When Google popped out Chrome 56 at the end of January it was keen to remind us it's making the web safer by flagging non-HTTPS sites. But Google made little effort to publicise another feature that's decidedly less friendly to privacy, because it lets websites connect to Bluetooth devices and harvest information from them through the browser.
[...Pete] LePage, in the video, says: "Until now, the ability to communicate with Bluetooth devices has been possible only for native apps. With Chrome 56, your Web app can communicate with nearby Bluetooth devices in a private and secure manner, using the Web Bluetooth API. "The Web Bluetooth API uses the GATT protocol, which enables your app to connect to devices such as light bulbs, toys, heart-rate monitors, LED displays and more, with just a few lines of JavaScript."
Let's start with LePage's security-and-privacy claims: what Google means is that the server-to-browser connection is over TLS, and users have to allow connection with a touch or a mouse click. To reiterate: as a user, you have to explicitly grant the remote web app access to your Bluetooth gadgets before anything happens. Then you select a device to pair with the webpage, and away you go. The webpage can filter for devices, so for example, a health site can ask to be paired with gadgets that have a heart rate sensor. A site can't see any device until it is paired.
Source:
https://www.theregister.co.uk/2017/02/05/chrome_56_quietly_added_bluetooth_snitch_api/
(Score: 3, Interesting) by NCommander on Tuesday February 07 2017, @07:00AM
Update: having now actually read the specification, its limited to BLE GATT profiles. That's *slightly* better since GATT is essentially used to read iBeacons and other locator tags. However, it has a read/write component so a phone can be used to configure with them; I did some freelance work awhile ago on implementing this on a microcontroller. Still absolutely braindead. I wish the Mozilla folks would get their heads out of their ass and stop making Firefox suck so I could switch back to it as my primary browser, but I'm not exactly holding my breath on that note anymore.
(I've tried Pale Moon, but I find it to be rather laggy on Linux. It's OK on Windows).
Still always moving
(Score: 2) by c0lo on Tuesday February 07 2017, @07:34AM
Maybe its best to look int lynx again? it's the oldest browser still maintained.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 2) by boltronics on Tuesday February 07 2017, @09:44AM
Funny you should mention that. I recently (as in, the last week) switched all my computers over to Pale Moon because Firefox was too laggy.
Last week at work, I clicked the Firefox launcher icon (Firefox ESR under Debian Jessie on an i7-930 with 24Gb of RAM), waited about 5 seconds, got tired of waiting and clicked on the Pale Moon launcher icon, Pale Moon opened and I typed in the URL, the page started loading and then Firefox finally appeared. At that point, Firefox just had to go.
Well, that and that they took out Group Tabs and said "use this extension if you want it back", and then shortly afterwards the developer of the extension said he wouldn't be maintaining it anymore due to Mozilla changing the API in a way that would basically require a complete rewrite.
Also, Firefox Sync is no longer compatible with my ownCloud Sync server (without messing around a lot in about:config at least), whereas Pale Moon uses the better, older Sync method that continues to work just fine. Pale Moon for Android also works fine with ownCloud Sync, whereas Firefox Mobile does not, so I made the switch on my phone too.
Oh, and Pale Moon doesn't have all of the privacy issues that I previously had to fix every time I installed it - disabling domain security checks, crash reporting, etc. And I don't need to worry about EME extensions and all that nasty DRM in my browser. I've been using Firefox since it was called Phoenix (which was before it was called Firebird). Wish I had tried switching sooner.
It's GNU/Linux dammit!
(Score: 0) by Anonymous Coward on Tuesday February 07 2017, @12:23PM
stop making Firefox suck so I could switch back to it as my primary browser
What are you using?
I've recently switched to QupZilla, which i like, but it isn't very stable. I don't really like chromium and Opera isn't open.
(Score: 0) by Anonymous Coward on Wednesday February 08 2017, @03:22PM
"Update: having now actually read the specification, its limited to BLE GATT profiles". Not for long.