Xmarks helps polish Chrome


The guys over at Xmarks are working hard to bring their bookmark synchronization service to all browsers and platforms. They’ve recently begun a closed alpha test for their Google Chrome/Chromium extension. We got an invite and decided to give it a test run. Since extensions aren’t yet fully supported, and still a bit buggy you’ll need to use the latest build in the dev channel of Chrome, which means at least version or newer. We tested it on version for Ubuntu with great success. The extension is still pretty basic since it’s still at an alpha stage, but works very well with synchronizing bookmarks across different platforms and browsers. Some of the things left out from the Firefox version are profiles, smarter search, site info and suggested tags. For an alpha release, it’s very well done and functions great, and we’re certainly looking forward to this extension as it develops further.

Mozilla Fennec Alpha 3 for Windows Mobile released


Mozilla released the latest alpha version of their new mobile browser Fennec for Windows Mobile. It brings many new features and fixes, such as improved startup time and a caching system to help scrolling on a page. They have also added support for a wider range of screen resolutions, and for those of us running an HTC Touch Pro support for zoom via the directional pad has been included in this release. Being an alpha release, it’s still a bit on the buggy side, but is very a promising browser for mobile phones. The final release should give other browsers a run for their money.

Blackberry download limit remover

On the standard Blackberry Web Browser, there is a fixed file download limit of 2.3MB. Many users avoid this by installing a 3rd party browser (such as Opera Mini, for example), but there is still that bitter taste for having an extra web browser around just to download decently sized files. This limit seems to be imposed by a certain WAP port that the Blackberry is set to use by default, which blocks any file greater than this. Fortunately, [0mie] has found a way to reconfigure the default Blackberry Browser to use a different port without this restriction. Step by step walk through, links to the file required, and screen shots of large file downloads are provided. [0mie] claims that this hack works on a number of different phones and OS versions, and we are sure he would appreciate a wider audience to test this with.

[Note: This hack seems to use a Chinese provider as a proxy, so there may be privacy issues, etc. As always, hack at your own risk.]

Remote image processing in JavaScript

[Tom] wrote in to tell us about his JavaScript project for motion detection. It ties together two ideas we’ve talked about recently. The first is doing image processing in-browser using Canvas(), which we’ve seen employed in captcha breaking. The second is offloading heavy processing to browsers, which we saw recently in the MapReduce implementation. [Tom] is using JavaScript to compare consecutive images to determine if there’s any motion. He did this as part of MJPG-Streamer, a program for streaming images from webcams. It can run on very limited hardware, but image processing can be very intensive. Doing the image processing in-browser makes up for this limitation and means that a custom client program doesn’t have to be written. You can find the code here and a PDF about the proof of concept.

Distributed computing in JavaScript


We’ve heard about the idea of using browsers as distributed computing nodes for a couple years now. It’s only recently, with the race towards faster JavaScript engines in browsers like Chrome that this idea seems useful. [Antimatter15] did a proof of concept JavaScript implementation for reversing hashes. Plura Processing uses a Java applet to do distributed processing. Today, [Ilya Grigorik] posted an example using MapReduce in JavaScript. Google’s MapReduce is designed to support large dataset processing across computing clusters. It’s well suited for situations where computing nodes could go offline randomly (i.e. a browser navigates away from your site). He included a JavaScript snippet and a job server in Ruby. It will be interesting to see if someone comes up with a good use for this; you still need to convince people to keep your page open in the browser though. We’re just saying: try to act surprised when you realize Hack a Day is inexplicably making your processor spike…

[via Slashdot]

sslstrip, hijacking SSL in network

Last week at Black Hat DC, [Moxie Marlinspike] presented a novel way to hijack SSL. You can read about it in this Forbes article, but we highly recommend you watch the video. sslstrip can rewrite all https links as http, but it goes far beyond that. Using unicode characters that look similar to / and ? it can construct URLs with a valid certificate and then redirect the user to the original site after stealing their credentials. The attack can be very difficult for even above average users to notice. This attack requires access to the client’s network, but [Moxie] successfully ran it on a Tor exit node.

Google Chrome roundup

Google Chrome made a huge splash in the past week, but will it really change the way you browse, and convince you to switch from your current browser? For those who want to play with it but don’t want Google to completely take over their lives, Chromium is the open source project behind Google Chrome. Linux and OS X users can also run Chrome using WINE, although success is not guaranteed. To make an educated choice, read Scott McCloud’s comic which explains the underpinnings. Make sure you’re aware of Chrome’s security vulnerabilities, and take advantage of Lifehacker’s guide to make your browsing experience as convenient and useful as possible. There are some great features, including the ability to log into multiple Google accounts using its much-lauded Incognito mode, which prevents Google Chrome from logging information on your browsing and downloading habits (websites you browse can still track your information). For convenience, you can also install Chrome on a USB drive, and take it anywhere with you. Explore the many Google Chrome blogs that have popped up to provide advice on hacking and tweaking the browser. Or you could just get all your information from 4chan.