Chrome remains king.
With almost 70% of the world’s browser user share — a measure of browser activity calculated by analytics company Net Applications — Google’s Chrome has led the rankings for more than four years. Rivals, from Microsoft’s Edge to Mozilla’s Firefox, survive on single-digit shares that pose no threat to Chrome.
So, it’s no surprise that Chrome’s changes have an outsized impact. Attention is paid to Google’s plans by everyone from individual users and IT admins to competitors and open-source allies.
Each Chrome upgrade is accompanied by enterprise-centric release notes that highlight some of the additions, deletions, enhancements and modifications slated for the future. We’ve collected the most important for this refresh of Computerworld‘s latest what’s-coming round-up.
Nothing is guaranteed, of course, least of all software features or functionalities. As Google says: “They might be changed, delayed, or canceled before launching to the Stable channel.”
Chrome 88: Experiment with a new permission ‘chip’
Google will seed Chrome 88 — set to release Jan. 19, 2021 — with a new permissions request that the firm called a “chip” to differentiate it from the usual pop-up prompt.
Actually, a small UI element at the left end of the address bar — next to the padlock icon — the chip is less intrusive, Google asserted. (When Computerworld enabled the chip, for example, it appeared as a blue oval enclosing the words “Use your location?” After a few moments, the oval shrunk to a small blue circle. Clicking on the chip displayed the usual location request pop-up.)
“Since the prompt doesn’t intrude in the content area, users who don’t want to grant the permission no longer need to actively dismiss the prompt,” Google said after arguing that many users immediately dismiss such permission requests simply to clear the screen.
Users of the current Chrome 87 can see the chip in action by typing chrome://flags, searching for #permission-chip, changing the field at the right to “Enabled” and relaunching the browser.
GoogleSome users will see the new permissions ‘chip’ — that’s the blue oval at the left of the address bar — as a replacement for intrusive pop-up requests from websites.
Chrome 88: Adios to Yosemite
Google will pull support for Chrome on Apple’s 2014 Yosemite, aka OS X 10.10, with the debut of version 88. Don’t be surprised: Apple stopped serving Yosemite-powered Macs with security updates in the second half of 2017.
Chrome 88 on the Mac will require OS X 10.11, better known as El Capitan, or later.
Chrome 88: Kill Legacy Browser add-on
Google has already unpublished the Legacy Browser Support (LBS) add-on from the Chrome Web Store, but when version 88 arrives in January, the company will disable all installed instances of the extension.
LBS, now baked into Chrome, was designed so IT admins could deploy Google’s browser but still call up Microsoft’s Internet Explorer (IE) to render intranet sites or written-for-IE apps. The add-on debuted in 2013, when Chrome’s share of 18% lagged far behind IE’s still-dominant 58%.
Information for enterprise administrators on using the integrated LBS can be found here.
Chrome 88: Search for tabs
Chrome 88 will let users search open tabs by clicking on the symbol to the right of the “+” in the tab bar, then entering a search string. These searches will be conducted not just among the tabs in the active Chrome window but of all Chrome windows.
Chrome 88: Mess with the URL
Google will continue to roll out a truncated URL in the address bar of Chrome 88. “This change has been enabled for some users, with a full rollout planned for an upcoming release,” Google said.
Under the scheme, a full URL like https://google-secure.example.com/secure-google-sign-in/ would show only as the registrable domain, example.com.
Google argues that the move is designed “to protect your users from some common phishing strategies,” such as when criminals try to trick potential victims into clicking on links that at first glance look legitimate, but are actually meant to mislead. “This change makes it more difficult for malicious actors to trick users with misleading URLs,” Google said.
Google has tried to shorten what shows in the Chrome address bar before. At several points in the past — most recently, in 2018 with Chrome 69 and Chrome 70 — Google contended that stripping out parts of a URL, say the www, was a worthwhile move. Critics have blasted such proposals, saying it eliminates cues users rely on to sniff out deceptive sites.
Some users saw this functionality as early as October’s Chrome 86.
Chrome 89: Won’t work on really, really old PCs
“Chrome 89 and above will require x86 processors with SSE3 support,” Google wrote. “Chrome will not install and run on x86 processors that do not support SSE3.”
SSE3, which stands for “Streaming SIMD Extensions 3,” was one of several — the third, in fact — add-ons to the x86 instruction set used by Intel (and later, AMD) processors. Intel introduced SSE3 to its Pentium 4 processor in early 2004, while AMD did the same a year later in their Athlon 64 CPUs.
Although there are likely few pre-2004 PCs still in operation —George W. Bush (remember him?) was in his first term — there are always exceptions.
The restriction does not apply to Chrome running on ARM silicon.
Chrome 90: We’ll have a root cellar too
At the beginning of November, Google said it would soon switch from relying on the operating system’s built-in certificate verification to its own implementation for Chrome on all the browser’s supported platforms (minus iOS).
Creating and maintaining its own certificate “root store,” Google said, would “ensure users have a consistent experience across platforms, that developers have a consistent understanding of Chrome’s behavior, and that Chrome will be better able to protect the security and privacy of users’ connections to websites.”
The transition to a Chrome root store could come as soon as version 90, which should launch around March 2.
Chrome wouldn’t be the first to take this tack. Mozilla’s Firefox has long used its own certificate root store, in part because that “gives us the ability to set policies, determine which CAs [certificate authorities] meet them, and to take action when a CA fails to do so.” (Mozilla’s not fooling; it’s invalidated certificates before as punishment for going rogue.)
The change will likely impact enterprise most of all, as some businesses prefer to add their own root certificates to their devices, a task easier to do through the operating system’s root store. Google defended the decision, countering with: “We do not anticipate any changes to be required for how enterprises currently manage their fleet and trusted enterprise CAs.”
