A new version of Google's JavaScript rendering engine and security fixes land in Google Chrome 14.0.794.0 dev today, available for download for Windows, Mac, Linux. The latest rough version of the browser improves secure HTTP support in several ways, updates the V8 JavaScript engine to version 3.4.3.0, and tightens security when installing Web apps from the Chrome Web Store.
The security changes are small but nevertheless could have a positive effect on your browser's security. Chrome 14 dev supports DNSSEC authentication for HTTPS, which strengthens the secure Web protocol, and Chrome 14 dev for Macs fixes invalid server certificate errors that were being generated for some secure sites that had untrusted roots certificate authorities. The Chrome Web Store now prompts with a native confirmation dialog box when installing a Web app, which streamlines how the Web store appears to integrate with your computer. SSL v3 server connectivity issues have been fixed, which will prevent some connections from being lost.

Google is taking HTTPS issues quite seriously and has taken steps to address mixed secure site scripting conditions in Chrome 14 dev. Just after announcing that Gmail will always load in HTTPS, the company has ensured that mixed secure site scripting conditions are blocked by default in Chrome 14 dev. The first is a command line flag that actually landed in Chrome 13 dev called --no-running-insecure-content for advanced users who want to help clean up sites with mixed secure scripts. Another flag is available that will block the display of insecure content, --no-displaying-insecure-content, but Google stated in the above-linked blog post that it will not block displaying insecure content by default since it's not as dangerous a use-case.

The link for this article located at CNET is no longer available.