Making Sense of Chrome Lite Pages - TimKadlec.com
Tim takes a closer look at this Google Lite thing.
Chromium Blog: A safer default for navigation: HTTPS
Just over a year ago, I pondered some default browser behaviours and how they might be updated.
The first one is happening: Chrome is going to assume https before checking for http.
Now what about the other default behaviour that’s almost 15 years old now? When might a viewport width value of device-width become the default?
Related links
So We Got Tracked Anyway
Even using a strict cookie policy won’t help when Facebook and Google are using TLS to fingerprint users. Time to get more paranoid:
HTTPS session identifiers can be disabled in Mozilla products manually by setting ‘security.ssl.disablesessionidentifiers’ in about:config.
A cartoon intro to DNS over HTTPS – Mozilla Hacks – the Web developer blog
This is a great illustrated explanation of how DNS resolution works.
Google and HTTP
I share many of these concerns.
The web is huge. Even bigger than Google. I love that the web preserves all the work. I don’t think anyone has the right to change the web so they no longer work.
PushCrew Push Notifications for HTTP websites
A nasty service that Harry noticed in his role as chronicler of dark patterns—this exploits the way that browser permissions are presented below the line of death.
Related posts
Insecure …again
Breaking the web for security.
Insecure
Security or access: choose one.
CSS for all
Whatever happened to Mozilla’s stated policy of restricting new CSS properties to HTTPS?
Someday
Changing defaults in browsers …someday.
This is for everyone with a certificate
The browser beatings will continue until morale improves.