Hello, welcome to the Wednesday, February 5th, 2020 edition of the Sandinand Storm Center's Stormcast.

My name is Johannes Ulrich.

And today I'm recording from Jacksonville, Florida.

So today was the day and Google did release Google Chrome 80 with this Google fixed a good number of security vulnerabilities

and as sort of announced before the release, the same site cookie feature will actually

be delayed and not turned on until two weeks from today.

And at this point, it will only be turned on for a small fraction of Google Chrome users.

So Google is playing a little bit with a stage rollout for this feature.

Another sort of change in security feature that's coming with Google Chrome. Ity is that if you have mixed content on HTTP website, so the website itself is

HTTP but it's loading, for example, audio files, video files via HTTP, Google Chrome will

try to automatically upgrade that content to HDPS. Also remember that with the last

Microsoft update mid-January, we did get Microsoft Edge based on Google Chrome. So all of these changes

will also apply if you're running the most recent version of Edge.

In general, upgrades are pretty straightforward and automatic with Google Chrome.

So really not much you have to do at this point.

Now, talking about Google Chrome, there is a pretty popular platform that I've mentioned a couple times when

it came to a security vulnerability called Electron. Electron is a platform based on, in part,

chromium, the open source part of Chrome, and it allows developers to create desktop applications

that at their core use essentially

HTML and JavaScript.

So this makes it easy to turn a web application into a desktop application.

Slack is probably the biggest example of an application written using Electron, but there are a number

...