I guess they introduced the 12 feature changes and broke uBlock to ensure they would have more dozens of security fixes to roll out in the near future? Job security??
https://www.ghacks.net/2022/05/25/googl ... -critical/
One critical security issue and several high severity security issues. Anyone using Chrome as a backup browser should update ASAP - or just stop using it.
Chrome 102 clown world - 32 security fixes, 12 feature changes, and broken uBlock
Forum rules
The Off-Topic area is a general community discussion and chat area with special rules of engagement.
Enter, read and post at your own risk. You have been warned!
While our staff will try to guide the herd into sensible directions, this board is a mostly unrestricted zone where almost anything can be discussed, including matters not directly related to the project, technology or similar adjacent topics.
We do, however, require that you:
Please do exercise some common sense. How you act here will inevitably influence how you are treated elsewhere.
The Off-Topic area is a general community discussion and chat area with special rules of engagement.
Enter, read and post at your own risk. You have been warned!
While our staff will try to guide the herd into sensible directions, this board is a mostly unrestricted zone where almost anything can be discussed, including matters not directly related to the project, technology or similar adjacent topics.
We do, however, require that you:
- Do not post anything pornographic.
- Do not post hate speech in the traditional sense of the term.
- Do not post content that is illegal (including links to protected software, cracks, etc.)
- Do not post commercial advertisements, SEO links or SPAM posts.
Please do exercise some common sense. How you act here will inevitably influence how you are treated elsewhere.
-
andyprough
- Board Warrior
- Posts: 1399
- Joined: 2020-05-31, 04:33
-
Moonraker
- Board Warrior
- Posts: 1873
- Joined: 2015-09-30, 23:02
- Location: uk.
Re: Chrome 102 clown world - 32 security fixes, 12 feature changes, and broken uBlock
Pure propaganda..
Seems to leak like a bust tap and google is the plumber.
For a secure codebase it sure needs a lot of patches and welding together..
One exploit in the wild and the googleverse goes into panic mode over nothing..
scare tactics and google is fighting the bogeymen for you..??..
Feel secure.??
Seems to leak like a bust tap and google is the plumber.
For a secure codebase it sure needs a lot of patches and welding together..
One exploit in the wild and the googleverse goes into panic mode over nothing..
scare tactics and google is fighting the bogeymen for you..??..
Feel secure.??
user of multiple puppy linuxes..upup,fossapup.scpup,xenialpup..... 
Pale moon 29.4.1
Pale moon 29.4.1
-
Eduardo Lucas
- Moon lover
- Posts: 94
- Joined: 2021-07-08, 13:08
- Location: São Paulo, Brazil
Re: Chrome 102 clown world - 32 security fixes, 12 feature changes, and broken uBlock
i find the same about sandboxing, complex permission systems and sophisticated security chips that promise to make data invulnerable to kernel explots
-
gepus
- Board Warrior
- Posts: 1006
- Joined: 2017-12-14, 12:59
Re: Chrome 102 clown world - 32 security fixes, 12 feature changes, and broken uBlock
Contrary to the hype Chrome is the most insecure browser.
Alongside 10 critical bugs discovered, 3 are sneaking through. Good for the flourishing black market where security holes are negotiated and 3 letter agencies good customers.
Due to its rabbit release cycle it is a perpetual alpha. Impossible to test the code changes thoroughly no matter how many employees Google can afford.
Alongside 10 critical bugs discovered, 3 are sneaking through. Good for the flourishing black market where security holes are negotiated and 3 letter agencies good customers.
Due to its rabbit release cycle it is a perpetual alpha. Impossible to test the code changes thoroughly no matter how many employees Google can afford.
-
moonbat
- Knows the dark side
- Posts: 5845
- Joined: 2015-12-09, 15:45
Re: Chrome 102 clown world - 32 security fixes, 12 feature changes, and broken uBlock
Of course Chrome will be insecure. If you change the scope of a browser from its original purpose as a remote document viewer to a freaking virtual machine with support for shit that should have been done with separate dedicated applications, the attack surface increases along with the size and complexity of maintaining such a huge codebase.
They are trying to replace the operating system itself by pushing all sorts of shit into the standards. Why does a browser require Dolby digital support, or gamepad compatibility? (2 items in the HTML5 spec).
They are trying to replace the operating system itself by pushing all sorts of shit into the standards. Why does a browser require Dolby digital support, or gamepad compatibility? (2 items in the HTML5 spec).
"One hosts to look them up, one DNS to find them and in the darkness BIND them."
KDE Neon on a Slimbook Excalibur (Ryzen 7 8845HS, 64 GB RAM)
AutoPageColor|PermissionsPlus|PMPlayer|Pure URL|RecordRewind|TextFX
Jabber: moonbat@hot-chili.net
KDE Neon on a Slimbook Excalibur (Ryzen 7 8845HS, 64 GB RAM)
AutoPageColor|PermissionsPlus|PMPlayer|Pure URL|RecordRewind|TextFX
Jabber: moonbat@hot-chili.net
-
nguyen9173
Re: Chrome 102 clown world - 32 security fixes, 12 feature changes, and broken uBlock
I know Chromium is different than Google Chrome put posting from a Chromium 102 based browser now I'm sure Ublock Origin is not broken. What I really concerned is Chrome 103 Beta adding Local Font Access which I think will help font fingerprint tracking:
https://blog.chromium.org/2022/05/chrom ... hints.html
https://chromestatus.com/features#milestone%3D103
https://blog.chromium.org/2022/05/chrom ... hints.html
https://chromestatus.com/features#milestone%3D103
-
Moonchild
- Project founder
- Posts: 39276
- Joined: 2011-08-28, 17:27
- Location: Sweden
Re: Chrome 102 clown world - 32 security fixes, 12 feature changes, and broken uBlock
As long as you allow access to local fonts, fingerprinting will always be a concern because it will be able to gather installation meta data on the host system. That's nothing new though, css @font local() has been a thing for a long time. Where it does differ is that they want to gate this fingerprinting behind the generic permissions system, i.e. subject to the overarching permissions users grant or deny to websites (combine that with the proposed first-party sets and you've got a nice setup for walled-garden profiling to further isolate profiling to only approved advertisers)
"Praise from a narcissistic person is always a poison dart. They don't share the stage, so discernment matters." - Dr. Ramani
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
-
nguyen9173
Re: Chrome 102 clown world - 32 security fixes, 12 feature changes, and broken uBlock
Understand now. Thank you.Moonchild wrote: ↑2022-06-02, 15:48As long as you allow access to local fonts, fingerprinting will always be a concern because it will be able to gather installation meta data on the host system. That's nothing new though, css @font local() has been a thing for a long time. Where it does differ is that they want to gate this fingerprinting behind the generic permissions system, i.e. subject to the overarching permissions users grant or deny to websites (combine that with the proposed first-party sets and you've got a nice setup for walled-garden profiling to further isolate profiling to only approved advertisers)