DeviceGuru writes "Although IE remains the one of the top browsers on desktops, it's being trounced on tablets and smartphones by browsers based on WebKit, including Safari, the Android Browser, and Google Chrome. Faced with this uphill battle on handheld mobile devices, Microsoft MVP Bill Reiss has suggested that it might be time for Microsoft to throw in the towel on Trident and switch to WebKit (though Reiss later decided he was wrong). But although there are lots of points in favor of doing so, there are also some good reasons not to, including security and a need for healthy competition to avoid having mobile developers begin to target WebKit rather than standards."

itwbennett writes "Judge Susan Illston has said she will approve a $22.5 million settlement deal between Google and the FTC over the company's practice of circumventing privacy protections in Apple's Safari browser to place tracking cookies on user's computers. Judge Illston also expressed concern about what will happen to the tracking data Google collected, since the settlement doesn't call for Google to destroy the data."

Trailrunner7 writes "A security researcher has submitted to Oracle a patch he said took him 30 minutes to produce that would repair a zero-day vulnerability currently exposed in Java SE. He hopes his actions will spur Oracle to issue an out-of-band patch for the sandbox-escape vulnerability, rather than wait for the February 2013 Critical Patch Update as Oracle earlier said it would. Adam Gowdiak of Polish security consultancy Security Explorations reported the vulnerability to Oracle on Sept. 25, as well as proof-of-concept exploit code his team produced. The vulnerability is present in Java versions 5, 6 and 7 and would allow an attacker to remotely control an infected machine once a user landed on a malicious website hosting the exploit. Gowdiak said his proof-of-concept exploit was successfully used against a fully patched Windows 7 machine using Firefox 15.0.1, Chrome 21, IE 9, Opera 12, and Safari 5.1.7."

An anonymous reader writes "cHTeMeLe is a board game about writing HTML5 code. In cHTeMeLe, players endorse their favorite web browser (Firefox, Safari, Chrome, Opera, or IE) and then score points by correctly laying out HTML tags, while also trying to bug or crash their opponents' code. From the article: 'Despite cHTeMeLe's technical theme, its developers claim you don't need any web programming experience to play. The game takes web design standards and boils them down into game rules that even children can learn. To help less technical players keep everything straight, the tag cards use syntax highlighting that different parts of code have unique colors — just like an Integrated Developer Environment. No one is going to completely pick up HTML5 purely by playing cHTeMeLe, but it does have some educational value for understanding basic tags and how they fit together.'"

jcatcw writes "Just as Oracle is ramping up for the September 30 start of JavaOne 2012 in San Francisco, researchers from the Polish firm Security Explorations disclosed yet another critical Java vulnerability that might 'spoil the taste of Larry Ellison's morning ... Java.' According to Security Explorations researcher Adam Gowdiak, who sent the email to the Full Disclosure Seclist, this Java exploit affects one billion users of Oracle Java SE software, Java 5, 6 and 7. It could be exploited by apps on Chrome, Firefox, Internet Explorer, Opera and Safari. Wow, thanks a lot Oracle."

New submitter SquarePixel writes "Microsoft is urging Safari users to switch to Bing after Google was fined $22.5 million for violating Safari privacy settings. 'Microsoft is keen to make sure that no-one forgets this, let alone Safari users, and the page summarizes the events that took place.' It tells users how Google promised not to track Safari users, but tracked them without their permission and used this data to serve them advertisement. Lastly, it tells how Google was fined $22.5 million for this and suggests users to try the more privacy oriented Bing search engine."

New submitter spac writes "AllthingsD has an interesting story about how a startup called Wajam requires users of their service to download a script that sets up a proxy to handle all network requests for the purpose of providing 'Social Recommendations' within built-in apps. The privacy implications of using this profile script isn't clearly presented to users. Are we really to entrust our data to a company founded by a man who comes from the world of browser toolbars? And for social search?!" The company rushes to counter privacy concerns by pointing out that their service has "received security certifications from TRUSTe, McAfee and Norton."

Trailrunner7 writes "Google, which has come under fire for years for its privacy practices and recently settled a privacy related case with the Federal Trade Commission that resulted in a $22.5 million fine, is building out a privacy 'red team,' a group of people charged with finding and resolving privacy risks in the company's products. The concept of a red team is one that's been used in security for decades, with small teams of experts trying to break a given software application, get into a network or circumvent a security system as part of a penetration test or a similar engagement. The idea is sometimes applied in the real world as well, in the form of people attempting to gain entry to a secure facility or other restricted area."

wiredmikey writes "The US Federal Trade Commission fined Google $22.5 million for violating the privacy of people who used rival Apple's Safari web browser even after pledging not to do so. The FTC said Google had agreed with the commission in October 2011 not to place tracking cookies on or deliver targeted ads to Safari users, but then went ahead and did so. 'For several months in 2011 and 2012, Google placed a certain advertising tracking cookie on the computers of Safari users who visited sites within Google's DoubleClick advertising network,' the FTC said in a statement. 'Google had previously told these users they would automatically be opted out of such tracking.' While Google agreed to the fine, it did NOT admit it had violated the earlier agreement."

TrueSatan writes "iOS 6 beta 4 has removed the YouTube application that existed on iOS since the first version in 2007. Apple confirmed that YouTube is gone from iOS 6. Google is apparently building its own app saying: 'Our license to include the YouTube app in iOS has ended, customers can use YouTube in the Safari browser and Google is working on a new YouTube app to be on the App Store.'"

New submitter Slashbots writes "Google will settle with the FTC for nearly $22.5 million over its bypassing of Apple's Safari browser privacy settings. It would be the largest settlement with the FTC over privacy-related charges ever. By abusing a privacy hole in Safari, Google circumvented user settings to show them advertising and track the user. 'Safari, unlike other browsers, blocks cookies from ad networks like Google's. But because of a loophole, Google had been able to avoid the block, as researchers discovered in February. It installed cookies and tracked Safari users across the Web to show them personalized ads.'"

Billly Gates writes "Tom's Hardware did another benchmark showdown, since several releases of both Firefox and Chrome came out since their last one. Did Mozilla clean up its act and listen to its users? The test results are listed here. Firefox 13.01 uses the least amount of RAM with 40 tabs opened, while Chrome uses the highest (surprisingly). Overall, Firefox scored medium for memory efficiency, which measures RAM released after tabs are closed. Also surprising: IE 9 is still king of the lowest RAM usage for just one tab. Bear in mind that these tests were benchmarked in Windows 7. Windows XP and Linux users will have different results, due to differences in memory management. It is too bad IE 10, which is almost finished, wasn't available to benchmark." Safari and Opera are also along for the fight.

An anonymous reader writes "Five years after it was first introduced, Google's Safe Browsing program continues to provide a service to the 600 million Chrome, Firefox, and Safari users, as well as those searching for content through the company's eponymous search engine. According to Google Security Team member Niels Provos, the program detects about 9,500 new malicious websites and pops up several million warnings every day to Internet users. Once a site has been cleaned up, the warning is lifted. They provide malware warnings for about 300 thousand downloads per day through their download protection service for Chrome."

First time accepted submitter Techy77 writes "Online retailer Kogan will impose a new tax on its customers that visit its website using Microsoft's outdated Internet Explorer 7 web browser, which means they will spend 6.8 percent more than customers on browsers like Firefox, Opera, Safari and Chrome. From the article: 'Kogan said his company was able to keep prices low by using technology to make its business efficient and streamlined. however its web team was having to spend a lot of time making its new website look normal on IE7. "It’s not only costing us a huge amount, it’s affecting any business with an online presence, and costing the Internet economy millions,” Mr Kogan said. “As Internet citizens, we all have a responsibility to make the Internet a better place. By taking these measures, we are doing our bit.”'"

Trailrunner7 writes "Yahoo on Wednesday launched a new browser called Axis and researchers immediately discovered that the company had mistakenly included its private signing key in the source file, a serious error that would allow an attacker to create a malicious, signed extension for a browser that the browser will then treat as authentic. The mistake was discovered on Wednesday, soon after Yahoo had launched Axis, which is both a standalone browser for mobile devices as well as an extension for Firefox, Chrome, Safari and Internet Explorer. ... Within hours of the Axis launch, a writer and hacker named Nik Cubrilovic had noticed that the source file for the Axis Chrome extension included the private PGP key that Yahoo used to sign the file. That key is what the Chrome browser would look for in order to ensure that the extension is legitimate and authentic, and so it should never be disclosed publicly."

markjhood2003 writes "Fresh on the heels of Slashdot's discussion of the lack of browser choice on mobile devices comes the announcement of Yahoo's new web browser Axis. According to VentureBeat, the browser runs on iPad and iPhone as a separate standalone browser and as an extension for Chrome, Firefox, and Safari, with support for Android and Windows Phone coming soon. It actually appears to bring some innovation to mobile search, displaying results and queries on the same page for more productive navigation between the two."

wiredmikey writes "Just released, and coming in at 370 MB in size, the Mac OS X 10.7.4 update includes general OS fixes, and addresses more than 30 security vulnerabilities. But aside from typical security fixes, Apple has made an interesting move in an effort to protect users. Through this latest software update, Safari 5.1.7 will now automatically disable older — and typically more vulnerable — versions of the Adobe Flash player. While many software vendors would prefer OS makers to keep their hands off their software, the move appears to be welcomed by Adobe, which has constantly battled vulnerabilities in its widely installed Flash Player."

suraj.sun writes "Bloomberg is reporting on Google's negotiation with the U.S. Federal Trade Commission over 'how big a fine, which could amount to more than $10 million, it will have to pay for its breach of Apple's Safari browser. The fine would be the first by the FTC for a violation of Internet privacy as the agency steps up enforcement of the Web.' Last year, Google agreed to a settlement in which the FTC would monitor Google's privacy practices for an extended period of time. 'The 20-year settlement bars Google from misrepresenting how it handles user information and requires the company to follow policies that protect consumer data in new products.' This February, Google was found to be bypassing privacy controls in Safari by making the browser think a user was submitting a form, when they actually weren't. '(The code used by Google was part of its program to place the "+1" button in advertisements.) At the time, the company issued a statement saying that the circumvention wasn't intentional, but privacy groups were still quick to file complaints with the FTC over Google's actions. That was quickly followed by a class-action lawsuit and an investigation by European regulators.'"

Barence writes with an excerpt from PC Pro: "Dropbox's latest SDK has incurred the wrath of Apple, because users who don't have the Dropbox app installed on their iPhone/iPad are instead pushed to Dropbox's website via the Safari browser. Here, they can click a link to the desktop version of the service, which allows them to buy extra Dropbox storage without Apple taking its usual 30% cut." Reportedly, Dropbox is attempting to strike a deal to resolve the problem.

An anonymous reader writes "Last month we discussed news of a controversial method Google was using to bypass Safari's privacy settings in order to enable certain features for users who were logged in to Google. Now, U.S. regulators are investigating Google's actions to see whether the search giant has violated the privacy protection agreement they signed last year that includes a clause prohibiting Google from misrepresenting how users control the collection of their data. 'The fine for violating the agreement is $16,000 per violation, per day. Because millions of people were affected, any fine could add up quickly, depending on how it is calculated. ... A group of state attorneys general, including New York's Eric Schneiderman and Connecticut's George Jepsen, are also investigating Google's circumvention of Safari's privacy settings, according to people familiar with the investigation. State attorneys general can have the ability to levy fines of up to $5,000 per violation.' European regulators are adding the Safari investigation to their review of Google's consolidated privacy policy."