Google has added tab syncing to the latest beta release of the company’s Chrome web browser. Using the latest Chrome beta you can now access the tabs open on your desktop at home while you’re out and about with your Android phone. The syncing will work with any device that can run Google Chrome.
As with most of Chrome’s syncing features you’ll need to be signed in to your Google account to access the new tab syncing. Once you’re logged into your Google account look for the “Other devices” menu on Chrome’s New Tab page. Click that button and you’ll see a list of every open tab on all the devices signed into that Google account.
While tab syncing is handy if you move between home and work computers, it really shines when going from desktop to mobile. If you’ve got an Android phone with the new Chrome beta installed, you’ll now be able to access any open tab on your desktop machine no matter where you are. The reverse is also very helpful, especially for those times when you encounter a mobile-unfriendly page — just open it later when you get home.
If you don’t want to trust your day-to-day web browsing to a beta release, fear not, the tab syncing features will, barring any unforeseen complications, be part of the next official Chrome release.
The browser wars are back on in earnest. For the second time in three months, Internet Explorer made large gains, picking up almost 1 point of market share. Chrome, Firefox and Safari all lost out, as Internet Explorer 9 won over new users.
Internet Explorer gained 0.99 points for a 53.88 percent market share, taking it to a six-month high. Firefox is down 0.37 points to 20.55 percent. This is the lowest share the browser has been at since October 2008. Chrome is down a third of a point to 18.57 percent, Safari is down 0.17 points to 5.07 percent, and Opera also fell, dropping 0.09 points to 1.62 percent.
This is a strong performance from Microsoft, though it may come as a surprise to many. In mid-March, Web analytics firm StatCounter announced that Chrome had overtaken Internet Explorer for the first time ever: On Sunday, Mar. 18, for one day only, Chrome was the number-one browser. This seems at odds with Internet Explorer’s growth and Chrome’s decline.
StatCounter, however, is recording something slightly different from Net Marketshare, the numbers we use for our monthly look at the browser war. StatCounter measures raw unadulterated pageviews. It doesn’t attempt to make any corrections for pre-rendering (Chrome will render pages ahead of time if it thinks that the user will look at them, boosting its number of pageviews), it doesn’t attempt to count unique visitors, and it doesn’t attempt to use geographical weighting to account for uneven visitor demographics. (Some sites are more popular in the United States than China, for example, so their browser usage will tend to be more representative of American users than Chinese ones.)
StatCounter’s numbers are still interesting as a measure of web usage, but Net Marketshare’s numbers, which do try to account for things like the geographical variation, are a better measure of browser market share — that is, the number of people using each browser.
A look at the version breakdowns for each browser reveals how Microsoft has made these gains.
Internet Explorer 9 has picked up 2.6 points of share in the last month. This is its strongest month since its release. Internet Explorer 8 fell by almost the same amount, dropping by 2.19 points. Internet Explorer 7 dropped a fraction, down 0.09 points, and Internet Explorer 6 picked up 0.66 points.
The numbers suggest that Internet Explorer 8 users are switching to Internet Explorer 9 in relatively large numbers, particularly on Windows 7: 34.5 percent of Windows 7 users are using Internet Explorer 9.
Microsoft has been vigorously promoting Internet Explorer 9, most recently with a campaign that encourages nerds to give Internet Explorer a second chance; the latest part in a broader campaign to educate users and explain to them that Internet Explorer 9 really isn’t the same as the much-hated Internet Explorer 6.
On top of that, the company is continuing to use automatic updates to move Internet Explorer 7 and 8 users onto the latest version.
Together, these factors seem to be driving upgrades to the current browser version, and users are actually sticking with it rather than switching to other options.
Chrome’s update story is the same as ever. Its automatic update process is reliable, consistent, and effective, keeping the large majority of Chrome users on the latest and greatest version of the browser.
Firefox continues to have a large number of users on version 3.6 and below. The final update for 3.6, version 3.6.28, was released on Mar. 13. Unless there’s a security emergency, there will not be a 3.6.29: Support for 3.6 ends on Apr. 24. Firefox users wanting a browser with long-term support but without six-weekly major updates will have to switch to Firefox Extended Support Release 10.0.4. Everyone else should switch to the current main branch, which on Apr. 24 will be Firefox 12.
Mozilla plans to make Firefox 3.6 offer an update to version 12 once the end of its supported lifecycle has been reached. This means that Firefox 3.6 users should start to decline. However, as with the die-hard group of Firefox 3.5-and-below users that still exists, it’s unlikely that they will all opt to do so.
Automatic, silent updates are still being developed for Firefox. The latest 32-bit nightly builds (version 14) include automatic updates that do not show any UAC prompts on Windows. They’re not yet silent updates, though this too is planned. Until these things are finished, the browser will struggle to have transitions as smooth as Chrome’s.
In mobile, iOS users continue to outnumber Android users, with the surprising implication that Android users don’t actually use the web very much on their smartphones.
SPDY, pronounced “speedy,” is a replacement for the HTTP protocol — the language currently used when your browser talks to a web server. When you request a webpage or a file from a server, chances are your browser sends that request using HTTP. The server answers using HTTP, too. This is why “http” appears at the beginning of most web addresses.
The SPDY protocol handles all the same tasks as HTTP, but SPDY can do it all about 50 percent faster.
SPDY started life as a proprietary protocol at Google and worked only in the company’s Chrome web browser. SPDY has since won support elsewhere. Firefox will have SPDY support when version 11 hits prime time in the near future [Update: As Mozilla's Chris Blizzard points out, SPDY is disabled by default in Firefox 11. If you're using the beta and want to give it a try, you'll need to visit about:config, search for network.http.spdy.enabled and set the value to true. If all goes well SPDY will be turned on by default in Firefox 13.]. Amazon also baked SPDY support into its Silk browser for the Kindle.
The IETF’s HTTPbis Working Group — the standards body charged with creating and maintaining the HTTP specification — is now consideringadding SPDY to HTTP 2.0, which will improve the speed of HTTP connections.
Despite the web standards backing, SPDY still has a long way to go before it’s an everyday part of the web. With only Chrome and Firefox behind it, SPDY is still only available for about 40 percent of desktop users. But with large services like Twitter throwing their weight behind it, SPDY may well start to take the web by storm — the more websites that embrace SPDY the more likely it is that other browsers will add support for the faster protocol.
If you’d like to follow Twitter’s lead and get your own site serving over SPDY, check out mod_spdy, a SPDY module for the Apache server (currently a beta release).
Google’s Chrome development team is working on a system to automatically generate passwords, which would help users secure their online identities with passwords that would be diversified across different sites, and are randomized and thus harder to guess. Detailed in developer documentation on the Chromium Project site, the system would detect account sign-up pages and “add a small UI element to the password field” giving the user the option of letting Chrome manage the password for them.
Initial versions of the system would create passwords on an individual basis, at the user’s request. But Google’s development team states that “At some point in the future it might also be possible for us to automatically change all of a user’s passwords when we realize that their account is hijacked.” The developer documentation notes that the feature would make Google “a higher value hijacking target,” than it already is, although “Google is already a high value target so this shouldn’t change much.”
Chrome can already store passwords, a common feature in modern browsers, and it syncs them across computers, with the passwords encrypted in transit and at rest in Google data centers. The idea of auto-generating passwords is not new, either. Password management software such as 1Password and LastPass can already generate passwords and automatically input them into web forms. But these tools cost money and require additional software downloads. Although it’s not clear when it will become available, Google’s scheme would make storing and generating passwords a pre-installed feature of the browser.
Mockup of a potential future version of Chrome which would auto-generate passwords. Image from the Chromium Project.
The first challenge noted by the Chrome development team is detecting sign-up pages, which is accomplished by looking for elements such as “an account name field and two password fields.” Next, the Chrome password generator must come up with a secure password that meets the site’s requirements—many sites require digits, special characters or certain lengths. Because the password generator may choose a password that doesn’t meet the site’s requirements, the user is given a chance to review the suggested password before selecting it.
“If they accept the prompt then we pop up a small box which is prepopulated with what we think is an acceptable random password,” the Chromium development document says. “The reason we don’t just choose a password for them is that many sites have requirements (e.g. must have one digit, must be alphanumeric, must be between 6 and 20 characters) some of which may be contradictory between sites. So we will choose a default generator that will work on most sites, but users may need to change our password if it doesn’t work.”
The Chromium team is still looking for a “way to authenticate to the browser to enable this feature,” and will have to find a workaround for sites that have autocomplete turned off.
“Any website that has autocomplete turned off will not be able to be protected,” the document states. “Going by current phishing attacks, this means that 40-70% of phishing pages can’t be protected against. Once this feature is rolled out we probably want to see if we can get around this problem. Maybe we can get users to re-authenticate to the browser before logging into such sites.”
How much do you trust Google?
Google is often criticized for invading users’ privacy, as the company makes much of its revenue by serving up personalized ads to users based on their web browsing habits and even the contents of their e-mail. However, the development of technology to generate more secure passwords seems like a good-faith effort to protect users from online attacks, and isn’t so far removed from the already-existing practice of browsers storing passwords.
Google’s password-generator will likely be appealing to many because of the sheer convenience of it. But users will have to decide for themselves just how much of their online activities they want to trust with Google.
In the long run, Chrome developers say the solution should be browser sign-in coupled with the OpenID authentication standard. However, “getting most sites on the Internet to use OpenID will take a while,” the Chrome team states. “In the meantime it would be nice to have a way to achieve the same affect of having the browser control authentication.” Since many people re-use passwords across sites, randomization will go a long way toward better security, making it harder for attackers to steal a user’s entire online identity.
This article originally appeared on Ars Technica, Wired’s sister site for in-depth technology news.
Google has just released Chrome version 17, which brings several minor enhancements to the company’s web browser — including a new web address preloading feature and improved protection against malicious downloads.
The new Chrome introduces a “preemptive rendering” feature that will automatically begin loading and rendering a page in the background while the user is typing the address in the omnibox (the combined address and search text entry field in Chrome’s navigation toolbar). The preloading will occur in cases when the top match generated by the omnibox’s autocompletion functionality is a site that the user visits frequently.
When the user hits the enter key and confirms the autocompletion result, the pre-rendered page will display almost instantly. The feature extends Chrome’s existing predictive page loading functionality to autocompletion results. Unlike Chrome’s instant search capability, however, the autocompletion preloading waits until the user hits the enter key before displaying the rendered page.
Google has also added some new security functionality to Chrome. Every time that the user downloads a file, the browser will compare it against a whitelist of known-good files and publishers. If the file isn’t in the whitelist, its URL will be transmitted to Google’s servers, which will perform an automatic analysis and attempt to guess if the file is malicious based on various factors like the trustworthiness of its source. If the file is deemed a potential risk, the user will receive a warning.
Google says that data collected by the browser for the malware detection feature is only used to flag malicious files and isn’t used for any other purpose. The company will retain the IP address of the user and other metadata for a period of two weeks, at which point all of the data except the URL of the file will be purged from Google’s databases.
Users who are concerned about the privacy implications of this functionality can prevent the browser from relaying this information to Google by disabling the phishing and malware protection features in the browser’s preferences. You can refer to the official Chromium blog for additional details about the malware detection feature.
Chrome 17 is available through the browser’s automatic updater and can also be downloaded from Google’s website. More information about the new release is available in the official Google Chrome blog.
This article originally appeared on Ars Technica, Wired’s sister site for in-depth technology news.
Browse Our Tutorials
Cheat Sheets
Color Charts
Cut & Paste Code