How will advertising work on Accelerated Mobile Pages?
A goal of the Accelerated Mobile Pages Project is to ensure effective ad monetization on the mobile web while embracing a user-centric approach. With that context, the objective is to provide support for a comprehensive range of ad formats, ad networks and technologies in Accelerated Mobile Pages. As part of that, those involved with the project are also engaged in crafting Sustainable Ad Practices to insure [sic] that ads in AMP files are fast, safe, compelling and effective for users.
Previously it was a stand-alone app that would act as a proxy and filter out ads from all traffic. That was yanked from the store since it "interfered with operations of other apps". To some extent, that's a fair accusation.
Now, a FF plugin affecting only FF or a standalone browser are okay by this criterion, so it's "back" in this form.
I fully support this proposal. In addition to APIs, I'd like to propose prohibiting caching any resources loaded over insecure HTTP, regardless of Cache-Control header, in Phase 2.N. The reasons are: 1) MITM can pollute users' HTTP cache, by modifying some JavaScript files with a long time cache control max-age. 2) It won't break any websites, just some performance penalty for them. 3) Many website operators and users avoid using HTTPS, since they believe HTTPS is much slower than plaintext HTTP. After deprecating HTTP cache, this argument will be more wrong.
I'm sure the users will appreciate the extra traffic!
I can see 1 being a thing, but 2 is a penalty for the end-user on metered connections, and 3 is an argument for "Mozilla is much slower than [insert browser here]".
Typical bug trackers allow you to classify something as a security issue, which automatically hide the bug from public. Some automatically do that to crash reports.
Both parties admit that it could have been handled better.
I specifically asked Nathan Adams (Dinnerbone) about it on Twitter; he said that it would've been handled better if the exploit was logged with the bug tracker to begin with, instead of trying to talk directly to people.
You need Developer mode to install "unpacked" extensions, which essentially means "in development", with no auto-update.
On Windows, they disabled the ability to install packaged extensions from other sources, Developer mode or not. unless you have a domain-level enterprise policy to whitelist some. On other platforms, you're free to install extensions from any source. On any platform, you're free to install Chrome Apps from any source. The reasoning being that apps do not silently run in parallel and with access to your browsing.
What this summary neglects to say is that Google is open to the idea of adding them back. Quote (link mine):
[...] CNNIC will be working to prevent any future incidents. CNNIC will implement Certificate Transparency for all of their certificates prior to any request for reinclusion. We applaud CNNIC on their proactive steps, and welcome them to reapply once suitable technical and procedural controls are in place.
Slashdot Mirror
Reckon you can do that, Google?
Of course they can't. Look at their FAQ.
How will advertising work on Accelerated Mobile Pages?
A goal of the Accelerated Mobile Pages Project is to ensure effective ad monetization on the mobile web while embracing a user-centric approach. With that context, the objective is to provide support for a comprehensive range of ad formats, ad networks and technologies in Accelerated Mobile Pages. As part of that, those involved with the project are also engaged in crafting Sustainable Ad Practices to insure [sic] that ads in AMP files are fast, safe, compelling and effective for users.
Still easily treatable with antibiotics.
> It's free for personal use
[citation needed]
It prevents your status update from "Offline" to "Online". That shows up as "connecting", but if you try it, it will pass IMs still.
Content creators I care about. Webcomics, YouTube channels.
Fortunately, Patreon emerged as a solution to this.
Previously it was a stand-alone app that would act as a proxy and filter out ads from all traffic. That was yanked from the store since it "interfered with operations of other apps". To some extent, that's a fair accusation.
Now, a FF plugin affecting only FF or a standalone browser are okay by this criterion, so it's "back" in this form.
Surely you mean Pac-Man.
Makes me wonder if this video will be made illegal in Russia.
Inquiry is being conducted by appropriate authorities, yes; it's the Pirate Party that launched the inquiry, though.
Swiss Pirate Party initiated an inquiry into Windows 10 privacy policy.
The end result of which (if it does not pass Swiss scrutiny) would be an official recommendation to prohibit purchase.
You could look into LED decoration. For example, BlinkyTape - a LED strip with an attached Arduino-compatible controller.
It can be just decoration, or you can use it for light painting.
Of course, you can build your own LED-based contraption.
Datasets for neural net training.
If you didn't see the article/service, it can now classify photos so you can search by something like "car" or "red".
I thought the whole point was Chrome UI, not Firefox..
A middle-click on the New Tab button works, assuming a Linux system.
Otherwise, it's relatively easy to write an extension that does it.
I fully support this proposal. In addition to APIs, I'd like to propose prohibiting caching any resources loaded over insecure HTTP, regardless of Cache-Control header, in Phase 2.N. The reasons are:
1) MITM can pollute users' HTTP cache, by modifying some JavaScript files with a long time cache control max-age.
2) It won't break any websites, just some performance penalty for them.
3) Many website operators and users avoid using HTTPS, since they believe HTTPS is much slower than plaintext HTTP. After deprecating HTTP cache, this argument will be more wrong.
I'm sure the users will appreciate the extra traffic!
I can see 1 being a thing, but 2 is a penalty for the end-user on metered connections, and 3 is an argument for "Mozilla is much slower than [insert browser here]".
*ding ding ding*
And we have a winner!
If HTTPS then the IP will be enough by itself.
This is precisely what happened.
It's not like the existence of this bugtracker is a secret from anybody, not for 2+ years. It's even referenced in every release announcement.
Typical bug trackers allow you to classify something as a security issue, which automatically hide the bug from public. Some automatically do that to crash reports.
And I botched up the link to the tweet: https://twitter.com/Dinnerbone...
Both parties admit that it could have been handled better.
I specifically asked Nathan Adams (Dinnerbone) about it on Twitter; he said that it would've been handled better if the exploit was logged with the bug tracker to begin with, instead of trying to talk directly to people.
Undoing fat-fingered moderation, should be +1 Insightful
Not true.
You need Developer mode to install "unpacked" extensions, which essentially means "in development", with no auto-update.
On Windows, they disabled the ability to install packaged extensions from other sources, Developer mode or not. unless you have a domain-level enterprise policy to whitelist some.
On other platforms, you're free to install extensions from any source.
On any platform, you're free to install Chrome Apps from any source. The reasoning being that apps do not silently run in parallel and with access to your browsing.
What this summary neglects to say is that Google is open to the idea of adding them back. Quote (link mine):
[...] CNNIC will be working to prevent any future incidents. CNNIC will implement Certificate Transparency for all of their certificates prior to any request for reinclusion. We applaud CNNIC on their proactive steps, and welcome them to reapply once suitable technical and procedural controls are in place.
Not sure if trolling or being funny. You succeed at both.
P.S. Google Translate in a pastebin (since the page has enormous amount of comments, it won't directly translate): http://pastebin.com/b56n2TnV