snydeq writes "Microsoft followed up its Windows Azure unveiling by announcing that it will deliver lightweight versions of Word, Excel, PowerPoint, and OneNote through the browser, a la Google Apps. Surprisingly, Office Web applications will run in Firefox and Safari, not just Internet Explorer. Far less shocking: You won't get Office Web apps free and clear as you do Google apps. The apps are meant to be an extension to locally installed instances of the next version of Microsoft Office, the same way Outlook Web Access provides access to mail without the fat Outlook client."

holy_calamity writes "After launching in a blaze of publicity that even warmed Slashdot, Google's browser grabbed a 3% share of the market, but has been slipping ever since, and now accounts for 1.5%. Google has also stopped promoting the browser on its search page. Assuming they wanted it to grab a significant share of the browser market, have they dropped the ball, or is this part of the plan?" On Slashdot, Chrome is still the #4 browser (after FF, IE, and Safari) but it was ahead of Safari for a few days, hitting almost 10% of our traffic.

Shipment Date writes "ZDNet's Zero Day blog has some new information on what looks like a scary new browser exploit/threat affecting all the major desktop platforms — Microsoft Internet Explorer, Mozilla Firefox, Apple Safari, Opera and Adobe Flash. The threat, called Clickjacking, was to be discussed at the OWASP conference but was nixed at the last minute at hte request of affected vendors. From the article: 'In a nutshell, it's when you visit a malicious website and the attacker is able to take control of the links that your browser visits. The problem affects all of the different browsers except something like lynx. The issue has nothing to do with JavaScript so turning JavaScript off in your browser will not help you.'"

Ars Technica has published an article about Mozilla's commitment to use the Gecko rendering engine instead of using Webkit, which was adopted by Apple and Google for use in the Safari and Chrome browsers. I have been using Chrome on my work PC and find many of its features compelling, and wonder how soon we will see its best innovations in Firefox. Why is Gecko worth keeping if it is outdated and bloated?

dotne writes "Microsoft has submitted Embedded OpenType (EOT) to W3C and a slimy campaign for EOT has been launched. EOT is a DRM layer on top of normal TrueType/Opentype files; EOT ties a font file to a certain web page or site and prevents reuse by other pages/sites. Microsoft's IE has supported EOT for years, but it has largely been ignored due to the clumsiness of having to regenerate font files when a page changes. Now that other browsers are moving to support normal TrueType and OpenType on the web (Safari, Opera, Mozilla, Prince), W3C is faced with a question: should they bless Microsoft's EOT for use on the web? Or, should they encourage normal font files on the web and help break Microsoft's forgotten monopoly?"

bucketoftruth writes "If you browse to the Democratic Convention website and attempt to check out any of their upcoming streams, you bump into the following limitation: 'We're sorry, but the Democratic Convention video web site isn't compatible with your operating system and/or browser. Please try again on a computer with the following Compatible operating systems: Windows XP SP2, Windows Vista, or a Mac with Tiger (OS 10.4) or Leopard (OS 10.5). Compatible browsers: Internet Explorer (version 6 or later), Firefox (version 2), or, if you are on a Mac, Safari (version 3.1) also works.'"

PhilDEE writes "Microsoft is in the process of applying for two patents for a private browsing mode in their next version of Internet Explorer — a feature already present in Safari, among other browsers."

bullyBEEF writes "Malicious hackers are using booby-trapped Flash banner ads to hijack clipboards for use in rogue security software attacks. In the Web attacks, which affect Mac, Windows, and Linux users running Firefox, IE, and Safari, bad guys are seizing control of the machine's clipboard (probably using the Flash command setClipboard) and inserting a hard-to-delete URL that points to a fake anti-virus program. A number of legitimate sites have been seen to host ads carrying the attack — including Newsweek, Digg, and MSNBC.com. Researcher Aviv Raff offers a harmless demo of how it's done."

stoolpigeon writes "Cascading Style Sheets are now the dominant method used to format web pages. Even something as simple as modifying a WordPress blog can involve digging around a bit in CSS. A quick search at Amazon on CSS returns over 7 thousand books in the computer category alone. This book claims to be the ultimate, though, and that made me approach it with a bit of skepticism. Sure, it could be a decent reference, but is it truly the ultimate reference? I admit I was curious to see." Read on for the rest of JR's review.

An anonymous reader points out an interview with Mozilla's "evangelist," Christopher Blizzard, regarding the future of Firefox and how it affects other browsers. It's an Austrian site, so forgive the comma abuse. From derStandard: "It's sort of interesting though, part of our strategy is to make sure, that we continue making change and the indirect effect of this is that Microsoft continues to have to do releases, because if we get so far ahead that we're able to drive the platform they are not able to keep up and keep their users. I mean, we have this joke which says 'Internet Explorer 7 is the best release we ever did,' because they would not have done it, if we would have not built Firefox. And the same is true for Apple, they are doing a lot to keep up with us. Safari 3.1 is a good example, as far as we see it, the only reason they did this release was that Firefox 3 would come out and have Javascript speed which would be twice as fast as theirs, cause that's how it was before. So by pushing other people to make releases we can go on our mission to make sure the web stays healthy."

alphadogg writes "A new generation of mobile Web browsers is finally making the Web a reality on handheld devices. The latest example is last week's beta launch of Opera Mobile 9.5, a native Web browser for high-end smartphones. It's an evolutionary release for the Norwegian software company, but it comes just days after Apple's iPhone 3G, with its highly capable Safari browser, went on sale. Other brand-new entrants, such as Mobile Firefox and Skyfire, are expected later this year, at least in beta form. But the evolving mobile browsers are only one part of the picture. Mobile browsing is affected by the client hardware, ranging from the processor to the kind of wireless network being used, all of which have improved markedly. It's also affected by the design of Web sites being targeted, and there's new attention being focused on optimizing these sites for mobile users."

An anonymous reader writes "Firefox 3.0.1 was released today. It fixes 3 security vulnerabilities, including a critical issue reported by Billy Rios, Ben Turner, and Dan Veditz. The issue could be combined with an issue in Apple's Safari browser to read data from the user's disk or to execute arbitrary code. This issue was previously discussed on Slashdot. The release also fixes a remote code execution bug involving the CSS reference counter, reported by the Zero-Day Initiative (previously discussed on Slashdot here), as well as a Mac-only potential code execution bug involving GIF image rendering, reported by Drew Yao of Apple Product Security."

lamaditx writes "There is a good chance that you have heard about "Web 2.0" — the buzz-word coined by Tim O'Reilly in 2005. You will find several reviews of books about this topic on Slashdot. These cover mainly technical aspects of implementation whereas this book introduces the strategical thinking behind the whole Web 2.0 movement... Web 2.0 is so much more than the technology.' The table of contents is available from O'Reilly, together with a chapter preview. The book does not come with any extras but includes the usual free 45 days access to the book on Safari. When reading a book I usually flip through it quickly to get an impression for it, in this case there are three things which I noted right away." Keep reading for the rest of Adrian's review.

Reader Alex links to news of a study comparing the currency and patch level of various Web browsers, excerpting: "Firefox users were far and away the most likely to use the latest version, with an overwhelming 83.3 percent running an updated browser on any given day. However, despite Firefox's single click integrate auto-update functionality, 16.7 percent of Firefox users still continue to access the Web with an outdated version of the browser, researchers said. The study also revealed that the majority of Safari users (65.3) percent were likely to use the latest version of the browser between December 2007 and June 2008, after Safari version 3 became available. Meanwhile, Microsoft's Internet Explorer users ranked last in terms of safe browsing. Between January 2007 and June 2008, less than half of IE users — 47.6 percent — were running the most secure browser version during the same time period."

An anonymous reader writes "The author developed a program to snapshot memory usage per process every 3 seconds on Windows. Using this he recorded 3 hours of memory usage for five different browsers under real-world usage scenarios: Safari 3.1, Firefox 3, Flock 1.2 (a browser based on Firefox 2), Opera 9.5, and Internet Explorer 8. A million data points indicate that Firefox 3 has a surprising advantage over the other browsers tested. These are real-world tests and not contrived benchmarks."

eXchange writes "Well-known hacker Dino Dai Zovi has written an article at ZDNet discussing last week's discovery of a critical threat to Mac OS X, and another announcement of a Trojan horse exploiting this discovery. He suggests that Snow Leopard, or Mac OS X 10.6, should integrate more robust means of preventing malware attacks. Some of the suggestions he has include mandatory code-signing for kernel extensions (so only certified kernel extensions can run), sandbox policies for Safari, Mail, and third-party applications (so these applications cannot do anything to the system), and some lower-level changes, such as hardware-enforced Non-eXecutable memory and address space layout randomization."

SecureThroughObscure writes "Just a short time after Apple's recent acknowledgment of and patch for the Safari Carpet Bomb 'blended' IE flaw, Microsoft researcher Billy Rios shows that Safari is still useful in a blended attack, this time with Firefox 2/3. (ZDNet's Nate McFeters also spread the word.) Rios claimed that he is able to use Carpet Bomb, despite the recent patch, to steal arbitrary files from victims who also have Firefox 2/3 installed. Both Rios and McFeters pointed out that Apple, which took some heat for not originally patching, actually did a good job of addressing the issue, as the code execution angle was not originally understood (the details came out later). Rios is withholding details of the new attack vector until Apple has had time to patch or respond to this issue."

jsuda writes "At least a half-dozen times in the book 'Foundations of Mac OS X Leopard Security' the authors state that there is a misconception that the Macintosh computer is immune from security problems. That allegation may explain why there are very few books published (and nearly none in recent years) about security for the Mac. This book is meant to change all that. The authors acknowledge that the Mac OS X software has had little of the security problem experience of Windows (and other operating systems, to a lesser extent) but they spend 455 pages detailing exactly where and how the Macintosh platform is (or may be) vulnerable." Read below for the rest of Jsuda's review.

Titoxd writes "Apple has released a new version of Safari that fixes the carpet bomb vulnerability in Safari 3.1 for Windows. This comes in the heels of Microsoft recommending against using Safari in Windows, as well as the release of code exploiting this vulnerability."

snydeq writes "A hacker has posted attack code that exploits critical flaws in the Safari and Internet Explorer Web browsers. The source code can be used to run unauthorized software on a victim's machine, and could be used by criminals in Web-based computer attacks, security experts say. The public example of the attack code allows attackers to litter a victim's desktop with executable files, an attack known as 'carpet bombing.' In combination with bugs in Windows and Internet Explorer, attackers can run unauthorized software on a victim's computer."