Google

Recently I had problem with my Ubuntu, Whenever I tried to open a website my Chromium told me that a Network Change has been detected and after 1-2 reload that sites would load and sometimes failed to load fully. After looking up for that problem, I found out many other people had same problem and it has something to do with “avahi-daemon”. Solution According to the links I found in Ubuntu forums, this problem comes from IPv6 in Ubuntu and disabling that service will fix it, I tried it and it worked: ...

Here’s how security vulnerabilities are supposed to be handled. One, a researcher discovers an issue. Two, the people who make the software find a solution. And three, the solution is then made available, ideally by automatic update. That’s what Windows does, and what Apple does. It isn’t always as fast as it should be, but at least once the fix exists it’s available almost instantly. Here’s how it works with Android. ...

The Intel Security Advanced Threat Research Team has discovered a critical signature forgery vulnerability in the Mozilla Network Security Services (NSS) crypto library that could allow malicious parties to set up fraudulent sites masquerading as legitimate businesses and other organizations. The Mozilla NSS library, commonly utilized in the Firefox web browser, can also be found in Thunderbird, Seamonkey, and other Mozilla products. Dubbed “BERserk”, this vulnerability allows for attackers to forge RSA signatures, thereby allowing for the bypass of authentication to websites utilizing SSL/TLS. Given that certificates can be forged for any domain, this issue raises serious concerns around integrity and confidentiality as we traverse what we perceive to be secure websites. ...

Cross-posted from H-Online: Google has released the stable version 28 of its Chrome browser. It is the first version to use the new Blink engine for rendering web pages and it appears that the new engine will allow web pages to be loaded about ten per cent faster. The developers say that the increased speed is also thanks to the new threaded HTML parser, which frees up the JavaScript thread, allowing DOM content to be displayed faster. The HTML parser also takes fewer breaks, which is said to result in time savings of up to 40 per cent. Another contributor to the faster working speed is the optimized V8 JavaScript engine. ...

Google has already released a MyGlass Companion app for Android via the Play Store, and although a corresponding iOS version has yet to manifest itself in the App Store, the company has already noted that iPhone users will not be neglected when it comes to the early 2014 public launch of Google Glass. In the meantime, the PostOffice tweak will work just fine for those with a jail-broken iPhone, and although there’s not much to it aside from one or two settings, it does what it purports to do in pushing notifications through Glass. The free tweak is available via the BigBoss repository in Cydia, To configure the way your notifications are re-routed to Glass you navigate to your native Settings and configure the way your notifications are re-routed. Google Glass currently may only be in the hands of creative individuals, some competition winners and a handful of developers, but that has not prevented the tech world from getting itself excited about the internet giant’s technological headgear. Last month, one such creative individual, Adam Bell, had managed to route iOS notifications through to Google Glass using some kit he has thrown together, and now a tweak has emerged offering a simpler way for such a process to be achieved. ...

Google is shortening the amount of time it gives to makers of vulnerable software and web services if there is imminent danger. The Google security team say that if they encounter a zero-day issue that is already being actively used for cyber attacks, it will grant the affected manufacturer just seven days grace to fix the vulnerabilities or publish an advisory with mitigation strategies for users. After seven days, Google wants to publish details of the vulnerability in such a way that users of the vulnerable software can protect themselves from attacks. Previously, the company had given vendors sixty days before it went public with details of vulnerabilities. Google says, though, that it has found zero-day vulnerabilities being used to target a limited subset of people and this targeting makes the attack more serious than a widespread attack and more important to resolve quickly, especially where political activists are being compromised and the attacks can have “real safety implications” in some parts of the world. ...

NYTimes posted: On Wednesday, Google introduced a new in-box design for its e-mail service, Gmail. In a blog post announcing the new design, the company said it wanted to help people quickly sort through their messages to determine which ones were important and which ones could wait until later. The revamped Gmail automatically sorts incoming messages into categories, which appear as three tabs — primary, social and promotions — that users can toggle between in their in-box. The primary tab contains the e-mails that the service thinks are most important. Social contains message updates from various social networks, like LinkedIn, Tumblr and Yelp. Promotions contains newsletters, party invites and concert announcements. Users can also select to add additional tabs to help manage electronic bills, banking statements and messages from forum boards. ...

The Chrome developers at Google have released version 27 of their browser to the Stable release channel for Windows, Mac OS X, Linux, and Chrome Frame for Internet Explorer. The new version, Chrome 27.0.1453.93, includes performance improvements with a new scheduler and fixes a number of security vulnerabilities – most of them rated as High – that Google’s bug bounty program rewarded with almost $15,000 in total. Chrome 27 also introduces a filesystem API that allows the browser to synchronise application data through the Google Drive service. Among the bug fixes, a dependency problem which stopped Chrome being easily installed on Ubuntu 13.04 has also been fixed, one release earlier than Canonical was expecting. ...

For about two and a half hours on Monday, students at Oxford University couldn’t access Google Docs after the University’s Computing Services team decided to take “extreme action” to halt phishing attacks and also to put pressure on Google. Robin Stevens of OxCert explained in a blog post that, in the past, Google has been slow to respond to requests to help the university. The university’s problem is that phishers are frequently using Google Docs to present phishing forms to its users, with a legitimate domain shown to the user and not detectable by firewalls as Google traffic is over SSL. If phishing mail directing users to pages like this gets past the defenses, it is hard to detect and respond to. ...

After many years of dealing with site compatibility issues, Opera found the solution: it will switch from its proprietary rendering engine (Presto) to WebKit and will be powered by Chrome’s open source version, Chromium. “Presto is a great little engine. It’s small, fast, flexible and standards compliant while at the same time handling real-world web sites. It has allowed us to port Opera to just about any platform you can imagine. (…) It was always a goal to be compatible with the real web while also supporting and promoting open standards. That turns out to be a bit of a challenge when you are faced with a web that is not as open as one might have wanted. Add to that the fact that it is constantly changing and that you don’t get site compatibility for free (which some browsers are fortunate enough to do), and it ends up taking up a lot of resources – resources that could have been spent on innovation and polish instead,” explains an Opera employee. ...