The Mozilla Foundation has publicly considered disabling Java from running in the browser environment, thanks to recent research that indicates Java is the top of the three vectors for security exploits in the browser.
Last week, the Electronic Frontier Foundation (EFF), in collaboration with the Tor Project, has launched an official 1.0 version of HTTPS Everywhere, a tool for the Firefox web browser that helps secure web browsing by encrypting connections to more than 1,000 websites.
Enterprise organizations were taken by surprise with the recent release of Firefox 5.0 just three months after 4.0, citing security concern and lack of stable Firefox versions for enterprises to work with. At the same time Microsoft has reaffirmed its commitment to enterprises as well as general web consumers.
Google has made Page Speed available online, enhancing it for analyzing web pages targeted at smartphones.
The Mozilla team wants to switch Firefox development to a schedule-driven process to speed up releases. Firefox 4 has been recently released with many improvements, while the roadmap outlines plans for versions 5, 6, and 7.
Microsoft has posted the results for 192 tests grouped in 8 categories for HTML5, SVG 1.1, CSS3, and DOM Level 2&3 showing that IE9 Preview passes all of them with flying colors while Chrome, Firefox, Opera, and Safari have mixed results varying from 0% to 100% depending on the category. The conclusion, that IE9 is the most compliant with W3C standards, is contested by Google, Mozilla, Opera.
Dean Hachamovitch, General Manager for Internet Explorer at Microsoft, has announced that IE9 will use only the H.264 standard to play HTML 5 video. Microsoft seems to have become very committed to HTML 5, while Flash loses even more ground. The announcement came the same day Steve Jobs detailed why Apple does not accept Flash on iPhone and iPad.
Google has announced support for the HTML 5 Web SQL Database API, and others are likely to follow soon or have already started on support for this API. In the meantime, the completion of the specification is blocked because all the implementers involved have chosen to use SQLite as underlying database, and multiple independent implementations are required for standardization.
Google has announced they will stop supporting older and less secure browsers like IE6, Firefox 2.x, Chrome 3 or Safari 2 starting with Google Docs and Google Sites editor from March 1st, 2010.
Google has added five security enhancements to Chrome in order to make browsing more secure: cross-documents message posting, Strict Transport Security, Origin and X-Frame-Options header fields, and Reflective XSS Filter. Some of these features have already been or are to be implemented by other browsers.
The Web Hypertext Application Technology Working Group (WHATWG) is working jointly with W3C on developing the HTML 5 standard, which has been at "Last Call" at WHATWG for the last 3 months. During this time one feature which has changed more significantly is the sandbox attribute of the iframe element. sandbox can be used to isolate untrusted web page content from performing certain operations.
YouTube announces an HTML5 video beta, which allows playback without resorting to using a Flash plugin. Videos are only available in the H.264 format, which leads to greater performance on some hardware devices, but leaves out the new FireFox 3.6 which only supports the Ogg video format.
Both IE and Mozilla teams are currently working on using DirectX/GPU for page rendering while Google is considering it.
A security vulnerability that has hit Internet Explorer through .NET has also hit Firefox. The culprit for Firefox, a .NET add-on, has been put on Mozilla’s blocked list.