fbpx

Fast forward: What’s coming in future versions of Chrome?

Fact: Chrome rules the world.

Now with 69.2% of the world’s browser user share – a measure of browser activity calculated by California-based analytics company Net Applications – Google’s Chrome has no equal, at least in popularity. Rivals like Microsoft’s Edge, Mozilla’s Firefox and Apple’s Safari eke out single digits, while niche browsers under them fight over the smallest scraps.

It’s no surprise, then, that when Chrome speaks, everyone listens, whether about each browser upgrade – something Computerworld tracks in the What’s in the latest Chrome update? series – or about Google’s plans for the future.

Every Chrome upgrade is accompanied by enterprise-centric release notes that highlight some of the planned additions, substitutions, enhancements and modifications. We’ve collected the most important for this what’s-coming round-up.

Just remember, nothing is guaranteed. As Google says: “They might be changed, delayed, or canceled before launching to the Stable channel.”

Chrome 84: Full-page TLS 1.0, 1.1 warnings

Last year, Google spelled out the stages of warnings it would put in front of Chrome users about obsolete TLS (Transport Layer Security) 1.0 or 1.1 encryption. A first step – a “Not Secure” alert in the address bar – was taken in January 2020.

With Chrome 81, the browser was to display a full-page interstitial alert that interrupted attempts to reach the destinations secured with TLS 1.0 or 1.1. That schedule, however, was abandoned in early April.

Now, it’s Chrome 84, slated for release July 14, that is to contain the page-sized warning.

IT administrators can disable both warnings with the SSLVersionMin policy. Setting that policy to “tls1” allows Chrome to connect to TLS 1.0- and 1.1-encrypted sites sans alerts. The SSLVersionMin policy will work until January 2021, when it will be deprecated.
m81 interstitial Google
Chrome 84 should show this message when the user tries to steer toward a site encrypted with the obsolete TLS 1.0 or 1.1 standards.

Chrome 84: Risky downloads, rescheduled

Starting with Chrome 84, the browser will warn users when executable files begin their downloading from a secure page (one marked as HTTPS) but actually transfer their bits over an insecure HTTP connection. “These cases are especially concerning because Chrome currently gives no indication to the user that their privacy and security are at risk,” Joe DeBlasio, a software engineer on the Chrome security team, wrote in a Feb. 6 post announcing the scheme.

At the time, Chrome 81 was pegged to begin the warnings. But as with the TLS 1.0 and 1.1 alerts, these were rescheduled in early April, pushed back to later versions of the browser. Google did not say aloud what prompted the change, but it likely was related to the March decision to pause Chrome’s release cadence and when distribution was restored, abandon Chrome 82, skipping from 81 to May’s 83.

With Chrome 85, set to ship Aug.25, Google will drop the hammer, barring those executable files from downloading.

Over several more versions, Google will warn, then block, additional file types, including (in order) archives such as .zip; “all other non-safe types, like .pdf and .docx; then finally image files, such as .png. For example, Chrome 85 will institute warnings for archives (and Chrome 86 will block them).

By Chrome 88 (a Jan. 19, 2021, appearance), the browser will be blocking “all mixed-content downloads.”

Organizations managing Chrome can disable this future blocking on a per-site basis with the InsecureContentAllowedForUrls policy.
risky downloads Google
Chrome’s timetable for warning, then blocking various types of downloads transmitted over insecure connections runs through the next five versions of the browser. By January 2021 — and Chrome 88 — the process should be finished.

Chrome 85: Cover me!

Chrome will know when one of its windows has been occluded by others, and will then suspend painting that window’s pixels in an effort to save CPU cycles and battery resources.

An earlier version of this feature, Google said, “had an incompatibility with some virtualization software,” and so it was reworked. (This had been on Chrome 81’s to-do list at one point, but was punted to Chrome 83 before being delayed yet again.) It’s now to appear in Chrome 85, currently scheduled to release Aug. 25.

Administrators will be able to disable this with the NativeWindowOcclusionEnabled policy.

Chrome 85: When IE’s inside

The Google-made Legacy Browser Support (LBS) add-on will be struck from the Chrome Web Store in late August, when Chrome 85 ships.

“Legacy Browser Support (LBS) is now built into Chrome, and the old extension is no longer needed,” Google said succinctly.

LBS, whether in extension or integrated form, was designed so IT admins could implant Chrome in their organizations but still call up Microsoft’s Internet Explorer (IE) when necessary, say to render intranet sites or older, written-for-IE web apps. LBS wasn’t an emulator but simply a URL director, sending any on a list to IE for that browser to open. The add-on debuted in 2013, when Chrome’s share of between 15% and 18% was far below IE’s still-dominant 55%-58%.

Google plans to automatically remove the LBS add-on from the browser when Chrome 86 releases. Currently, that’s slated Oct. 6.

To call on the baked-in LBS, administrators can use the policies listed here under the Legacy Browser Support heading.

1 2 3 4 5 6 7 8 9 Page 2

April 2020

Chrome lords it over the browser world, Louis XVI to the peasants trying to keep famine from the door.

Now with 68.5% of the world’s browser user share – a measure of browser activity calculated by analytics company Net Applications – Google’s Chrome has no equal in popularity. Meanwhile, Microsoft’s Edge, Mozilla’s Firefox and Apple’s Safari eke out single digits, while others fight over even smaller scraps.

It’s no surprise, then, that when Chrome speaks, everyone listens, whether about each browser upgrade – something Computerworld tracks in the What’s in the latest Chrome update? series – or about Google’s plans for the future.

Every Chrome upgrade is accompanied by enterprise-aimed release notes that highlight some of the planned additions, substitutions, enhancements and modifications. We’ve collected the most important for this what’s-coming round-up. Just remember, nothing is guaranteed.

As Google call out, “The items listed below are experimental or planned updates. They might be changed, delayed, or canceled before launching to the Stable channel.”

Note: Google suspended Chrome releases in mid-March, delaying the expected March 16 launch of Chrome 81 until April 7. The three-week pause, said Google, meant it was skipping version 82 altogether and resuming numbering with Chrome 83 on May 19. Because of the omission of Chrome 82, this look forward picks up with Chrome 83.

Chrome 83: No, this ‘DoH’ isn’t a Simpsonism

Google said it would wrap up the move to default DNS-over-HTTPS (DoH) with Chrome 83. “In Chrome 83, DoH will launch by default for all remaining users,” Google said. Previously, it had auto-upgraded only some users to their DNS provider’s encrypted connection if one were available.

Earlier, this had been slated to show in Chrome 81. But that version was postponed and the follow-up, Chrome 82, scratched entirely.

DoH has been promoted by browser makers as a security provision, encrypting traffic between browser and DNS server so that it can’t be read at, say, a public Wi-Fi hotspot or by criminals who intercept those bits to insert bogus addresses to steer users toward malicious sites.

Chrome running on domain-joined clients are by default set with DoH disabled, as are instances of the browser that have one or more policies in place.

As throughout Google’s work on this, Chrome 83 upgrades to DoH only when the user’s DNS provider offers an HTTPS connection (not all do). “The default ‘same-provider auto-upgrade’ behavior guarantees a continuity of the user experience (e.g. family filtering, malware filtering, established relationship with a provider),” Google spelled out in a December email. That means not all Chrome users will be using DoH, even with version 83.

Chrome 83: Third-party cookies blocked in Incognito

As of Chrome 83, all third-party cookies will be blocked by default within Incognito sessions, the name for the browser’s privacy mode. Users can re-enable third-party cookies on a site-by-site basis.

Cookies can also be managed by IT using the BlockThirdPartyCookies policy.

Google is behind its rivals in privacy and anti-tracking initiatives such as this; Mozilla, for example, blocked all third-party cookies by default in all instances of Firefox, not just in its Private Window mode, eight months ago.

Chrome 83: Check all passwords!

Within Chrome 83, users will be able to check all saved passwords en masse to see whether any have been leaked in a data breach.

Back in October, Chrome 79 debuted a warning when users logged into a site using credentials that Google said had been exposed by a data breach. Then, users could, after being directed to their Google Account, run an all-inclusive password check.

What Google seemed to say about Chrome 83, however, is that this check will be executable from within the browser, probably in the Password section of Settings (Windows) and Preferences (macOS).

Chrome 83: Tab groups, now with thumbnails

Chrome 81 added tab groups, which lets users shuffle tabs on the tab bar into color-coded groups, making it easier to spot associated tabs and therefore pages.

The next upgrade, said Google, will feature the long-in-the-works Tabstrip UI, which will display thumbnails of each tab in a single, scrollable strip. Tabstrip has been in testing since last fall in the Canary channel – the least polished version Google’s engineers produce – and has been usable there after selecting settings on the optional chrome://flags page.

Chrome 83: Chrome apps? Nope

In January, Google spelled out the close-out of the Chrome app concept, putting browser versions – and thus dates – to the final days of the once-lauded, now-defunct notion.

(This has been coming for a while, what with Google originally saying in 2016 that Chrome would reject running apps by early 2018.)

As of Chrome 83 – which originally had a June 9 launch date – Chrome won’t support apps on Windows, macOS or Linux. However, it will offer a grace period to managed browsers. “If your organization needs extra time to adjust, a policy will be available to extend support until Chrome 87,” Google wrote.

Chrome 87, the last upgrade for the year, is now scheduled for release Nov. 17.

1 2 3 4 5 6 7 8 9 Page 3

February 2020

Chrome rules the browser roost, leaving rivals scratching for chickenfeed to stave off starvation.

Now with 67% of the world’s browser user share – a measure of browser activity calculated monthly by analytics vendor Net Applications – Google’s Chrome has no equal. Meanwhile, Mozilla’s Firefox, Microsoft’s Edge and Apple’s Safari eke out single digits, while a host of others fight over even smaller scraps.

It’s no surprise, then, that when Chrome speaks, everyone listens, whether about each browser upgrade – something Computerworld tracks in the What’s in the latest Chrome update? series – or about Google’s plans for the future.

Every Chrome upgrade is accompanied by release notes aimed at enterprises that highlight some of the upcoming additions, substitutions, enhancements and modifications planned for the browser. We’ve collected the most important for this what’s-coming round-up. Just remember, nothing is guaranteed.

As Google pointedly notes, “The items listed below are experimental or planned updates. They might be changed, delayed, or canceled before launching to the Stable channel.”

Chrome 81: Full-page warning about TLS 1.0 and 1.1

The current Chrome, version 80, warns users about obsolete TLS (Transport Layer Security) 1.0 or 1.1 encryption via a “Not Secure” alert in the address bar and a pop-up offering more information after a click. (Google switched on that pop-up alert around the middle of last month.)

In March, Chrome 81 will add a full-page interstitial warning that interrupts the attempt to reach the destination site.

IT administrators can disable both warnings with the SSLVersionMin policy. Setting that policy to “tls1” allows Chrome to connect to TLS 1.0- and 1.1-encrypted sites sans alerts.

The SSLVersionMin policy will work until January 2021, Google has said.

Chrome 81: RIP FTP

FTP, for File Transfer Protocol, is an ancient protocol that transfers files over an unencrypted connection. More telling, it’s little used.

Beginning with Chrome 81, Google’s browser will by default no longer support FTP. (This is something Google’s been working toward for ages.) Instead, IT admins should steer their charges to a native FTP client.

Customers can re-enable FTP support using the –enable-ftp command line flag or by enabling the FtpProtocol feature via the –enable-features=FtpProtocol flag. (For the latter, type chrome://flags in the address bar, press Enter or Return, then search for “Enable support for FTP URLs” and change the option at the right to “Enabled.”)

Chrome 82: Share the clipboard

Users will be able to share clipboard content between personal computers and Android devices with this version of Chrome.

(The feature was supposed to debut in mid-March with Chrome 81, but has been pushed to the follow-up, set to ship April 28.)

Chrome must be installed on both ends of the sharing, the user must be logged into the same Google Account and sync must be enabled on each device or PC. Administrators will be able to control the feature with the SharedClipboardEnabled policy.

Chrome 82: Clamping down on risky downloads

Starting with Chrome 82 – it arrives April 28 – the browser will warn users when executable files begin their downloading from a secure page (one marked as HTTPS) but actually transfer their bits over an insecure HTTP connection. “These cases are especially concerning because Chrome currently gives no indication to the user that their privacy and security are at risk,” Joe DeBlasio, a software engineer on the Chrome security team, wrote in a Feb. 6 post to a company blog.

As of Chrome 83, the version scheduled to release June 9, Google will drop the hammer, barring those executable files from downloading.

Over several more versions of the browser, Google will first warn, then block, additional file types, including (in order) archives such as .zip; “all other non-safe types, like .pdf and .docx; then finally image files, such as .png. For example, Chrome 83 will institute warnings for archives (and Chrome 84 will block them), while Chrome 84 will alert users about .pdfs with Chrome 85 blocking them.

Chrome 84 is to release Aug. 4; Chrome 85 debuts Sept. 15.

“This gradual rollout is designed to mitigate the worst risks quickly, provide developers an opportunity to update sites, and minimize how many warnings Chrome users have to see,” added DeBlasio.

By Chrome 86 (an Oct. 27 appearance), the browser will be blocking “all mixed-content downloads,” DeBlasio concluded.

Enterprises and other organizations managing Chrome can disable this future blocking on a per-site basis using the InsecureContentAllowedForUrls policy.

Chrome 83: Chrome apps no more

Last month, Google spelled out the close-out of the Chrome app concept, putting browser versions – and thus dates – to the final days of the once-lauded, now-defunct notion.

(This has been a while in coming, what with Google originally saying in 2016 that Chrome would reject running apps by early 2018.)

As of Chrome 81 (launch date, March 17) the Chrome Web Store will not accept new Chrome apps.

Two versions later – Chrome 83, a June 9 launch – and Chrome won’t support apps on Windows, macOS or Linux. But as Google almost always does, it will offer a grace period to managed browsers in business. “If your organization needs extra time to adjust, a policy will be available to extend support until Chrome 87,” Google wrote here._

Chrome 87 is scheduled for release Dec. 15.

(Instead of Chrome apps, Google has taken to pushing “Progressive Web Apps,” which, ironically or not, share many of the characteristics of a Chrome app, except they’re supposed to work on any device through any standards-compliant browser.)

Chrome’s add-ons – also called “extensions” – are different; they’re not apps per se and so are unaffected by the shutdown.

1 2 3 4 5 6 7 8 9 Page 4

December 2019

Chrome dominated the browser market throughout 2019, starting the year by generating more than two-thirds of global browser activity and ending November at almost exactly the same place.

Rivals like Mozilla’s Firefox fight over a diminishing dish of scraps while Microsoft simply surrendered to the search giant by adopting Google’s Chromium technology to power Edge.

What’s true for consumers also holds for the corporate world: Chrome rules. So when Chrome makes changes, everyone pays attention, whether the latest are in the most recent browser upgrade – which Computerworld tracks in the What’s in the latest Chrome update? series – or are slated to show up in the next version, or the one after that.

Every Chrome upgrade is accompanied by release notes that highlight planned additions, substitutions, enhancements and modifications. We’ve collected the most important for this enterprise-centric “Coming soon” round-up. But remember: nothing is guaranteed. As Google cautions, “The items listed below are experimental or planned updates. They might be changed, delayed, or canceled before launching to the Stable channel.”

Chrome 80: Freeze, tabs! And we mean it this time!

To reduce the browser’s memory usage and its impact on notebook batteries, Chrome 80 will automatically “freeze” tabs that have been in the background for five or more minutes. “Frozen pages are not able to run any tasks,” said Google.

Some tabs won’t be frozen – Google cited those playing audio – and website developers can opt out of freezing. More information on that can be found in this document.

Once a user makes a background tab active, it’s thawed so it reacts to input.

Enterprise IT administrators will be able to disable tab freezing with the TabFreezingEnabled policy.

(Previously, Google claimed that tab freezing would make it into Chrome 79, the version launched Dec. 10. It was unclear why the feature had been bumped from 79 and instead slated for 80.)

Chrome 80: Control over granular sync

Enterprise IT admins can enable or disable each type of synchronized data – ranging from History and Themes to Open Tabs and Passwords – just as individuals can do in the browser’s Settings > Manage Sync.

“In Chrome 80, this control will also be an enterprise policy, so that admins can control the sync types across their organization,” Google wrote in the enterprise release notes published after Chrome 79 launched.

The SyncTypesListDisabled policy has not yet been added to the Chrome list, posted here.

Chrome 80: Tabs by the bunch, or group

Tab groups should begin rolling out to users with early-February’s Chrome 80 and then finish with March’s Chrome 81.

“Starting in Chrome 80, some users will be able to organize their tabs by grouping them on the tab strip,” Google said. “Each group can have a color and a name, to help your users keep track of their different tasks and workflows. A wider rollout is planned for Chrome 81.” Chrome 81 is set for release on March 17.

Tab groups are just what they say they are: an organizational trick to lump together multiple tabs, each lump designated by color and name.

Users of Chrome 79 can dabble now with tab groups by entering chrome://flags in the address bar, pressing Enter or Return, finding the entry Tab Groups and setting it to “Enabled.” Chrome must be relaunched for it to take effect. Using right-clicks and the menu choices that then appear, users can create groups, then assign tabs to or remove tabs from those groups.

Chrome 80: Begone, external add-ons

The new BlockExternalExtensions policy will let administrators stop external extensions from being installed in the browser.

(External extensions are those browser add-ons not retrieved and installed from the Chrome Web Store. They include extensions created by third-party software vendors to link browsers to their wares, as well as add-ons that IT wants to distribute throughout the company.)

When enabled, BlockExternalExtensions will not block kiosk apps or add-ons provided by policies, Google said.

The policy has not yet been added to the Chrome list.

Chrome 81: Full-page warning about TLS 1.0 and 1.1

The current Chrome, version 79, includes a disabled-for-now warning about the obsolete TLS (Transport Layer Security) 1.0 or 1.1 encryption. Google plans to switch on that pop-up alert starting Jan. 13, 2020, a point about mid-way between the releases of Chrome 79 and 80.

In March, Chrome 81 will add to the pressure by replacing the pop-up with a full-page interstitial warning that interrupts the attempt to reach the destination site.

IT admins can disable both warnings – in Chrome 79 and later, and in Chrome 81 – with the SSLVersionMin policy. Setting that policy to “1” allows Chrome to connect to TLS 1.0- and 1.1-encrypted sites sans alerts.

The SSLVersionMin policy will work until January 2021.

Chrome 81: Sharing the clipboard

Users will be able to share the clipboard content between personal computers and Android devices with this version of Chrome.

Chrome must be installed on both ends of the sharing, the user must be logged into the same Google Account and the browser’s sync must be enabled on each device or PC.

Administrators will be able to control the feature with the SharedClipboardEnabled policy.

1 2 3 4 5 6 7 8 9 Page 5

October 2019

Chrome continues to dominate the browser market, leaving rivals to swallow their pride and scramble for the leavings.

Now with nearly 69% of the world’s browser user share – a measure of browser activity calculated monthly by analytics vendor Net Applications – Google’s Chrome has no peer. Rivals like Mozilla’s Firefox fight over scraps while Microsoft has tossed in the towel and adopted Google’s Chromium technology to remain competitive.

It’s no surprise that when Chrome speaks, everyone listens, whether about each browser upgrade – something Computerworld tracks in the What’s in the latest Chrome update? series – or about Google’s plans for the future.

Every Chrome upgrade is accompanied by release notes aimed at enterprises that highlight some of the upcoming additions, substitutions, enhancements and modifications planned for the browser. We’ve collected the most important for this “Coming soon” round-up. Just remember that nothing is guaranteed. As Google pointedly notes, “The items listed below are experimental or planned updates. They might be changed, delayed, or canceled before launching to the Stable channel.”

Chrome 79: Password, please!

“We will notify users if their credentials are part of a known data breach,” Google said, pegging the feature’s introduction to the Dec. 10 upgrade. (Around the release of Chrome 77 – back in September – Google had projected a launch in Chrome 78, which debuted this week. Later, word came that it had been postponed to v. 79.)

Details are still on the lighter side. Unlike Mozilla, which added a similar feature to Firefox 70 – also released Oct. 22 – Google has not publicly detailed this yet.

Some information can be found here, however, and here.

Enterprises will be able to manage this notification with the PasswordLeakDetectionEnabled group policy. A bit more info about that policy is available here.

Chrome 79: Testing, testing DoH, 1-2-3

Both Google and Mozilla have been thumping the DNS-over-HTTPS (DoH) drum as a way to better secure communications between browser and DNS (Domain Name Service) server. The browser pings a DNS server to determine the IP (Internet protocol) address of the destination website’s domain (the part, for instance, before the .com or .org) and normally that traffic is transmitted in plain text, making it easily readable by someone monitoring a public Wi-Fi network. Criminals can even intercept bits flying between the browser and DNS server, then insert bogus addresses that steer an unwary user to a malicious site.

By transmitting DNS communication over an HTTPS connection – which is encrypted – crooks can’t spy or spoof.

With Chrome 79, Google will run a trial where DNS requests from some users will automatically be switched to their DNS provider’s DoH service if one is available. (Not all DNS providers offer a DoH resolver.)

But managed browsers – those joined to a domain or that have at least one active group policy – won’t auto-upgrade to DoH. Enterprises will also be able to control the DoH experiment through a new policy, DnsOverHttpsMode.

More information, including the short list of affected DNS providers, can be found here.

Chrome 79: Hey you tabs! Freeze!

To reduce the browser’s memory usage and its impact on notebook batteries, Chrome 79 will automatically “freeze” tabs that have been in the background for five or more minutes. “Frozen pages are not able to run any tasks,” said Google.

Some tabs won’t be frozen – Google cited ones playing audio – and website developers can opt their pages out of such freezing. Then, once a user makes a background tab active, it’s thawed so it reacts to input.

Enterprise IT administrators will be able to disable tab freezing with the TabFreezingEnabled policy.

Chrome 79 and 81: Wave goodbye to TLS 1.0 and 1.1

At the start of October, Google laid out plans to deprecate legacy versions of the TLS (Transport Layer Security) 1.0 and 1.1 cryptographic protocol used to encrypt transmissions between browsers and website servers.

“We’re announcing a pre-removal phase in which we’ll introduce a gentler warning UI [user interface] and previewing the UI that we’ll use to block TLS 1.0 and 1.1 in Chrome 81,” wrote Chris Thompson of Chrome’s security team on Oct. 1.

Starting Jan. 13, 2020, Chrome 79 will begin showing a “Your connection to this site is not fully secure” message when users connect to a site safeguarded by the outdated protocols. Chrome 81 – a March debut, Thompson said – will amp the pressure by inserting a full-page warning that the connection is not secure.

Enterprise IT can disable these Chrome 79 and 81 warnings with the SSLVersionMin policy. Setting that policy to “1” allows Chrome to connect to 1.0- and 1.1-encrypted sites sans alerts.

The SSLVersionMin policy will work until January 2021, Google said.

Chrome 80: Tab groupie

“Users will be able to organize their tabs by grouping them on the tab strip,” Google said. “Groups can have colors and names. They’ll help your users keep track of their different tasks and workflows.”

Tab groups have been in the works for months, but Google currently plans on launching the feature in Chrome 80, set to release around Feb. 21-28, 2020 (Google has not yet extended its Chrome release calendar into next year, so the dates are only an estimate). “Tab groups” are just what they say they are: an organizational trick to lump together multiple tabs, each such lump designated by color and name.

Users of Chrome 78 can dabble with tab groups by entering chrome://flags in the address bar, pressing Enter or Return, finding the entry Tab Groups and setting it to “Enabled.” Chrome must be relaunched for it to take effect. Using right-clicks and the menu choices that then appear, users can create groups, then assign tabs to or remove tabs from those groups.

Chrome 80: RIP FTP

FTP, for File Transfer Protocol, is an ancient protocol that transfers files over an unencrypted connection. More telling, it’s little used.

Beginning with Chrome 80, Google’s browser will stop supporting FTP. (This is something Google’s been working toward for ages.) Instead, IT administrators should steer their charges to a native FTP client.

Google’s given FTP a short grace for those managing through group policies: Enable FTPProtocolSupport and FTP will be restored until Chrome 82 – figure that will debut in April – really kills the protocol.

1 2 3 4 5 6 7 8 9 Page 6

September 2019

Chrome continues to dominate the browser market, leaving rivals to swallow their pride and scramble for the leavings.

Now with more than 67% of the world’s browser user share – a measure of browser activity calculated monthly by analytics vendor Net Applications – Google’s Chrome has no peer. Rivals like Mozilla’s Firefox fight over scraps while Microsoft has tossed in the towel and adopted Google’s Chromium technology to remain competitive.

It’s no surprise that when Chrome speaks, everyone listens, whether about each browser upgrade – something Computerworld tracks in the What’s in the latest Chrome update? series – or about Google’s plans for the future.

Every Chrome upgrade is accompanied by release notes aimed at enterprises that highlight some of the upcoming additions, substitutions, enhancements and modifications planned for the browser. We’ve collected the most important for this “Coming soon” round-up. Just remember that nothing is guaranteed. As Google pointedly notes, “The items listed below are experimental or planned updates. They might be changed, delayed, or canceled before launching to the Stable channel.”

Chrome 78: Still on flags’ you-know-what

“Many flags in chrome://flags will be removed in upcoming Chrome versions, starting with Chrome 78,” Google said, stuck in this grove since at least Chrome 76. “As a reminder, flags should not be used to configure Chrome Browser because they’re not supported. Instead, configure Chrome Browser for your enterprise or organization using policies.”

Those words are identical to phrasing Google has used for months, leading to questions about its seriousness in expunging the option setters (which can be reached by entering chrome://flags in the browser’s address bar).

The macOS version of Chrome 77 Stable listed 322 available flags, just 7 fewer than Chrome 76. So, there’s been no real reduction thus far.

Chrome 78: Dipping a toe into DoH waters

Both Google and Mozilla have been thumping the DNS-over-HTTPS (DoH) drum as a way to better secure communications between browser and DNS (Domain Name Service) server. The browser pings a DNS server to determine the IP (Internet protocol) address of the destination website’s domain (the part, for instance, before the .com or .org) and normally that traffic is transmitted in plain text, making it easily readable by someone monitoring a public Wi-Fi network. Criminals can even intercept bits flying between the browser and DNS server, then insert bogus addresses that steer the unwary user to a malicious site.

By transmitting DNS communication over an HTTPS connection – which is encrypted – crooks can’t spy or spoof.

Beginning with Chrome 78, Google will run a trial where DNS requests from some users will automatically be switched to their DNS provider’s DoH service if one is available. (Not all DNS providers offer a DoH resolver.)

But managed browsers – those joined to a domain or that have at least one active group policy – won’t auto-upgrade to DoH. Enterprises will also be able to control the DoH experiment through a new policy, DnsOverHttpsMode, that will be in place for Chrome 78.

More information, including the short list of affected DNS providers, can be found here.

Chrome 78: Your password’s showing, pal

According to Google, users of Chrome 78 and later will be notified “if their credentials are part of a known data breach.”

Exactly how this will be done and based on what data are, at this point, unclear. Unlike Mozilla, which will add a similar feature to Firefox 70, set to launch Oct. 22, Google has not yet fleshed this out. (Note: Chrome 78 is to also debut on Oct. 22.)

Enterprises will be able to manage this notification with the PasswordLeakDetectionEnabled group policy. A bit more info about that policy is available here.

Chrome 80: RIP FTP

FTP, for File Transfer Protocol, is an ancient protocol that transfers files over an unencrypted connection. More telling, it’s little used.

Beginning with Chrome 80 (likely to launch in late January), Google’s browser will stop supporting FTP. (This is something Google’s been working toward for ages.) Instead, IT administrators should steer their charges to a native FTP client.

Google’s given FTP a short grace for those managing through group policies: Enable FTPProtocolSupport and FTP will be restored until Chrome 82 – figure that will debut in April – really kills the protocol.

Chrome ??: Chrome address bar searches return results from Google Drive

“In the future, users will be able to search for Google Drive files that they have access to from the address bar,” Google wrote.

This has been Google’s line for months, although now the firm says “in the future” rather than the earlier “soon,” perhaps a sop to reality.

Google began testing integrations between Chrome and Google Drive for G Suite Business, Enterprise, and Enterprise for Education subscriptions back in March. Previously, Google ran a beta program but then shut it down in mid-June. Now it’s reopened the preview.

“If you have G Suite Business, Enterprise, or Enterprise for Education, you can apply for the beta program,” Google said, pointing interested users here. Participants must have admin rights to G Suite Business, G Suite Enterprise or G Suite Education Premium.

“This feature lets users in your domain using the Chrome browser search for Google Drive files that they have access to using the Chrome URL bar,” the beta program page stated. “This goes beyond current functionality, which lets users search for Google Drive files that they have recently accessed.”

1 2 3 4 5 6 7 8 9 Page 7

August 2019

Chrome continues to gobble up the browser market, leaving rivals to split a pile of crumbs.

Now with nearly 69% of world’s browser user share – a measure of browser activity calculated monthly by metric vendor Net Applications – Google’s Chrome has no popularity peer. Its rivals barely qualify as such, with Microsoft’s Edge adopting Google’s technology and Mozilla’s Firefox trying to keep its head above 8%.

So, when Chrome speaks, everyone listens, whether about each browser upgrade – something Computerworld tracks in the What’s in the latest Chrome update? series – or about Google’s plans for the future.

Every Chrome upgrade is accompanied by release notes aimed at enterprises that highlight some of the upcoming additions, substitutions, enhancements and modifications planned for the browser. We collected the most important for this “Coming soon” round-up. Just remember that nothing is guaranteed; Google pointedly notes: “”The items listed below are experimental or planned updates. They might be changed, delayed, or canceled before launching to the Stable channel.”

Chrome 77: Lowering (the number of) flags

“Many flags in chrome://flags will be removed in upcoming Chrome versions, starting with Chrome 77,” Google said, repeating a warning from June about Chrome 76 that didn’t come to pass. “You shouldn’t use flags to configure Chrome because they’re not supported. Instead, configure Chrome for your enterprise or organization using policies.”

The macOS version of Chrome 76 Stable listed 307 available flags and another 15 unsuitable for Apple’s operating system.

Chrome 77: Nuclear group policies, toe-to-toe with the Rooskies

Google will assemble some Chrome policies into what it calls “atomic policy groups” to make sure settings that depend on each other to control a feature come from a single source, such as Windows Group Policy or Google’s Admin Console.

“This may be a breaking change if you set GPOs ((Group Policy Objects)) from multiple sources,” Google said. “You can check if any GPOs are in conflict by visiting chrome://policy in Chrome.”

The order of precedence for Chrome’s policies is laid out in this online document._More information about managing Chrome through policies can be found here.

Chrome 77: Welcome, welcome, welcome

Chrome 77 features a new “first run experience,” the label for how a new program poses questions and offers options to set up the software. The new flow, said Google, will “get ((users)) set up with popular Google services and set a default web browser.” That last is of special importance in Windows 10, which pre-sets Microsoft’s Edge as the out-of-the-box browser. The PromotionalTabsEnabled policy will disable the new first run experience, Google said.

Chrome 78: Experimenting with DNS-over-HTTPS

“Starting in Chrome 78, the DNS ((Domain Name System)) requests of some users will auto-upgrade to DNS-over-HTTPS if they are using a DNS provider that supports it,” Google noted. For background, DNS-over-HTTPS would better secure domain requests between browser and domain servers by blocking man-in-the-middle attempts to eavesdrop and/or fiddle with the in-transmission data. Google and Mozilla – maker of Firefox – are both testing the proposed standard.

Users will be able to opt out of the trials Google will conduct by disabling it through chrome://flags. Administrators will be allowed to do likewise via policy. “Instructions will be provided in a future Chromium blog post and release notes,” Google promised.

Chrome 78: Browser add-ons reducing requests for data

Starting Oct. 15, Google will require that add-on developers reduce their data access requests to the least amount possible. “While this has previously been encouraged for developers, now we’re making this a requirement for all extensions,” Google said.

Although there’s nothing that will change in Chrome itself related to this new requirement, version 78 – set to debut Oct. 22 – may be affected if, for instance, an add-on developer refuses to follow the rules. “After October 15, 2019, items that violate these updates to the User Data policy will be removed or rejected from the Web Store and will need to become compliant to be reinstated,” Google said.

Chrome ??: Chrome address bar searches return results from Google Drive

“Soon, users will be able to search for Google Drive files that they have access to from the address bar,” Google wrote. Again.

This has been on the Chrome to-do list for months.

In March, Google began testing integrations between Chrome and Google Drive for G Suite Business, Enterprise, and Enterprise for Education productivity subscriptions. (The beta testing required Chrome 69 or later; Google shut down the preview program in mid-June.)

Key to this feature is Google’s assertion that, “This goes beyond current functionality, which lets users search for Google Drive files that they have recently accessed,” likely making it a tool eventually available only to G Suite users.

1 2 3 4 5 6 7 8 9 Page 8

June 2019

Chrome gets fat while every other browser starves.

Now with more than two-thirds of the world’s browser user share – a measure of browser activity calculated monthly by metric vendor Net Applications – Google’s Chrome has no peer in popularity. Its rivals are barely worth the name, with Microsoft’s Edge so feeble that its maker decided to replace its internals with the same technology that powers Chrome and Mozilla’s Firefox trying to hang on to just 10%.

Not surprisingly, when Chrome speaks, everyone listens, whether about each browser upgrade – something Computerworld tracks in the What’s in the latest Chrome update? series – and in what it plans to do in the near future.

Every Chrome upgrade is accompanied by release notes aimed at enterprises that highlight some of the upcoming additions, substitutions, enhancements and modifications planned for the browser. We collected the most important for this “Coming soon” round-up. Just remember that nothing is guaranteed; Google points notes: “((These features)) might be changed, delayed, or canceled before launching to the Stable channel.”

Chrome 76: An end to opt-out of site isolation

Unveiled in late 2017 within Chrome 63, Site Isolation is a defensive technology that segregates pages from different sites into different processes. Each process runs in a “sandbox” that restricts what the process can do, all part of a scheme to isolate malware from the browser as a whole and a device’s over-arching OS.

Site Isolation was enabled in stages until by mid-2018 it was enabled for virtually all Chrome users. At that point, only managed devices were able to opt-out. “((But)) starting with Chrome 76, we will remove the ability to opt out of site isolation on desktop using the SitePerProcess or IsolateOrigins policies,” Google said.

The end to opting out was to occur with Chrome 75, but was postponed to version 76, the upgrade scheduled to ship July 30. Google did not offer an explanation for the delay.

Chrome 76: Flash to be blocked by default

Two years ago, Adobe announced that it would finally bury Flash Player – the app that, in many ways, made the web – at the end of 2020. Browser makers like Google then explained how they would end their support for Flash.

While Google has limited Flash for years – in late 2016, it was turned off by default and restricted to a handful of sites, including Amazon, Facebook and YouTube – this summer Chrome will institute a complete Flash blockade. With Chrome 76, Flash will be disabled by default. Individual users will be able to switch back to a default “Ask first” in settings (until Google ends all support by yanking it from the Chromium project in December 2020). And enterprises will be able to continue controlling Flash usage through the DefaultPluginsSetting, PluginsAllowedForUrls and PluginsBlockedForUrls policies.

The toggle back to “Ask first” for Flash – which will let Chrome continue to run the Adobe plug-in but only after asking the user for each encountered Flash-equipped site – is in Settings, under “Privacy and Security,” in the “Site Settings” selection. Click on “Flash,” then in the next screen, on “Block sites from running Flash” to switch to “Ask first.”
chrome blocks flashGoogle
When Chrome blocks Flash by default, users can switch the setting back to ‘Ask first’ – what it was prior to Chrome 76 – by clicking the toggle marked in red.

Chrome 76: Lowering (the number of) flags

“Many flags in chrome://flags will be removed in upcoming Chrome versions,” Google said without detailing which will get the ax or even a rough number to be cut. “You should not use flags to configure Chrome because they are not supported. Instead, configure Chrome for your enterprise or organization using policies.”

The macOS version of Chrome 75 Stable listed 337 available flags and another 16 unsuitable for that operating system.

Chrome ??: Chrome address bar searches return results from Google Drive

“Soon, users will be able to search for Google Drive files that they have access to from the address bar,” Google wrote.

And that’s all it wrote. However, it’s possible to flesh out a bit more.

In March, Google began testing integrations between Chrome and Google Drive for the G Suite Business, Enterprise, and Enterprise for Education productivity subscriptions. (The beta testing required Chrome 69 or later.)

G Suite administrators can apply to join the beta project using the form submitted from this site.

Previously, Google had pegged the debut of address bar searching of Google Drive to Firefox 75 – the version that launched last week – and seemed to imply that the feature would be available to all enterprise users, not just those running G Suite. Computerworld‘s testing of Chrome 75 Dev showed that enabling the option flag “Omnibox Google Drive Document suggestions” – displayed matches in the address bar of recently-accessed PDF and Google Docs/Sheets/Slides. That setting, which can be accessed from the chrome://flags page, appeared in the Stable version of Chrome 75, hinting that it’s about ready for real-world use.

It’s unclear whether the in-address-bar searching of Google Drive contents will be available only for G Suite users or for all those who have stored content in Google Drive. Computerworld‘s take? Because of a line in the beta description – “This goes beyond current functionality, which lets users search for Google Drive files that they have recently accessed” – we think that the tool will be only for G Suite customers.

1 2 3 4 5 6 7 8 9 Page 9

April 2019

Fact: Chrome rules.

With a massive two-thirds of the world’s browser user share – a measurement of browser activity calculated monthly by analytics vendor Net Applications – Google’s Chrome has no peer in popularity.

So when Chrome speaks, people listen. That holds true for whatever moves Google makes with each browser upgrade – something Computerworld details in the What’s in the latest Chrome update? series – and in what it plans to do in the future.

With each update, Google publishes a set of release notes aimed at enterprises. In those release notes, the company highlights some of the upcoming additions, substitutions, enhancements and modifications planned for its browser._

In an effort to look ahead at the browser’s future, we’ve collected the most important of the latest items in Chrome’s “Coming soon” category. But as Google takes pains to point out, “They might be changed, delayed, or canceled before launching to the Stable channel.”

You’ve been warned.

Chrome 75: Chrome address bar searches return results from Google Drive

“Users will see Google Drive results when entering a search in the address bar, including PDFs, Google Sheets, Docs, and Slides,” Google wrote.

And that’s all it wrote. However, it’s possible to flesh out the expected feature.

Google in March kicked off testing of integration between Chrome and Google Drive for the G Suite Business, Enterprise, and Enterprise for Education productivity subscriptions. (That beta testing requires Chrome 69 or later.)

The upcoming address bar-search is somewhat different. Computerworld‘s testing of Chrome 75 Dev – after enabling the option flag “Omnibox Google Drive Document suggestions” – showed that suggested matches surfaced in the address bar only of recently-accessed PDF and Google Docs/Sheets/Slides. In other words, the Chrome 75 feature seems a subset, although not a perfect one, of what’s already in testing for G Suite subscribers, but will be available to all Chrome users who have content in Google Drive.
chrome 75Google
Chrome 75 will suggest results from Google Drive for documents that have been recently accessed.

Chrome 75: End to opt-out of site isolation

Unveiled in late 2017 within Chrome 63, Site Isolation is a defensive technology that segregates pages from different sites into different processes. Each process runs in a “sandbox” that restricts what the process can do, all as part of a scheme to isolate malware from the browser as a whole and the device’s over-arching OS.

Site Isolation was enabled in stages until by mid-2018 it was enabled for virtually all Chrome users. At that point, only managed devices were able to opt-out. As of Chrome 75 – currently scheduled to ship June 4 – that will end. “We’ve resolved the reported issues and starting with Chrome 75, we will remove the ability to opt out of site isolation on desktop using the SitePerProcess or IsolateOrigins policies,” Google said.

Chrome 75: Version roll-back

Google will add a browser roll-back process for enterprises that want to retreat to an older version of Chrome, the company said as it named the target. “Chrome 75 on Windows will include a policy that allows administrators to roll back to a previous version of Chrome,” Google said.

The functionality will be available only to customers using Windows’ group policies to manage Chrome. “Add a RollbackToTargetVersion app policy to allow enterprise administrators to enable rollback in conjunction with the existing TargetVersionPrefix policy,” Google stated.

The most likely reason for wanting to roll back Chrome to an earlier version would be because the latest browser caused problems, perhaps a mission-critical app compatibility or workflow issue.

Google was adamant that a roll-back should be a last-ditch effort by enterprise IT. “This policy is meant as an emergency mechanism and should be used with caution,” the company said. “If you roll back to an earlier version, you will expose your users to known security issues. Use this policy at your own risk.”

Google also urged that customers turn on the browser sync feature or alternately, Roaming User Profiles, which lets users take bookmarks, passwords, extensions and preferences to multiple PCs. Failing to do that will mean data synced from later versions won’t be usable by older editions.

A later version, Google added, will “improve the rollback experience by preserving user states during the rollback process” so that sync and roaming profiles won’t be needed.

Chrome 76: Flash to be blocked by default

Nearly two years ago, Adobe announced that it would finally bury Flash Player – an app that in many ways, made the web – at the end of 2020. Browser makers like Google then detailed how they would end their support for Flash.

While Google has limited Flash for years – in late 2016, it was turned off by default and restricted to a handful of sites, including Amazon, Facebook and YouTube – this summer Chrome will institute a complete Flash blockade. With Chrome 76, now slated to ship July 30, Flash will be disabled by default. Individual users will be able to switch back to a default “Ask to use Flash” in settings (until Google ends all support by yanking it from the Chromium project in December 2020), and enterprises will be able to continue controlling Flash usage through the DefaultPluginsSetting,PluginsAllowedForUrls and PluginsBlockedForUrls policies.

%d bloggers like this: