According to Bloomberg, the U.S. Justice Department wants Google to sell off its Chrome browser as part of its ongoing search monopoly case. The recommendations will be made official on Wednesday. 9to5Google reports: At the top of the list is having Google sell Chrome "because it represents a key access point through which many people use its search engine." There are many questions about how that works, including what the impact on the underlying Chromium codebase would be. Would Google still be allowed to develop the open-source project by which many other browsers, like Microsoft Edge use? "The government has the option to decide whether a Chrome sale is necessary at a later date if some of the other aspects of the remedy create a more competitive market," reports Bloomberg. Google, which plans to appeal, previously said that "splitting off Chrome or Android would break them."

Bloomberg reports that "antitrust officials pulled back from a more severe option that would have forced Google to sell off Android." However, the government wants Google to "uncouple its Android smartphone operating system from its other products, including search and its Google Play mobile app store, which are now sold as a bundle." Meanwhile, other recommendations include licensing Google Search data and results, as well as allowing websites that are indexed for Search to opt out of AI training.

Google is reportedly working on a multi-year project to migrate Chrome OS into Android, aiming to unify its operating systems and better compete with the iPad. This transition involves incorporating Chrome OS features like extensions and Linux app support into Android, with upcoming updates focused on improving desktop functionality and device compatibility. Android Authority reports: To better compete with the iPad as well as manage engineering resources more effectively, Google wants to unify its operating system efforts. Instead of merging Android and Chrome OS into a new operating system like rumors suggested in the past, however, a source told me that Google is instead working on fully migrating Chrome OS over to Android. While we don't know what this means for the Chrome OS or Chromebook brands, we did hear that Google wants future "Chromebooks" to ship with the Android OS in the future. That's why I believe that Google's rumored new Pixel Laptop will run a new version of desktop Android as opposed to the Chrome OS that you're likely familiar with.

While Google hasn't publicly confirmed its intentions to turn Chrome OS into Android, it did mention back in June that Chrome OS would become more like Android by "embracing portions of the Android stack, like the Android Linux kernel and Android frameworks." Chrome OS already makes use of some Android tech, such as the operating system's Bluetooth stack code-named "Fluoride," so the announcement that it would start to use even more of Android came as no surprise. However, Google's announcement didn't tell the full story, as we've since discovered that not only is Google building a new version of Chrome for Android with extensions support but also a Terminal to run Linux apps on Android. The former is intended to achieve feature parity between Chrome for Android and Chrome OS, while the latter is intended to deliver a Crostini-like experience when Chromebooks transition to Android.

However, there are still a lot of things that Google has to do to achieve feature parity between Android and Chrome OS. The desktop windowing changes that Google is introducing in the first quarterly platform release of Android 15 are just the beginning, as Google is working on a huge number of new Android features including improved keyboard and mouse support, external monitor support, multiple desktops, and more. All of these changes, we're told, are part of Google's internal Android-on-laptop project, though they'll also obviously benefit tablets like the upcoming Pixel Tablet 2.

Google's transistion to Safe Coding and memory-safe languages "will take multiple years," according to a post on Google's security blog. So "we're also retrofitting secure-by-design principles to our existing C++ codebase wherever possible," a process which includes "working towards bringing spatial memory safety into as many of our C++ codebases as possible, including Chrome and the monolithic codebase powering our services." We've begun by enabling hardened libc++, which adds bounds checking to standard C++ data structures, eliminating a significant class of spatial safety bugs. While C++ will not become fully memory-safe, these improvements reduce risk as discussed in more detail in our perspective on memory safety, leading to more reliable and secure software... It's also worth noting that similar hardening is available in other C++ standard libraries, such as libstdc++. Building on the successful deployment of hardened libc++ in Chrome in 2022, we've now made it default across our server-side production systems. This improves spatial memory safety across our services, including key performance-critical components of products like Search, Gmail, Drive, YouTube, and Maps... The performance impact of these changes was surprisingly low, despite Google's modern C++ codebase making heavy use of libc++. Hardening libc++ resulted in an average 0.30% performance impact across our services (yes, only a third of a percent) ...

In just a few months since enabling hardened libc++ by default, we've already seen benefits. Hardened libc++ has already disrupted an internal red team exercise and would have prevented another one that happened before we enabled hardening, demonstrating its effectiveness in thwarting exploits. The safety checks have uncovered over 1,000 bugs, and would prevent 1,000 to 2,000 new bugs yearly at our current rate of C++ development...

The process of identifying and fixing bugs uncovered by hardened libc++ led to a 30% reduction in our baseline segmentation fault rate across production, indicating improved code reliability and quality. Beyond crashes, the checks also caught errors that would have otherwise manifested as unpredictable behavior or data corruption... Hardened libc++ enabled us to identify and fix multiple bugs that had been lurking in our code for more than a decade. The checks transform many difficult-to-diagnose memory corruptions into immediate and easily debuggable errors, saving developers valuable time and effort.
The post notes that they're also working on "making it easier to interoperate with memory-safe languages. Migrating our C++ to Safe Buffers shrinks the gap between the languages, which simplifies interoperability and potentially even an eventual automated translation."

Google appears to be working on an email-forwarding alias system, according to the blog Android Authority, giving users a new way to "shield" their main email address.

The site performed a teardown on the newest Google Play Services' APK looking for work-in-progress code , and spotted "a whole boatload of strings referencing and in support of something called 'Shielded Email'." Just from that text, we're able to infer quite a lot about what we're looking at here, and it appears that Shielded Email consists of a system to create single-use or limited-use email aliases that will forward messages along to your primary account. And while we could imagine that something like this might be pretty useful in Chrome, here it looks like Google is building it specifically to address apps that ask for your email address. The messages in there touch on a couple reasons beyond spam that you might want to keep your main email private, like reducing the extent to which your online activities can be tracked, and mitigating your personal risk from potential future data breaches.
They also sighted a reference to "Shielded Email" in the Autofill settings menu — though their article acknowledges that even features hinted at by work-in-progress code may not ultimately make it into a public release.

But Forbes suggests that the idea sounds similar to Apple's Hide My Email service, which "provides an automated random email address creator to help keep your personal email address private when subscribing to services."

Paul Kinlan, who leads the Chrome and the Open Web Developer Relations team at Google, asks and answers the question (with a no.): Frameworks are abstractions over a platform designed for people and teams to accelerate their teams new work and maintenance while improving the consistency and quality of the projects. They also frequently force a certain type of structure and architecture to your code base. This isn't a bad thing, team productivity is an important aspect of any software.

I'm of the belief that software development is entering a radical shift that is currently driven by agents like Replit's and there is a world where a person never actually has to manipulate code directly anymore. As I was making broad and sweeping changes to the functionality of the applications by throwing the Agent a couple of prompts here and there, the software didn't seem to care that there was repetition in the code across multiple views, it didn't care about shared logic, extensibility or inheritability of components... it just implemented what it needed to do and it did it as vanilla as it could.

I was just left wondering if there will be a need for frameworks in the future? Do the architecture patterns we've learnt over the years matter? Will new patterns for software architecture appear that favour LLM management?

A new update is rolling out that automatically starts Microsoft's Edge browser and prompts users to import their Chrome tabs -- a move that has sparked criticism over its invasive tactics to encourage Edge adoption. The Verge's Tom Warren reports: My colleague Richard Lawler noticed that Edge started automatically on his PC last week at boot and offered up a new prompt to "enhance your browsing experience." The pop-up has a "bring over your data from other browsers regularly" option ticked by default, and encourages people to confirm and continue with a big blue button. If you want to dismiss this prompt there's a tiny white X button that looks similar to the sparkles Microsoft is using in the background of the prompt.

If you simply hit confirm and continue then Microsoft Edge will import your Chrome data and continually import your tabs if you have Chrome set as default. The prompt seems to mainly appear on PCs with Chrome installed, suggesting that Microsoft is once again targeting Chrome users. Microsoft confirmed the new "feature" to The Verge. "This is a notification giving people the choice to import data from other browsers," explains Microsoft spokesperson Caitlin Roulston. "There is an option to turn it off."

Google will require all new mobile chipsets launching with Android 15 to support its Android Virtualization Framework (AVF), a significant shift in the operating system's security architecture. The mandate, reports AndroidAuthority that got a hold of Android's latest Vendor Software Requirements document, affects major chipmakers including Qualcomm, MediaTek, and Samsung's Exynos division. New processors like the Snapdragon 8 Elite and Dimensity 9400 must implement AVF support to receive Android certification.

AVF, introduced with Android 13, creates isolated environments for security-sensitive operations including code compilation and DRM applications. The framework also enables full operating system virtualization, with Google demonstrating Chrome OS running in a virtual machine on Android devices.

An anonymous reader shared this report from Digital Trends: A number of popular generative AI platforms are seeing consistent growth as users are figuring out how they want to use the tools - and ChatGPT is at the top of the list with the most visits, at 3.7 billion worldwide. So many people are visiting the AI chatbot, its figures are rivaling browser market share. It can only be compared to Google Chrome figures in terms of monthly users, which is estimated to be around 3.45 billion.

Statistics from [web analytics company] Similarweb indicate that ChatGPT saw a 17.2% month-over-month (MoM) growth and a 115.9% year-over-year (YoY) traffic growth... Google's Chrome browser has a solid market share of 35.4 billion users in 2024. It has seen minimal growth YoY but has grown 45.35% in the last 5 years, according to Statscounter.
The article notes ChatGPT saw a jump in traffic when it changed its dowmain from chat.openai.com to just chatgpt.com -- and that OpenAI recently purchased the domain Chat.com (though "there is no word on what the company plans to do...") Meanwhile, other AI tools continue to see traffic and growth, despite not being at the same level as ChatGPT. Despite recent plagiarism claims, the Perplexity chatbot has seen 90.8 million visits in October, a 25.5% MoM growth and 199.2% YoY growth. Google's Gemini Chatbot saw 291.6 million visits in October, a 6.2% MoM growth and 19% YoY growth after the company introduced a new ChromeOS update that brought new AI features to its Chromebooks. Anthropic's Claude chatbot has seen 84.1 million visits in October, a 25.5% MoM growth and 394.9% YoY growth, after recently rolling out a desktop application for Windows and macOS. Microsoft's web-based Copilot website saw 69.4 million visits in October, an 87.6% MoM growth.

This week Google-backed Anthropic announced its upgraded AI model Claude 3.5 Sonnet could "perform tasks like navigating web browsers, filling forms, and manipulating data."

Now Google plans something similar for Chrome, reports 9to5Linux.com: According to The Information, Google is "developing artificial intelligence that takes over a person's web browser to complete tasks such as gathering research, purchasing a product or booking a flight."

"Project Jarvis" — in a nod to J.A.R.V.I.S. in Iron Man — would operate in Google Chrome and is a consumer-facing (rather than enterprise) feature to "automate everyday, web-based tasks." The article doesn't specify whether this would be for mobile or desktop... Given a command/action, Jarvis works by taking "frequent screenshots of what's on their computer screen, and interpreting the shots before taking actions like clicking on a button or typing into a text field."
The Information reports that Google "plans to preview the product, also known as a computer-using agent, as early as December alongside the release of its next flagship Gemini large language model, which would help power the product, two of the people said."

The Browser Company is developing a new, much simpler browser distinct from Arc, which has proven too complex for mainstream adoption despite a strong following among power users. The Verge's David Pierce reports: Arc is not dying, [says CEO Josh Miller]. He says that over and over, in fact, even after I tell him the YouTube video the company just released sounds like the thing companies say right before they kill a product. It's just that Arc won't change much anymore. It'll get stability updates and bug fixes, and there's a team at The Browser Company dedicated to those. "In that sense," Miller says, "it feels like a complete-ish product." Most of the team's energy and time will now be dedicated to starting from scratch. "Arc was basically this front-end, tab management innovation," Miller says. "People loved it. It grew like a weed. Then it started getting slow and started crashing a lot, and we felt bad, and we had to learn how to make it fast. And we kind of lost sight, in some ways, of the fact that we've got to do the operating system part."

The plan this time is to build not just a different interface for a browser, but a different kind of browser entirely -- one that is much more proactive, more powerful, more AI-centric, more in line with that original vision. Call it the iPhone of web browsers, or the "internet computer," or whatever other metaphor you like. The idea is to turn the browser into an app platform. Miller still wants to do it, and he wants to do it for everyone. What does that look like? Miller is a bit vague on the details. The new browser, which Miller intimates could launch as soon as the beginning of next year, is designed to come with no switching costs, which means among other things that it will have horizontal tabs and fewer ideas about organization. The idea is to "make the first 90 seconds effortless" in order to get more people to switch. And then, slowly, to reveal what this new browser can do.

An anonymous reader quotes a report from BleepingComputer: A new ClickFix campaign is luring users to fraudulent Google Meet conference pages showing fake connectivity errors that deliver info-stealing malware for Windows and macOS operating systems. ClickFix is a social-engineering tactic that emerged in May, first reported by cybersecurity company Proofpoint, from a threat actor (TA571) that used messages impersonating errors for Google Chrome, Microsoft Word, and OneDrive. The errors prompted the victim to copy to clipboard a piece of PowerShell code that would fix the issues by running it in Windows Command Prompt. Victims would thus infect systems with various malware such as DarkGate, Matanbuchus, NetSupport, Amadey Loader, XMRig, a clipboard hijacker, and Lumma Stealer.

In July, McAfee reported that the ClickFix campaigns were becoming mode frequent, especially in the United States and Japan. A new report from Sekoia, a SaaS cybersecurity provider, notes that ClickFix campaigns have evolved significantly and now use a Google Meet lure, phishing emails targeting transport and logistics firms, fake Facebook pages, and deceptive GitHub issues. According to the French cybersecurity company, some of the more recent campaigns are conducted by two threat groups, the Slavic Nation Empire (SNE) and Scamquerteo, considered to be sub-teams of the cryptocurrency scam gangs Marko Polo and CryptoLove.

The Register's Jessica Lyons reports: Apple wants to shorten SSL/TLS security certificates' lifespans, down from 398 days now to just 45 days by 2027, and sysadmins have some very strong feelings about this "nightmarish" plan. As one of the hundreds that took to Reddit to lament the proposal said: "This will suck. My least favorite vendor manages something like 10 websites for us, and we have to provide the certs manually every time. Between live and test this is gonna suck."

The Apple proposal, a draft ballot measure that will likely go up for a vote among Certification Authority Browser Forum (CA/B Forum) members in the upcoming months, was unveiled by the iThings maker during the Forum's fall meeting. If approved, it will affect all Safari certificates, which follows a similar push by Google, that plans to reduce the max-validity period on Chrome for these digital trust files down to 90 days.

... [W]hile it's generally agreed that shorter lifespans improve internet security overall -- longer certificate terms mean criminals have more time to exploit vulnerabilities and old website certificates -- the burden of managing these expired certs will fall squarely on the shoulders of systems administrators. [...] Even certificate provider Sectigo, which sponsored the Apple proposal, admitted that the shortened lifespans "will no doubt prove a headache for busy IT security teams, juggling with lots of certificates expiring at different times." While automation is often touted as the solution to this problem, sysadmins were quick to point out that some SSL certs can't be automated. "This is somewhat nightmarish," said one sysadmin. "I have about 20 appliance like services that have no support for automation. Almost everything in my environment is automated to the extent that is practical. SSL renewal is the lone achilles heel that I have to deal with once every 365 days."

An anonymous reader shares a report: If you're a fan of uBlock Origin, don't be surprised if it stops functioning on Chrome. The Google-owned browser has started disabling the free ad blocker as part of the company's plan to phase out older "Manifest V2" extensions. On Tuesday, the developer of uBlock Origin, Raymond Hill, retweeted a screenshot from one user, showing the Chrome browser disabling the ad blocker. "These extensions are no longer supported. Chrome recommends that you remove them," the pop-up from the Chrome browser told the user. In response, Hill wrote: "The depreciation of uBO in the Chrome Web Store has started."

"Google is developing a Linux terminal app for Android," reports the blog Android Authority. "The Terminal app can be enabled via developer options and will install Debian in a virtual machine.

"This app is likely intended for Chromebooks but might also be available for mobile devices, too." While there are ways to run some Linux apps on Android devices, all of those methods have some limitations and aren't officially supported by Google. Fortunately, though, Google is finally working on an official way to run Linux apps on Android... This Terminal app is part of the Android Virtualization Framework (AVF) and contains a WebView that connects to a Linux virtual machine via a local IP address, allowing you to run Linux commands from the Android host...

A set of patches under the tag "ferrochrome-dev-option" was recently submitted to the Android Open Source Project that adds a new developer option called Linux terminal under Settings > System > Developer options. This new option will enable a "Linux terminal app that runs inside the VM," according to its proposed description. Toggling this option enables the Terminal app that's bundled with AVF...

Google is still working on improving the Terminal app as well as AVF before shipping this feature... What's particularly interesting about the patch that adds these settings is that it was tested on "tangorpro" and "komodo," the codenames for the Pixel Tablet and Pixel 9 Pro XL respectively. This suggests that the Terminal app won't be limited to Chromebooks like the new desktop versions of Chrome for Android.

This week (MIT-licensed) WebAssembly runtime Wasmer announced "a major milestone in making any software run with WebAssembly."

The announcement's headline? Running Clang in the browser using WebAssembly... Thanks to the newest release of Wasmer (4.4) and the Wasmer JS SDK (0.8.0) you can now run [compiler front-end] clang anywhere Wasmer runs! This allows compiling C programs from virtually anywhere. Including Javascript and your preferred browser! (we tested Chrome, Safari and Firefox and everything is working like a charm)...

- You can compile C code to WebAssembly easily just using the Wasmer CLI: no toolchains or complex installations needed, install Wasmer and you are ready to go...!

- You can compile C projects directly from JavaScript...!

- We expect online IDEs to start adopting the SDK to allow their users compile and run C programs in the browser....

Do you want to use clang in your Javascript project? Thanks to our newly released Wasmer JS SDK you can do it easily, in both the browser and Node.js/Bun etc... Wasmer's clang can even optimize the file for you automatically using wasm-opt under the hood (Clang automatically detects if wasm-opt is used, and it will be automatically called when optimizing the file). Imagine using Emscripten without needing its toolchain installed — or even better, imagine running Emscripten in the browser.
The announcement looks to a future of compiling native Python libraries, when "any project depending on LLVM can now be easily compiled to WebAssembly..."

"This is the beginning of an awesome journey, we can't wait to see what you create next with this."

In a new 32-page filing (PDF), the Department of Justice indicated that it was considering a possible breakup of Google as an antitrust remedy for its search and advertising monopoly. The remedies necessary to "prevent and restrain monopoly maintenance could include contract requirements and prohibitions; non-discrimination product requirements; data and interoperability requirements; and structural requirements," the department said in the filing. CNBC reports: The DOJ also said it was "considering behavioral and structural remedies that would prevent Google from using products such as Chrome, Play, and Android to advantage Google search and Google search-related products and features -- including emerging search access points and features, such as artificial intelligence -- over rivals or new entrants."

Additionally, the DOJ suggested limiting or prohibiting default agreements and "other revenue-sharing arrangements related to search and search-related products." That would include Google's search position agreements with Apple's iPhone and Samsung devices -- deals that cost the company billions of dollars a year in payouts. The agency suggested one way to do this is requiring a "choice screen," which could allow users to pick from other search engines. Such remedies would end "Google's control of distribution today" and ensure "Google cannot control the distribution of tomorrow."

Google is developing a version of Chrome for Android that supports browser extensions, a feature long absent from mobile versions, AndroidAuthority reports. The report adds: Specifically, the company is experimenting with "desktop" builds of Chrome for Android. These "desktop" builds are currently intended for Chromebooks as they transition to use more parts of Android, but there's hope the work will benefit mobile devices, too.

"Dozens of Fortune 100 organizations" have unknowingly hired North Korean IT workers using fake identities, generating revenue for the North Korean government while potentially compromising tech firms, according to Google's Mandiant unit. "In a report published Monday [...], researchers describe a common scheme orchestrated by the group it tracks as UNC5267, which has been active since 2018," reports The Record. "In most cases, the IT workers 'consist of individuals sent by the North Korean government to live primarily in China and Russia, with smaller numbers in Africa and Southeast Asia.'" From the report: The remote workers "often gain elevated access to modify code and administer network systems," Mandiant found, warning of the downstream effects of allowing malicious actors into a company's inner sanctum. [...] Using stolen identities or fictitious ones, the actors are generally hired as remote contractors. Mandiant has seen the workers hired in a variety of complex roles across several sectors. Some workers are employed at multiple companies, bringing in several salaries each month. The tactic is facilitated by someone based in the U.S. who runs a laptop farm where workers' laptops are sent. Remote technology is installed on the laptops, allowing the North Koreans to log in and conduct their work from China or Russia.

Workers typically asked for their work laptops to be sent to different addresses than those listed on their resumes, raising the suspicions of companies. Mandiant said it found evidence that the laptops at these farms are connected to a "keyboard video mouse" device or multiple remote management tools including LogMeIn, GoToMeeting, Chrome Remote Desktop, AnyDesk, TeamViewer and others. "Feedback from team members and managers who spoke with Mandiant during investigations consistently highlighted behavior patterns, such as reluctance to engage in video communication and below-average work quality exhibited by the DPRK IT worker remotely operating the laptops," Mandiant reported.

In several incident response engagements, Mandiant found the workers used the same resumes that had links to fabricated software engineer profiles hosted on Netlify, a platform often used for quickly creating and deploying websites. Many of the resumes and profiles included poor English and other clues indicating the actor was not based in the U.S. One characteristic repeatedly seen was the use of U.S-based addresses accompanied by education credentials from universities outside of North America, frequently in countries such as Singapore, Japan or Hong Kong. Companies, according to Mandiant, typically don't verify credentials from universities overseas. Further reading: How Not To Hire a North Korean IT Spy

An anonymous reader quotes a report from Ars Technica: California Gov. Gavin Newsom vetoed a bill that would have required makers of web browsers and mobile operating systems to let consumers send opt-out preference signals that could limit businesses' use of personal information. The bill approved by the State Legislature last month would have required an opt-out signal "that communicates the consumer's choice to opt out of the sale and sharing of the consumer's personal information or to limit the use of the consumer's sensitive personal information." It would have made it illegal for a business to offer a web browser or mobile operating system without a setting that lets consumers "send an opt-out preference signal to businesses with which the consumer interacts."

In a veto message (PDF) sent to the Legislature Friday, Newsom said he would not sign the bill. Newsom wrote that he shares the "desire to enhance consumer privacy," noting that he previously signed a bill "requir[ing] the California Privacy Protection Agency to establish an accessible deletion mechanism allowing consumers to request that data brokers delete all of their personal information." But Newsom said he is opposed to the new bill's mandate on operating systems. "I am concerned, however, about placing a mandate on operating system (OS) developers at this time," the governor wrote. "No major mobile OS incorporates an option for an opt-out signal. By contrast, most Internet browsers either include such an option or, if users choose, they can download a plug-in with the same functionality. To ensure the ongoing usability of mobile devices, it's best if design questions are first addressed by developers, rather than by regulators. For this reason, I cannot sign this bill." Vetoes can be overridden with a two-thirds vote in each chamber. The bill was approved 59-12 in the Assembly and 31-7 in the Senate. But the State Legislature hasn't overridden a veto in decades. "It's troubling the power that companies such as Google appear to have over the governor's office," said Justin Kloczko, tech and privacy advocate for Consumer Watchdog, a nonprofit group in California. "What the governor didn't mention is that Google Chrome, Apple Safari and Microsoft Edge don't offer a global opt-out and they make up for nearly 90 percent of the browser market share. That's what matters. And people don't want to install plug-ins. Safari, which is the default browsers on iPhones, doesn't even accept a plug-in."

First released on July 11th, the Firefox-based Zen browser is "taking a different approach to the user interface," according to the blog It's FOSS.

The Register says the project "reminds us strongly of Arc, a radical Chromium-based web browser... to modernize the standard web browser UI by revising some fundamental assumptions." [Arc] removes the URL bar from front and center, gets rid of the simple flat list of tabs, and so on. Zen is trying to do some similar things, but in a slightly more moderate way — and it's doing it on the basis of Mozilla's Firefox codebase... Instead of the tired old horizontal tab bar you'll see in both Firefox and Chrome, Zen implements its own tab bar... By default, this tab bar is narrow and just shows page icons — but there are some extra controls at the bottom of the sidebar, one of which expands the sidebar to show page titles too. For us, it worked better than Vivaldi's fancier sidebar.
The article concludes it's "a new effort to modernize web browsing by bringing tiling, workspaces, and so on — and it's blissfully free of Google code." One Reddit comment swooned over Zen's "extraordinary" implementation of a distraction-free "Compact Mode" (hiding things like the sidebar and top bar). And It's Foss described it as a "tranquil," browser, "written using CSS, C++, JavaScript, and a few other programming languages, with a community of over 30 people contributing to it." The layout of the interface felt quite clean to me; there were handy buttons on the top to control the webpage, manage extensions, and a menu with additional options... The split-view functionality allows you to open up two different tabs on the same screen, allowing for easy multitasking when working across different webpages... I split two tabs, but in my testing, I could split over 10+ tabs... If you have a larger monitor, then you are in for a treat...

The Zen Sidebar feature... can run web apps alongside any open tabs. This can be helpful in situations where you need to quickly access a service like a note-taking app, Wikipedia, Telegram, and others.

On the customization side of things, you will find that Zen Browser supports everything that Firefox does, be it the settings, adding new extensions/themes/plugins, etc.
The Register points out it's easy to give it a try. "Being based on Firefox means that as well as running existing extensions, it can connect to Mozilla's Sync service and pick up not just your bookmarks, but also your tabs from other instances."

And beyond all that, "There's just something satisfying about switching browsers every now and again..." argues the tech site Pocket-Lint: Zen Browser's vertical tabs layout is superb and feels much better than anything available in standard Firefox. [Firefox recently offered vertical tabs and a new sidebar experience in Nightly/Firefox Labs 131.] The tab bar can be set to automatically hide and show up whenever you hover near it, and it also contains quick access buttons to bookmarks, settings, and browsing history. The tab bar also contains a profile switcher...

One of the greatest parts of the Zen Browser is the community that has popped up around it. At its heart, Zen Browser is a community-driven project... Zen Browser themes are aesthetic and functional tweaks to the UI. While there aren't a ton available right now, the ones that are show a lot of promise for the browser's future... I've personally gotten great use out of the Super URL Bar theme, which makes your URL bar expand and become the focus of your screen while typing in it... There's a lot you can do to make Zen Browser feel nearly exactly like what you want it to feel like.
The "Business Standard calls it "an open-source alternative to Chromium-based browsers," adding "Where Zen truly shines is it offers a range of customisation, tab management, and workspace management..." Their theme store offers a range of options, including modifications to the bookmark toolbar, a floating URL bar, private mode theming, and removal of browser padding. In addition to these, users can also choose from custom colour schemes and built-in theming options... The Sidebar is another neat feature which allows you to open tabs in a smaller, smartphone-sized window. You can view websites in mobile layout by using this panel.
It's "focused on being always at the latest version of Firefox," according to its official site, noting that Firefox is known for its security features. But then, "We also have additional security features like https only built into Zen Browser to help keep you safe online." And it also promises automated Releases "to ensure security."

It's FOSS adds that you can get Zen Browser for Linux, Windows, and macOS from its official website (adding "They also offer it on the Flathub store for further accessibility on Linux.")

And its source code is available on GitHub.