Apple, Google, Mozilla, and Microsoft Team Up to Improve Browser Extensions

Stephen Shankland, reporting for CNET:

The teams behind the Google Chrome, Apple Safari, Mozilla Firefox and Microsoft Edge browsers have banded together to improve extensions, the add-ons you can download to customize the software. That should mean your extensions will work better and come with a better security foundation to protect you from malware.

On Friday, the teams unveiled a discussion and development forum at the World Wide Web Consortium, or W3C, dedicated to developing standards for extensions. The forum, the WebExtensions Community Group, gives engineers a place to build a unified and more secure core foundation for extensions.

At WWDC 2020, Apple introduced the WebExtension API for Safari on macOS Big Sur — an effort to enable cross-platform browser extensions. However, I’m yet to see a change in the Safari extensions ecosystem because of that. Here’s hoping this new WebExtensions Community Group brings about a change.

June 5, 2021 ✚ Permalink

Chrome Will Start Labeling All HTTP Websites as ‘Not Secure’ Starting July 2018

Emily Schechter, Chrome Security Product Manager writing on the Chromium Blog:

For the past several years, we’ve moved toward a more secure web by strongly advocating that sites adopt HTTPS encryption. And within the last year, we’ve also helped users understand that HTTP sites are not secure by gradually marking a larger subset of HTTP pages as “not secure”. Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as “not secure”.

This is fantastic, and I whole-heartedly welcome this move.

If you have a website, there’s no real reason why you’re still not using https. Services like Let’s Encrypt make it super easy to do so, and if your host doesn’t support them (or any alternative) yet, it’s time to move.

At the very least, go sign up for CloudFlare and start using the Free SSL option.

February 9, 2018 ✚ Permalink