Google’s new ChromeOS 128 update introduces a feature similar to Windows 11’s Snap layouts. Called Snap Groups, the feature enables users to organize on-screen apps in various fullscreen layouts. “When you pair two windows for split-screen display, ChromeOS now forms a Snap group,” explains the ChromeOS team. “As a Snap group, you can bring the windows back into focus together, resize them simultaneously, and move them both as a group.”

Other notable features of ChromeOS 128 include Optical Character Recognition (OCR), ChromeVox support for the Magnifier tool, isolated web apps (IWA), and improved settings for the camera and microphone on Chromebook devices.

You can view the release notes on the support document here.

Read more of this story at Slashdot.

Google is introducing the Gemini AI chatbot to Chromebook Plus models, enhancing features like text rewriting, image editing, and hands-free control. Here are a few of the top new features coming to ChromeOS, as summarized by Wired: The first notable feature is Help Me Write, which works in any text box. Select text in any text box and right-click — you’ll see a box next to the standard right-click context menu. You can ask Google’s AI to rewrite the selected text, rephrase it in a specific way, or change the tone. I tried to use it on a few sentences in this story but did not like any of the suggestions it gave me, so your mileage may vary. Or maybe I’m a better writer than Google’s AI. Who knows?

Google’s bringing the same generative AI wallpaper system you’ll find in Android to ChromeOS. You can access this feature in ChromeOS’s wallpaper settings and generate images based on specific parameters. Weirdly, you can create these when you’re in a video-calling app too. You’ll see a menu option next to the system tray whenever the microphone and video camera are being accessed — tap on it and click “Create with AI” and you can generate an image for your video call’s background. I’m not sure why I’d want a background of a “surreal bicycle made of flowers in pink and purple,” but there you go. AI!

Here’s something a little more useful: Magic Editor in Google Photos. Yep, the same feature that debuted in Google’s Pixel 8 smartphones is now available on Chromebook Plus laptops. In the Google Photos app, you can press Edit on a photo and you’ll see the option for Magic Editor. (You’ll need to download more editing tools to get started.) This feature lets you erase unwanted objects in your photos, move a subject to another area of the frame, and fill in the backgrounds of photos. I successfully erased a paint can in the background of a photo of my dog, and it worked pretty quickly.

Then there’s Gemini. It’s available as a stand-alone app, and you can ask it to do pretty much anything. Write a cover letter, break down complex topics, ask for travel tips for a specific country. Just, you know, double-check the results and make sure there aren’t any hallucinations. If you want to tap into Google’s Gemini Advanced model, the company says it is offering 12 months free for new Chromebook Plus owners through the end of the year, so you have some time to redeem that offer. This is technically an upgrade from Google One, and it nets you Gemini for Workspace, 2 terabytes of storage, and a few other perks. New features coming to all Chromebooks include easy setup with Android phones via QR code for sharing Wi-Fi credentials, integration of Google Tasks into the system tray, a Game Dashboard for mapping controls and recording gameplay as GIFs, and a built-in screen recorder tool. Upcoming enhancements also include Hands-Free Control using face gestures, the Help Me Read feature with Gemini for summarizing websites and PDFs, and an Overview screen to manage open browser windows, tabs, and apps.

You can check if your Chromebook is compatible with the Chromebook Plus OS update here.

Read more of this story at Slashdot.

Google is delaying the end of third-party cookies in Chrome — again. This marks the third time Google pushed back its original deadline set in January 2020, when the company said it would phase out third-party cookies “within two years” to improve internet security. Digiday reports: The announcement was made on Tuesday ahead of quarterly reports from Google and the ever-watchful U.K. Competition and Markets Authority (CMA), keeping tabs on how this whole situation unfolds.

“We recognize that there are ongoing challenges related to reconciling divergent feedback from the industry, regulators and developers, and will continue to engage closely with the entire ecosystem,” according to a statement Google posted on its website for the Privacy Sandbox. “It’s also critical that the CMA has sufficient time to review all evidence including results from industry tests, which the CMA has asked market participants to provide by the end of June. Given both of these significant considerations, we will not complete third-party cookie deprecation during the second half of Q4.”

Google did not outline a more specific timetable beyond hoping for 2025. […] “We remain committed to engaging closely with the CMA and ICO and we hope to conclude that process this year,” Google’s statement read. “Assuming we can reach an agreement, we envision proceeding with third-party cookie deprecation starting early next year.” “We welcome Google’s announcement clarifying the timing of third-party cookie deprecation. This will allow time to assess the results of industry tests and resolve remaining issues,” said a spokesperson from the CMA. “Under the commitments, Google has agreed to resolve our remaining competition concerns before going ahead with third-party cookie deprecation. Working closely with the ICO we expect to conclude this process by the end of 2024.”

At the start of the year, Google started purging third-party cookies for one percent of browser traffic.

Read more of this story at Slashdot.

Google has formally discontinued its efforts to bring the full Chrome browser experience to its Fuchsia operating system. 9to5Google reports: In 2021, we reported that the Chromium team had begun an effort to get the full Chrome/Chromium browser running on Google’s in-house Fuchsia operating system. Months later, in early 2022, we were even able to record a video of the progress, demonstrating that Chromium (the open-source-only variant of Chrome) could work relatively well on a Fuchsia-powered device. This was far from the first time that the Chromium project had been involved with Fuchsia. Google’s full lineup of Nest Hub smart displays is currently powered by Fuchsia under the hood, and those displays have limited web browsing capabilities through an embedded version of the browser.

In contrast to that minimal experience, Google was seemingly working to bring the full might of Chrome to Fuchsia. To observers, this was yet another signal that Google intended for Fuchsia to grow beyond the smart home and serve as a full desktop operating system. After all, what good is a laptop or desktop without a web browser? Fans of the Fuchsia project have anticipated its eventual expansion to desktop since Fuchsia was first shown to run on Google’s Pixelbook hardware. However, in the intervening time — a period that also saw significant layoffs in the Fuchsia division — it seems that Google has since shifted Fuchsia in a different direction. The clearest evidence of that move comes from a Chromium code change (and related bug tracker post) published last month declaring that the “Chrome browser on fuchsia won’t be maintained.”

Read more of this story at Slashdot.

“Earlier this week, Google released an emergency security update for the Chrome browser due to a vulnerability that is being actively exploited in the wild,” reports Hot Hardware:

On Friday, Google highlighted CVE-2023-2033, reported by Clément Lecigne of Google’s own Threat Analysis Group (TAG). This vulnerability is a ‘type confusion’ bug in the JavaScript engine for Chromium browsers useing the V8 Javascript engine. In short, type confusion is a bug that allows memory to be accessed with the wrong type, allowing for the reading or writing of memory out of bounds. The CVE page says that an attacker could create an HTML page that allows the exploitation of heap corruption.

While there is no Common Vulnerability Scoring System (CVSS) score attached to the vulnerability yet, Google is tracking this as a “high” severity issue. This is likely due in part to the fact that “Google is aware that an exploit for CVE-2023-2033 exists in the wild.”
The article notes that Chrome updates are generally done automatically, but you can also check for updates by clicking Chrome’s three-dots menu in the top-right corner, then “Help” and “About Chrome.”

Read more of this story at Slashdot.

Bleeping Computer warned this week about compromised web sites “that display fake Google Chrome automatic update errors that distribute malware to unaware visitors.”
The campaign has been underway since November 2022, and according to NTT’s security analyst Rintaro Koike, it shifted up a gear after February 2023, expanding its targeting scope to cover users who speak Japanese, Korean, and Spanish. BleepingComputer has found numerous sites hacked in this malware distribution campaign, including adult sites, blogs, news sites, and online stores…

If a targeted visitor browses the site, the scripts will display a fake Google Chrome error screen stating that an automatic update that is required to continue browsing the site failed to install. “An error occurred in Chrome automatic update. Please install the update package manually later, or wait for the next automatic update,” reads the fake Chrome error message. The scripts will then automatically download a ZIP file called ‘release.zip’ that is disguised as a Chrome update the user should install.

However, this ZIP file contains a Monero miner that will utilize the device’s CPU resources to mine cryptocurrency for the threat actors. Upon launch, the malware copies itself to C:Program FilesGoogleChrome as “updater.exe” and then launches a legitimate executable to perform process injection and run straight from memory. According to VirusTotal, the malware uses the “BYOVD” (bring your own vulnerable driver) technique to exploit a vulnerability in the legitimate WinRing0x64.sys to gain SYSTEM privileges on the device.

The miner persists by adding scheduled tasks and performing Registry modifications while excluding itself from Windows Defender. Additionally, it stops Windows Update and disrupts the communication of security products with their servers by modifying the IP addresses of the latter in the HOSTS file. This hinders updates and threat detection and may even disable an AV altogether.

Read more of this story at Slashdot.

Google today promoted the Chrome 112 web browser to their stable channel on all supported platforms. Phoronix reports: Starting as an origin trial with Chrome 112 is WebAssembly (WASM) Garbage Collection support. Yes, garbage collection to allow for efficient support for high-level managed languages with WebAssembly. This trial support allows for compilers targeting WASM to integrate with a garbage collector in the host VM. Also on the WebAssembly front with today’s Chrome browser update is making WebAssembly tail call support available out of the box. This adds explicit tail call and indirect tail call opcodes. This support is useful for correct/efficient implementations of languages that require tail call elimination, compilation of control constructs that can be implemented with it, and other computations being expressed as WASM functions.

Meanwhile by default in Chrome 112 is now CSS nesting support as the ability to nest CSS style rules inside other style rules for increasing modularity and maintainability of style sheets. Chrome 112 also adds support for the CSS animation-composition property. Behind a developer flag is also the background-blur feature that allows using a native platform’s API for camera background segmentation. This is intended for use with web-based video conferencing applications running within the web browser to make use of native platform APIs. A full list of changes is available on the Chrome Releases blog.

Read more of this story at Slashdot.

Following yesterday’s article about Google Chrome preparing to deprecate the JPEG-XL image format, a Google engineer has now provided their reasons for dropping this next-generation image format. Phoronix reports: As noted yesterday, a patch is pending for the Google Chrome/Chromium browser to deprecate the still-experimental (behind a feature flag) JPEG-XL image format support from their web browser. The patch marks Chrome 110 and later as deprecating JPEG-XL image support. No reasoning was provided for this deprecation, which is odd considering JPEG-XL is still very young in its lifecycle and has been receiving growing industry interest and support.

Now this evening is a comment from a Google engineer on the Chromium JPEG-XL issue tracker with their expressed reasons: “Thank you everyone for your comments and feedback regarding JPEG XL. We will be removing the JPEG XL code and flag from Chromium for the following reasons:

– Experimental flags and code should not remain indefinitely
– There is not enough interest from the entire ecosystem to continue experimenting with JPEG XL
– The new image format does not bring sufficient incremental benefits over existing formats to warrant enabling it by default
– By removing the flag and the code in M110, it reduces the maintenance burden and allows us to focus on improving existing formats in Chrome”

Read more of this story at Slashdot.

In an upcoming update, Chromebooks equipped with mobile data will be able to serve as a Wi-Fi hotspot for other devices, just like Android and iOS devices can today. 9to5Google reports: The work-in-progress feature has made its first appearance in ChromeOS code in the form of a new flag coming to chrome://flags. The details are quite slim at the moment, with little more than the flag description available today. That said, it’s easy to imagine how a mobile hotspot would work on ChromeOS, based on how the same feature works on Android phones today.

Presumably, you would be able to choose the name and password for your Chromebook’s hotspot through the Settings app in ChromeOS, where you can also toggle the hotspot on and off. If it truly follows the example of Android, there would also be an easy way to turn on your hotspot through a Quick Settings toggle.

Read more of this story at Slashdot.

Hot Hardware warns that on Tuesday, the Stable Channel for Chrome’s desktop edition “had an update on April 26, 2022. That update includes 30 security fixes, some of them so bad that Google is urging all users to update immediately.”

The release notes for Google’s Chrome v101.0.4951.41 for Windows, Mac, and Linux has a long list of bug fixes; you can view it here. However, there’s also a key statement in that page.
“Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed….”

Effectively the the non-developer translation of the quote above is that something so significant was found, the details are being kept hidden.

Read more of this story at Slashdot.