Slashdot Mirror
Chrome 62 Released With OpenType Variable Fonts, HTTP Warnings In Incognito Mode (bleepingcomputer.com)
An anonymous reader writes: Earlier today, Google released version 62 of its Chrome browser that comes with quite a few new features but also fixes for 35 security issues. The most interesting new features are support for OpenType variable fonts, the Network Quality Estimator API, the ability to capture and stream DOM elements, and HTTP warnings for the browser's Normal and Incognito mode. The most interesting of the new features is variable fonts. Until now, web developers had to load multiple font families whenever they wanted variations on a font family. For example, if a developer was using the Open Sans font family on a site, if he wanted a font variation such as Regular, Bold, Black, Normal, Condensed, Expanded, Highlight, Slab, Heavy, Dashed, or another, he'd have to load a different font file for each. OpenType variable fonts allow font makers to merge all these font family variations in one file that developers can use on their site and control via CSS. This results in fewer files loaded on a website, saving bandwidth and improving page load times. Two other features that will interest mostly developers are the Network Quality Estimator and the Media Capture from DOM Elements APIs. As the name hints, the first grants developers access to network speed and performance metrics, information that some websites may use to adapt video streams, audio quality, or deliver low-fi versions of their sites. Developers can use the second API -- the Media Capture from DOM Elements -- to record videos of how page sections behave during interaction and stream the content over WebRTC. This latter API could be useful for developers debugging a page, but also support teams that want to see what's happening on the user's side.
This is exactly the problem. Unless this has user opt-in required for each site, this is a gaping potential security hole.
This Media Capture from DOM Elements API sure sounds like a potential grand-canyon-sized security hole.
#DeleteFacebook
The font changes are interesting but...... until other browsers support it, who in their right mind is going to design a chrome-only website? Maybe some kind of feature test could support this optimization, but then you'd have divergent code paths and that gets messy too. This is why it's better to work on updating STANDARDS instead of just adding one-off features... else it's internet explorer all over again.
I don't think that Google is embracing-extending-extiguishing the web. They can't really help it that Chrome has over 50% of the browser market. It's not a monopoly situation; there are numerous other competing web browsers out there, including from major vendors like Microsoft and Apple, that have a sizable share of the market.
I know a lot of people mistakenly think that Chrome is successful because Google advertises it. Well that's not the case at all. The reality is that people use Chrome because it's the least worst of all of the browsers. They typically don't like Chrome's UI, but the other browsers don't offer a better UI, either. Where Chrome really shines is that it's fast and light. While Edge and Safari aren't slow, Chrome still often feels faster. If there's one browser that consistently feels slow and bloated, it would have to be Firefox, in my experience. So users do the sensible thing: they use Chrome, or sometimes Edge and Safari. They avoid Firefox.
If anyone is to blame for the current situation, I think it would be moz://a. Firefox was well on its way to becoming what Chrome is today: the majority-used browser. Firefox was up there around 35% of the market around its peak. But then the Firefox developers started making so many unwanted changes to Firefox, even after users begged them not to make the changes. The Firefox developers trashed Firefox's UI by trying to imitate Chrome's rather awful UI. The Firefox developers even put "sponsored tiles", which is a deceptive way of saying "advertisements", into Firefox for some time! Then it took them many years to get multi-process support working. More recently they've made changes that will soon break a lot of extensions. Yet during all of this time we've seen little done to address the performance and excessive memory usage complaints users have been pointing out for many years.
It really doesn't help that moz://a has wasted time and resources on failures like Firefox OS, Rust, and Servo, instead of directing these resources toward improving Firefox.
Even if Chrome crawled along at a snail's pace, they'd still be leading the direction of the web because the competitors, especially moz://a, just can't seem to get their acts together.
We should have been living in a 2017 where Firefox was used by 60% of browser users, IE/Edge was used by 20%, Safari was used by 15%, and the remaining 5% were various niche browsers like Opera. But I think moz://a made some serious missteps along the way, and instead we live in a 2017 where Chrome dominates the browser landscape. Thanks, moz://a!
Firefox 57 actually is fast in real use scenarios, not just on a pointless benchmark. Not sure how you don't notice, the change is incredibly glaringly obvious to me. The older versions had horrible problems freezing up the entire UI while content was being downloaded or waiting for the server. As far as the broken extensions, many extension developers will be launching versions compatible with 57 when the browser is finally released.
What is this, FUD?
I installed Firefox 57, headed over to /., and the render speed was jarring. I gave Firefox Sync a round of testing and found it wildly superior to Chrome's sync strategy (FSync actually keeps track of changes, whereas Chrome merely does a set union on your current running instance and the remote server - meaning that any sort of deletion action requires interesting gymnastics). The dark bar took a moment to get use to, but in the end feels great (too many websites shoot for the pure-white-elegance look and having the browser do that as well just hurts the eyes by the end of the day).
Servo failed? Servo is a testbed for Firefox, and ported chunks of it are what makes Firefox 57 so fast.
Rust failed? People are having serious discussions on how a kernel written in Rust would play out.
Firefox has no say? I mean...in what regard? UI? User tracking? Sure. In other fields, such as cryptography policies, Mozilla plays the flute.
Come on, now. Don't be so dramatic.
Except...I'm a Chrome user. Have been for maybe nine years. On a whim I gave Firefox 57 a shot and it feels great, so I'm using it.
Really, what is the chip on your shoulder?
Google's developers surely know about these potential security issues, however Google isn't run by developers. It's run by marketing, ads and data-mining.
#DeleteFacebook
Still no way to view certificates for my users. Unacceptable as developer tools are too hard to use for my older users over the phone to check if a site is a scam site or if they have been infected.
Why the hell did Google remove this feature? It's security 101
http://saveie6.com/
One of my long-standing complaints about the Web was/is the number of pages that tempt you to ask the designer, "Did you have to study ugly and unreadable in school, or are you just naturally talented?" Font choices, both the number used and the fonts themselves, are a significant part of that.
.css file to limit things to one of two fonts. Then I wrote a GreaseMonkey script that goes through almost every page I download and replaces styling with one of those two fonts, and one of a handful of sizes. I'm a whole lot happier with how the Web looks these days :^)
A couple of years ago I did everything I could with preferences and a user