Fast forward: What’s coming in future Chrome updates?

When Chrome changes, people pay attention — not only because Chrome is the world’s most popular browser, but also because its underlying technologies, and the decisions that go into making those technologies, power a host of rivals, notably Microsoft’s Edge.

Each Chrome upgrade is accompanied by enterprise-centric release notes that highlight some of the additions, deletions, enhancements, and modifications slated for the future. We’ve collected the most important for this update of Computerworld‘s latest what’s-coming round-up.

Nothing is guaranteed, as Google itself says: “They might change, be delayed, or canceled before launching to the Stable channel.” But these ongoing notes are the best forecasting source available.

Chrome 94: Shift to speedier releases

Google’s new four-week release cadence for Chrome begins with v. 94, which will launch Sept. 21. From that point on, Google will roll out a Chrome upgrade every four weeks, with an exception for the end-of-year holidays.

Chrome 94 also starts the clock on the Extended Stable release channel, which will be upgraded every eight weeks, giving enterprise IT admins who manage (through group policies) the option of a slower tempo. Commercial customers who adopt Extended Stable will run v. 94 for eight weeks, when it will be replaced by v. 96 on Nov. 16. Meanwhile, security-only updates will be distributed every two weeks to Extended Stable builds.

Chrome 94: Hubba Hubba

A new content-sharing feature that Google calls a sharing hub will debut in Chrome 94 (rather than in Chrome 93, where it was once supposed to appear).

The hub, which is actually a menu, can be called up by clicking on a new icon in the address bar. During Computerworld‘s test, the icon, a right-facing caret, was at the right of the address bar. The menu will offer users a wide range of sharing-the-current-page functions, including sharing with apps like Facebook, Twitter, LinkedIn, and others; creating a QR code for the page’s URL; and casting the page to any already-set destinations, such as a smart TV or another device.

Chrome users can press fast-forward and begin using the sharing hub immediately by setting an option on the experimental features page reached after entering chrome://flags in the address bar. Find the “Desktop Sharing Hub in Omnibox” item, set the drop-down menu at the right to “Enabled” and restart the browser.

Enterprise IT can control this functionality with the DesktopSharingHubEnabled group policy.

Chrome 94: Settings get themselves organized

Beginning with v. 94, Google will replace the existing single long Settings pane — brought up by clicking the main menu, the three vertical dots at the far right of the Chrome frame, then selecting Settings — with a page that consists of several sections. Google said the change should result in better navigability of the browser’s options.

As with most Chrome changes or enhancements, Google will introduce the new Settings pane gradually, starting with a subsection of the user base, then expanding the distribution to more copies. It’s likely that no everyone will see the Settings change in Chrome 94.

Chrome 94: Make HTTPS Great Again!

Chrome already defaults to loading pages over HTTPS (rather than the once-standard and less-secure HTTP) protocol, assuming the destination has an HTTPS-secured page. But Chrome 94 will take that lean-into-HTTPS one step further with what Google’s calling “HTTPS-First” mode.

If HTTPS-First is enabled — it will be off by default — Chrome will try to upgrade all page loads to HTTPS and if unsuccessful, display a full-screen warning before allowing a click-through to the HTTP destination. HTTPS-First is thus a more aggressive version of what Chrome now delivers: It puts every page through the HTPP-or-HTTPS check and posts an alert for the non-compliant destinations.

Google said that a group policy would be available to enterprise IT to disable the HTTPS-First mode.

Chrome 95: Chrome apps to die, for real this time…seriously

Google has been planning the demise of Chrome apps for years, and with v. 95, the company is literally pulling the plug: Chrome apps “will no longer function.”

Chrome 95 is to launch Oct. 19.

(The Chrome 95 cut-off was later than a 2020 adjustment had specified as June 2021. Last year’s deadline change likely was prompted by the COVID-19 pandemic. In fact, the original drop-dead was to be in 2018, so Google has been working this for quite some time.)

Enterprises will be allowed to extend support for Chrome apps until June 2022, the previously-announced date, using a group policy.

December 2020

Chrome remains king.

With almost 70% of the world’s browser user share — a measure of browser activity calculated by analytics company Net Applications — Google’s Chrome has led the rankings for more than four years. Rivals, from Microsoft’s Edge to Mozilla’s Firefox, survive on single-digit shares that pose no threat to Chrome.

So, it’s no surprise that Chrome’s changes have an outsized impact. Attention is paid to Google’s plans by everyone from individual users and IT admins to competitors and open-source allies.

Each Chrome upgrade is accompanied by enterprise-centric release notes that highlight some of the additions, deletions, enhancements and modifications slated for the future. We’ve collected the most important for this refresh of Computerworld‘s latest what’s-coming round-up.

Nothing is guaranteed, of course, least of all software features or functionalities. As Google says: “They might be changed, delayed, or canceled before launching to the Stable channel.”

Chrome 88: Experiment with a new permission ‘chip’

Google will seed Chrome 88 — set to release Jan. 19, 2021 — with a new permissions request that the firm called a “chip” to differentiate it from the usual pop-up prompt.

Actually, a small UI element at the left end of the address bar — next to the padlock icon — the chip is less intrusive, Google asserted. (When Computerworld enabled the chip, for example, it appeared as a blue oval enclosing the words “Use your location?” After a few moments, the oval shrunk to a small blue circle. Clicking on the chip displayed the usual location request pop-up.)

“Since the prompt doesn’t intrude in the content area, users who don’t want to grant the permission no longer need to actively dismiss the prompt,” Google said after arguing that many users immediately dismiss such permission requests simply to clear the screen.

Users of the current Chrome 87 can see the chip in action by typing chrome://flags, searching for #permission-chip, changing the field at the right to “Enabled” and relaunching the browser.

Google

Chrome 88: Adios to Yosemite

Google will pull support for Chrome on Apple’s 2014 Yosemite, aka OS X 10.10, with the debut of version 88. Don’t be surprised: Apple stopped serving Yosemite-powered Macs with security updates in the second half of 2017.

Chrome 88 on the Mac will require OS X 10.11, better known as El Capitan, or later.

Chrome 88: Kill Legacy Browser add-on

Google has already unpublished the Legacy Browser Support (LBS) add-on from the Chrome Web Store, but when version 88 arrives in January, the company will disable all installed instances of the extension.

LBS, now baked into Chrome, was designed so IT admins could deploy Google’s browser but still call up Microsoft’s Internet Explorer (IE) to render intranet sites or written-for-IE apps. The add-on debuted in 2013, when Chrome’s share of 18% lagged far behind IE’s still-dominant 58%.

Information for enterprise administrators on using the integrated LBS can be found here.

Chrome 88: Search for tabs

Chrome 88 will let users search open tabs by clicking on the symbol to the right of the “+” in the tab bar, then entering a search string. These searches will be conducted not just among the tabs in the active Chrome window but of all Chrome windows.

Chrome 88: Mess with the URL

Google will continue to roll out a truncated URL in the address bar of Chrome 88. “This change has been enabled for some users, with a full rollout planned for an upcoming release,” Google said.

Under the scheme, a full URL like https://google-secure.example.com/secure-google-sign-in/ would show only as the registrable domain, example.com.

Google argues that the move is designed “to protect your users from some common phishing strategies,” such as when criminals try to trick potential victims into clicking on links that at first glance look legitimate, but are actually meant to mislead. “This change makes it more difficult for malicious actors to trick users with misleading URLs,” Google said.

Google has tried to shorten what shows in the Chrome address bar before. At several points in the past — most recently, in 2018 with Chrome 69 and Chrome 70 — Google contended that stripping out parts of a URL, say the www, was a worthwhile move. Critics have blasted such proposals, saying it eliminates cues users rely on to sniff out deceptive sites.

Some users saw this functionality as early as October’s Chrome 86.

Chrome 89: Won’t work on really, really old PCs

“Chrome 89 and above will require x86 processors with SSE3 support,” Google wrote. “Chrome will not install and run on x86 processors that do not support SSE3.”

SSE3, which stands for “Streaming SIMD Extensions 3,” was one of several — the third, in fact — add-ons to the x86 instruction set used by Intel (and later, AMD) processors. Intel introduced SSE3 to its Pentium 4 processor in early 2004, while AMD did the same a year later in their Athlon 64 CPUs.

Although there are likely few pre-2004 PCs still in operation —George W. Bush (remember him?) was in his first term — there are always exceptions.

The restriction does not apply to Chrome running on ARM silicon.

Chrome 90: We’ll have a root cellar too

At the beginning of November, Google said it would soon switch from relying on the operating system’s built-in certificate verification to its own implementation for Chrome on all the browser’s supported platforms (minus iOS).

Creating and maintaining its own certificate “root store,” Google said, would “ensure users have a consistent experience across platforms, that developers have a consistent understanding of Chrome’s behavior, and that Chrome will be better able to protect the security and privacy of users’ connections to websites.”

The transition to a Chrome root store could come as soon as version 90, which should launch around March 2.

Chrome wouldn’t be the first to take this tack. Mozilla’s Firefox has long used its own certificate root store, in part because that “gives us the ability to set policies, determine which CAs [certificate authorities] meet them, and to take action when a CA fails to do so.” (Mozilla’s not fooling; it’s invalidated certificates before as punishment for going rogue.)

The change will likely impact enterprise most of all, as some businesses prefer to add their own root certificates to their devices, a task easier to do through the operating system’s root store. Google defended the decision, countering with: “We do not anticipate any changes to be required for how enterprises currently manage their fleet and trusted enterprise CAs.”

October 2020

Chrome is the tops.

With 70% of the world’s browser user share — a measure of browser activity calculated by analytics company Net Applications — Google’s Chrome has led the rankings for over four years. Rivals, from Microsoft’s Edge to Mozilla’s Firefox, survive on single-digit shares that pose no threat to Chrome’s dominance.

So, it’s no surprise that Chrome’s changes have an outsized impact. With each upgrade — which Computerworld tracks in the What’s in the latest Chrome update? series — and at whenever Google talks of future plans, everyone pays attention, from the browser’s users and IT administrators to competitors.

Every Chrome upgrade is accompanied by enterprise-centric release notes that highlight some of the additions, deletions, enhancements and modifications slated for the future. We’ve collected the most important for this refresh of Computerworld‘s latest what’s-coming round-up.

But nothing is guaranteed, least of all prospective features. As Google says: “They might be changed, delayed, or canceled before launching to the Stable channel.”

Chrome 87: Tab throttling

Chrome 87 will curtail the amount of power that background tabs consume by throttling them to a maximum of 1% of CPU time. Background tabs will be allowed to “wake up” — to repaint the page, for instance — only once each minute.

Administrators will be able to control this throttling with the IntensiveWakeUpThrottlingEnabled policy.

More information about this feature, dubbed “Intensive JS Timer Throttling,” can be found here.

Note: Google in July said that tab throttling would debut in Chrome 85. But in late August, Google said tab throttling had just been added to Chrome Beta, signaling that it had yet to make it into Chrome Stable. This, then, is the third time Google has promised to add tab throttling to Chrome.

Chrome 87: Revamped PDF user interface

Google continues to plan for a new PDF viewer user interface (UI) in November’s Chrome 87.

When a user opens a PDF document, a toolbar will appear under the new UI that concentrates previous functions — such as zooming in and out on the document — as well as new options, such as the current page number and a fit-to-width command. The new viewer will also include a two-up view — two pages, shown side by side, the document’s table of contents and a mode to see added annotations. Chrome 86, which launched last week, does not include the new viewer UI, but will display most of it after a setting an option in the chrome://flags page. Users should search for “viewer” to find the #pdf-viewer-update item, set it to “Enabled” on the right and relaunch the browser.

When Computerworld set that flag, the view UI switched on, with one caveat: The thumbnails of each page — those thumbnails were displayed in a sidebar at the left — remained blank, no matter which PDF was opened.

Google

Chrome 88: Experiment with a new permission ‘chip’

Google will begin seeding some copies of Chrome with a new permissions request that the firm called a “chip” to differentiate it from the usual pop-up prompt.

Actually a small UI element at the left end of the address bar — next to the padlock icon — the chip is less intrusive, Google asserted. (When Computerworld enabled the chip, for example, it appeared as a blue oval enclosing the words “Use your location?” After a few moments, the oval shrunk to a small blue circle. Clicking on the chip displayed the usual location request pop-up.)

“Since the prompt doesn’t intrude in the content area, users who don’t want to grant the permission no longer need to actively dismiss the prompt,” Google said after arguing that many users immediately dismiss such permission requests simply to clear the screen.

Chrome 86 users can see the chip in action by typing chrome://flags, searching for #permission-chip, changing the field at the right to “Enabled” and relaunching the browser.

Google

Chrome 88: Say goodbye to Yosemite

Google will pull support for Chrome on Apple’s 2014 desktop OS, dubbed Yosemite and also known as OS X 10.10. Apple stopped serving Yosemite-powered Macs with security updates in the second half of 2017.

Chrome 88 on the Mac will require OS X 10.11, aka El Capitan or later, Google stated.

Chrome 88: Yank Legacy Browser add-on from Store

Google will remove the Legacy Browser Support (LBS) add-on from the Chrome Web Store when version 88 releases next month.

LBS, now baked into Chrome, was designed so IT admins could deploy Google’s browser but still call up Microsoft’s Internet Explorer (IE) to render intranet sites or written-for-IE apps. The add-on debuted in 2013, when Chrome’s share of 18% lagged far behind IE’s still-dominant 58%.

But because it has been built into Chrome, the old extension is no longer needed. So, as of Chrome 88, Google warned: “You can no longer install the Legacy Browser Support extension and the extension will fail to install on new devices. Existing installs might no longer work and will no longer be updated.”

Information for enterprise administrators on using the integrated LBS can be found here.

Chrome 89: Won’t work on really, really old PCs

“Chrome 89 and above will require x86 processors with SSE3 support,” Google wrote. “Chrome will not install and run on x86 processors that do not support SSE3.”

SSE3, which stands for “Streaming SIMD Extensions 3,” was one of several — the third, in fact — add-ons to the x86 instruction set used by Intel (and later, AMD) processors. Intel introduced SSE3 to its Pentium 4 processor in early 2004, while AMD did the same a year later in their Athlon 64 CPUs.

Although there are likely few pre-2004 PCs still in operation — George W. Bush was in his first term, an eon ago it seems now — there are always exceptions.

The restriction does not apply to Chrome running on ARM silicon.

Chrome 91: TLS 1.0 and 1.1 bow out, even in enterprises

By agreement, Chrome, Microsoft’s Internet Explorer (IE) and Edge, and Mozilla’s Firefox, have disabled support for the aged encryption protocols Transport Layer Security (TLS) 1.0 and 1.1 because they had been made obsolete by TLS 1.2 and 1.3.

IT admins, however, can continue to use the SSLVersionMin policy to block the usual warnings of outdated versions of TLS, at least until Chrome 91.

Previously, Google had set January 2021 as the call-it-quits deadline for SSLVersionMin. By tying that with Chrome 91, the Mountain View, Calif. company has extended the deadline to May 2021.

September 2020

Chrome looms over the browser landscape like a leviathan.

With more than 70% of the world’s browser user share – a measure of browser activity calculated by analytics company Net Applications – Google’s Chrome has crushed the competition. Rivals, from Microsoft’s Edge to Mozilla’s Firefox, survive on single-digit shares that seem liable to evaporate on short notice.

So, it’s no surprise that when Chrome moves, others feel the tremors. With each upgrade – something Computerworld tracks in the What’s in the latest Chrome update? series – and every time Google talks of future plans, opponents pay attention to hear what they may have to copy to stay competitive.

Every Chrome upgrade is accompanied by enterprise-centric release notes that highlight some of the additions, substitutions, enhancements and modifications slated for the future. We’ve collected the most important for this refresh of Computerworld‘s latest what’s-coming round-up.

But nothing is guaranteed, least of all software’s prospective features. As Google says: “They might be changed, delayed, or canceled before launching to the Stable channel.”

Chrome 86: Legacy Browser Support gets the hook

Google will pull the Legacy Browser Support (LBS) add-on from copies of Chrome 86 on which it’s installed.

LBS, now baked into Chrome, was designed so IT admins could deploy Google’s browser but still call up Microsoft’s Internet Explorer (IE) when necessary to render intranet sites or written-for-IE apps. The add-on debuted in 2013, when Chrome’s share of 18% lagged far behind IE’s still-dominant 58%.

After integrating LBS into Chrome, Google decided the add-on was unnecessary and began a several-step process to eradicate the extension. After Chrome 85’s release on Aug. 25, for example, Google was to have removed it from the Chrome Web Store. (Google hasn’t done that yet, although the label “DEPRECATED” looms large on the add-on’s page.)

Chrome 86: More messing with the URL

Google plans to truncate what shows in the address bar starting with Chrome 86. Only some users will see the change at version 86’s debut, Google said, adding that “a full roll-out ((is)) planned for a later release.”

Under the scheme, a full URL like https://google-secure.example.com/secure-google-sign-in/ would show only as the registrable domain, example.com in the address bar.

Google argued that the move is “to protect your users from some common phishing strategies,” such as when criminals try to trick potential victims into clicking on links that at first glance look legitimate, but which are actually made to mislead. “This change is designed to keep your users’ credentials safe,” Google stated.

This will not be the first time that Google has tried to shorten what shows in the Chrome address bar. At several points in the past – most recently, in 2018 with Chrome 69 and Chrome 70 – Google has contended that stripping out parts of a URL, say the www, is a move worth making. Critics have blasted such proposals, saying that it eliminated cues some users relied on to sniff out deceptive sites.

Chrome 86: Bye-bye blacklist, other labels

Nineteen of Chrome policies will be renamed to drop the terms “blacklist” and “whitelist” that refer to barred and allowed actions, respectively. Also part of the renaming plan: “native” as in “native printing,” or local printing over an organization’s network (and one of Google’s recommended options for customers now using Google Cloud Print, which will stop working as of Jan. 1, 2021).

“Chrome will be moving to more inclusive policy names,” Google noted in its enterprise release notes. “The terms ‘whitelist’ and ‘blacklist’ will be replaced with ‘allowlist’ and ‘blocklist.'” Meanwhile, “native” will simply be dropped.

The 19, including URLBlacklist and ExtensionInstallWhitelist – which will be renamed URLBlocklist and ExtensionInstallAllowlist – will change with Chrome 86. Another eight, including DeviceNativePrinters (DevicePrinters and DeviceNativePrintersBlacklist (DevicePrintersBlocklist) will be transformed as of Chrome 87, which is due out on  Nov. 17.

Google added 14 policy names to this change list after first mentioning it in July. The Mountain View, Calif. firm also told IT admins, “If you’re already using the existing policies, they will continue to work, though you will see warnings in chrome://policy stating that they’re deprecated.”

Discussions of technology terminology – “master” and “slave” regarding device communication were among the examples – have percolated for years. But this year’s protests over racism, inequalities and police killings of Blacks prompted calls for other changes from the likes of Apple and Microsoft, as well as Google.

In Apple’s style guide for developers, for example, under the blacklist/whitelist, the entry stated: “Don’t use. Instead, use an alternative that’s appropriate to the context, such as deny list/allow list or unapproved list/approved list.”

Chrome 86: Chrome says ‘Update,’ so do it

As of this version, Chrome will put the word “Update” inside a button-like element at the upper right-hand corner of the browser’s window. It’s the signal that Chrome has been upgraded in the background but requires a restart to finalize the refresh.

Chrome 86: Tab throttling

Chrome 86 will curtail the amount of power background tabs consume by throttling them to a maximum of only 1% of CPU time. And background tabs will only be allowed to “wake up” – to repaint the page, for instance – once per minute.

Administrators will be able to control this throttling with the IntensiveWakeUpThrottlingEnabled policy.

Note: In July, Google said tab throttling would debut in Chrome 85. But in late August, Google said tab throttling had just been added to Chrome Beta, signaling that it had yet to make it into Chrome Stable.

Chrome 87: More functionality for PDF viewer

Google plans to debut a new user interface (UI) for Chrome’s built-in PDF viewer in November’s Chrome 87.

Details are skimpy, even though the PDF changes were first noticed in March. Most importantly, when a PDF document is opened in Chrome, a toolbar will now appear. When Chrome 85 – the version released in late August – was told to display the toolbar (via a selection in the chrome://flags page), only a place holding message shows (“New PDF Viewer toolbar will appear here.”)

Google asserted that the new PDF viewer would also include a “two-up” view – two pages, shown side by side – the document table of contents and a mode to see added annotations.

July 2020

Chrome continues to kick a** and take names.

Now with more than 70% of the world’s browser user share – a measure of browser activity calculated by analytics company Net Applications – Google’s Chrome has no equal in popularity. It’s run roughshod over rivals like Microsoft’s Edge, Mozilla’s Firefox and Apple’s Safari, which eke out livings as single-digit browsers, dangerously close to mere niche status.

So, it’s no surprise that when Chrome speaks, others tremble, if only in virtual boots. With each browser upgrade – something Computerworld tracks in the What’s in the latest Chrome update? series – and every time Google talks of future plans, opponents pay attention to hear what they may have to copy to stay competitive.

Every Chrome upgrade is accompanied by enterprise-centric release notes that highlight some of the planned additions, substitutions, enhancements and modifications. We’ve collected the most important for this edition of Computerworld‘s latest what’s-coming round-up.

But remember, nothing is guaranteed, least of all software’s prospective features. As Google says: “They might be changed, delayed, or canceled before launching to the Stable channel.”

Chrome 85-86: Legacy Browser Support waves bye

Google will purge the Legacy Browser Support (LBS) add-on from the Chrome Web Store when Chrome 85 ships in late August. “Legacy Browser Support (LBS) is now built into Chrome, and the old extension is no longer needed,” Google said succinctly.

LBS, whether in extension or inside-Chrome form, was designed so IT admins could deploy Google’s browser but still call up Microsoft’s Internet Explorer (IE) when necessary to, say, render intranet sites or older, written-for-IE apps. LBS wasn’t an emulator but simply a URL director, sending any links on an admin-made list to IE for that browser to open. The add-on debuted in 2013, when Chrome’s share of between 15% and 18% was far below IE’s still-dominant 55%-58%.

Google still plans to automatically remove the LBS extension from all copies of Chrome when v. 86 releases on Oct. 6. At that point, only the built-in LBS will remain.

To call on the baked-in LBS, administrators must use the policies listed here under the Legacy Browser Support heading. The old policies written for the add-on will not work once the extension if removed in October.

Chrome 85: Throttle back

Chrome 85 will drastically curtail the amount of power background tabs consume by throttling them to a maximum of only 1% of CPU time. And background tabs will only be allowed to “wake up” – to repaint the page, for instance – once per minute.

Administrators will be able to control this throttling with the IntensiveWakeUpThrottlingEnabled policy. (Note: Computerworld was unable to find Google’s description of this new policy, but Microsoft has published its version here for use in Edge 85 and later.)

Chrome 86: More URL messing around

Google plans to press forward with its plan to truncate what shows in the address bar starting with Chrome 86, slated for an early October release. Only some users will see the change at v. 86’s debut, Google said, adding that “a full roll-out ((is)) planned for a later release.”

Under the scheme, a full URL like https://google-secure.example.com/secure-google-sign-in/ would show only as the registrable domain, example.com in the address bar.

Google argued that the move is “to protect your users from some common phishing strategies,” such as when criminals try to trick potential victims of clicking on links, which at first glance look legitimate, that are actually constructed to mislead. “This change is designed to keep your users’ credentials safe,” Google stated in its enterprise release notes.

This will not be the first time that Google has tried to shorten what shows in the Chrome address bar. At several points in the past – most recently in 2018 with v. 69 and 70 – Google has contended that stripping out parts of a URL, say the www, is a move worth making. Critics blasted the proposed change, saying that it eliminates cues some users relied on to sniff out deceptive sites.

Chrome 86: No more blacklist, whitelist

A baker’s dozen of Chrome policies will be renamed to drop the terms “blacklist” and “whitelist” that refer to barred and allowed actions, respectively.

“Chrome will be moving to more inclusive policy names in Chrome 86,” Google noted in its enterprise release notes. “The terms ‘whitelist’ and ‘blacklist’ will be replaced with ‘allowlist’ and ‘blocklist.'”

Thirteen policies – including URLBlacklist and ExtensionInstallWhitelist – will be introduced in Chrome 86, set to release Oct. 6, in renamed forms, such as URLBlocklist and ExtensionInstallAllowlist.

Discussions of technology terminology – “master” and “slave” regarding device communication is among the examples – have percolated for years. But this year’s protests over racism, inequalities and police killings of African Americans prompted calls for other changes from the likes of Apple and Microsoft, as well as Google.

In Apple’s style guide for developers, for example, under the blacklist/whitelist, the entry stated: “Don’t use. Instead, use an alternative that’s appropriate to the context, such as deny list/allow list or unapproved list/approved list.”

May 2020

Fact: Chrome rules the world.

Now with 69.2% of the world’s browser user share – a measure of browser activity calculated by California-based analytics company Net Applications – Google’s Chrome has no equal, at least in popularity. Rivals like Microsoft’s Edge, Mozilla’s Firefox and Apple’s Safari eke out single digits, while niche browsers under them fight over the smallest scraps.

It’s no surprise, then, that when Chrome speaks, everyone listens, whether about each browser upgrade – something Computerworld tracks in the What’s in the latest Chrome update? series – or about Google’s plans for the future.

Every Chrome upgrade is accompanied by enterprise-centric release notes that highlight some of the planned additions, substitutions, enhancements and modifications. We’ve collected the most important for this what’s-coming round-up.

Just remember, nothing is guaranteed. As Google says: “They might be changed, delayed, or canceled before launching to the Stable channel.”

Chrome 84: Full-page TLS 1.0, 1.1 warnings

Last year, Google spelled out the stages of warnings it would put in front of Chrome users about obsolete TLS (Transport Layer Security) 1.0 or 1.1 encryption. A first step – a “Not Secure” alert in the address bar – was taken in January 2020.

With Chrome 81, the browser was to display a full-page interstitial alert that interrupted attempts to reach the destinations secured with TLS 1.0 or 1.1. That schedule, however, was abandoned in early April.

Now, it’s Chrome 84, slated for release July 14, that is to contain the page-sized warning.

IT administrators can disable both warnings with the SSLVersionMin policy. Setting that policy to “tls1” allows Chrome to connect to TLS 1.0- and 1.1-encrypted sites sans alerts. The SSLVersionMin policy will work until January 2021, when it will be deprecated.

Google

Chrome 84: Risky downloads, rescheduled

Starting with Chrome 84, the browser will warn users when executable files begin their downloading from a secure page (one marked as HTTPS) but actually transfer their bits over an insecure HTTP connection. “These cases are especially concerning because Chrome currently gives no indication to the user that their privacy and security are at risk,” Joe DeBlasio, a software engineer on the Chrome security team, wrote in a Feb. 6 post announcing the scheme.

At the time, Chrome 81 was pegged to begin the warnings. But as with the TLS 1.0 and 1.1 alerts, these were rescheduled in early April, pushed back to later versions of the browser. Google did not say aloud what prompted the change, but it likely was related to the March decision to pause Chrome’s release cadence and when distribution was restored, abandon Chrome 82, skipping from 81 to May’s 83.

With Chrome 85, set to ship Aug.25, Google will drop the hammer, barring those executable files from downloading.

Over several more versions, Google will warn, then block, additional file types, including (in order) archives such as .zip; “all other non-safe types, like .pdf and .docx; then finally image files, such as .png. For example, Chrome 85 will institute warnings for archives (and Chrome 86 will block them).

By Chrome 88 (a Jan. 19, 2021, appearance), the browser will be blocking “all mixed-content downloads.”

Organizations managing Chrome can disable this future blocking on a per-site basis with the InsecureContentAllowedForUrls policy.

Google

Chrome 85: Cover me!

Chrome will know when one of its windows has been occluded by others, and will then suspend painting that window’s pixels in an effort to save CPU cycles and battery resources.

An earlier version of this feature, Google said, “had an incompatibility with some virtualization software,” and so it was reworked. (This had been on Chrome 81’s to-do list at one point, but was punted to Chrome 83 before being delayed yet again.) It’s now to appear in Chrome 85, currently scheduled to release Aug. 25.

Administrators will be able to disable this with the NativeWindowOcclusionEnabled policy.

Chrome 85: When IE’s inside

The Google-made Legacy Browser Support (LBS) add-on will be struck from the Chrome Web Store in late August, when Chrome 85 ships.

“Legacy Browser Support (LBS) is now built into Chrome, and the old extension is no longer needed,” Google said succinctly.

LBS, whether in extension or integrated form, was designed so IT admins could implant Chrome in their organizations but still call up Microsoft’s Internet Explorer (IE) when necessary, say to render intranet sites or older, written-for-IE web apps. LBS wasn’t an emulator but simply a URL director, sending any on a list to IE for that browser to open. The add-on debuted in 2013, when Chrome’s share of between 15% and 18% was far below IE’s still-dominant 55%-58%.

Google plans to automatically remove the LBS add-on from the browser when Chrome 86 releases. Currently, that’s slated Oct. 6.

To call on the baked-in LBS, administrators can use the policies listed here under the Legacy Browser Support heading.

April 2020

Chrome lords it over the browser world, Louis XVI to the peasants trying to keep famine from the door.

Now with 68.5% of the world’s browser user share – a measure of browser activity calculated by analytics company Net Applications – Google’s Chrome has no equal in popularity. Meanwhile, Microsoft’s Edge, Mozilla’s Firefox and Apple’s Safari eke out single digits, while others fight over even smaller scraps.

It’s no surprise, then, that when Chrome speaks, everyone listens, whether about each browser upgrade – something Computerworld tracks in the What’s in the latest Chrome update? series – or about Google’s plans for the future.

Every Chrome upgrade is accompanied by enterprise-aimed release notes that highlight some of the planned additions, substitutions, enhancements and modifications. We’ve collected the most important for this what’s-coming round-up. Just remember, nothing is guaranteed.

As Google call out, “The items listed below are experimental or planned updates. They might be changed, delayed, or canceled before launching to the Stable channel.”

Note: Google suspended Chrome releases in mid-March, delaying the expected March 16 launch of Chrome 81 until April 7. The three-week pause, said Google, meant it was skipping version 82 altogether and resuming numbering with Chrome 83 on May 19. Because of the omission of Chrome 82, this look forward picks up with Chrome 83.

Chrome 83: No, this ‘DoH’ isn’t a Simpsonism

Google said it would wrap up the move to default DNS-over-HTTPS (DoH) with Chrome 83. “In Chrome 83, DoH will launch by default for all remaining users,” Google said. Previously, it had auto-upgraded only some users to their DNS provider’s encrypted connection if one were available.

Earlier, this had been slated to show in Chrome 81. But that version was postponed and the follow-up, Chrome 82, scratched entirely.

DoH has been promoted by browser makers as a security provision, encrypting traffic between browser and DNS server so that it can’t be read at, say, a public Wi-Fi hotspot or by criminals who intercept those bits to insert bogus addresses to steer users toward malicious sites.

Chrome running on domain-joined clients are by default set with DoH disabled, as are instances of the browser that have one or more policies in place.

As throughout Google’s work on this, Chrome 83 upgrades to DoH only when the user’s DNS provider offers an HTTPS connection (not all do). “The default ‘same-provider auto-upgrade’ behavior guarantees a continuity of the user experience (e.g. family filtering, malware filtering, established relationship with a provider),” Google spelled out in a December email. That means not all Chrome users will be using DoH, even with version 83.

Chrome 83: Third-party cookies blocked in Incognito

As of Chrome 83, all third-party cookies will be blocked by default within Incognito sessions, the name for the browser’s privacy mode. Users can re-enable third-party cookies on a site-by-site basis.

Cookies can also be managed by IT using the BlockThirdPartyCookies policy.

Google is behind its rivals in privacy and anti-tracking initiatives such as this; Mozilla, for example, blocked all third-party cookies by default in all instances of Firefox, not just in its Private Window mode, eight months ago.

Chrome 83: Check all passwords!

Within Chrome 83, users will be able to check all saved passwords en masse to see whether any have been leaked in a data breach.

Back in October, Chrome 79 debuted a warning when users logged into a site using credentials that Google said had been exposed by a data breach. Then, users could, after being directed to their Google Account, run an all-inclusive password check.

What Google seemed to say about Chrome 83, however, is that this check will be executable from within the browser, probably in the Password section of Settings (Windows) and Preferences (macOS).

Chrome 83: Tab groups, now with thumbnails

Chrome 81 added tab groups, which lets users shuffle tabs on the tab bar into color-coded groups, making it easier to spot associated tabs and therefore pages.

The next upgrade, said Google, will feature the long-in-the-works Tabstrip UI, which will display thumbnails of each tab in a single, scrollable strip. Tabstrip has been in testing since last fall in the Canary channel – the least polished version Google’s engineers produce – and has been usable there after selecting settings on the optional chrome://flags page.

Chrome 83: Chrome apps? Nope

In January, Google spelled out the close-out of the Chrome app concept, putting browser versions – and thus dates – to the final days of the once-lauded, now-defunct notion.

(This has been coming for a while, what with Google originally saying in 2016 that Chrome would reject running apps by early 2018.)

As of Chrome 83 – which originally had a June 9 launch date – Chrome won’t support apps on Windows, macOS or Linux. However, it will offer a grace period to managed browsers. “If your organization needs extra time to adjust, a policy will be available to extend support until Chrome 87,” Google wrote.

Chrome 87, the last upgrade for the year, is now scheduled for release Nov. 17.

February 2020

Chrome rules the browser roost, leaving rivals scratching for chickenfeed to stave off starvation.

Now with 67% of the world’s browser user share – a measure of browser activity calculated monthly by analytics vendor Net Applications – Google’s Chrome has no equal. Meanwhile, Mozilla’s Firefox, Microsoft’s Edge and Apple’s Safari eke out single digits, while a host of others fight over even smaller scraps.

It’s no surprise, then, that when Chrome speaks, everyone listens, whether about each browser upgrade – something Computerworld tracks in the What’s in the latest Chrome update? series – or about Google’s plans for the future.

Every Chrome upgrade is accompanied by release notes aimed at enterprises that highlight some of the upcoming additions, substitutions, enhancements and modifications planned for the browser. We’ve collected the most important for this what’s-coming round-up. Just remember, nothing is guaranteed.

As Google pointedly notes, “The items listed below are experimental or planned updates. They might be changed, delayed, or canceled before launching to the Stable channel.”

Chrome 81: Full-page warning about TLS 1.0 and 1.1

The current Chrome, version 80, warns users about obsolete TLS (Transport Layer Security) 1.0 or 1.1 encryption via a “Not Secure” alert in the address bar and a pop-up offering more information after a click. (Google switched on that pop-up alert around the middle of last month.)

In March, Chrome 81 will add a full-page interstitial warning that interrupts the attempt to reach the destination site.

IT administrators can disable both warnings with the SSLVersionMin policy. Setting that policy to “tls1” allows Chrome to connect to TLS 1.0- and 1.1-encrypted sites sans alerts.

The SSLVersionMin policy will work until January 2021, Google has said.

Chrome 81: RIP FTP

FTP, for File Transfer Protocol, is an ancient protocol that transfers files over an unencrypted connection. More telling, it’s little used.

Beginning with Chrome 81, Google’s browser will by default no longer support FTP. (This is something Google’s been working toward for ages.) Instead, IT admins should steer their charges to a native FTP client.

Customers can re-enable FTP support using the —enable-ftp command line flag or by enabling the FtpProtocol feature via the —enable-features=FtpProtocol flag. (For the latter, type chrome://flags in the address bar, press Enter or Return, then search for “Enable support for FTP URLs” and change the option at the right to “Enabled.”)

Chrome 82: Share the clipboard

Users will be able to share clipboard content between personal computers and Android devices with this version of Chrome.

(The feature was supposed to debut in mid-March with Chrome 81, but has been pushed to the follow-up, set to ship April 28.)

Chrome must be installed on both ends of the sharing, the user must be logged into the same Google Account and sync must be enabled on each device or PC. Administrators will be able to control the feature with the SharedClipboardEnabled policy.

Chrome 82: Clamping down on risky downloads

Starting with Chrome 82 – it arrives April 28 – the browser will warn users when executable files begin their downloading from a secure page (one marked as HTTPS) but actually transfer their bits over an insecure HTTP connection. “These cases are especially concerning because Chrome currently gives no indication to the user that their privacy and security are at risk,” Joe DeBlasio, a software engineer on the Chrome security team, wrote in a Feb. 6 post to a company blog.

As of Chrome 83, the version scheduled to release June 9, Google will drop the hammer, barring those executable files from downloading.

Over several more versions of the browser, Google will first warn, then block, additional file types, including (in order) archives such as .zip; “all other non-safe types, like .pdf and .docx; then finally image files, such as .png. For example, Chrome 83 will institute warnings for archives (and Chrome 84 will block them), while Chrome 84 will alert users about .pdfs with Chrome 85 blocking them.

Chrome 84 is to release Aug. 4; Chrome 85 debuts Sept. 15.

“This gradual rollout is designed to mitigate the worst risks quickly, provide developers an opportunity to update sites, and minimize how many warnings Chrome users have to see,” added DeBlasio.

By Chrome 86 (an Oct. 27 appearance), the browser will be blocking “all mixed-content downloads,” DeBlasio concluded.

Enterprises and other organizations managing Chrome can disable this future blocking on a per-site basis using the InsecureContentAllowedForUrls policy.

Chrome 83: Chrome apps no more

Last month, Google spelled out the close-out of the Chrome app concept, putting browser versions – and thus dates – to the final days of the once-lauded, now-defunct notion.

(This has been a while in coming, what with Google originally saying in 2016 that Chrome would reject running apps by early 2018.)

As of Chrome 81 (launch date, March 17) the Chrome Web Store will not accept new Chrome apps.

Two versions later – Chrome 83, a June 9 launch – and Chrome won’t support apps on Windows, macOS or Linux. But as Google almost always does, it will offer a grace period to managed browsers in business. “If your organization needs extra time to adjust, a policy will be available to extend support until Chrome 87,” Google wrote here._

Chrome 87 is scheduled for release Dec. 15.

(Instead of Chrome apps, Google has taken to pushing “Progressive Web Apps,” which, ironically or not, share many of the characteristics of a Chrome app, except they’re supposed to work on any device through any standards-compliant browser.)

Chrome’s add-ons – also called “extensions” – are different; they’re not apps per se and so are unaffected by the shutdown.

December 2019

Chrome dominated the browser market throughout 2019, starting the year by generating more than two-thirds of global browser activity and ending November at almost exactly the same place.

Rivals like Mozilla’s Firefox fight over a diminishing dish of scraps while Microsoft simply surrendered to the search giant by adopting Google’s Chromium technology to power Edge.

What’s true for consumers also holds for the corporate world: Chrome rules. So when Chrome makes changes, everyone pays attention, whether the latest are in the most recent browser upgrade – which Computerworld tracks in the What’s in the latest Chrome update? series – or are slated to show up in the next version, or the one after that.

Every Chrome upgrade is accompanied by release notes that highlight planned additions, substitutions, enhancements and modifications. We’ve collected the most important for this enterprise-centric “Coming soon” round-up. But remember: nothing is guaranteed. As Google cautions, “The items listed below are experimental or planned updates. They might be changed, delayed, or canceled before launching to the Stable channel.”

Chrome 80: Freeze, tabs! And we mean it this time!

To reduce the browser’s memory usage and its impact on notebook batteries, Chrome 80 will automatically “freeze” tabs that have been in the background for five or more minutes. “Frozen pages are not able to run any tasks,” said Google.

Some tabs won’t be frozen – Google cited those playing audio – and website developers can opt out of freezing. More information on that can be found in this document.

Once a user makes a background tab active, it’s thawed so it reacts to input.

Enterprise IT administrators will be able to disable tab freezing with the TabFreezingEnabled policy.

(Previously, Google claimed that tab freezing would make it into Chrome 79, the version launched Dec. 10. It was unclear why the feature had been bumped from 79 and instead slated for 80.)

Chrome 80: Control over granular sync

Enterprise IT admins can enable or disable each type of synchronized data – ranging from History and Themes to Open Tabs and Passwords – just as individuals can do in the browser’s Settings > Manage Sync.

“In Chrome 80, this control will also be an enterprise policy, so that admins can control the sync types across their organization,” Google wrote in the enterprise release notes published after Chrome 79 launched.

The SyncTypesListDisabled policy has not yet been added to the Chrome list, posted here.

Chrome 80: Tabs by the bunch, or group

Tab groups should begin rolling out to users with early-February’s Chrome 80 and then finish with March’s Chrome 81.

“Starting in Chrome 80, some users will be able to organize their tabs by grouping them on the tab strip,” Google said. “Each group can have a color and a name, to help your users keep track of their different tasks and workflows. A wider rollout is planned for Chrome 81.” Chrome 81 is set for release on March 17.

Tab groups are just what they say they are: an organizational trick to lump together multiple tabs, each lump designated by color and name.

Users of Chrome 79 can dabble now with tab groups by entering chrome://flags in the address bar, pressing Enter or Return, finding the entry Tab Groups and setting it to “Enabled.” Chrome must be relaunched for it to take effect. Using right-clicks and the menu choices that then appear, users can create groups, then assign tabs to or remove tabs from those groups.

Chrome 80: Begone, external add-ons

The new BlockExternalExtensions policy will let administrators stop external extensions from being installed in the browser.

(External extensions are those browser add-ons not retrieved and installed from the Chrome Web Store. They include extensions created by third-party software vendors to link browsers to their wares, as well as add-ons that IT wants to distribute throughout the company.)

When enabled, BlockExternalExtensions will not block kiosk apps or add-ons provided by policies, Google said.

The policy has not yet been added to the Chrome list.

Chrome 81: Full-page warning about TLS 1.0 and 1.1

The current Chrome, version 79, includes a disabled-for-now warning about the obsolete TLS (Transport Layer Security) 1.0 or 1.1 encryption. Google plans to switch on that pop-up alert starting Jan. 13, 2020, a point about mid-way between the releases of Chrome 79 and 80.

In March, Chrome 81 will add to the pressure by replacing the pop-up with a full-page interstitial warning that interrupts the attempt to reach the destination site.

IT admins can disable both warnings – in Chrome 79 and later, and in Chrome 81 – with the SSLVersionMin policy. Setting that policy to “1” allows Chrome to connect to TLS 1.0- and 1.1-encrypted sites sans alerts.

The SSLVersionMin policy will work until January 2021.

Chrome 81: Sharing the clipboard

Users will be able to share the clipboard content between personal computers and Android devices with this version of Chrome.

Chrome must be installed on both ends of the sharing, the user must be logged into the same Google Account and the browser’s sync must be enabled on each device or PC.

Administrators will be able to control the feature with the SharedClipboardEnabled policy.

October 2019

Chrome continues to dominate the browser market, leaving rivals to swallow their pride and scramble for the leavings.

Now with nearly 69% of the world’s browser user share – a measure of browser activity calculated monthly by analytics vendor Net Applications – Google’s Chrome has no peer. Rivals like Mozilla’s Firefox fight over scraps while Microsoft has tossed in the towel and adopted Google’s Chromium technology to remain competitive.

It’s no surprise that when Chrome speaks, everyone listens, whether about each browser upgrade – something Computerworld tracks in the What’s in the latest Chrome update? series – or about Google’s plans for the future.

Every Chrome upgrade is accompanied by release notes aimed at enterprises that highlight some of the upcoming additions, substitutions, enhancements and modifications planned for the browser. We’ve collected the most important for this “Coming soon” round-up. Just remember that nothing is guaranteed. As Google pointedly notes, “The items listed below are experimental or planned updates. They might be changed, delayed, or canceled before launching to the Stable channel.”

Chrome 79: Password, please!

“We will notify users if their credentials are part of a known data breach,” Google said, pegging the feature’s introduction to the Dec. 10 upgrade. (Around the release of Chrome 77 – back in September – Google had projected a launch in Chrome 78, which debuted this week. Later, word came that it had been postponed to v. 79.)

Details are still on the lighter side. Unlike Mozilla, which added a similar feature to Firefox 70 – also released Oct. 22 – Google has not publicly detailed this yet.

Some information can be found here, however, and here.

Enterprises will be able to manage this notification with the PasswordLeakDetectionEnabled group policy. A bit more info about that policy is available here.

Chrome 79: Testing, testing DoH, 1-2-3

Both Google and Mozilla have been thumping the DNS-over-HTTPS (DoH) drum as a way to better secure communications between browser and DNS (Domain Name Service) server. The browser pings a DNS server to determine the IP (Internet protocol) address of the destination website’s domain (the part, for instance, before the .com or .org) and normally that traffic is transmitted in plain text, making it easily readable by someone monitoring a public Wi-Fi network. Criminals can even intercept bits flying between the browser and DNS server, then insert bogus addresses that steer an unwary user to a malicious site.

By transmitting DNS communication over an HTTPS connection – which is encrypted – crooks can’t spy or spoof.

With Chrome 79, Google will run a trial where DNS requests from some users will automatically be switched to their DNS provider’s DoH service if one is available. (Not all DNS providers offer a DoH resolver.)

But managed browsers – those joined to a domain or that have at least one active group policy – won’t auto-upgrade to DoH. Enterprises will also be able to control the DoH experiment through a new policy, DnsOverHttpsMode.

More information, including the short list of affected DNS providers, can be found here.

Chrome 79: Hey you tabs! Freeze!

To reduce the browser’s memory usage and its impact on notebook batteries, Chrome 79 will automatically “freeze” tabs that have been in the background for five or more minutes. “Frozen pages are not able to run any tasks,” said Google.

Some tabs won’t be frozen – Google cited ones playing audio – and website developers can opt their pages out of such freezing. Then, once a user makes a background tab active, it’s thawed so it reacts to input.

Enterprise IT administrators will be able to disable tab freezing with the TabFreezingEnabled policy.

Chrome 79 and 81: Wave goodbye to TLS 1.0 and 1.1

At the start of October, Google laid out plans to deprecate legacy versions of the TLS (Transport Layer Security) 1.0 and 1.1 cryptographic protocol used to encrypt transmissions between browsers and website servers.

“We’re announcing a pre-removal phase in which we’ll introduce a gentler warning UI [user interface] and previewing the UI that we’ll use to block TLS 1.0 and 1.1 in Chrome 81,” wrote Chris Thompson of Chrome’s security team on Oct. 1.

Starting Jan. 13, 2020, Chrome 79 will begin showing a “Your connection to this site is not fully secure” message when users connect to a site safeguarded by the outdated protocols. Chrome 81 – a March debut, Thompson said – will amp the pressure by inserting a full-page warning that the connection is not secure.

Enterprise IT can disable these Chrome 79 and 81 warnings with the SSLVersionMin policy. Setting that policy to “1” allows Chrome to connect to 1.0- and 1.1-encrypted sites sans alerts.

The SSLVersionMin policy will work until January 2021, Google said.

Chrome 80: Tab groupie

“Users will be able to organize their tabs by grouping them on the tab strip,” Google said. “Groups can have colors and names. They’ll help your users keep track of their different tasks and workflows.”

Tab groups have been in the works for months, but Google currently plans on launching the feature in Chrome 80, set to release around Feb. 21-28, 2020 (Google has not yet extended its Chrome release calendar into next year, so the dates are only an estimate). “Tab groups” are just what they say they are: an organizational trick to lump together multiple tabs, each such lump designated by color and name.

Users of Chrome 78 can dabble with tab groups by entering chrome://flags in the address bar, pressing Enter or Return, finding the entry Tab Groups and setting it to “Enabled.” Chrome must be relaunched for it to take effect. Using right-clicks and the menu choices that then appear, users can create groups, then assign tabs to or remove tabs from those groups.

Chrome 80: RIP FTP

FTP, for File Transfer Protocol, is an ancient protocol that transfers files over an unencrypted connection. More telling, it’s little used.

Beginning with Chrome 80, Google’s browser will stop supporting FTP. (This is something Google’s been working toward for ages.) Instead, IT administrators should steer their charges to a native FTP client.

Google’s given FTP a short grace for those managing through group policies: Enable FTPProtocolSupport and FTP will be restored until Chrome 82 – figure that will debut in April – really kills the protocol.

September 2019

Chrome continues to dominate the browser market, leaving rivals to swallow their pride and scramble for the leavings.

Now with more than 67% of the world’s browser user share – a measure of browser activity calculated monthly by analytics vendor Net Applications – Google’s Chrome has no peer. Rivals like Mozilla’s Firefox fight over scraps while Microsoft has tossed in the towel and adopted Google’s Chromium technology to remain competitive.

It’s no surprise that when Chrome speaks, everyone listens, whether about each browser upgrade – something Computerworld tracks in the What’s in the latest Chrome update? series – or about Google’s plans for the future.

Every Chrome upgrade is accompanied by release notes aimed at enterprises that highlight some of the upcoming additions, substitutions, enhancements and modifications planned for the browser. We’ve collected the most important for this “Coming soon” round-up. Just remember that nothing is guaranteed. As Google pointedly notes, “The items listed below are experimental or planned updates. They might be changed, delayed, or canceled before launching to the Stable channel.”

Chrome 78: Still on flags’ you-know-what

“Many flags in chrome://flags will be removed in upcoming Chrome versions, starting with Chrome 78,” Google said, stuck in this grove since at least Chrome 76. “As a reminder, flags should not be used to configure Chrome Browser because they’re not supported. Instead, configure Chrome Browser for your enterprise or organization using policies.”

Those words are identical to phrasing Google has used for months, leading to questions about its seriousness in expunging the option setters (which can be reached by entering chrome://flags in the browser’s address bar).

The macOS version of Chrome 77 Stable listed 322 available flags, just 7 fewer than Chrome 76. So, there’s been no real reduction thus far.

Chrome 78: Dipping a toe into DoH waters

Both Google and Mozilla have been thumping the DNS-over-HTTPS (DoH) drum as a way to better secure communications between browser and DNS (Domain Name Service) server. The browser pings a DNS server to determine the IP (Internet protocol) address of the destination website’s domain (the part, for instance, before the .com or .org) and normally that traffic is transmitted in plain text, making it easily readable by someone monitoring a public Wi-Fi network. Criminals can even intercept bits flying between the browser and DNS server, then insert bogus addresses that steer the unwary user to a malicious site.

By transmitting DNS communication over an HTTPS connection – which is encrypted – crooks can’t spy or spoof.

Beginning with Chrome 78, Google will run a trial where DNS requests from some users will automatically be switched to their DNS provider’s DoH service if one is available. (Not all DNS providers offer a DoH resolver.)

But managed browsers – those joined to a domain or that have at least one active group policy – won’t auto-upgrade to DoH. Enterprises will also be able to control the DoH experiment through a new policy, DnsOverHttpsMode, that will be in place for Chrome 78.

More information, including the short list of affected DNS providers, can be found here.

Chrome 78: Your password’s showing, pal

According to Google, users of Chrome 78 and later will be notified “if their credentials are part of a known data breach.”

Exactly how this will be done and based on what data are, at this point, unclear. Unlike Mozilla, which will add a similar feature to Firefox 70, set to launch Oct. 22, Google has not yet fleshed this out. (Note: Chrome 78 is to also debut on Oct. 22.)

Enterprises will be able to manage this notification with the PasswordLeakDetectionEnabled group policy. A bit more info about that policy is available here.

Chrome 80: RIP FTP

FTP, for File Transfer Protocol, is an ancient protocol that transfers files over an unencrypted connection. More telling, it’s little used.

Beginning with Chrome 80 (likely to launch in late January), Google’s browser will stop supporting FTP. (This is something Google’s been working toward for ages.) Instead, IT administrators should steer their charges to a native FTP client.

Google’s given FTP a short grace for those managing through group policies: Enable FTPProtocolSupport and FTP will be restored until Chrome 82 – figure that will debut in April – really kills the protocol.

Chrome ??: Chrome address bar searches return results from Google Drive

“In the future, users will be able to search for Google Drive files that they have access to from the address bar,” Google wrote.

This has been Google’s line for months, although now the firm says “in the future” rather than the earlier “soon,” perhaps a sop to reality.

Google began testing integrations between Chrome and Google Drive for G Suite Business, Enterprise, and Enterprise for Education subscriptions back in March. Previously, Google ran a beta program but then shut it down in mid-June. Now it’s reopened the preview.

“If you have G Suite Business, Enterprise, or Enterprise for Education, you can apply for the beta program,” Google said, pointing interested users here. Participants must have admin rights to G Suite Business, G Suite Enterprise or G Suite Education Premium.

“This feature lets users in your domain using the Chrome browser search for Google Drive files that they have access to using the Chrome URL bar,” the beta program page stated. “This goes beyond current functionality, which lets users search for Google Drive files that they have recently accessed.”

August 2019

Chrome continues to gobble up the browser market, leaving rivals to split a pile of crumbs.

Now with nearly 69% of world’s browser user share – a measure of browser activity calculated monthly by metric vendor Net Applications – Google’s Chrome has no popularity peer. Its rivals barely qualify as such, with Microsoft’s Edge adopting Google’s technology and Mozilla’s Firefox trying to keep its head above 8%.

So, when Chrome speaks, everyone listens, whether about each browser upgrade – something Computerworld tracks in the What’s in the latest Chrome update? series – or about Google’s plans for the future.

Every Chrome upgrade is accompanied by release notes aimed at enterprises that highlight some of the upcoming additions, substitutions, enhancements and modifications planned for the browser. We collected the most important for this “Coming soon” round-up. Just remember that nothing is guaranteed; Google pointedly notes: “”The items listed below are experimental or planned updates. They might be changed, delayed, or canceled before launching to the Stable channel.”

Chrome 77: Lowering (the number of) flags

“Many flags in chrome://flags will be removed in upcoming Chrome versions, starting with Chrome 77,” Google said, repeating a warning from June about Chrome 76 that didn’t come to pass. “You shouldn’t use flags to configure Chrome because they’re not supported. Instead, configure Chrome for your enterprise or organization using policies.”

The macOS version of Chrome 76 Stable listed 307 available flags and another 15 unsuitable for Apple’s operating system.

Chrome 77: Nuclear group policies, toe-to-toe with the Rooskies

Google will assemble some Chrome policies into what it calls “atomic policy groups” to make sure settings that depend on each other to control a feature come from a single source, such as Windows Group Policy or Google’s Admin Console.

“This may be a breaking change if you set GPOs ((Group Policy Objects)) from multiple sources,” Google said. “You can check if any GPOs are in conflict by visiting chrome://policy in Chrome.”

The order of precedence for Chrome’s policies is laid out in this online document._More information about managing Chrome through policies can be found here.

Chrome 77: Welcome, welcome, welcome

Chrome 77 features a new “first run experience,” the label for how a new program poses questions and offers options to set up the software. The new flow, said Google, will “get ((users)) set up with popular Google services and set a default web browser.” That last is of special importance in Windows 10, which pre-sets Microsoft’s Edge as the out-of-the-box browser. The PromotionalTabsEnabled policy will disable the new first run experience, Google said.

Chrome 78: Experimenting with DNS-over-HTTPS

“Starting in Chrome 78, the DNS ((Domain Name System)) requests of some users will auto-upgrade to DNS-over-HTTPS if they are using a DNS provider that supports it,” Google noted. For background, DNS-over-HTTPS would better secure domain requests between browser and domain servers by blocking man-in-the-middle attempts to eavesdrop and/or fiddle with the in-transmission data. Google and Mozilla – maker of Firefox – are both testing the proposed standard.

Users will be able to opt out of the trials Google will conduct by disabling it through chrome://flags. Administrators will be allowed to do likewise via policy. “Instructions will be provided in a future Chromium blog post and release notes,” Google promised.

Chrome 78: Browser add-ons reducing requests for data

Starting Oct. 15, Google will require that add-on developers reduce their data access requests to the least amount possible. “While this has previously been encouraged for developers, now we’re making this a requirement for all extensions,” Google said.

Although there’s nothing that will change in Chrome itself related to this new requirement, version 78 – set to debut Oct. 22 – may be affected if, for instance, an add-on developer refuses to follow the rules. “After October 15, 2019, items that violate these updates to the User Data policy will be removed or rejected from the Web Store and will need to become compliant to be reinstated,” Google said.

Chrome ??: Chrome address bar searches return results from Google Drive

“Soon, users will be able to search for Google Drive files that they have access to from the address bar,” Google wrote. Again.

This has been on the Chrome to-do list for months.

In March, Google began testing integrations between Chrome and Google Drive for G Suite Business, Enterprise, and Enterprise for Education productivity subscriptions. (The beta testing required Chrome 69 or later; Google shut down the preview program in mid-June.)

Key to this feature is Google’s assertion that, “This goes beyond current functionality, which lets users search for Google Drive files that they have recently accessed,” likely making it a tool eventually available only to G Suite users.

June 2019

Chrome gets fat while every other browser starves.

Now with more than two-thirds of the world’s browser user share – a measure of browser activity calculated monthly by metric vendor Net Applications – Google’s Chrome has no peer in popularity. Its rivals are barely worth the name, with Microsoft’s Edge so feeble that its maker decided to replace its internals with the same technology that powers Chrome and Mozilla’s Firefox trying to hang on to just 10%.

Not surprisingly, when Chrome speaks, everyone listens, whether about each browser upgrade – something Computerworld tracks in the What’s in the latest Chrome update? series – and in what it plans to do in the near future.

Every Chrome upgrade is accompanied by release notes aimed at enterprises that highlight some of the upcoming additions, substitutions, enhancements and modifications planned for the browser. We collected the most important for this “Coming soon” round-up. Just remember that nothing is guaranteed; Google points notes: “((These features)) might be changed, delayed, or canceled before launching to the Stable channel.”

Chrome 76: An end to opt-out of site isolation

Unveiled in late 2017 within Chrome 63, Site Isolation is a defensive technology that segregates pages from different sites into different processes. Each process runs in a “sandbox” that restricts what the process can do, all part of a scheme to isolate malware from the browser as a whole and a device’s over-arching OS.

Site Isolation was enabled in stages until by mid-2018 it was enabled for virtually all Chrome users. At that point, only managed devices were able to opt-out. “((But)) starting with Chrome 76, we will remove the ability to opt out of site isolation on desktop using the SitePerProcess or IsolateOrigins policies,” Google said.

The end to opting out was to occur with Chrome 75, but was postponed to version 76, the upgrade scheduled to ship July 30. Google did not offer an explanation for the delay.

Chrome 76: Flash to be blocked by default

Two years ago, Adobe announced that it would finally bury Flash Player – the app that, in many ways, made the web – at the end of 2020. Browser makers like Google then explained how they would end their support for Flash.

While Google has limited Flash for years – in late 2016, it was turned off by default and restricted to a handful of sites, including Amazon, Facebook and YouTube – this summer Chrome will institute a complete Flash blockade. With Chrome 76, Flash will be disabled by default. Individual users will be able to switch back to a default “Ask first” in settings (until Google ends all support by yanking it from the Chromium project in December 2020). And enterprises will be able to continue controlling Flash usage through the DefaultPluginsSetting, PluginsAllowedForUrls and PluginsBlockedForUrls policies.

The toggle back to “Ask first” for Flash – which will let Chrome continue to run the Adobe plug-in but only after asking the user for each encountered Flash-equipped site – is in Settings, under “Privacy and Security,” in the “Site Settings” selection. Click on “Flash,” then in the next screen, on “Block sites from running Flash” to switch to “Ask first.”

Google

Chrome 76: Lowering (the number of) flags

“Many flags in chrome://flags will be removed in upcoming Chrome versions,” Google said without detailing which will get the ax or even a rough number to be cut. “You should not use flags to configure Chrome because they are not supported. Instead, configure Chrome for your enterprise or organization using policies.”

The macOS version of Chrome 75 Stable listed 337 available flags and another 16 unsuitable for that operating system.

Chrome ??: Chrome address bar searches return results from Google Drive

“Soon, users will be able to search for Google Drive files that they have access to from the address bar,” Google wrote.

And that’s all it wrote. However, it’s possible to flesh out a bit more.

In March, Google began testing integrations between Chrome and Google Drive for the G Suite Business, Enterprise, and Enterprise for Education productivity subscriptions. (The beta testing required Chrome 69 or later.)

G Suite administrators can apply to join the beta project using the form submitted from this site.

Previously, Google had pegged the debut of address bar searching of Google Drive to Firefox 75 – the version that launched last week – and seemed to imply that the feature would be available to all enterprise users, not just those running G Suite. Computerworld‘s testing of Chrome 75 Dev showed that enabling the option flag “Omnibox Google Drive Document suggestions” – displayed matches in the address bar of recently-accessed PDF and Google Docs/Sheets/Slides. That setting, which can be accessed from the chrome://flags page, appeared in the Stable version of Chrome 75, hinting that it’s about ready for real-world use.

It’s unclear whether the in-address-bar searching of Google Drive contents will be available only for G Suite users or for all those who have stored content in Google Drive. Computerworld‘s take? Because of a line in the beta description – “This goes beyond current functionality, which lets users search for Google Drive files that they have recently accessed” – we think that the tool will be only for G Suite customers.

April 2019

Fact: Chrome rules.

With a massive two-thirds of the world’s browser user share – a measurement of browser activity calculated monthly by analytics vendor Net Applications – Google’s Chrome has no peer in popularity.

So when Chrome speaks, people listen. That holds true for whatever moves Google makes with each browser upgrade – something Computerworld details in the What’s in the latest Chrome update? series – and in what it plans to do in the future.

With each update, Google publishes a set of release notes aimed at enterprises. In those release notes, the company highlights some of the upcoming additions, substitutions, enhancements and modifications planned for its browser._

In an effort to look ahead at the browser’s future, we’ve collected the most important of the latest items in Chrome’s “Coming soon” category. But as Google takes pains to point out, “They might be changed, delayed, or canceled before launching to the Stable channel.”

You’ve been warned.

Chrome 75: Chrome address bar searches return results from Google Drive

“Users will see Google Drive results when entering a search in the address bar, including PDFs, Google Sheets, Docs, and Slides,” Google wrote.

And that’s all it wrote. However, it’s possible to flesh out the expected feature.

Google in March kicked off testing of integration between Chrome and Google Drive for the G Suite Business, Enterprise, and Enterprise for Education productivity subscriptions. (That beta testing requires Chrome 69 or later.)

The upcoming address bar-search is somewhat different. Computerworld‘s testing of Chrome 75 Dev – after enabling the option flag “Omnibox Google Drive Document suggestions” – showed that suggested matches surfaced in the address bar only of recently-accessed PDF and Google Docs/Sheets/Slides. In other words, the Chrome 75 feature seems a subset, although not a perfect one, of what’s already in testing for G Suite subscribers, but will be available to all Chrome users who have content in Google Drive.

Google

Chrome 75: End to opt-out of site isolation

Unveiled in late 2017 within Chrome 63, Site Isolation is a defensive technology that segregates pages from different sites into different processes. Each process runs in a “sandbox” that restricts what the process can do, all as part of a scheme to isolate malware from the browser as a whole and the device’s over-arching OS.

Site Isolation was enabled in stages until by mid-2018 it was enabled for virtually all Chrome users. At that point, only managed devices were able to opt-out. As of Chrome 75 – currently scheduled to ship June 4 – that will end. “We’ve resolved the reported issues and starting with Chrome 75, we will remove the ability to opt out of site isolation on desktop using the SitePerProcess or IsolateOrigins policies,” Google said.

Chrome 75: Version roll-back

Google will add a browser roll-back process for enterprises that want to retreat to an older version of Chrome, the company said as it named the target. “Chrome 75 on Windows will include a policy that allows administrators to roll back to a previous version of Chrome,” Google said.

The functionality will be available only to customers using Windows’ group policies to manage Chrome. “Add a RollbackToTargetVersion app policy to allow enterprise administrators to enable rollback in conjunction with the existing TargetVersionPrefix policy,” Google stated.

The most likely reason for wanting to roll back Chrome to an earlier version would be because the latest browser caused problems, perhaps a mission-critical app compatibility or workflow issue.

Google was adamant that a roll-back should be a last-ditch effort by enterprise IT. “This policy is meant as an emergency mechanism and should be used with caution,” the company said. “If you roll back to an earlier version, you will expose your users to known security issues. Use this policy at your own risk.”

Google also urged that customers turn on the browser sync feature or alternately, Roaming User Profiles, which lets users take bookmarks, passwords, extensions and preferences to multiple PCs. Failing to do that will mean data synced from later versions won’t be usable by older editions.

A later version, Google added, will “improve the rollback experience by preserving user states during the rollback process” so that sync and roaming profiles won’t be needed.

Chrome 76: Flash to be blocked by default

Nearly two years ago, Adobe announced that it would finally bury Flash Player – an app that in many ways, made the web – at the end of 2020. Browser makers like Google then detailed how they would end their support for Flash.

While Google has limited Flash for years – in late 2016, it was turned off by default and restricted to a handful of sites, including Amazon, Facebook and YouTube – this summer Chrome will institute a complete Flash blockade. With Chrome 76, now slated to ship July 30, Flash will be disabled by default. Individual users will be able to switch back to a default “Ask to use Flash” in settings (until Google ends all support by yanking it from the Chromium project in December 2020), and enterprises will be able to continue controlling Flash usage through the DefaultPluginsSetting,PluginsAllowedForUrls and PluginsBlockedForUrls policies.