Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Google Chrome Developers On Browser Security

ScuttleMonkey posted more than 5 years ago | from the never-ending-war-of-escalation dept.

Security 61

CowboyRobot writes "Developers of Google's Chrome browser have spoken up in an article describing their approach to keeping the browser secure, focusing on minimizing the frequency, duration, and severity of exposure. One tool Chrome uses is a recently open-sourced update distribution application called 'Omaha.' 'Omaha automatically checks for software updates every five hours. When a new update is available, a fraction of clients are told about it, based on a probability set by the team. This probability lets the team verify the quality of the release before informing all clients.'"

cancel ×

61 comments

Sorry! There are no comments related to the filter you selected.

Beta testers (3, Insightful)

twidarkling (1537077) | more than 5 years ago | (#28395789)

So basically, they're getting a random sample of their user base to beta test updates in the wild for them. I hope there's some kind of warning about this while using it.

Re:Beta testers (5, Interesting)

jayme0227 (1558821) | more than 5 years ago | (#28395879)

It's certainly better than having the entire user base beta test the patch for them which is where we're at now in most cases.

unwilling updates (0)

Anonymous Coward | more than 5 years ago | (#28401503)

At least those other browsers give you a choice of whether to update. Chrome defaults to applying updates [pcmag.com] and doesn't even inform the user that they have been applied. There is a mechanism for changing this behavior [pcmag.com] , but it's convoluted and outside of Chrome itself and I think it's Windows-only.

Can you imagine the /. thread if Microsoft decided to force all users to silently install updates to IE?

Re:Beta testers (0, Troll)

siloko (1133863) | more than 5 years ago | (#28395933)

Well Google is a synonym for Beta so no surprise here then . . . well actually the surprise is that they are restricting the pleasure of betaness to a selected few rather than their usual approach of using the great unwashed duped into the 'not evil' mantra . . .

Re:Beta testers (2, Funny)

siloko (1133863) | more than 5 years ago | (#28396237)

A bit passe to reply to your own posts but the mod is right. I started out writing a side splitter but the beer decided that it should turn into a troll post. Pints and posting do not mix! Buenas noches ;)

Re:Beta testers (0)

Anonymous Coward | more than 5 years ago | (#28397051)

It may be a troll, but it's a +1 Troll.

Re:Beta testers (0)

Anonymous Coward | more than 5 years ago | (#28402315)

Chrome is one of the few things without the "beta" label. They dropped that label even when it was still crashing when you hit the "tab" key

Re:Beta testers (5, Informative)

RoFLKOPTr (1294290) | more than 5 years ago | (#28395935)

No, they're getting a random sample of their user base to test a ready-for-release patch so that in case there are a couple cases not within their testing scenarios where the patch is unstable or a security hole is present, they will be able to address that (if it's serious enough) before releasing it to the whole world. This is so much better than the current way of doing things, because patches are still tested in the shop to the same degree as they would be without Omaha, except this way there's even more to be sure that the patch works correctly.

Re:Beta testers (0, Troll)

BikeHelmet (1437881) | more than 5 years ago | (#28396295)

I absolutely agree with you. How many times has Microsoft released a patch, only to take it down because it causes severe stability problems or breaks something?

Hint: Lots. Probably at least twice per year, for the last few years.

I agree, that this is way better.

Re:Beta testers (3, Interesting)

hairyfeet (841228) | more than 5 years ago | (#28399877)

But let us be fair here: How many fricking machines are running Windows? How many hundreds of thousands or even millions of different hardware and software configurations? Just in my home I have a 733Mhz, a 1.7Ghz laptop, my boys 2.6Ghz and 3.06Ghz, and finally the 3.6GHz I'm about to give the oldest, all running XP32, while I am running XP x64 on my new AMD dual. They all have hugely different hardware and software installed, yet somehow it just seems to work.

According to Wikipedia [wikipedia.org] you are looking at a 400 million + install base for JUST XP, and then when you figure in that they are currently supporting Win2K Pro, WinXP 32/64, WinServer 2K3 32/64, and WinVista the idea that they could put out patches that wouldn't break something is just plain crazy. The fact that the "oops" patches only happen once or twice a year is frankly a miracle when you consider how many different possible combinations of software/hardware there can be on a Windows machine.

How many times have you see on the forums after the latest Ubuntu release "the update for foo completely hosed my (insert hardware here)"? I'm sure the Linux guys doing hardware driver support can tell you what a massive PITA it is trying to make sure an update doesn't totally hose something else, and still there are always problems. So considering the fact that unlike certain companies named after fruit I can put a machine together with so many different mish mashes of hardware together and actually have the thing work and run stable I think we can cut the guys at MSFT a little break when it comes to the occasional "oops" patch.

Re:Beta testers (1)

BikeHelmet (1437881) | more than 5 years ago | (#28400699)

Someone sure must hate me. Every post I made in the last day is modded troll.

According to Wikipedia [wikipedia.org] you are looking at a 400 million + install base for JUST XP, and then when you figure in that they are currently supporting Win2K Pro, WinXP 32/64, WinServer 2K3 32/64, and WinVista the idea that they could put out patches that wouldn't break something is just plain crazy. The fact that the "oops" patches only happen once or twice a year is frankly a miracle when you consider how many different possible combinations of software/hardware there can be on a Windows machine.

Usually a random person from MSFN submits fixes for whatever Microsoft breaks. I remember when they did a half-assed update pack for Win2k when ending support - but it broke more than it fixed. Someone on MSFN figured out how to fix it breaking hibernation and power management. Someone else repacked everything in service pack format.

Just think, rather than breaking 2 million Win2k computers, they could've broken only ~20,000 before detecting the problems, if they followed this train of thought.

Re:Beta testers (1)

BikeHelmet (1437881) | more than 5 years ago | (#28400703)

(Number inflation intentional; with something like an XP or Vista update, it'd hit many people than the Win2k update did.)

Re:Beta testers (1)

The Archon V2.0 (782634) | more than 5 years ago | (#28404691)

Just think, rather than breaking 2 million Win2k computers, they could've broken only ~20,000 before detecting the problems, if they followed this train of thought.

I'm not arguing for or against your post, I just came here to say that 'tis a sad state of affairs when breaking 20,000 systems is presented as the better option.

Re:Beta testers (1)

BikeHelmet (1437881) | more than 5 years ago | (#28413861)

Well, there's clearly a problem. Why else would companies have IT people run extensive tests before upgrading the whole network? :P

If only 20k computers could be affected, worldwide, that'd be a huge improvement.

Re:Beta testers (0)

Anonymous Coward | more than 5 years ago | (#28401589)

But let us be fair here: How many fricking machines are running Windows? How many hundreds of thousands or even millions of different hardware and software configurations? Just in my home I have a 733Mhz, a 1.7Ghz laptop, my boys 2.6Ghz and 3.06Ghz, and finally the 3.6GHz I'm about to give the oldest, all running XP32, while I am running XP x64 on my new AMD dual. They all have hugely different hardware and software installed, yet somehow it just seems to work.

According to Wikipedia [wikipedia.org] you are looking at a 400 million + install base for JUST XP, and then when you figure in that they are currently supporting Win2K Pro, WinXP 32/64, WinServer 2K3 32/64, and WinVista the idea that they could put out patches that wouldn't break something is just plain crazy. The fact that the "oops" patches only happen once or twice a year is frankly a miracle when you consider how many different possible combinations of software/hardware there can be on a Windows machine.

  How many times have you see on the forums after the latest Ubuntu release "the update for foo completely hosed my (insert hardware here)"? I'm sure the Linux guys doing hardware driver support can tell you what a massive PITA it is trying to make sure an update doesn't totally hose something else, and still there are always problems. So considering the fact that unlike certain companies named after fruit I can put a machine together with so many different mish mashes of hardware together and actually have the thing work and run stable I think we can cut the guys at MSFT a little break when it comes to the occasional "oops" patch.

But let us be fair here: How many fricking machines are running Windows? How many hundreds of thousands or even millions of different hardware and software configurations? Just in my home I have a 733Mhz, a 1.7Ghz laptop, my boys 2.6Ghz and 3.06Ghz, and finally the 3.6GHz I'm about to give the oldest, all running XP32, while I am running XP x64 on my new AMD dual. They all have hugely different hardware and software installed, yet somehow it just seems to work.

According to Wikipedia [wikipedia.org] you are looking at a 400 million + install base for JUST XP, and then when you figure in that they are currently supporting Win2K Pro, WinXP 32/64, WinServer 2K3 32/64, and WinVista the idea that they could put out patches that wouldn't break something is just plain crazy. The fact that the "oops" patches only happen once or twice a year is frankly a miracle when you consider how many different possible combinations of software/hardware there can be on a Windows machine.

  How many times have you see on the forums after the latest Ubuntu release "the update for foo completely hosed my (insert hardware here)"? I'm sure the Linux guys doing hardware driver support can tell you what a massive PITA it is trying to make sure an update doesn't totally hose something else, and still there are always problems. So considering the fact that unlike certain companies named after fruit I can put a machine together with so many different mish mashes of hardware together and actually have the thing work and run stable I think we can cut the guys at MSFT a little break when it comes to the occasional "oops" patch.

They are given a MAJOR leg up by hardware manufacturers who provide drivers/support for their platform. Ubuntu on the other hand often is unsupported and untested on hardware, and yet in many cases it still "just works."
 

Have you ever done a stock Windows XP installation? You spend 3-4 hours gathering and installing drivers from another PC that can actually access the Internet (because Windows XP doesn't out of the box support your ethernet card or graphics adapter leaving you at 640x480 until you install the driver).
 

The only way to avoid that hassle is to download one of the many pirated XP installations which contain a boatload of drivers with them. A new XP installation took MUCH longer than a new Ubuntu installation in every case that I had done both for a computer.
 

If you're saying "it just works when installed by Dell or others" than so does Linux. I bought a computer from dell with Ubuntu loaded and it "just worked" just like all the installations of Windows I've ever had. Sure, XP has a larger install base, but I believe modern Linux is quite an achievement being that it receives almost none of the assistance that hardware vendors provide Microsoft.
 

Re:Beta testers (1)

hairyfeet (841228) | more than 5 years ago | (#28402625)

Yes Linux works IF, and here is the really fucking big IF, you do research on every single fricking purchase from now until the end of the PCs life. That just cut out a good 95% of the population, including all of my customers. I said customers because yes, I build, repair and sell Windows PCs for a living, so yes I have installed more XP copies than you have had hot meals.

As for installing drivers? It takes about 20 minutes. How? by either using the Windows driver from Universal 2K/XP Driver DVD [blogspot.com] or Driverpacks [driverpacks.net] . I personally prefer the driver pack from driverpacks.net because it is updates a little more often, but the first one has some of the more obscure drivers included, so it is nice to have both. And in case you haven't tried it lately Windows update actually includes most of the drivers for even slightly popular hardware, so often I don't even need the disc. Hoe much easier do you want?

Have you ever tried selling Linux boxes to REAL folks? I mean average Joes, not geeks with IT experience. I have, and I was looking at 600% return rates. I shouldn't have been surprised as MSI [laptopmag.com] was looking at 400%. That kind of return rate will bankrupt me and therefor I won't be selling anymore Linux machines for at least 2 years. And before the Linux fanboys start modding me to hell or saying "get out of 1998 with your FUD" the last time was right after Ubuntu 9.04 came out.

Now lets have some REAL "get the facts" FACT-Support in Linux for consumer level hardware sucks. I'm sorry but it does and there is a REASON for that, and it ain't a MSFT conspiracy. It is because Linux is currently divided into two factions, and has been since Linux and RMS started snarking at each other. On the one hand you have Linus and the useability camp, and on the other RMS and "everything must be free!" hardcore believers that treat Linux as a religion and not just an OS. BTW, if you want to look it up(too fucking tired ATM) RMS uses a Loongson ARM Netbook because he refused to use a PC without even the BIOS being "free"! And unfortunately there are enough "true believers" to make sure you NEVER get even 1/3rd the driver support for Windows.

You see, if I am a hardware manufacturer I can write just 4 Windows drivers and have every consumer OS covered from 1998-2014, with ZERO out of pocket after the drivers have been written: I just have my guys write a Win98/ME, a Win2K/XP32, a WinXP64/Vista 64, and a WinVista32/Win732. Because Win7 can use WinVista drivers I have just covered every Windows users for 14 years with no more out of pocket. I simply can't do that on Linux? Why? Because the RMS believers will NEVER allow you to have a stable ABI in Linux, that's why. Because if there was a stable ABI Linux could actually have working binary drivers from all those companies that now refuse to support Linux, and frankly will continue to refuse to support Linux as long as you demand full hardware specs and code. Sorry, if the choice is opening our hardware and code and risking a patent troll lawsuit or not supporting Linux? Well then Linux don't get supported, just as it isn't now.

Finally for proof why Linux can't be sold to home consumers, I offer the "hairyfeet challenge" where I will prove to you beyond a shadow of a doubt that despite its flaws Windows beats Linux for home consumers and non IT types. Ready? From this moment on you are my consumer, who has just bought a Kubuntu box from me. You must NOT do research before you go shopping, because home users don't research anything than is less expensive than a car. Ready? Open three browser tabs. You are now three consumers who just bought Kubuntu. Now go to Walmart.com, Bestbuy.com, and Staples.com. Those are the big three for PC gadgets. Now buy these three items by putting them into your cart, which are the items that are most requested-An all in one printer, a USB wifi stick, a USB TV tuner. Now go and see if your new purchases work in Kubuntu. Go on, I'll wait.

Didn't work, did they? I'm betting if you don't cheat and do research you willl MAYBE get out of there with 60% kinda working, maybe. Which means you would have three pissed off customers bringing back the PC to be "fixed" and when I couldn't demand their money back. And before someone comes up with the "bright" idea that I should bundle or sell "support" contracts.NO, the margins on the above items would bankrupt me thanks to places like the above store buying by the trainload and undercutting me, and as for contracts? See Best Buy and how hated they are for trying to shove extended warranties. I sell PCs, not electronics.

But now you see why despite all your complaints about Windows it still stomps Linux for the consumer market. The reason Linux works in servers and enterprise is because Linus and all his friends working for big corps like Red Hat are paid millions to make damned sure that Linux "just works". Expecting a bunch of guys in their spare time to reverse engineer the countless gadgets just on the market today is sheer insanity. But until those followers of RMS agree to compromise and allow a stable ABI the situation simply won't be getting much better. All those corps that have enterprise business have released their specs. For those in the home markets it simply doesn't make sense to. And without drivers Linux will remain a teeny tiny niche. After all, I can pick up any piece of hardware made in the last decade and pop in my driver DVD and have it up and running in under 10 minutes. Can you do the same in Linux? The hardware manufacturers write for Windows because it is a "write once, use forever" platform. Sadly Linux will never get to be that as long as RMS holds as much sway as he does. But then again we are talking about a guy who wouldn't continue to use the OLPC because in his opinion it STILL wasn't "free" enough. And sorry for the length, but some ideas can't be put into a catchy slogan, at least not by me.

Re:Beta testers (1)

rantingkitten (938138) | more than 5 years ago | (#28414261)

I dunno, dude. My sister lives in Israel and her laptop recently broke, so I offered to send her a new one as they are insanely expensive there and I had an old HP nx7400 lying around. What I did not have was a Windows disc of any kind, so I put Ubuntu on it for her. It installed in forty minutes with all the drivers working properly, including video, ethernet, wireless, and sound -- four things I've never seen work properly out of the box on any Windows install.

In Windows I always have to fuck around for an hour hunting down drivers, with a secondary computer, and looking up the specs on the computer to find out what hardware it has cause Windows sure ain't gonna tell me ("Unknown Device" isn't helpful, guys).

To be nice I loaded her computer up with some mp3s. I did this by using a free USB drive I got as a promotional item from the Camel girls that come round to clubs and bars hawking cigarettes. It's a cheap little half-gig piece of junk, and worked fine.

She's using this machine on a daily basis now, and having no problems. Her random-ass Brother printer worked when she plugged it in. I don't have to get calls from her every week about how her computer is "running slow" because of all the crapware she's downloaded. I don't have to deal with making sure her virus scanner is updated, and whether or not it even works (cause we all know they really don't). And once I showed her where Synaptic was she was fine with using that to get new programs -- and *I* don't have to worry about her downloading random, untrusted executables from god-knows-where on the web.

I don't know about TV tuners so I can't comment. What I do know is that my sister knows absolutely nothing about computers and is having zero problems using Ubuntu as her day-to-day OS, on a completely random computer I had lying around, with whatever completely random hardware she has lying around (her printers and USB sticks).

Re:Beta testers (0)

Anonymous Coward | more than 5 years ago | (#28558633)

Most of what you say may be true, but...

After all, I can pick up any piece of hardware made in the last decade and pop in my driver DVD and have it up and running in under 10 minutes.

This isn't really true if you are running Vista now is it? Exactly how much hardware made more than 4 years ago will have Vista drivers? Some big-name manufacturers will care to update their drivers, but lots of smaller ones don't care about old hardware they no longer sell.

However, if there are drivers for hardware in the Linux kernel, they'll most likely get updated for new versions. The kernel devs are generally willing to write and maintain drivers for the kernel so long as the manufacturers provide adequate documentation, so there isn't necessarily a high cost to manufacturers, to get their devices supported in Linux.

This means you may well have more luck getting a new version of Linux running on old hardware than you would for Vista.

And a nitpick, you didn't get 600% return rates on Linux boxes, that would mean you were having 6 times as many PCs returned as you sold. After reading the linked article about MSI and Linux, I guess what you mean is that you have 6 times the returns for Linux boxes than you do for Windows boxes, although that figure is not terribly meaningful without knowing the return rates for Windows and whether it is proportional to the number of sales or is in absolute numbers.

Re:Beta testers (1)

Lord Bitman (95493) | more than 5 years ago | (#28402323)

Microsoft takes down those patches? I thought they just released advisories on unrelated pages.

Re:Beta testers (3, Insightful)

ForAllTheFish (1191163) | more than 5 years ago | (#28395945)

I wish more companies would do this with patches. Historically, some non-trivial percentage of all patches (to some OS or software) also caused a new bug under some small percentage (like 10%) of the possible software configurations out there. It's better to patch, cause issues, and roll back on a few thousand users than a few hundred thousand. A week later, the quality for all users is the same.

Re:Beta testers (1)

Brian Gordon (987471) | more than 5 years ago | (#28396809)

I wish Google would fix its gaping security holes at all; I don't care how they do it. On my Gentoo Firefox 2 I'm invulnerable. On my XP Chrome, accidentally clicking an on.nimp.org link necessitates a hard power down. I'm paranoid about every click on Chrome.

Re:Beta testers (1)

bennomatic (691188) | more than 5 years ago | (#28399317)

The methodology--i.e. random users--is not necessarily ideal, though. Wouldn't it be nice if there was a "labs" option in the browser so you could volunteer to be a guinnea pig? Then maybe after the early adopters, feed out the updates at a rate of 10% a day to hoi polloi.

Glass ($halfEmpty != $halfFull) (3, Insightful)

mcrbids (148650) | more than 5 years ago | (#28396109)

Any time you release a new version of software, there's an increased likelihood that there will be unforeseen bugs not specifically tested for. You can test tell you're blue in the face, but no matter how you look at it, real-life is the real test.

And it's not just bugs. Even when things are working exactly to plan, you don't necessarily want to roll it out everywhere all at once.A good example is our password-change policy - we now require periodic changes in passwords. When we did this, requiring everybody to change their password, we did it "gracefully" over a month's time so that the help desk wouldn't be overwhelmed by idiots who don't understand the idea of changing their password.

It's pretty sad that something so simple would cause people to freak out, but it does, and that's just humanity. Get over it, already. People are people, and it's easier to spread the work out over a period of time rather than just beat yourself up all at once.

Gradual roll-out is a *good thing* unless it's a terrible security issue that must be addressed immediately.

Re:Beta testers (1)

bonch (38532) | more than 5 years ago | (#28396347)

A knee-jerk response on Slashdot in an attempt to get an easy +5? I'm shocked.

It's not a "beta test." The updates are real updates. They're merely controlling the rate of distribution in case an issue comes up.

Re:Beta testers (2, Interesting)

Ash Vince (602485) | more than 5 years ago | (#28398067)

So basically, they're getting a random sample of their user base to beta test updates in the wild for them. I hope there's some kind of warning about this while using it.

Since none of us actually read the licence agreement there probably is :)

but according to this IE already wins in that area (-1, Troll)

Anonymous Coward | more than 5 years ago | (#28395803)

hope you guys would have seen this http://iewins.blogspot.com/2009/06/how-internet-explorer-80-win-browser.html microsoft has released a comparison chart against firefox and chrome. it shows it is most secure, reliable, performant, etc. etc...

willy smacking machine (-1)

Anonymous Coward | more than 5 years ago | (#28395835)

Imagine your willy being smacked until it bleeds. Sponsored by the willymedia foundation.

ad block plpus (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#28395913)

how about how chrome kills unrelated software - *cough* adblock plus on seamonkey *cough*

Omaha (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#28395929)

Am I the only who miss read that as 'Obama'?

Russian Roulette Anyone? (0, Troll)

n00btastic (1489741) | more than 5 years ago | (#28395989)

I thought Google's motto was 'Be Not Evil'?

Re:Russian Roulette Anyone? (5, Funny)

InsertWittyNameHere (1438813) | more than 5 years ago | (#28396059)

The "Don't Be Evil" policy currently only applies to a fraction of Google's userbase. Once they verify the quality of this policy they will release it to all users.

Don't Be Evil [BETA]

Re:Russian Roulette Anyone? (1)

buchner.johannes (1139593) | more than 5 years ago | (#28397343)

Google - Probably not evil.

Re:Russian Roulette Anyone? (2, Insightful)

somersault (912633) | more than 5 years ago | (#28397609)

Google - nicer than most of those other bastards.

Re:Russian Roulette Anyone? (3, Funny)

Bill Dog (726542) | more than 5 years ago | (#28398931)

Google - evil you can trust!

Re:Russian Roulette Anyone? (3, Funny)

geobeck (924637) | more than 5 years ago | (#28396591)

I thought Google's motto was 'Be Not Evil'?

Actually it's "Do no evil." So you can be as evil as you want, as long as you don't act on it. Even Dick Cheney could work for Google if he stopped... um, well... breathing.

Re:Russian Roulette Anyone? (1)

Paaskonijn (1220996) | more than 5 years ago | (#28397197)

*Sigh* Here we go again...

No it's not. It's "Don't be evil." [wikipedia.org]

Is it really that hard to remember? Especially taking into account this gets brought up every single time Google gets a mention in an article's summary.

Re:Russian Roulette Anyone? (1)

geobeck (924637) | more than 5 years ago | (#28397311)

Yes, but that would ruin the joke! :P

Re:Russian Roulette Anyone? (0)

Anonymous Coward | more than 5 years ago | (#28400487)

That particular wikipedia page is actually weaker than necessary - it calls "Don't be evil" the *unofficial* company slogan, but it's much stronger than that, as it's in the Code of Conduct, as per a copy on the investor site, with tons of explanation as to exactly what it means to/for them.

http://investor.google.com/conduct.html

A better wikipedia page would be that of the phrase itself, which at least links to the code of conduct page just mentioned:

http://en.wikipedia.org/wiki/Don%27t_be_evil

Re:Russian Roulette Anyone? (1)

slim-t (578136) | more than 5 years ago | (#28401529)

Actually it's "Do no evil." So you can be as evil as you want, as long as you don't act on it. Even Dick Cheney could work for Google if he stopped... um, well... breathing.

My theory is that Dick Cheney died of a heart attack in 2002. He stopped breathing, but his replacement robot kept right on being evil.

Now for a better scheduler (4, Interesting)

Anonymous Coward | more than 5 years ago | (#28396017)

Now if they could stop running googleupdate crap ALL THE TIME (maybe use the OSs built in scheduling system to run every so often) and give me more control over when/how things get updated it will be much better.

Re:Now for a better scheduler (4, Interesting)

Anonymous Coward | more than 5 years ago | (#28396305)

It _is_ killable - ironically, part of what you have to do is delete the job from the scheduler which restarts the damn thing every so often.

It could do with a more user friendly ticky box to turn it off, but it's not completely evil.

One thing I've never understood is why MS didn't expose the Windows Update facilities to other vendors (with user approval, of course.) A one-stop shop for updates a la Ubuntu's Update Manager would be a hell of a lot less messy, and it would actually work for people who do the Right Thing and don't run with Admin / Power User privileges.

Re:Now for a better scheduler (0, Flamebait)

sexconker (1179573) | more than 5 years ago | (#28396559)

Damn thing doesn't let me kill it if I have google toolbar installed.
Every run of the browser reenables it, so google toolbar went bye bye (who the fuck needs it anymore anyway?)

Similar to Apple's updater.
Install quicktime. No I would not like to keep my apple software up to date.
Next week: "Updates are available for your appler software"
Next restart: "You have Shitfari!"

So, Quicktime is gone now (no, I don't use iTunes) too. (I tolerated qttask.exe for ages, I wasn't about to put up with anymore shit.)

Do NOT get me started on java quickstart or adobe's piece of shit updater.

Updaters can die in a digital fire.

Re:Now for a better scheduler (1)

EdZ (755139) | more than 5 years ago | (#28398141)

If you have to open administrative tools and disable it's scheduled task just to turn it off, it's pretty damn evil. As is bundling it with every application, with no clean version available (or at least, no clean version that aren't buried in a forum link somewhere).

An anecdote: last time I installed Google Earth, I immediately ran the uninstaller for Google update (incidentally, the Google Earth installer makes no mention that it is installing the Google Updater for you). Not a few minutes later, Comodo is warning me that Google Updater is trying to access the internet. 3 killed process later, and no problems. Until about half an hour passes, and those processes are back again. Removing the scheduled tasks this time stopped the processes from returning.

Re:Now for a better scheduler (1)

eliphas_levy (68486) | more than 5 years ago | (#28399607)

Here goes... If *I* know how to add a scheduled task to windows scheduler at install time (when I have the god-admin-rights) - how google does not? Oh yes, it knows... but it does not want it to be simple. Do no evil. I always put a (unchecked) .CMD file backup task to the whathever-install that I make. Could not google do the same? Yes.

Wake me... (1)

Enderandrew (866215) | more than 5 years ago | (#28396071)

Wake me when there is a Qt4 fork of Chromium, or a version of Rekonq that implements Chrome's separate process model.

Geez, I complete misread this . . . (0)

Anonymous Coward | more than 5 years ago | (#28396159)

One tool Chrome uses is a recently open-sourced update distribution application called 'Omaha.' 'Omaha automatically checks for software updates every five hours. When a new update is available, a fraction of clients are told about it, based on a probability set by the team. This probability lets the team verify the quality of the release before informing all clients.'"

TO:

  One tool Chrome uses is a recently open-sourced update distribution application called 'Obama.' 'Obama automatically checks for software updates every five hours. When a new update is available, a fraction of clients are told about it, based on a probability set by the team. This probability lets the team verify the quality of the release before informing all clients.'"

Re:Geez, I complete misread this . . . (1)

sexconker (1179573) | more than 5 years ago | (#28396763)

How much do they pay Obama for this?

No Thanks (2, Interesting)

sexconker (1179573) | more than 5 years ago | (#28396485)

Every 5 hours?
Fraction?
Probability?
Set by the developer?
Verify the quality?

Yeah, no thanks.

I want updater services to DIE.

Check for an update when I launch your program, and give me the option to turn it off.
Don't run in the background all the time.

Give me the option to manually check for updates.
If there are updates, list them and let me choose whether not to install them. Also supply details about the update, preferably without making me launch your web page.

Tell me which updates will require restarting the program. Tell me how large they are. Give me the option to download now, and install later.

Quality test the fucking updates yourself.
All users should be able to get the update at the same time, with a probability of 1.

Re:No Thanks (2, Interesting)

Anonymous Coward | more than 5 years ago | (#28396849)

The problem is if they do that, then 90% of the non-power user internet users won't EVER update. Which means security flaws are never patched. Which means they get a bad name for not fixing a problem that was patched 5 months ago.

I admit that patchers and automatic updaters are a real headache and I wish most of them would just die already... But the simple fact is I'm a power user. Most people (of which my brother is one) don't care. He would rather it handle his business for him cause it's one less thing he has to think about. (no I don't particularly understand this point of view but putting that aside)

Also, as another poster pointed out... They do test the updates, however, they cannot simulate EVERY situation or EVERY computer in existence. It's just impossible. A statistically small roll out makes sense and means that at any one given time, the chance you have to bear the burden of beta tester is minimized. To me, this is an acceptable situation however I would very much like it if they did what you suggested. I would love to have all the details about all the patches and updates immediately shown to me so I can choose what to do with them. However, in the long run, it's just not user friendly for the other 90% of the consumers.

Re:No Thanks (1)

Capt.DrumkenBum (1173011) | more than 5 years ago | (#28396897)

Sounds like someone needs to buy them self a Mac.

No webpage.
Can be told to bugger off when I am busy.
Tells me if an update requires restart.
Can for shutoff, and run manually if you insist.

Re:No Thanks (1)

sexconker (1179573) | more than 5 years ago | (#28397465)

Oh, Windows updates work just fine with regards to what I want.

It's the application updates I hate.

Adobe, Apple, Google, Java, etc. are all varying degrees of in your face, shitty options, shitty deployment routines, and outright ignoring my preferences.

Re:No Thanks (0)

Anonymous Coward | more than 5 years ago | (#28401063)

"...Google ... are all varying degrees of in your face"
Sorry, no it isn't. Google Update is using 244KB of RAM when its not doing anything on my machine. When an update is available, it downloads and installs the update without any prompts, or frankly annoying Windows Update alert boxes.

How is 244KB of RAM, and a silent upgrade "in your face". Do explain, because I'd like to see your attempt at a non-in-your-face updater.

Get the facts (1)

chainz (1342259) | more than 5 years ago | (#28396755)

Microsoft say that Internet Explorer 8 is the secure browser!?! Plus much more: http://www.microsoft.com/windows/internet-explorer/get-the-facts/browser-comparison.aspx [microsoft.com]

Re:Get the facts (1)

Thermionix (1473355) | more than 5 years ago | (#28399521)

this is quite seriously one of the most amazing pages I've ever read.

Microsoft believes that IE8 is the greatest browser that has ever existed, and that will ever EXIST, sure chrome, firefox and opera are mean to children, drown puppies and are generally horrible, but do they really deserve this??

I found the page may have at least had some truth, if everywhere Internet Explorer was said, you replaced it with opera.

Re:Get the FUD (1)

viralMeme (1461143) | more than 5 years ago | (#28401015)

"Internet Explorer 8 takes the cake with better phishing and malware protection, as well as protection from emerging threats"

"Firefox and Chrome have more support for emerging standards like HTML5 and CSS3, but Internet Explorer 8 invested heavily in having world-class, consistent support for the entire CSS2.1 specification"

"Internet Explorer 8 is more compatible with more sites on the Internet than any other browser"

The problem with frequent updates (0)

Anonymous Coward | more than 5 years ago | (#28397895)

...is that verifying the veracity of frequent update requests will grow tiresome and people will just click "Ok" without thinking. It'll be easy for an attacker to spoof their popup or whatever they use for notification and attach a malicious download. Even better the attacker can have the update "require your password" before proceeding and look ligit.

NEVER ok a software update unless you've initiated the "check for updates" yourself.

Chrome is useless (0)

Anonymous Coward | more than 5 years ago | (#28399823)

One of the things the Chrome developers forget to mention all the time is that Chrome only works on x86 and arm CPUs (due to the proprietary V8 JS engine and the sandboxing system). I will continue using Firefox, thanks.

Another reason to turf Flash ASAP (3, Informative)

tonywong (96839) | more than 5 years ago | (#28399959)

And get into HTML5 for video etc:

"Google Chrome must support plug-ins such as Flash Player and Silverlight so users can visit popular Web sites such as YouTube. These plug-ins are not designed to run in a sandbox, however, and they expect direct access to the underlying operating system. This allows them to implement features such as full-screen video chat with access to the entire screen, the userâ(TM)s webcam, and microphone. Google Chrome does not currently run these plug-ins in a sandbox, instead relying on their respective vendors to maintain their own security."

I am removing V2 and disabling the auto-update. (0)

Anonymous Coward | more than 5 years ago | (#28400579)

Version2 of Chrome is STILL terrible from the first release i used back when it appeared on the dev channel.

Doing something as simple as opening up the Bebo homepage (lol) rockets my D-C (1.7Ghz) up to 90% across both, sometimes 100%, interrupting all other tabs and even other applications!
In fact, it happens pretty much with any site, besides the more simpler sites with just HTML.
I think the only explanation is that new Full Page Zoom crap, the most useless feature ever. I don't give a damn about consistent zooming, if i did, i would ENABLE it, but i don't.
It only seems to happen when a page is loading, yes, read that again, when a page is loading, so even if some server on the other end is taking a year to reply to me, the CPU is using 90-100% until it is finished!

This simply will not do. They have lost me now. Fuck V2.
I will stick with V1 (in a sandbox, "yo dawg" blah blah etc) until they decide to get their damn act together, Version 2 is still unacceptable for a release. I know you guys said you were going to start going away from the whole Permanent Beta thing, but JESUS, calm the beans a little, you're acting as if you're on steroids or something. (literally, not being able to think and releasing sloppy inefficient code)
And a bigger kick in the teeth is the fact that Multi-Profiles missed this launch. ALSO, scrolling is still quite bad, including some strange offset that is generated on middle clicking. (which was the same with flash on right clicks, but the Flash offset was several hundred pixels.)

A similar thing happened with Mozilla and Firefox releases, adding useless features at the sacrifice of SPEED and MEMORY.
Don't become the next Mozilla, please don't become the next Mozilla, they ruined Firefox, they horribly done it wrong every release that requires developers to update their code almost all the time because they keep screwing around with stuff that should be 100% static.

Chrome and Bebo homepage (1)

viralMeme (1461143) | more than 5 years ago | (#28401003)

"opening up the Bebo homepage (lol) rockets my D-C (1.7Ghz) up to 90% across both, sometimes 100%, interrupting all other tabs and even other applications!"

Hadn't noticed here on this 768MB ~2992 Mhz machine ..

Re:Chrome and Bebo homepage (0)

Anonymous Coward | more than 5 years ago | (#28401297)

By home page, i mean logged in, the user home page.

Also, funny that even on a new fresh install, it STILL does it.
The fact that it still does it is exactly why i will be erasing it and going back to V1 until they decide to actually release a version that won't destroy my CPU just by opening a page.

I don't want features i don't care for to be core functionality, especially if they are so resource-intense.
Full Page Zoom (which is almost certainly the cause of it) is one of those. Even if i was of really poor eyesight, i would never force anyone to have to use FPZ.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>