[TheRecord] Google removes support for FTP and old-gen U2F security keys in Chrome 95

Google has released today Chrome v95, the latest version of its popular web browser, a version that contains several changes that will likely cause problems for a considerable part of its users.

The problematic changes include:

removing support for File Transfer Protocol (FTP) URLs — ftp://removing support for the Universal 2nd Factor (U2F) standard, used in old-generation security keys (Chrome will only support FIDO2/WebAuth security keys going forward)adding file size limits for browser cookies [see here]removing support for URLs with non-IPv4 hostnames ending in numbers, such as http://example.0.1 [see here]

In addition to breaking changes, Chrome 95 also comes with a new UI component called the “Side Panel,” which can be used to view the Chrome browser’s Reading List and Bookmarks. This panel can be enabled via the following Chrome flag:


Image: The Record

Additionally, Chrome 95 also ships with developer-focused changes and security fixes. Other changes are detailed in the image below:

Image: The Record

The post Google removes support for FTP and old-gen U2F security keys in Chrome 95 appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[HackerNews] Critical Flaws Reported in Sage X3 Enterprise Management Software

All posts, HackerNews

Four security vulnerabilities have been uncovered in the Sage X3 enterprise resource planning (ERP) product, two of which could be chained together as part of an attack sequence to enable adversaries to execute malicious commands and take control of vulnerable systems. These issues were discovered by researchers from Rapid7, who notified Sage Group of their findings on […]

Read More

[SANS ISC] Please fix your E-Mail Brute forcing tool!, (Wed, Oct 13th)

All posts, Sans-ISC

Recently, I am seeing a lot of identical failed login attempts against my mail server. Just today, about 130,000 of them. The vast majority (124k+) come from one subnet: inetnum: – mnt-domains:    RER-MNT netname:        RoshangaranErtebatatRayaneh country:        IR org:         […]

Read More

[SANS ISC] Uncovering Shenanigans in an IP Address Block via Hurricane Electric’s BGP Toolkit (II), (Fri, Jul 23rd)

All posts, Sans-ISC

Today’s diary revisits hunting for dodgy domains via Hurricane Electric’s BGP Toolkit [1]. This was previously done in an earlier diary [2], and I plan to do this occasionally to share potential or identified threats so that readers can be aware of them. I selected the IP address block of this time, partly also […]

Read More