Here is what is new in Google Chrome 89 - gHacks Tech News

Here is what is new in Google Chrome 89

Google released a new stable version of its Chrome browser on March 2, 2021. Google Chrome 89 is a security release that includes improvements and bug fixes.

The Chrome Releases blog reveals that engineers patched 47 different security issues that affected previous versions of the browser. The highest severity rating is listed as high, but Google lists only issues reported by external researchers on the page.

Chrome users can select Menu > Help > About Google Chrome to check the installed version and run a manual check for updates.

chrome 89 release

Starting with Chrome 89, devices with x86 CPUS need to support SSE3 for Chrome to run on them. The standard was introduced in the early 2000's by Intel and AMD

Chrome Status provides information on new features in Chrome 89.  The new Chrome version introduces support for First-party sets, a new option to mark sites as belonging to the same party or entity. Google could for instance use the feature to link google.com and youtube.com together, ensuring that certain data can be shared across these sites.

The feature takes cues from Firefox's Enhanced Tracking Protection feature and from Microsoft Edge's Tracking Prevention feature; both of these include functionality to link sites to make sure that these work properly with the protective features enabled. Google's plan with First-party sets is to standardize the approach.

Chrome 89 introduces other privacy-related features:

  • Platform-provided trust tokens -- An experiment to "ascertain the value of tokens incorporating on-device state as a mechanism for anti-spam and anti-abuse systems, and to evaluate the feature’s performance relative to standard web-issued trust tokens".
  • Schemeful Same-Site - evolves same-site definition to include the URL scheme.
  • User-Agent Client Hints -- designed to provide sites with information about a "user's device or conditions" without needing to use the User-Agent String.
  • Anti-Fingerprinting mechanics -- the interest-based targeting API FLoC, designed to work with groups of users instead of individuals, and an event-level conversion API, to enable the correlation between ad clicks on sites and conversions on the advertisers site without identifying users individually, are available as experiments.

What else is new in Chrome 89?

  • Open Tabs can be searched now. Is still being rolled out, enable chrome://flags/#enable-tab-search to get it right now.
  • Chrome prefers HTTPS over HTTP when the user does not specify the protocol in the address bar.
  • Chrome won't lookup single word entries anymore when entered in the address bar by default, meaning it won't assume that the word is an Intranet location. May be changed using the IntranetRedirectBehavior policy.
  • Chrome on Android requires that a device is Play Protect certified, otherwise it won't run anymore; this does not affect WebView nor Chrome on virtual machines. Play Protect certified devices include Google apps and have passed Android compatibility testing.
  • Version pinning is a new option to keep extensions or applications on a specified version. May be configured via the ExtensionSettings policy.
  • Access to certain Google Account features even without Chrome Sync.
  • New profile picker and profile options.
  • BeyondCorp Enterprise customers may check URLs for phishing attacks in realtime.
  • New BrowsingDataLifetime and ClearBrowsingDataOnExitList policies to clear browsing data after a specific amount of time or on exit.
  • Users may turn of metrics reporting even if set to on by an administrator. The feature is controlled by MetricsReportingEnabled.
  • Support for the Serial API that allows sites to perform read and write operations on serial devices.
  • Chrome on iOS gets biometric authentication support in Incognito Mode tabs.
  • Web Share API support to share data from the Web with an app of the user's choosing.
  • WebHID support that enables web applications to interact with human interface devices that have not been supported before.
  • Web NFC is supported by default.

Now You: What is your take on all of these changes?

Summary
Here is what is new in Google Chrome 89
Article Name
Here is what is new in Google Chrome 89
Description
Google released a new stable version of its Chrome browser on March 2, 2021. Google Chrome 89 is a security release that includes improvements and bug fixes.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «
Next Post: »

Comments

  1. John G. said on March 3, 2021 at 1:38 pm
    Reply

    “The Chrome Releases blog reveals that engineers patched 47 different security issues that affected previous versions of the browser.” 47 security patches, just 47 security patches. Amazing, really amazing. If there was an Edge Chromium or a Firefox related article there will be soon dozens of Microsoft and Mozilla haters yelling everywhere about these terrible things an so forth. :[

    1. Yuliya said on March 3, 2021 at 1:53 pm
      Reply

      If, and only, Google would ever force the installation of an addon, or an external component, on people’s computers, with the sole purpose to exfiltrate one’s data, the way mozilla did it with
      [email protected]”,

      and is also currently doing it with
      Name: default-browser-agent.exe
      Size: 694752 bytes (678 KiB)
      SHA1: 8B392DD5E962403955C1E165649E4B1913741964

      Until then, both Microsoft and Google are better than mozilla, and much more user-friendly.

      1. Yuliya C. said on March 3, 2021 at 4:12 pm
        Reply

        You are still crying about this lmao. Google and Microsoft track and spy on you in more ways than the installation of an addon for 1% of their users to figure out who has telemetry disabled. Oh no, the horror! Please, grow out of it and stop mentioning this every time Mozilla is mentioned.

      2. Anonymous said on March 3, 2021 at 4:37 pm
        Reply

        Please tell me, what are you smoking?

      3. Anon7 said on March 3, 2021 at 4:39 pm
        Reply

        @Yuliya

        They are indescriably worse than mozilla ever was or will be.

        A user of WIN 10 back in 2016 saw his firewall capturing Windows making around 4,000 connection attempts to 93 different IP addresses during an 8 hour period, with most of those IPs controlled by Microsoft. That was an enterprise version with all the telemetry turned off and all other stuff opted out of. That is an OS that can never be tamed properly, it is spyware. Simply put, a monster for data collection!

        Microsoft respecting privacy like you are implying? that is delusional.

        As for google? please stop

        Google Chrome has an updater which is constantly running in the background and syncing with Google servers to check for updates. The updater will download and run unverified binaries from Google when it updates Google Chrome.

        Yeah completely trustworthy and privacy friendly.

        Chrome also could and probably does monitor what other programs you have open on your system, they do this with

        A tracker that records mouse input over time
        A tracker that profiles memory usage

        gulag are trash.

      4. Lars said on March 4, 2021 at 4:59 am
        Reply

        “A user of WIN 10 back in 2016 saw his firewall capturing Windows making around 4,000 connection attempts to 93 different IP addresses during an 8 hour period, with most of those IPs controlled by Microsoft.”

        Bwahahahaha… Only completely tech illiterate credulous people like you can be expected to believe someone equally tech illiterate like “CheesusCrust” (or perhaps you got the news from that hack Gordon Kelly at Forbes?). Not only have these fake stats been thoroughly exposed, CheesusCrust also quietly deleted his original post (and Voat account) and slunk away with his tail between his legs, and poor Kelly had to retract his fanciful exaggerated claims as a result. Of course, that doesn’t stop you from still bandying these fake stats as part of your regular anti-MS diatribes here, because what else can one expect from haters except outright lies? Sane readers meanwhile can read the following and join in on the hilarity and finger-pointing at the crazies:

        https://www.zdnet.com/article/when-it-comes-to-windows-10-privacy-dont-trust-amateur-analysts/

      5. Corky said on March 4, 2021 at 8:49 am
        Reply

        When it comes to Ed Bott don’t trust a word he says, he’s essentially a Microsoft employee and he’s a well know shill for them.

      6. Anon7 said on March 4, 2021 at 11:12 am
        Reply

        @Lars

        Enjoy your time on windoze, it must feel really liberating to be running a closed source OS, where you can not see the source code or have others that are not involved with microcrap see and review the source code for you.

        If you believe microcrap are not sending data behind your back to their mothership in sneaky ways, i hate to break it to you, but you are very naive. You have no clue what that system is doing behind your back all the time.

        Having to block ip addresses through a firewall or use third party extensions to stop even some of the telemetry is just completely unethical.

        Microcrap is akin to being married to a slutty wife who cheats and chits chats on you behind your back when you least expect it. She has all her little spies like cortana to confide in and watch you so she can sneak out behind your back and do the dirty on you.

        Lol at ed bot more like gates bot!

      7. Lars said on March 5, 2021 at 4:22 am
        Reply

        Some observations @Anon7:

        1) Only juvenile low-IQ folk employ idiotic terms like “windoze”, ” M$”, “microcrap” and so on.

        2) Naivete alone cannot explain someone actually trusting CheesusCrust’s fake stats, so best case scenario you mentioned them out of malicious intent while knowing they were false, and worst case scenario you are actually ignorant and credulous enough to blindly believe absolutely any nonsense that affirms your biases.

        3) I ‘enjoy’ using closed-source proprietary Windows just as much as I do any open source Linux distro. They are OSes i.e. tools to me that allow me to run apps that actually allow me to get work (and play/entertainment) done, and ALL have pain and plus points. I don’t regard them like some sort of crazy religious zealot who’s trying desperately to convert others on random sites via the comments section by relying on half-truths and outright lies.

        4) Hardly surprising you’d double down and lie further, and obviously provide zero proof of your fanciful claims. We all know MS relies on varying amounts of telemetry, but not a single one of you conspiracy theorists has ever been able to provide concrete proof that they’re stealing/surreptitiously exfiltrating user data and using it for nefarious purposes. All you people have to fall back on is FUD, and directing ad hominem attacks against those like Ed Bott who might defend MS against such blatant lies. Quite pathetic really.

        Ultimately it’s all a question of trust. Personally as long as there’s no concrete evidence to prove any malfeasance I trust MS far more than say a competitor like Google, or an entity like Facebook. Those who don’t are free to use any alternative, be it paid or free (and/or open source). However they should at least have the basic integrity to compare and contrast competing products on the basis of actual facts rather than BS made-up nonsensical crap. (Having said that, I fully acknowledge that this is too much to expect from certain types of people who are inveterate prevaricators both online and IRL.)

      8. Anon7 said on March 5, 2021 at 1:05 pm
        Reply

        @Lars

        > I ‘enjoy’ using closed-source proprietary Windows

        Ok Lars, i get it, you love microsoft and trust them completely with your data, because ed-bot was there to reassure you that everything is ok.

        Anyone who dare criticise backdoor central are conspiracy theorists that have low-iq.

        Everything will be ok, everything will be ok my friend.

        “If you invent a breakthrough in artificial intelligence, so machines can learn, that is worth 10 microsofts.”

        Bill Gates.

      9. Lars said on March 6, 2021 at 3:23 am
        Reply

        Yes precisely Anon7, you finally got it right for once – everyone who rants about MS stealing user data for nefarious purposes without providing proof, as you obviously failed to do yet again, is *indeed* a conspiracy theorist with low IQ.

        Yes, everything will be OK my ‘friend’, because in the real world I’m busy getting work done no matter the OS I use, while you seem to be living in some woo-woo la-la land where constant ranting sans proof, disseminating FUD and flat out lies seems to be your day job. Whatever twisted fantasies make you happy I guess… Makes no difference to anyone else with even half a functioning brain.

      10. Anon7 said on March 6, 2021 at 6:31 pm
        Reply

        @Lars

        > MS stealing user data for nefarious purposes

        It seems that bill gates quote just flew right past you my friend.

        > I’m busy getting work done

        For M$ AI yes.

        Thank you Lars for reafirming my belief that M$ are up to no good with harvested data from gullible individuals like you.

        Have a good day.

      11. Lars said on March 7, 2021 at 1:48 am
        Reply

        You are obviously so far gone in your cuckoo conspiracy world that nothing can help any longer @Anon7, * [Editor: removed]. I really do feel sorry for you and others like you living such a pathetic life based on an edifice of lies and filled with enemies ‘out to get you’ around every corner. So much so that you feel the desperate need to spend hours ranting about it all daily in the comments section of some site, in a vain attempt to spew your delusions at as many as possible, hoping against hope that you’ll find other nutso brainwashed specimens like you to join your tribe of anti-vaxxers, Trumptards and who knows what else.

      12. Anon7 said on March 7, 2021 at 7:29 pm
        Reply

        @Lars

        Zzzzzzz

        Give us a good reason why M$ collects so much of peoples data?

        Also explain that gates quote of his support for AI?

        anti-vaxxers? explain why gates wants a needle in peoples arms and why he has patents for implantable ID tags?

        You can not possibly even begin to justify that amount of data collection and telemetry.

        Keep up your juvenile name calling aswell, it only shows that when faced with alternative points of view, you throw all your toys out your pram.

        You are very ignorant.

      13. Lars said on March 8, 2021 at 4:25 am
        Reply

        So you’re doubling down on your idiotic bullshit. Why is that not a surprise, Anon7? Lol.

        What is your obsession with Gates’ quote anyway? It’s obvious to anyone with a brain that functional high-level ‘thinking’ AI is a holy grail being pursued by researchers for decades, and anyone coming even close to it stands to make tons of money, not to mention the power it’ll bestow, both to do good and bad, like any major technological advance. The ethics of AI is a completely different topic that mankind certainly needs to address before it’s too late, but in any case I believe the eventual technological development itself is inevitable.

        So I’ll ask again, why are you obsessed with Gates and MS in particular? If anything, what Google and co., or the Chinese for that matter, have achieved in terms of AI, real-time face rec, profiling/tracking etc. (both online and IRL) is FAR in excess of what MS has, and likely ever will. But of course the crazies like you keep focusing on Gates for all sorts of weird reasons, be it AI, or killer vaccines, or some such stupid bullshit.

        Conspiracy theorists and raving lunatics like you can never see reason and logic, because that part of your brain is irreversibly damaged. That’s a fact. So don’t waste time asking for explanations, when you neither want to understand, nor even have the basic ability to. Instead all you can do is resort to strawman arguments and juvenile moronic terms for MS and others, besides of course ignoring all calls to provide proof for your rants. Sickening and pathetic.

      14. Domin8 said on March 8, 2021 at 4:33 am
        Reply

        Lars, dude, this guy is an obvious troll who thrives on attention because he has nothing else in life. Idiocy can’t be cured. Why are you feeding him?

      15. Lars said on March 9, 2021 at 1:45 am
        Reply

        You’re absolutely right @Domin8, moronic lunacy of this kind can’t be cured and so is best ignored. Time to leave the crazy * [Editor: removed] like Anon7 & co. to their desperate ranting and banging their heads against concrete. Beyond a point one can’t even point and laugh at these effing trolls anymore because one is so sickened. And on top of that since making making money is so evil they have no problems blathering all day about conspiracies instead of doing a lick of honest work, and then shamelessly feeding off others. Thank heavens one doesn’t have to deal with such nauseating sub-human leeches IRL.

      16. Anon7 said on March 9, 2021 at 1:11 pm
        Reply

        Your “pathetic argumentive defense” of a shady company like M$ has been thoroughly and utterly crushed into fine dust!

        Your silly retorts only resort to spitting, mindless blabbering and frothing at the mouth jargon.

        Any critical thinker with even a breath of decent morality or some enlightened conciousness can see that you defend the indefensible.

        Users of M$ winspy 10 should not have to put in a great effort to even reclaim back some of their privacy from an unscrupulous data-mining organisaion like M$. What M$ are doing is VERY WRONG. It is also very hard to purchase a PC without their embedded “proprietary data-harvesting software” winslow installed. Users are always stuck with a very bad option.

        “If you can’t make it good, at least make it look good.”
        ― Bill Gates

      17. Anon7 said on March 8, 2021 at 8:23 am
        Reply

        @Lars

        Zzzzz

        > The ethics of AI is a completely different topic

        No its not, not when you are talking about M$ and their proprietary spyware that you defend.

        “Your most unhappy customers are your greatest source of learning.”
        ― Bill Gates

        M$ learns from users trying to turn off forced updates and develops more sneaky ways to re-enable them.

        > Gates for all sorts of weird reasons, be it AI, or killer vaccines, or some such stupid bullshit.

        bullshit? explain this then?

        The Johns Hopkins Center for Health Security in partnership with the World Economic Forum and the Bill and Melinda Gates Foundation hosted Event 201, a high-level pandemic exercise on October 18, 2019,

        A year later old billy boy is wanting everyone to take a needle with Mrna software injections?

        > Conspiracy theorists and raving lunatics

        You are the one who is raving and losing your cool lol. Your mental breakdown regarding this controversial topic is really entertaining and eye opening. You can not debate only hurl insults like a drunk alcoholic.

        > Sickening and pathetic

        M$ censoring chinese citizens for researching a tibetan spiritual leader in a totalitarian regime is whats sickening.

        > provide proof for your rants

        So you are saying that win 10 does not collect vast amounts of data by default?

        You call me low iq, thats funny. The one with no real intelligence is you my friend haha. You are drunk with ignorance.

        Trust in the ed bot, trust and mainstream media liars. Thinking everything will be ok as your rights get eroded, go take your Mrna software vaccine that bill likes, you seem made for such stupidity.

      18. Lars said on March 7, 2021 at 6:03 am
        Reply

        No, thank you Anon7 for reminding me that it is pointless expecting logic and indeed sanity from brainwashed wacko individuals like you!

      19. Anon7 said on March 7, 2021 at 7:35 pm
        Reply

        @Lars

        You are a typical neo-liberal, you can not debate without being the first to resort to name calling.

        You are triggered by people who bring different views on topics. You are really sad.

      20. Anonymous said on March 6, 2021 at 7:38 pm
        Reply

        @Lars

        You are the guy that write about other people egos but you clearly think yourself
        very VERY smart to the point of writing stuff like this:

        “Only juvenile low-IQ folk employ idiotic terms like “windoze”, ” M$”, “microcrap” and so on.”

        The term M$ is ok to use it because Microsoft only cares about MONEY.

        Their wrong doings goes far beyound tracking users and privacy invasion they
        do REALLY heinous stuff like the persecution of civil society activists and free
        speech violation and censorship:

        https://www.nbcnews.com/id/wbna39136836

        https://www.huffpost.com/entry/microsoft-censorship_n_4771803

        Why are you defending them?

      21. Anon7 said on March 7, 2021 at 7:44 pm
        Reply

        @Anonymous

        > Why are you defending them?

        stockholm syndrome: the psychological tendency of a hostage to bond with, identify with, or sympathize with his or her captor

        No doubt he will take the gates shot, being the neo-liberal that he is.

        Lars is completely oblivious to the fact that gates has patents for ID Tags that are worn on human skin.

        Microsoft, and Cisco Systems Inc have contributed to the ID2020 project.

      22. Lars said on March 8, 2021 at 6:48 am
        Reply

        @Anonymous/Anon7 (stick to one nick) – Wow, so Microsoft only cares about MONEY? What a revelation! And pray tell, which company doesn’t? And you work for free, do you? Or more likely you just sit idly doing nothing (except posting crap online) and living off social security paid for by honest hard workers. Good for nothing leech.

      23. Anon7 said on March 8, 2021 at 8:19 am
        Reply

        @Lars

        > @Anonymous/Anon7 (stick to one nick) – Wow, so Microsoft only cares about MONEY? What a revelation! And pray tell, which company doesn’t?

        Anonymous is a completely different poster to me you ignorant little man. Who is the conpiracy theorist now lmao.

        You afraid that another poster might actually see you for the ignorant dimwit that you are, You think you are smart HAHA LOL.

        Poor old Lars still can’t see that M$ not only cares about money, but also your DATA, that data is intricately tied into other projects regarding AI.

        M$, Gates, event 201, 800 people dead from injections already, and bill buying up massive amounts of farmland to feed people GMO food.

        Poor old lars still can not see how nefarious the whole thing is.

        Klaus Schwab of world economic forum quote: You will own nothing and you will be happy. AKA The Great Reset.

        The gates foundation and the world economic forum held event 201.

        That a conspiracy too lars lol?

        It is you who has the low iq larsy.

      24. Lars said on March 5, 2021 at 4:55 am
        Reply

        Apparently my response to Anon7 has been censored completely, so I’m not gonna bother to re-type it all. Clearly this site prefers comments like his with FUD and outright lies over those with incontrovertible facts.

      25. Lars said on March 5, 2021 at 4:57 am
        Reply

        Or maybe not? Seems the comment may be back up now… Not sure if it’ll persist or I’m just seeing a cached version in my browser.

      26. Krandle said on March 3, 2021 at 4:59 pm
        Reply

        Plus, maybe Microsoft and Google are powerful silicone valley big tech and all that, but not even they do what a small insect like Mozilla does when Mozilla openly promotes and embraces censorship and deplatforming and make posts about it and send push notifications on android to promote that while still preaching “open and free internet for all” while using Firefox (Mozilla’s only ‘relevant’ product) to try to “fix” the internet.

        So, Mozilla deserves it, and just like tons of people who uninstalled them for the way they are doing things lately, people should stop promoting Firefox and think Chromium is the problem. Of course, Mozilla probably doesn’t care because they still got tons of millions from Google.

      27. Anon7 said on March 4, 2021 at 11:22 am
        Reply

        @Krandle

        You make no sense.

        Yes mozilla are acting like idiots as of late,

        however

        Google has deplatformed hundreds from youtube, uses censorship algorithms with heavy political bias in its search engines.

        I don’t see mozilla doing that, it does not have the power to do that.

        If that is not active censorship on the part of google, than i don’t know what is.

        Microsoft is gathering data from millions and probably feeding it into some powerful AI so windows 11 can SPY EVEN MORE than its predecessor.

        But hey, Lars will just love Win AI and its friends like Cortana 2.0 invading his civil liberties

      28. Anonymous said on March 4, 2021 at 12:14 pm
        Reply

        @Anon7,The Google sheeples are ignorant to this and continue using Chrome while making
        Google richer by the minute with all the data collection.

      29. Herman Cost said on March 4, 2021 at 3:41 pm
        Reply

        +1

      30. YAD-Flex said on March 3, 2021 at 5:06 pm
        Reply

        @Yuliya Lol

      31. Anonymous said on March 3, 2021 at 7:08 pm
        Reply

        @Yulia

        Not a bug about “stealing data” – it’s the coverage ping
        https://bugzilla.mozilla.org/show_bug.cgi?id=1487578

        This is what it sends
        {
        “appVersion”: “63.0a1”,
        “appUpdateChannel”: “nightly”,
        “osName”: “Darwin”,
        “osVersion”: “17.7.0”,
        “telemetryEnabled”: true
        }

        What an absolute whiny crybaby screaming over-hyped nonsense

      32. LOL said on March 3, 2021 at 7:39 pm
        Reply

        Good guy Google (and Microsoft too)! /s

      33. Anonymous said on March 3, 2021 at 7:57 pm
        Reply

        @Yuliya

        “Per https://blog.mozilla.org/data/2018/08/20/effectively-measuring-search-in-firefox/ we want to ship an extension (system add-on update aka SAO) which will activate for only 1% of users and send in a privacy-preserving bit of diagnostic info.” – https://bugzilla.mozilla.org/show_bug.cgi?id=1487578

        How is it possible (without out of this world imagination) did you manage to go from “Mozilla installed an add-on for 1% of its users to send PRIVACY-PRESERVING bits of DIAGNOSTIC info” to “Mozilla installed an add-on with the sole purpose to exfiltrate one’s data”.

        “The Default Browser Agent is a Windows-only scheduled task which runs in the background to collect and submit data about the browser that the user has set as their OS default (that is, the browser that will be invoked by the operating system to open web links that the user clicks on in other programs). Its purpose is to help Mozilla understand user’s default browser choices and, in the future, to engage with users at a time when they may not be actively running Firefox.” – https://firefox-source-docs.mozilla.org/toolkit/mozapps/defaultagent/default-browser-agent/index.html

        Like in the case above, still seems to be diagnostic data. That is, diagnostic anonymized data from an organization that does not sell your data like Microsoft and Google.

        Some stuff Microsoft removed from CHROMIUM, not CHROME: https://www.theverge.com/2019/4/8/18300772/microsoft-google-services-removed-changed-chromium-edge-browser

        Only to make it even worse than CHROME:
        https://screenrant.com/worst-internet-browsers-privacy-edge-vs-chrome/
        https://www.zdnet.com/article/a-professor-says-edge-is-the-worst-for-privacy-microsoft-isnt-happy/

        So please keep using that Edge and Chrome. Your data is safe hands.

      34. m3city said on March 4, 2021 at 8:58 am
        Reply

        @Anonymous
        Thanks for providing link about what MS removed from Chromium. I was completely unaware of that. There was a comment there, that Breve people noticed some of that and removed it.

        I’m not so tech-aware to understand in which ways blink is better that gecko for todays web purposes – can anyone enlighten me? What does chrome do better than ff for an ordinary user? Both render websites, play media. Lets put developer, power user, customizer related stuff aside.

      35. Iron F. said on March 5, 2021 at 4:35 am
        Reply

        Don’t you know @m3city that almighty Chrome loads sites a few nanoseconds faster than Firefox? You’re wasting precious moments of your life using Firefox! Give all your data to Google and do your bit to promote browser engine monoculture, and in return you’ll have extra seconds to spare each day. What an amazing deal!

      36. YuliaIsMBAltToInciteViolence said on March 3, 2021 at 10:39 pm
        Reply

        Nice one, Yulia. M$ and G – good. MZ – bad. How come that your data was stolen? You could do hashes and whatnot and still all those precautions fails. Are you deliberately and selectively stupid?

      37. Anonymous said on March 4, 2021 at 12:35 am
        Reply

        “Until then, both Microsoft and Google are better than mozilla”

        Chrome and Edge are not exactly the kind of software to use either if you do not want your data exfiltrated without your knowledge. I don’t see the point of comparing AIDS with cancer. Google, Mozilla, Apple and Microsoft all have a terrible criminal record and no intent to stop filling it further, thus should absolutely be avoided, hated with a passion, and actively fought. Ethical browser forks are what should be used and recommended to that aim.

      38. Anonymous said on March 4, 2021 at 5:29 am
        Reply

        “If, and only, Google would ever force the installation of an addon”

        This makes no sense. Chrome and Edge don’t need an addon to spy on users they are spyware by default and the spyware cannot be removed. Unlike with Firefox when it was an isolated incident and the addon could easily be removed. Why anyone would imagine Mozilla is worse than Google and Microsoft I don’t know. Mozilla is even better than Apple when it comes to privacy.

      39. Iron Heart said on March 4, 2021 at 10:39 am
        Reply

        @Yuliya

        Seems like the FF * [Editor: removed] is out in full force again (I’ve already recieved my share of wrath). You know that we had our disagreements, but in this case I can’t help but say that you have my deepest sympathies. * [Editor: removed]

    2. Iron Heart said on March 3, 2021 at 3:53 pm
      Reply

      @John G.

      CVE counting is idiotic, and as far as I’m aware, nobody here does this for Firefox, either. The plain number of security fixes fail to consider:

      – The severity of the related security issue.
      – That Chromium receives much more scrutiny than Firefox because it is much more popular and thus much more attractive for potential attackers.

      Firefox’s problems are deep-rooted because it still lacks many modern exploit mitigations, which is not to say that any software is bug-free, what that means is that the problems are systemic in this case.

      1. Anonymous said on March 4, 2021 at 8:46 am
        Reply

        Oh hi @Iron Heart

        How unusual it is to see that you are criticizing Mozilla for once, in the comment section of a Chrome article.

        I have a couple of questions for you, all-wise-about-every-Mozilla-and-only-Mozilla-flaw professor:

        What are the deep-rooted systematic problems where Firefox fails and Chrome (or is it Brave you were rooting for) succeeds? Like, is there an extensive list of all the modern exploit mitigations that Firefox lacks that you can share with us? Or do you want to convince me by asking me to compile that list on my own? Or maybe you want to remind me that the Tor Browser is based on Chromium because of its’ superior security (see what I did there?). Because after Fission is introduced to Firefox, what other architectural advantage does Chrome have? The rust language system which is being incorporated (oops I did it again)? The extended API that make NoScript more powerful than anything out there for Chrome (and again).

        And “Chromium receives much more scrutiny than Firefox because it is much more popular and thus much more attractive for potential attackers.” does not make you more safe in practice. Just consider the Windows vs Linux debate.

        For anyone with any in-depth IT knowledge, your comments are ridiculous and dangerous.

      2. Iron Heart said on March 4, 2021 at 10:36 am
        Reply

        @Anonymous

        > What are the deep-rooted systematic problems where Firefox fails and Chrome (or is it Brave you were rooting for) succeeds? Like, is there an extensive list of all the modern exploit mitigations that Firefox lacks that you can share with us?

        Posting it again, just for you (contains the most egregious ones):

        https://madaidans-insecurities.github.io/firefox-chromium.html
        https://grapheneos.org/usage#web-browsing

        Brave is based on Chromium just like Chrome, so it doesn’t really matter to which Chromium-based browser you or I refer here.

        > Or do you want to convince me by asking me to compile that list on my own? Or maybe you want to remind me that the Tor Browser is based on Chromium because of its’ superior security (see what I did there?).

        You realize that Tor predates Chromium and is kinda stuck with FF at this point, right? Doesn’t mean FF is more secure, also, Tor is a product aiming to grant the best possible anonymity, and not the best possible security (which isn’t probable with FF as abase).

        They’ll be using Chromium once Gecko becomes so irrelevant that web devs no longer test for it. Wait and see.

        > Because after Fission is introduced to Firefox, what other architectural advantage does Chrome have?

        Fission is not the only fix Firefox needs, see the links above.

        > The rust language system which is being incorporated (oops I did it again)?

        I’ll applaud it once relevant(!) components of Firefox are being rewritten in Rust, and once it will be a relevant portion of the code overall – unlikely considering how bad the Rust and Servo team was affected by the recent layoffs.

        > The extended API that make NoScript more powerful than anything out there for Chrome (and again).

        Please elaborate.

        > And “Chromium receives much more scrutiny than Firefox because it is much more popular and thus much more attractive for potential attackers.” does not make you more safe in practice. Just consider the Windows vs Linux debate.

        Ah, so it’s security via obscurity now? That’s an asinine concept, not least because some attacks on Chromium also happen to work on FF.

        By the way, Windows has far better exploit mitigations than Linux. Also, it is idiotic to compare Firefox with Linux, because Linux, despite being niche on the desktop, has servers, smart appliances, and its derivative Android stabilizing its relevance. When Firefox goes down, it just goes down without any anchor, and eventually web devs will stop supporting it entirely (a process that has already started). Apples and oranges.

        > For anyone with any in-depth IT knowledge, your comments are ridiculous and dangerous.

        * [Editor: removed]

      3. Anon7 said on March 4, 2021 at 11:31 am
        Reply

        @IronHeart

        > ” Chromium receives much more scrutiny

        They do from google affiliated programmers yes.

        They would not possibly want to kill off any competition or make headaches for excellent third party extensions?

        Oh wait V3 manifest means nothing

        What next?

      4. Iron Heart said on March 4, 2021 at 12:16 pm
        Reply

        @Anon7

        > They do from google affiliated programmers yes.

        And from anyone else trying to break into Chromium (security researches and hackers alike). And from all other projects developing a Chromium-based browser, including Microsoft. Just take a look at who reported Chromium vulnerabilities (they publish that info), that’s not Google employees for the most part.

        > They would not possibly want to kill off any competition

        The competition kills itself off, for the most part.

        > or make headaches for excellent third party extensions? Oh wait V3 manifest means nothing

        Manifest V3 is an overall security improvement. Currently, by utilizing the webRequest API, extensions can directly modify traffic. Some extensions use this in beneficial ways, most prominent one being uBlock Origin. But there are others who misuse that capability to redirect traffic, which might result in data theft or distribution of malware coming from websites users are directed to.

        Google wants to tackle this problem by introducing the declarativeNetRequest API. The new principle goes as follows: Instead of directly intercepting traffic based on predefined rulesets, the extension now “hands over” those rulesets to the browser which will intercept the traffic on behalf of the extension. That’s the easy explanation for what is going on.

        The rule limit that Google arbitrarily sets in place here has nothing to with the basic idea being a good one that will improve security, because the capabilities of extensions to directly alter traffic are now lessened.

        If the rule limit can’t be undone by third party projects that use Chromium, the solution will be native adblockers like the ones in Brave or Bromite, which are not extensions and are thus not under extension restrictions. I don’t see this as a major problem, to be honest.

        There is also system-wide adblocking via tools like AdGuard of things like Pi-Hole.

        > What next?

        The unknown.

    3. binocry said on March 4, 2021 at 1:59 am
      Reply

      Because firefox become memefox now

      1. Anonymous said on March 4, 2021 at 9:31 am
        Reply

        binocry is a meme

      2. binocry said on March 5, 2021 at 12:50 am
        Reply

        @anon butthurt kid?

  2. Anonymous said on March 3, 2021 at 3:21 pm
    Reply

    “Platform-provided trust tokens — An experiment to “ascertain the value of tokens incorporating on-device state as a mechanism for anti-spam and anti-abuse systems, and to evaluate the feature’s performance relative to standard web-issued trust tokens”.”

    Assuming that there isn’t any other bad surprise hiding behind that beyond what they admitted, and we know that Google can’t be trusted, trust tokens are supposed to be not as bad as usual cookie tracking but still allow some tracking in aggregate by the token issuer, and this time the nuisance will be given legitimacy and standardization instead of being fought in favor of user respecting alternatives. Being punched in the face by Google is not as bad as being kicked in the balls by Google, but I would not call option 1 a “physical integrity protection feature by Google”.

    “User-Agent Client Hints — designed to provide sites with information about a “user’s device or conditions” without needing to use the User-Agent String.”

    Not a privacy feature either, a tracking feature, and this time even other surveillance capitalism companies talked about the problem:

    https://www.zdnet.com/article/privacy-concerns-raised-about-upcoming-client-hints-web-standard/

    “Anti-Fingerprinting mechanics — the interest-based targeting API FLoC, designed to work with groups of users instead of individuals, and an event-level conversion API, to enable the correlation between ad clicks on sites and conversions on the advertisers site without identifying users individually, are available as experiments.”

    This has nothing to do with an anti-fingerprinting mechanics. Except in a very distorted sense that it will provide additional tracking mechanisms next to those that rely on fingerprinting.

    First, calling an “interest-based targeting API” and a “conversion API” “privacy features” is typical Silicon Valley reality reversal operation, period. The EFF says this about the “FLOC” part for example:

    “This is, in a word, bad for privacy. A flock name would essentially be a behavioral credit score: a tattoo on your digital forehead that gives a succinct summary of who you are, what you like, where you go, what you buy, and with whom you associate. The flock names will likely be inscrutable to users, but could reveal incredibly sensitive information to third parties. Trackers will be able to use that information however they want, including to augment their own behind-the-scenes profiles of users.”
    “FLoC is the opposite of privacy-preserving technology. Today, trackers follow you around the web, skulking in the digital shadows in order to guess at what kind of person you might be. In Google’s future, they will sit back, relax, and let your browser do the work for them.”

    https://www.eff.org/deeplinks/2019/08/dont-play-googles-privacy-sandbox-1

    This article also summarizes more generally what’s behind Google’s “privacy initiatives”:

    “The Sandbox isn’t about your privacy. It’s about Google’s bottom line. At the end of the day, Google is an advertising company that happens to make a browser.”

    The EFF becomes more disappointing when they flatter Apple and Mozilla as the solution to those specific Google problems while congratulating them for implementing their own interest-based ad targeting and/or ad conversion attribution systems in their own malware browsers. Maybe the author will be offered a nice position in one of those “privacy companies” in a few years, like Nate Cardozo who left the EFF to join Facebook.

    1. Anon7 said on March 3, 2021 at 4:47 pm
      Reply

      @Anonymous

      > we know that Google can’t be trusted

      +1 yes they are incredibly sneaky.

      After all, they drive cars around the world and map peoples houses to google maps and steal wifi data.

      But you must be opt out of it they say by providing them with info.

      Who made them gods on earth? people fail to see them for what they are. A censorshop totalitarian spying Gulag.

    2. AssangeIsADeepStateAgent said on March 3, 2021 at 11:03 pm
      Reply

      Yeah, EFF. LOL. But muh snowden…

      1. Anon7 said on March 4, 2021 at 1:11 pm
        Reply

        Keep being ignorant.

        Assange a deep state agent?

        Yeah sure, rotting in a hell hole for years.

  3. Kixsi said on March 3, 2021 at 4:22 pm
    Reply

    This Chrome release have 47 security fixes which is pretty beautiful. Not much surprised about privacy in the Chrome browser, but surprised more about security fixes, Chrome is hardly a privacy browser, more like a sand castle browser.

  4. Anonymous said on March 3, 2021 at 4:44 pm
    Reply

    what brave browser get from this update. I mean the features they get from this chromium 89 version

    1. Iron Heart said on March 4, 2021 at 9:13 am
      Reply

      @Anonymous

      In general, brave gets everything that Chromium gets in new updates except for things that they consider privacy-hostile. Here are the release notes for the correspondent release:

      https://brave.com/latest/

      1. spiderman said on March 5, 2021 at 10:15 am
        Reply

        Brave gets the benefit of gulag sponsored code to help maximize monetization it’s users

      2. batman said on March 8, 2021 at 5:56 am
        Reply

        brave is an advertising company and a gulag wannabe

  5. Helle Vaanzinn said on March 3, 2021 at 7:25 pm
    Reply

    “Starting with Chrome 89, devices with x86 CPUS need to support SSE3 for Chrome to run on them. The standard was introduced in the early 2000’s by Intel and AMD”

    Interesting remark. I tried searching around but couldn’t find anything related so far. Would appreciate it if someone could point to a source for this news bite!

    1. Yuliya said on March 3, 2021 at 8:23 pm
      Reply

      Here it is:
      https://docs.google.com/document/d/1QUzL4MGNqX4wiLvukUwBf6FdCL35kCDoEJTm2wMkahw/

      Intel Pentium 4 using Prescott architecture support SSE3, according to this:
      https://en.wikipedia.org/wiki/SSE3

      This most likely won’t affect too many people.

    2. Lars said on March 4, 2021 at 5:10 am
      Reply

      No offence, but your search skills seem to be terrible! A simple query like “chrome 89 sse3 required” returns tons of relevant results.

  6. Anonymous said on March 4, 2021 at 6:39 am
    Reply

    I don’t like Mozilla’s message of deplatforming,but the difference between Mozilla and Google
    is that Google has been actively deplatforming and purging many thousands of users for several
    months on YouTube. But you’re all ignorant and turn a blind eye to this while using Chrome and
    helping Google become richer by the minute with all the data you give over to them.
    Stop being stupid Google sheeples.

    1. Iron Heart said on March 4, 2021 at 10:42 am
      Reply

      @Anonymous

      Chrome ≠ Chromium, by using a Chromium-based browser, you are not directly supporting Google Chrome and any potential Google censorship. I also distrust Chrome, but fail to see what is wrong with other Chromium-based browsers like Vivaldi, Ungoogled Chromium, Bromite, or Brave.

      I also avoid Opera and Edge for privacy reasons, btw.

      1. Anon7 said on March 4, 2021 at 12:30 pm
        Reply

        @IronHeart

        > “Chrome ≠ Chromium, by using a Chromium-based browser, you are not directly supporting Google Chrome

        Yes you are, because you will be beholden to the direction they are going, hanging on to their tailcoat as they throw you their scraps.

        They want to kill Gecko off and have all others beholden to their GULAG of control.

      2. m3city said on March 4, 2021 at 4:37 pm
        Reply

        @Anon7
        I would be so harsh, that they want to kill gecko. It’s bussiness and google is apparantly better at it or – if you will – not all players have equal rights and chances.
        But the issue for me is sth I’ve just learned today. If this is true:
        https://www.theverge.com/2019/4/8/18300772/microsoft-google-services-removed-changed-chromium-edge-browser
        then chromium is not as google free as one wishes. And Vivaldi, Opera, Brave, MS will have to spend more and more resources to watch/clear/replace google components. And there is no guarantee that google will one day say “oh well we dont need chromium anyway”. What then? Who does really control what goes in to chromium code?

      3. Anon7 said on March 7, 2021 at 7:50 pm
        Reply

        @m3city

        > spend more and more resources to watch/clear/replace google components. And there is no guarantee that google will one day say “oh well we dont need chromium anyway”. What then? Who does really control what goes in to chromium code?

        Goolag affilated groups is what ultimately controls chromium.

        Thats why ive been telling iron heart that brave should have used the gecko engine.

      4. Iron Heart said on March 4, 2021 at 6:57 pm
        Reply

        @Anon7

        > Yes you are, because you will be beholden to the direction they are going, hanging on to their tailcoat as they throw you their scraps.

        The problematic part of the web, so to speak, are not the browsers themselves, but rather the web standards that are being crafted (with Mozilla’s blessing, btw). Stuff like WebRTC, web beacons, workers, the way Push is implemented etc. All of them are wide open for abuse.

        Chromium just implements those, and so does Firefox, and so does Safari – all of them aim for maximum web compatibility with very little ethical consideration, if any.

        While it is true that Chromium (the browser itself) also connects to Google, you can crack down on those connections, and some Chromium browsers actually do that (Brave, Vivaldi, Ungoogled Chromium, Bromite etc.). So I think this is not a problem unless you opt for literal Google Chrome.

        > They want to kill Gecko off and have all others beholden to their GULAG of control.

        Their actions rather indicate that they want Mozilla to survive as a “competitor” – Google is Mozilla’s main benefactor and almost sole source of their income. Also, there is still Safari, which in terms of market share is Chromium’s main competitor, not Firefox.

        And in all honesty, Mozilla is the main one to blame for Firefox’s loss of market share, not any outside entity. There was enough neglect and sometimes deliberate screwups that led to this point, mate.

  7. finoderi said on March 4, 2021 at 7:24 am
    Reply

    So it looks it’s the same bunch of clowns in the comment section whatever the news are. Once anyone says something even remotely critical about Firefox, they pile up, start insulting people, accuse them of hate, through temper tantrums, use insulting mangled nicknames in their responses and so on.

    @ Martin Brinkmann
    What the actual hell is this and what is your premoderation good for if you regularly allow this to happen?

    1. Martin Brinkmann said on March 4, 2021 at 7:48 am
      Reply

      Some comments are published immediately, others are kept in moderation. If you want to report a particular comment, let me know and I take a look.

    2. Anonymous said on March 4, 2021 at 11:53 am
      Reply

      @finoderi

      I was thinking the opposite. There are some that literally criticize Mozilla/Firefox at every opportunity. Most of it is just exaggerations, oversimplifications and generalizations. Which could be applied to Chrome as well, but never is.

      1. Herman Cost said on March 4, 2021 at 3:57 pm
        Reply

        Yes, but any regular reader of this site understands that certain of the regular posters have an anti-Firefox obsession. Its the classic the boy who cried wolf syndrome. After a while, one just ignores them or just reads their messages for whatever dubious entertainment value they might have. The only problem with it is that any valid criticisms they have get lost in the sea of rhetoric.

      2. finoderi said on March 4, 2021 at 11:25 pm
        Reply

        @Anonymous
        > There are some that literally criticize Mozilla/Firefox at every opportunity.
        So what? I don’t care if anybody criticises any software however they please.

        > Most of it is just exaggerations, oversimplifications and generalizations.
        Yeah, pretty likely they are. Again, so what?
        It’s the ad hominem arguments and personal attacks I find totally unacceptable and detestable.

    3. Anon7 said on March 4, 2021 at 1:01 pm
      Reply

      @finoderi

      I do not see you contributing anything to this heated debate. I do not see any interesting input from you. You say people are being insulting, but you call some posters clowns?

      The one being insulting is you.

  8. KeZa said on March 6, 2021 at 8:47 pm
    Reply

    Ungoogled Chrome is the way to go…

  9. Anonymous said on March 9, 2021 at 5:46 pm
    Reply

    I foresee a future where Google-provided “Google trusts this person” tokens will be mandatory to be able to browse comfortably. Like a formalized version of their current captchas. Those have been designed currently to punish non Google users and Google users that protect themselves a little from Google. What will be the conditions to obtain those tokens and the cost to refuse to use them ? Google finding yet another way to be a gatekeeper on the web is not a good idea. And emphatically, is not something “left-wing”, contrary to what they and those that they have crowned as their official “opposition” for the show conspire to make us believe.

  10. Koala said on March 10, 2021 at 2:31 am
    Reply

    “Chrome on Android requires that a device is Play Protect certified, otherwise it won’t run anymore; this does not affect WebView nor Chrome on virtual machines. Play Protect certified devices include Google apps and have passed Android compatibility testing.”

    This is BIG news. They’re slowly increasing the requirements set BY GOOGLE.

    They do ZERO development for Chrome for Android. Where on earth is bookmark all tabs?

  11. Dani said on April 9, 2021 at 10:41 am
    Reply

    Also new.
    Now chrome fails to load pages that use “Basic Authentication”. The fancy error message “ERR_TOO_MANY_RETRIES” tries to give users the impression, the server has a problem, when in fact it is the browser.

  12. Jay said on April 12, 2021 at 9:33 am
    Reply

    @Dani, yeah noticed that too. Do you have an idea to fix it? or just wait for an update?

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.