June 26, 2013
For some time now, Google has published its Transparency Report, which gives a high-level overview of how Google relates to events in the world at large. The report has historically included several sections:
- Traffic to Google services (current and historical, highlighting disruptions)
- Information removal requests (by copyright holders and governments)
- Requests for user data (by governments)
This information can be interesting in light of current events. For example, at this writing, Google reports ongoing disruptions to their services in Pakistan, China, Morocco, Tajikistan,Turkey, and Iran.
Now, according to a post on the Official Google Blog, a new section will be added to the Transparency Report. The report is an outgrowth of work begun in 2006 with Google’s Safe Browsing Initiative.
So today we’re launching a new section on our Transparency Report that will shed more light on the sources of malware and phishing attacks. You can now learn how many people see Safe Browsing warnings each week, where malicious sites are hosted around the world, how quickly websites become reinfected after their owners clean malware from their sites, and other tidbits we’ve surfaced.
Google says that they flag about 10,000 sites per day for potentially malicious content. Many of there are legitimate sites that have been compromised in some way. The “Safe Browsing” section of the Transparency Report shows the number of unsafe sites detected per week, as well as the average time required to fix them.
Google, because its search engine “crawlers” cover so much of the Web, has an overview of what’s out there that few organizations can match. I think they are to be commended for making this information available.
June 26, 2013
Mozilla has released a new version, 17.0.7, of its Thunderbird E-mail client, for Windows, Linux, and Mac OS X. This release includes fixes for eight identified security vulnerabilities, four of which Mozilla rates as Critical. The Release Notes don’t really have much else to say.
Because of the security content of this release, I recommend that you update your systems as soon as you conveniently can. You can get the new version via the built-in update mechanism, or you can download a complete installation package here.
June 25, 2013
Today the Mozilla organization released a new version, 22.0, of its Firefox browser for Linux, Windows, and Mac OS X. The new version includes some new features:
- HTML5 audio/video playback rate can now be changed
- Social services management implemented in Add-ons Manager
- The WebRTC communications API is now enabled by default
There are also several miscellaneous improvements, and fixes for 14 identified security vulnerabilities, four of which Mozilla categorizes as Critical. Further information is available in the Release Notes.
Because of its security content, I recommend that you update your Firefox installations as soon as you conveniently can. You can obtain the new version via the built-in update mechanism, or you can download a complete installation package, in your choice of language(s).
Update Tuesday, 25 June, 16:25 EDT
This blog post on the Mozilla Blog explains some of the new features in more detail.
June 18, 2013
A few hours ago, I posted a note about the release of version 28.0.1500.45 of Google’s Chrome for the Linux platform. Now the rest of the conventional PC world has been updated, too, with the Release Announcement for version 27.0.1453.116, for Windows, Mac OS X, and Chrome Frame.
This release incorporates fixes for a “click-jacking” vulnerability with the Flash plugin, and some other unspecified security issues. It also fixes some other user interface bugs; more detail is available in the Release Announcement. Although the identified security issue is not too serious (Google rates it as Medium severity), it’s probably a good idea to get the update, which you can do using the built-in update mechanism.
I confess that I am no more enlightened than before about why this update is different from the Linux update; I have no further information on what is actually in the Linux update.
June 18, 2013
Google has released a new stable version, 28.0.1500.45, of its Chrome browser for Linux. The Release Announcement, which is quite terse, makes no mention of other platforms; nor is there any indication of what changes are included in this version. My guess is that we will see a similar release for Windows and Mac OS X shortly; I’ll post a follow-up note if I learn anything more.
Google does say that the minimum supported release level for Linux has been updated to:
- Ubuntu 12.04+
- Debian 7+
- OpenSuSE 12.2+
- Fedora Linux 17+
This doesn’t necessarily mean that this and future releases will not work with older Linux versions, just that they may not; if they don’t, Google won’t fix it.
As usual, Linux users should check their distributions’ package repositories to get the new version.