Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Friday December 13 2019, @11:48PM   Printer-friendly
from the what's-wrong-with-my-browser dept.

BleepingComputer recently published an article which says:

Google is now banning the popular Linux browsers named Konqueror, Falkon, and Qutebrowser from logging into Google services because they may not be secure.

[...] In tests conducted by BleepingComputer, we can confirm that we were unable to log in with Konqueror or Falkon on multiple machines. When attempting to do so, we were told to try a different browser as Konqueror or Falkon may not be secure.

[...] Even stranger, some users have reported that they could still login with Falkon [1, 2].

This has led people to offer a variety of theories for why this is happening including it being an A/B test being done by Google, related to the version of QtWebEngine installed, or maybe even an account setting such as 2FA being enabled.

Google does have discriminating tastes, does it not?


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Informative) by driverless on Saturday December 14 2019, @02:37AM (7 children)

    by driverless (4770) on Saturday December 14 2019, @02:37AM (#931915)

    It's also got nothing to do with security, it's whatever a bunch of unaccountable children at Google have decreed to be "secure" over their hot chocolate milk this morning. For example you'll see crap all over Google's web pages going on and on and on about Gmail and insecure apps, but what that really means is "doesn't use OAuth 2.0". That's their entire definition of "insecure". You could be running on an unpatched Windows 95 box from a public Internet cafe in Kazakhstan but as long as you can talk OAuth 2.0, you're "secure" as far as Google is concerned.

    So for the "insecure" Linux browsers, all it may take is reverse-engineering whatever it is that the Google children have decreed as insecure, add token support for whatever they want to see to declare it "secure", and you're done.

    Starting Score:    1  point
    Moderation   +3  
       Insightful=1, Informative=2, Total=3
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   5  
  • (Score: 3, Insightful) by Arik on Saturday December 14 2019, @02:42AM (5 children)

    by Arik (4543) on Saturday December 14 2019, @02:42AM (#931917) Journal
    The same alphabet that forces ecmascript blobs down your throat claiming a proper web browser is 'insecure.'

    What am I lacking to be 'secure?' Some fancy ssl/tls upgrade? Nah.

    I need to let them run their apps in the browser. That'll be SOOOOO MUCH MORE SECURE!!!!!!

    The chutzpah of these scam artists is only matched by their market cap.
    --
    If laughter is the best medicine, who are the best doctors?
    • (Score: 5, Funny) by fido_dogstoyevsky on Saturday December 14 2019, @03:32AM

      by fido_dogstoyevsky (131) <{axehandle} {at} {gmail.com}> on Saturday December 14 2019, @03:32AM (#931932)

      ...The chutzpah of these scam artists is only matched by their market cap.

      I read that as "market crap".

      --
      It's NOT a conspiracy... it's a plot.
    • (Score: 0) by Anonymous Coward on Saturday December 14 2019, @02:26PM

      by Anonymous Coward on Saturday December 14 2019, @02:26PM (#932041)

      It's all just because QtWebEngine is based on Chrome, so it's always behind and playing catch-up. Chrome is the most popular browser so even a short period of exposure could be enough to leave you vulnerable to script-kiddies using last week's new tricks.

    • (Score: 2) by Joe Desertrat on Saturday December 14 2019, @11:37PM (2 children)

      by Joe Desertrat (2454) on Saturday December 14 2019, @11:37PM (#932190)

      I need to let them run their apps in the browser.

      They are starting to push for apps being downloaded to your desktop. That way, there will always be access...

      • (Score: 2) by DeVilla on Wednesday December 18 2019, @02:53AM (1 child)

        by DeVilla (5354) on Wednesday December 18 2019, @02:53AM (#933555)

        Is that why I kept getting the yellow bar at the top of the google page telling me I need to enable DRM in firefox? I didn't and it went away after a week or so.

        Serious question. The browser was telling that google.com needed drm enable for some reason and I could never find out why. IT worked fine without. Why?

        • (Score: 2) by Joe Desertrat on Wednesday December 18 2019, @10:48PM

          by Joe Desertrat (2454) on Wednesday December 18 2019, @10:48PM (#933961)

          I can't tell you why but I can suggest using the NoScript or uMatrix add-ons (if you are not already doing so) and not allowing the Google scripts to even run unless you need them for some reason.

  • (Score: 0) by Anonymous Coward on Sunday December 15 2019, @09:51AM

    by Anonymous Coward on Sunday December 15 2019, @09:51AM (#932333)

    cos OAuth 2.0 is insecurity by obnoxious design.