaded, but there was no page 51, that was it.

So, now that the ceiling has been lifted, the full bevy of apps is now appearing in the store, and it’s likely that many of these apps were already there, they just hadn’t made the cut. Whether that was because of a lower quality of apps, fewer downloads — that remains to be seen. Google hasn’t yet shared.

Thus, while the drastic increase in downloads, number of users, and total apps in the store — over a fairly short period of time — has been inflated by the processes involved in restructuring the store itself, the redesign is still having a very real effect on the success of its apps.

The new layout has brought a new image-centric look to the store, with each app getting a title, showing its rating in number of stars, and an accompanying image. When you scroll over the app, a brief description pops up, with the ability to one-click download from there. If you click on the app, you remain in the store at the same expanded URL, but now see a full-screen box with three tabs within, where you can view images, details, reviews, etc. All in all, the new design looks great; it’s a big step up — it now looks as if Google’s actually taking CWS somewhat seriously.

Furthermore, some apps receive larger images within the storefront, and Google has not yet shared exactly how it’s deciding on placement, which apps get larger images, front page real estate, and so on. Some apps with 20K users are still at the bottom with apps that have under 50 users. But the real point of interest for developers is that apps, whether they’re now on the equivalent of “page 1″ or “page 20″ (there are no pages anymore, it’s just one long stream), all apps are rising on a rising tide.

Without having to click through pages, some of the friction has been removed. And while apps close to the top are still benefitting from a higher volume as one would expect, the growth is happening across the board. Below you can see a sample from the “Education” category, for “page 1″ and “page 20″.

Of course, not everyone wins, but at present, some app developers are happily surprised to find that their apps are being placed on the front page — with large promo images to boot. Sorensen cited the example of a game called Little Alchemy, designed by a young developer from Poland. Receiving a large image on the front page, without prior warning, the app’s user base shot up from 186K to 342K — with no other promotion. Inflated or not, that’s a good sign.

As Chrome’s share of the browser market continues to rise, there’s no doubt that its web store will benefit. And with less of an atrocious user experience, there is bound to be less friction and, with it, more downloads, users, and (gasp) maybe even more paying users. If the number of apps continues to grow at or near 60 percent every month, the key for developers, then, will be how to optimize placement within the app store’s ranks. There is currently a “Popular” tab, but no breakdown of these popular apps into categories — no top ten lists, a la iTunes. So, the number of ways for an app to be discovered remain small.

Sorensen said he’s currently developing an app to track placement in the Chrome Web Store, what categories the app appears in, its rank, image size, etc., which should give developers a better sense of how their apps perform as they move. Will be interesting to see, too, how much control there is over placement within the store.

Side note: CWS turns one officially on Wednesday.

What do you think? Tongue planted in cheek: Any chance app placement optimization rivals SEO in the next year?

Article source: http://techcrunch.com/2011/12/05/new-chrome-web-store-proves-to-be-a-boon-for-developers-above-and-below-the-fold/

Tags: , , ,

26 Oct 11 Chrome 15 Update Fixes Bugs, Revamps Tabs


Google this week released an updated version of its Chrome browser, which fixes a number of bugs and revamps its tabs page and Web Store layout.

The overhauled tabs separate apps and most-visited Web sites; they are accessible via the arrows on the right and left, as well as the “most visited” and “apps” options at the bottom of the page. You can drag and drop apps to re-arrange them or delete those you don’t want by dragging them to the bottom right, where a trash can will appear.

To add apps, click the Chrome Web Store app, which also got an update.

“Apps and extensions are now presented in a wall of images that’s updated every time you visit the store,” Shannon Guymon, a Google product manager, wrote in a blog post. “We hope this will help you quickly scan the store and find interesting things to try out. In addition, apps and extensions are easier to install—just hover over an image on the grid and click ‘Add to Chrome.’”

If you want more information about an app or extension, click it and “you’ll see a panel featuring screenshots, videos, and other relevant information neatly organized into separate tabs,” Guymon wrote. “The store also includes a brand new reviews interface that links to the Google+ profile of each reviewer.”

Previously submitted reviews will be anonymized to protect privacy.

Chrome 15.0.874.102, meanwhile, includes several bug fixes, 11 of which were designated high risk. Google handed out a few bug bounties for this release; the largest payout went to Sergey Glazunov, who earned $12,174 for five fixes related to cross-origin policy violations. Glazunov also got $1,500 for medium-level vulnerability dealing with cookie theft via javascript URIs.

More details are available on Google’s Chrome release blog.

For more from Chloe, follow her on Twitter @ChloeAlbanesius.

For the top stories in tech, follow us on Twitter at @PCMag.

Article source: http://www.pcmag.com/article2/0,2817,2395289,00.asp?kc=PCRSS03069TX1K0001121

Tags: , , ,

26 Oct 11 Chrome 15 Update Fixes Bugs, Revamps Tabs


Google this week released an updated version of its Chrome browser, which fixes a number of bugs and revamps its tabs page and Web Store layout.

The overhauled tabs separate apps and most-visited Web sites; they are accessible via the arrows on the right and left, as well as the “most visited” and “apps” options at the bottom of the page. You can drag and drop apps to re-arrange them or delete those you don’t want by dragging them to the bottom right, where a trash can will appear.

To add apps, click the Chrome Web Store app, which also got an update.

“Apps and extensions are now presented in a wall of images that’s updated every time you visit the store,” Shannon Guymon, a Google product manager, wrote in a blog post. “We hope this will help you quickly scan the store and find interesting things to try out. In addition, apps and extensions are easier to install—just hover over an image on the grid and click ‘Add to Chrome.’”

If you want more information about an app or extension, click it and “you’ll see a panel featuring screenshots, videos, and other relevant information neatly organized into separate tabs,” Guymon wrote. “The store also includes a brand new reviews interface that links to the Google+ profile of each reviewer.”

Previously submitted reviews will be anonymized to protect privacy.

Chrome 15.0.874.102, meanwhile, includes several bug fixes, 11 of which were designated high risk. Google handed out a few bug bounties for this release; the largest payout went to Sergey Glazunov, who earned $12,174 for five fixes related to cross-origin policy violations. Glazunov also got $1,500 for medium-level vulnerability dealing with cookie theft via javascript URIs.

More details are available on Google’s Chrome release blog.

For more from Chloe, follow her on Twitter @ChloeAlbanesius.

For the top stories in tech, follow us on Twitter at @PCMag.

Article source: http://www.pcmag.com/article2/0,2817,2395289,00.asp

Tags: , , ,

26 Oct 11 Google Revamps New-Tab Page in Chrome Web Browser


Google has revamped the “new-tab” feature in its Chrome web browser to give the look and feel of a mobile web app.

Let me explain: in the past, when a new tab was spawned in Chrome, a single page would open with three divisions–applications, most visited, and recently closed.

Chrome's old lookChrome’s old look

Now, Chrome creates a single page for each of these divisions. You can slide between pages by clicking on arrows at either end of the browser window, or jump to a page by clicking on tabs for the pages that appear at the bottom of the screen.

Items on the pages can be reorganized by dragging and dropping them to new positions on the screen. To get rid of an item, just drag it to the right corner of the browser window and a trash receptacle will appear.

If you’re looking for new apps or extensions to add to Chrome, just click on the Web Store app that appears on all new-tab pages by default.

Google has also revamped its Chrome Web Store. The storefront is now a wall of photos that display the latest additions or most popular apps. There’s a slider at the top of the page for browsing recent additions to the store.

Google has simplified the app/extension installation process–when you hover over an image on the store page, it morphs into a screen with an “add to Chrome” button on it. Just click “add” and your app or extension will be installed.

To learn more about an app, you can click on its image. A page will pop up containing screenshots, video, and a description of the app or extension. You can also add the app from this page, by clicking the “add to Chrome” button.

In addition to cosmetic changes, Google has introduced some new apps at the Chrome Web Store. There’s Robot Nation, which lets you design your own robot and bring it to life if you have a 3D printer; two new games, The Godfather: Five Families and Fieldrunners; and there’s a new eBay app for shopping at that auction site.

Follow freelance technology writer John P. Mello Jr. and Today@PCWorld on Twitter.

Article source: http://www.pcworld.com/article/242557/google_revamps_new_tab_page_in_chrome_web_browser.html

Tags: , ,

26 Oct 11 Chrome’s new ‘new tab’ goes wide


The cover was yanked off the stable version of Chrome 15 today, as Google updated its New Tab page to emphasize Web apps and customizations along with Most Visited sites. Google Chrome 15 stable for Windows (download), Mac (download), Linux (download), and Chrome Frame also made several serious security improvements. However, the ability to synchronize your Omnibox history remains relegated to the less-stable Chrome beta and developer’s channels.

Google’s new ‘new tab’ page contains robust organizational features.

(Credit:
Google)

The intuitive New Tab page allows you to create custom categories by dragging and dropping apps and bookmarks, and includes navigation arrows on the left and right edges of the page that become more visible on mouse-over.

Related stories
• How to use Chrome’s latest new tab page
• New tab page redone in Chrome 15 beta

The New Tab redo launch coincides with a redesign of the Chrome Web Store, Google’s clearinghouse for its Web apps. The new look to the Web Store emphasizes a more graphical look, including app-related video, screenshots, and reviews that are linked to the Google+ account of the reviewer. Along with the killing of Buzz, Google hopes the move will help focus people on the interactivity of Google’s Web services.

There were 11 security bugs marked as High that got fixed in Chrome 15. These patched problems such as URL bar spoofing, multiple cross-origin policy violations, several use-after-free problems, and one bug that exposed the internal functions of the V8 JavaScript engine. There was also a NSS network library security fix introduced to prevent the ‘BEAST’ browser attack. Google noted while Chrome was not directly affected by the attack, that the defense may expose bugs in Brocade hardware and that Brocade is working on fixes.

Security release notes for Chrome 15 are available here, while the Chrome team’s blog post announcing the update can be read here.

Article source: http://download.cnet.com/8301-2007_4-20125501-12/chromes-new-new-tab-goes-wide/?part=rss&subj=software&tag=title

Tags: , , ,