You searched for:

porn

My Five Months With Google Chrome

October 5, 2008

in Chrome, Google/SEO

Om Malik wrote an interesting post about Google Chrome one month after the public launch. While I was reading Om’s post, I realized that I wrote a post for the Google Chrome release that I never published. I’ll include it here, and then let’s meet at the bottom and compare notes.

Like many Google engineers, I’ve been running Google Chrome for several months. When I sat down with a blank piece of paper to write down why you should try Google Chrome, I ended up with several reasons, including speed, security, stability, and openness. I’ll run through them for you.

Speed. Google Chrome is wicked fast, especially if you use AJAX/JavaScript-heavy web applications such as Gmail. And it’s not just “benchmark fast,” it’s end-to-end fast. Google Chrome puts special emphasis on never making the user wait. Opening a tab is essentially instantaneous, and all the little pauses that would normally interrupt your workflow just don’t happen. Of course, sometimes a remote web server is slow to return data–there’s nothing that a web browser can do about that–but for everything else, the browser speeds along like lightning.

When Gmail came out, it took me months to switch over. Before Gmail, I used mutt and I had all kinds of crazy customizations and wild procmail rules, so it took quite a while for Gmail to convince me to switch. In contrast, it took less than a week for me to switch to Google Chrome. It’s so scary fast that I felt like I was taking smart pills because of all the extra work and email I could blast through.

Security. As the head of Google’s webspam team, I prowl around some pretty hairy places on the internet. Almost every day I encounter hacked pages, malware, porn, and generally scuzzy pages. The security model in Google Chrome is much stronger than most other browsers I’ve used. I’ve surfed through hundreds of seedy back alleys of the Internet over the last several months, and Google Chrome has safely kept me from being infected or affected by the junky web pages I encounter.

Stability. I loved my previous browser (and still do!), but I got used to killing my browser and restarting it daily to prevent memory leaks from hobbling my machine. I’ve run Google Chrome for weeks at a time with bunches of open tabs and it hasn’t crashed on me or bloated up my computer’s memory. I also love that Google has a “ChromeBot” which takes each new browser build and throws (put your pinky finger to your lips) one million webpages at the build as a torture test. That testing virtually guarantees that everyday web pages shouldn’t crash your browser. Google Chrome has been rock solid for me.

Openness. You aren’t locked in to using Google’s search; you can choose to use any major search engine in Google Chrome. Plus, as you click around the web, you don’t send surfing information to Google. Google Chrome is open-source under a BSD license, so you can check that for yourself. The cool bits of Google Chrome, including V8 (a from-the-ground-up JavaScript virtual machine), are open for anyone to take and use.

The comic book. Still not convinced? If you’re a geek, read the 40-page comic book about Google Chrome. It’s genuinely educational about the design choices that Google made. It turns out that a comic is one of the best ways to introduce a large piece of new software:

You’ve all heard the acronym “RTFM,” right? It stands for Read The *cough* Fine Manual. The next time someone asks whether Google Chrome uses WebKit or something else, I can say RTFC–Read The Fine Comic.

Okay, how well does that post hold up after a month?

On speed, I think Chrome really holds up well. Om’s comments are filled with people who got hooked on the speedy and nice Google Chrome browser experience. A couple people who didn’t like it only tried it for a day; I really think you need to give Chrome a few days (maybe a week) to really notice the end-to-end difference.

On security, I was impressed that so few security holes were found, and most of them required the user to take some additional action or involved social engineering. I have seen very few (no?) attacks like “surf to a random page and your browser gets pwned.” That’s really nice to see; I’m sure the Chrome team was anxious to see what would happen when the outside world tried to attack Chrome. Chrome has been quite robust for a web browser that was only recently released into beta. I continue to surf to really dangerous places with no resulting hijacks or malware.

How about stability? I always thought this would be the weakest point of the Chrome launch, and not because of web pages that would crash Chrome, but because it’s hard to test on a wide variety of real-world hardware when you’re trying to keep a product secret before releasing it. And again, I was surprised that so few things broke. The fact that the Chrome team has released four updates to Chrome in four weeks tells me two things: 1) the worst bugs are going to get knocked down pretty quickly and 2) the Chrome team is very serious about iterating to improve the browser.

Openness is an interesting one. I think the EULA issue caused a short-term goodwill hit. Google corrected the terms in about a day, but it still provided material for the people who dislike the fundamental notion of the Chrome browser. I have to admit that I was surprised that people objected to the “Suggest” feature when you’re typing into the address bar, but it’s good that Google reacted quickly on that one as well. I had a conversation with Danny Sullivan where he urged Google employees to try to look at Google as if they were outside the company and didn’t work for Google. It’s excellent advice and definitely provides a helpful perspective. Ultimately, I think that the open-source nature of Google Chrome’s code should reassure most people and win over fans with time.

And the comic book? I still think it’s a cool way to explain a lot of complex design decisions.

I’ve been watching the Chrome team work, and I believe that they’re going to earn the respect and loyalty of a lot of surfers over time. Their ability to execute reminds me of how the Google Reader team won me over a couple years ago. If you’re running Windows and haven’t taken it for a spin, if you try Chrome for 5-6 days, I think you’ll like it too.

{ 75 comments }

Live-blogging the Google Chrome announcement

September 2, 2008

in Chrome, Google/SEO

Update, 12:49 p.m.: You can try Google Chrome at http://www.google.com/chrome and I hope every Windows user takes it for a spin. It’s only a seven megabyte download, which means it’s really fast to download and try.

Update, 12:46 p.m.: Chromium, the site dedicated to open-sourcing Google Chrome is now open at http://www.chromium.org/

According to a press release this morning, Google will host a webcast press briefing and demo of Google Chrome at 11 a.m. Pacific time today. I think this link (Windows Media Player) or this link (Real Player) will get you there in case you want to watch.

I plan to be in the room and I’ll comment on tidbits that especially catch my ear.

10:58 a.m.: Just got out of another meeting and now I’m sitting in the room with all the press. I see Google Folks like Brian Rakowski and Ben Goodger along the wall. Linus Upson and Sundar Pichai are here too.

11:07 a.m.: Google Chrome will be available at noon today.

11:09 a.m.: Sundar Pichai will talk for about 10 minutes about why Google built Chrome.

11:10: Sundar is contrasting Web 1.0 to Web 2.0, with “rich, interactive AJAX applications.”

11:11 Sundar: “I do pretty much everything inside a browser.” What are the sorts of things you could do if you rewrote a browser from scratch?

11:12: Talking about the simplicity of Google Search. Shows a snapshot. The browser is called Chrome because it tries to minimize the amount of “chrome” (surrounding stuff) in the browser. “The user should enjoy surfing the web, and the browser should stay out of the way.”

11:15: Because Google Chrome uses WebKit, we’re not adding a new rendering engine to the web. It should render just like Safari.

11:17: Multi-processing make each tab independent, so the browser is much more robust to harmful pages.

11:18: “V8 executes JavaScript much much faster than current technologies.”

11:19: Available for Windows Vista and XP at start. 43 languages, 122 countries. “We are working very hard on Mac and Linux platforms.”

11:20: Open under a BSD License. The name of the project to open-source Google Chrome is Chromium. Ah, chromium is used to make chrome in the real world.

11:21: Sundar Pichai takes a seat and Ben Goodger is up: Says the goal is “A modern platform for windows and applications.”

11:22: Live demo begins with Ben talking and Brian Rakowski driving. Tabs are on top.

11:23: Brian is talking about how Google Chrome handles tabs. You can grab and drag tabs. You can grab and drag outside the existing window.

11:24: Brian is clicking on the close-tab box. The next tab moves exactly under old tab, with the next close-tab box under your mouse. The tabs don’t resize until your mouse leaves the tab strip.

11:24: Ben Goodger says “Where’s the search box in this?” Research showed that people got the address bar and the search box confused, because you had to decide what you wanted to do before you chose which box to type in.

11:26: The Omnibox combines a search box and an address bar. Brian says that it’s a “little bit psychic.” As a long-time Google Chrome user, I can vouch for this.

11:27: Brian demonstrates autocomplete with a -> amazon.com. He types [alaska cruise] in the Omnibox, hits enter, and it does a search.

11:28: Brian does a search on Amazon.com. Then hit types ‘a’ and Tab in the Omnibox and searches on Amazon directly. You go straight to Amazon’s search results without touching Google search in any way.

11:29: Ben is talking about reducing mental overload on users so they can just start doing what they want and Chrome will keep up. Here comes the New Tab page!

11:31: New tab page shows most frequently visited page, most frequent searches, bookmarks, and recently closed tabs. You can choose whether a bookmark strip follows you as you surf (in case you want to save screen space).

11:32: Ben/Brian talk about Incognito window, aka “porn mode” Brian demos with the query “toe fungus”. Nothing is saved in your history, cookies don’t persist.

11:34: Ben wants the browser to be convenient, e.g. making downloads easy. Brian shows clicking on a file makes a friendly download arrow appear. You can drag/drop files from browser into file system.

11:35: Crap. Getting slash/digg/something-dotted.

11:35: Ben/Brian demoing Prism-like functionality. You can turn Gmail into something that looks exactly like an application. No useless chrome such as address bar.

11:37: Ben stands down. There’s a lot of deep magic in the Google Chrome UI that people will appreciate the more that they use it. Now Darin Fisher is up to talk about things that are underneath the hood.

11:39: Darin says that in the same way that crashing apps shouldn’t hurt your desktop experience, a crashing tab shouldn’t ruin your browsing experience.

11:41: Darin is discussing the Google Chrome sandbox. In Google Chrome, you have to find a bug in the rendering engine *and* a bug in the sandbox. Here comes the Google Chrome task manager, which shows all the processes in Google Chrome.

11:42: Darin/Brian are showing the full-fledged process manager. Each plug-ins is in a separate process. If you want to kill only Flash on a YouTube page, that’s trivial to do and the rest of the web page runs perfectly fine.

11:44: Brian demonstrates a stuck/hung tab. You can still switch tabs! You can kill the tab from the tab strip or from the process manager. When you kill the tab, you see a “sad tab.” If you reload the page, Google Chrome will even remember the scroll position.

11:44: Brian kills Flash on a YouTube page and you get a “sad plug-in.” Just hitting refresh will reload the page and the plug-in. Much more stable and robust.

11:46: Ooh, here comes the speed demo! IE is loading content from local disk. 220.64 ms. No try the same pages in Chrome. In Chrome, it’s 77.28 ms. That’s static content.

11:47: Lars Bak is visiting from Google Denmark and up to talk about dynamic page speed because of V8, the JavaScript virtual machine. He’s been doing virtual machines for 20 years and this is one of the most exciting times he’s seen.

11:48: Hidden classes watch as things run. Shared objects in a class can be optimized more.

11:49: Three different design ideas to make JS faster. #1 is a native compiler for JavaScript. #2 is using classes and inline caching. #3 is an efficient memory management, including fast object allocation and better scalability. Lars made a funny joke about how every must certainly understand what he’s talking about (it’s a bit dense).

11:52: Dynamic speed test! IE does 7.5 RPH while Google Chrome does 602.8 RPH, where “RPH” is a measure of how many benchmarks could be run per hour.

11:53: They’re publishing 11,000 lines of JavaScript performance benchmarks on code.google.com/p/V8 .

11:54: Sundar is back up. *Chrome has no tie-ins to Google search services.* “Chrome is configured to be used with any search provider.” It’s been over two years of work.

11:55: Marissa urged the Chrome team to write the desired Google Chrome press release two years ago.

11:56: Larry Page is up. Chrome is his primary browser (no surprise). He uses it on an older computer to make sure that Chrome works well there. I can vouch that Larry is a bit of a freak about wanting everything (Google, browsers, the web) to work faster for users.

11:58: The open-source model allows anyone to make the world better. Mozilla can take any of Google’s work and incorporate it if they are interested.

11:59: “A ton of Googler using it [Google Chrome] that were happy” was the criteria for why Google Chrome was launched now.

Noon: Q&A starts.

Christian Grant: At Blackhat Defcon conference, you could browse using Tor so that no one could see your IP address. How anonymous is your web browser?
A: I can answer that right now. You can set a proxy, so I’m sure that you could set a proxy that used Tor. I’ll have a post up about just how Google Chrome protects your privacy soon.

Larry Magid from CBS News. It’s easy to drag a tab, but you can splash them all over. Can I snap them back in place?
A: You can drag them back into the tab strip.

Jason Kincaid, TechCrunch. How does Android interact with Google Chrome?
A: (Sundar) Both share the WebKit and V8, but they will have different interfaces.

Rick Mayer? Plans beyond the x86 architecture?
A: V8 has been ported to ARM as well and different operating systems. Doing another port is doable (anyone could do it with skills and 3-4 months).

Niall Kennedy: How will upstream commits work, along with standards and ECMA and such.
A: Fully committed to doing upstream commits. We want to build off of tip-of-tree of WebKit.

Follow-up: Do you intend to be an HTML5 implementation?
A: Missed it, but I’m pretty sure we want to be good netizens here.

Nikkei: Next-generation web apps will be possible–what sort? Is Chrome the operating system of web apps?
A: (Sergey) I wouldn’t call Chrome the operating system of web apps. It’s a fast engine that can run web apps. We think open-source + Google can make Chrome even more robust and powerful.

Wired: How do plug-ins work?
A: (Sundar) Chrome supports plug-ins such as Flash. As far as extensions/add-ons, we don’t have that in the beta right now, but we do definitely plan to have an API.
A: (Sergey) And anyone can extend it because it’s open-source.

Follow-up: How hard is bug testing?
A: We’ve incorporated the same Web Inspector as WebKit and V8 has a JavaScript debugging console.

Wendy Tanaka, Forbes: How does Incognito relate to ads?
A: (Sundar) The session is private to your computer to keep your session/cookies out of history, but it doesn’t block ads.

Miguel Helft from NYT: Plans for non-download distribution (bundle, partnerships)? Why decide to take on a whole effort yourself?
A: (Sundar) Willing to look for opportunities where users can use Chrome. The current binary is around 7 megabytes, so it’s very easy for users to download.
A: (Sundar) We will continue the path of helping open-source and other browsers. We saw an opportunity to rewrite the browser from scratch (to bring our point of view and without imposing our point of view on anyone else).

Q: Want people to copy you and incorporate parts of your technology?
A: Absolutely. Would love if every browser had better/faster JavaScript technology.

Q: Still ongoing support for Firefox?
A: (Sundar) Will continue to support e.g. with malware/phishing and will share code. (Darin) We love sharing code, e.g. BreakPad for crash reporting.

(Sundar) Starting today, everything is open-source, and he hopes for more sharing. “We are all very grateful” to Mozilla. There is no doubt that Mozilla will remain at the forefront of browser development. Larry adds to that saying that they love Mozilla.

Greg Sterling: No personalization or other tie-ins to Google.
A: (Sundar) Nope.

Greg Sterling: How about location awareness?
A: (Sundar) Location awareness isn’t in there, but there are efforts in Gears to let people have location awareness.

John Furrier: Any innovations/speed-ups around video?
A: (Darin) Generally that’s plug-ins, which are supported as in any browser (except in a different process for more protection). HTML5 has more functionality in that respect.
A: (Sundar) Google Chrome is optimized for speed from an end-to-end perspective.

Q: When did the project started?
A: (Sergey) After hearing for a couple years “Google should build a browser,” that compelled Google to work on it. Sergey uses a Mac + VMWare but wants a native port soon.

Q: How many users had used Chrome without leaking?
A: Just a lot of Googlers being very careful. We don’t comment on team sizes, but it’s been a huge effort in terms of people for about two years.

Q: Stephen Shankland, CNET. In a perfect world, would Chrome vanish into other browsers?
Q: Is there direct financial benefit to Google? Is this new ad real estate?
A: (Sundar) Only in the sense that people use Google more and that the web gets driven forward. But nothing like ads that directly help Google.

David Louie: What sort of market share do you hope for?
A: (Sergey) We want a diverse and vibrant web ecosystem, with several viable browsers. There’s still 80% market share with one player.

Q: Why should people switch?
A: Faster, more robust, safer web experience. It’s not a huge decision. It’s seven megabytes, it smartly imports all your settings, and it pretty much instantly makes your work faster.

Brian: You spend more time in your browser than in your car. You wouldn’t buy a car without a test drive.

Q: Kara from WSJ: How do you see this as a business? What reaction do you expect?
A: We’re competing against a product that is given away for free on almost every computer.

Q: Were you worried about IE8?
A: We started two years ago, before IE8.
Q: Okay, were you worried about IE7?
A: Choice is important or else there’s no progress made. Everyone gets to Google through a browser, so that’s an important part of our ecosystem.

Q: Would it be a success if IE9 included large parts of Chrome?
A: Absolutely. And if IE9 is just much faster, that’s fine too.

Sergey: Our business does well if there’s lots of healthy internet access. That’s why it’s in Google’s interest to have better cell phone browsing, open air waves, the internet in developing countries. Any improvement to any browser is probably good for Google.
Larry: Making our site faster generates more usage of Google. If you can search/work faster, probably people will use Google faster.

Miguel Helft: Cannibalize Firefox instead of IE?
A: (Sundar) By adding our voice, we hope more people will realize that there’s choice, and we hope it will be a win for both Firefox and Chrome.

Christian Grant: Spoke with a hacker in Vegas, who said that the internet is unsafe. It seems like you’ve innovated in the security and privacy space. 10-15 open ports on a browser is scary.
A: (Sergey) Process model + sandbox really reduces the vulnerability surface area and makes for an inherently more security browser. DNS and BGP exploits are scary, and things like using HTTPS/SSL more might help. Go Sergey, dropping the BGP acronym.

And that wraps it up. Jazzy music starts back up.

{ 61 comments }

Check your search box for XSS exploits

June 16, 2008

Just a quick reminder that websites should check for XSS holes on their site, especially freeform text input such as search boxes. Even big sites can have these issues with XSS and escaping user input. (Note: don’t click on these search results.)

If you’ve noticed that your rankings in Google seem to be affected, you might consider a few searches on your site to see if anyone has injected spammy or porn content on your site. If your domain was example.com, you might want to run a few queries such as [site:example.com porn] or [site:example.com biaxin] or [site:example.com viagra] to see whether you run across unexpected results.

The Google security blog has written about XSS holes and exploits before and how to protect yourself. We’ve also written about protecting your site and cleaning up a hacked site before.

Added: (Switching from XSS to pure hacked sites for a moment.) Make sure to change your admin password if you update (say) your WordPress installation. Sometimes hackers are smart enough to save your password and come back even after you’ve fully patched your system. I tend to change my admin password at least every time I upgrade my version of WordPress.

{ 29 comments }

Something is wrong on the internet!

May 23, 2008

xkcd recently posted a webcomic that is quickly becoming a classic cartoon:

That comic sums up the internet in one sentence: the scrum of jostling opinions on the web and the optimism that truth can still win out. I was reminded of that comic when someone asked me about a particular way that someone recently tried to get links. Jonathan Crossfield wrote up a good background summary of the situation.

Believe me, I have no particular desire or plans to charge out onto the internet looking for fake stories; Snopes and other people on the web do a fine job of that. But this was an interesting case, because the proof landed in everyone’s lap. Someone spoke up afterwards and essentially admitted “I made up a story and actively promoted it. The story is utterly fake. By the way, I think any tactic to get links is fair game. I only care about whether a tactic to get links works.” A little while later someone else asked me point-blank for my reaction. I pointed out that Google’s quality guidelines already cover deceptive or misleading ways of getting links. The first two sentences in our quality guidelines say

These quality guidelines cover the most common forms of deceptive or manipulative behavior, but Google may respond negatively to other misleading practices not listed here (e.g. tricking users by registering misspellings of well-known websites). It’s not safe to assume that just because a specific deceptive technique isn’t included on this page, Google approves of it.

Google tries to return the most relevant, useful results to our users and protect them from deceptive or misleading tactics. For example, when someone spams a blog or a guestbook with a fake comment, we try to prevent that fake link from carrying weight in Google. If a spammer blitzes dozens of websites with fake referrers, we try to ignore those fake links. If a website claims to have high-quality information and then deceives the user and serves up malware or off-topic porn, Google considers that spam and takes action on it. Likewise, if a site says that they completely made up a story to get links, Google doesn’t have to trust the links to that site as much.

I really don’t view Google’s role as judging the truthiness of the web. That is, after all, what Stephen Colbert is for. But if someone is sloppy enough to get caught (or to admit!) making up a fake story, I don’t think Google has to blindly trust those links, either.

My takeaway from this brouhaha: There are plenty of ways to market a site creatively without deceiving anyone. Don’t burn your credibility by using fake stories. It’s a short-term tactic and makes people trust you less in the future.

{ 74 comments }

Example questions at SES: Universal Search

August 21, 2007

Whether you call it blended search, 3D search (Ask’s name), or universal search, it has the potential to surface as many relevant results as other hot search topics such as personalization. At SES yesterday, I sat in the back of the Universal Search session. There are good write-ups on the PowerPoint and presentations, but not as much coverage of the questions.

Just to give you a flavor of the sort of questions that people asked afterwards, here are a few as I remember/interpreted them:

Q: (This was for David Bailey, the Google rep.) You showed a snapshot of metacafe.com entering Google’s search results via universal search. How can a video site get included in Google’s universal search?
A: Quite a few sites are already in there, and we would love to open that up more. Factors include things like reliable playability, lack of copyright concerns, no porn, etc. They’ll keep working to expand the sites that can participate.

Q: Do you expect to be crawling the web for videos?
A: Not right now. For the time being, you could submit your video to YouTube or other search engines if you wanted to.

Q: (for Yahoo’s Tim Mayer, I think) Do you expect to use 3rd party rating such as BizRate to help with ratings and abuse?
A: For now, we’re just using ratings on Yahoo.

Q: We have 20-30 videos on our corporate site. We wouldn’t show up in universal/blended/3D search?
A: Not right now, but you could always submit your videos to the different engines.

Q: (for Google) What other types of data do you expect to surface?
A: A good guess is the types of data that we already help search over, e.g. things like patents or code could be interesting, or Google Base has different feeds for real estate and jobs. Data that we already have is the most likely near-term, but most people probably care about well-known types of data like news, video, local, etc.

Q: Different IPs will see different search results? How can I see what someone in San Diego would see?
A: There’s not a great way right now. Some people use proxies.

Note from Matt: Google does provide quite a bit of this functionality. For example,
http://www.google.com/search?q=bank&gl=us searches as if you’re in the U.S., and returns Bank of America at #1. But http://www.google.com/search?q=bank&gl=uk does the search as if you’re in the UK, and returns Lloyds TSB at #1.

You can even look at ads based on lat/long, regions, cities, U.S. ZIP codes or U.S. designated market area (DMA). See this way informative post for more details.

Q: What future plans do you have to extract text from audio or video?
A: Everyone was silent for a while. David Bailey of Google gave the only reasonable answer that most search engine employees can give when you ask about future plans: we have researchers that work on such projects, but we have nothing to announce at this time.

Q: What are your three best optimization tips for video?
A: (various panelists answered.)
1. Choose a good title that describes your video
2. Tim Mayer from Yahoo mentioned exploring MediaRSS.
3. Erik Collier from Ask said “Make a kick-ass video.” Well-said, and a good reminder that compelling content makes optimization much easier.

Apologies if I’ve paraphrased any questions or answers incorrectly. Feel free to comment if you think I got something wrong.

{ 41 comments }

← Previous Results