Chrome Dev for Android Update

Hi everyone! We've just released Chrome Dev 119 (119.0.6034.5) for Android. It's now available on Google Play.

You can see a partial list of the changes in the Git log. For details on new features, check out the Chromium blog, and for details on web platform updates, check here.

If you find a new issue, please let us know by filing a bug.

Erhu Akpobaro
Google Chrome

Google Workspace Updates Weekly Recap – September 29, 2023

3 New updates 

Unless otherwise indicated, the features below are available to all Google Workspace customers, and are fully launched or in the process of rolling out. Rollouts should take no more than 15 business days to complete if launching to both Rapid and Scheduled Release at the same time. If not, each stage of rollout should take no more than 15 business days to complete.

Improved paste values experience in Google Sheets 
Previously, when pasting a number in Google Sheets using Paste special > Values only, the content pasted was only the text from the original range of cells. For example, for the date 9/21/2023, paste values only would paste the date serial number of 45190. To improve upon this feature, the default for paste values for numbers will include values and the number format, meaning all of your numbers will retain their formatting as you are working in Sheets. | Available now to all Google Workspace customers and users with personal Google Accounts. 
Improved paste values experience in Google Sheets
Different certificates for signing and encrypting messages in Gmail 
If your organization uses different certificates for signing and encrypting messages, you can now use the Gmail CSE API to upload different encryption and signature public certificates for each user. | Rolling out to Rapid Release domains now; launch to Scheduled Release domains planned for October 9, 2023. | Available to Google Workspace Enterprise Plus, Education Plus, and Education Standard customers. | Visit the Help Center to learn more about using the Gmail CSE API to manage user certificates


Allow certificate mismatches for client-side encrypted messages 
In some cases, the email address associated with a user’s certificate might be different from their primary email address — this is known as a certificate mismatch. Admins can now opt to allow certificate mismatches, which means their end users will be able to decrypt and read messages with a mismatch. It should be noted that we recommend allowing certificate mismatches only when this feature is absolutely required for our organization. | Rolling out to Rapid Release domains now; launch to Scheduled Release domains planned for October 9, 2023. | Available to Google Workspace Enterprise Plus, Education Plus, and Education Standard customers. | Visit the Help Center to learn more about allowing certificate mismatches for client-side encrypted messages in Gmail.


Previous announcements

The announcements below were published on the Workspace Updates blog earlier this week. Please refer to the original blog posts for complete details.


Create, modify, and insert email templates within Groups messages 
When you’re using Groups to send messages, you can save a composed message as a template to reuse in the future. | Learn more about email templates within Groups messages

Additional space manager capabilities in Google Chat 
We’re adding two new controls to the list of space manager capabilities in Google Chat that were introduced earlier this year to ensure effective conversations take place in spaces. The new “Manage apps” and “Manage webhooks” options will allow space managers to control the ability of space members to add and remove apps and webhooks to a space. | Learn more about new space manager capabilities

Easily link to a specific message in Google Chat 
Building upon the recent updates in Google Chat, such as message views, in-line replies and larger spaces, we’re introducing message linking, an additional feature that helps teams collaborate more effectively. | Learn more about message linking

Easily add or remove groups of members to a space in Google Chat 
We’re introducing a new app for Google Chat called Bulk Member Manager that enables space managers and space members, who have permission to manage members, to easily add or remove members to or from a space in bulk. | Learn more about the Bulk Member Manager app

The next phase of digital whiteboarding for Google Workspace 
In late 2024, we will wind down the Jamboard whiteboarding app as well as continue with the previously planned end of support for Google Jamboard devices. | This update impacts all Google Workspace customers who use the Jamboard app or 55-inch Jamboard device. | Learn more about the winding down of the Jamboard whiteboarding app

Updates regarding the transition from spaces organized by topic to in-line threading in Google Chat 
In 2022, we introduced in-line threading for Google Chat and since March 2023, all newly created spaces in Google Chat are in-line threaded by default. On September 30, 2023, we will begin taking the next step toward a single, streamlined flow of conversation in Google Chat: all existing spaces organized by conversation topic will be upgraded to the in-line threaded experience. We’d like to share more information regarding the migration, what to expect, as well as what’s next for Google Chat. | Learn more about in-line threading in Google Chat

Client-side encryption in Gmail is now available on mobile devices 
We’re expanding client-side encryption in Gmail to Android and iOS devices, so you can read and write encrypted messages directly from your device. | Learn more about client-side encryption in Gmail on mobile devices.

Beginning September 30, 2024: third-party apps that use only a password to access Google Accounts and Google Sync will no longer be supported 
Google Workspace will no longer support the sign-in method for third-party apps or devices that require users to share their Google username and password. | Learn more about Access to Less Secure Apps (LSA).



Completed rollouts

The features below completed their rollouts to Rapid Release domains, Scheduled Release domains, or both. Please refer to the original blog posts for additional details.

Rapid Release Domains:



Beginning September 30, 2024: third-party apps that use only a password to access Google Accounts and Google Sync will no longer be supported

What’s changing 

As part of our commitment to user safety, Google Workspace will no longer support the sign-in method for third-party apps or devices that require users to share their Google username and password. This antiquated sign-in method, known as Less Secure Apps (LSAs), puts users at an additional risk since it requires sharing Google Account credentials with third-party apps and devices that can make it easier for bad actors to gain unauthorized access to your account. 


Instead, you’ll need to use the option to Sign-In with Google, which is a safer and more secure way to sync your email to other apps. Sign-in with Google leverages industry standard and more secure OAuth method of authentication already used by the vast majority of third-party apps and devices. 


We previously announced this change in 2019, and are now ready to share an updated timeline regarding this change:


Access to Less Secure Apps (LSA) will be turned off in two stages: 
  1. Beginning June 15, 2024:
    • The LSA settings will be removed from the Admin console and can no longer be changed. Enabled users can connect during this time, but disabled users will no longer be able to access LSAs. This includes all third-party apps that require password-only access to Gmail, Google Calendar, Contacts via protocols such as CalDAV, CardDAV, IMAP, SMTP, and POP. 

    • The IMAP enable/disable settings will be removed from users’ Gmail settings.

    • If you’ve been using LSAs prior to this date, you can continue using them until September 30, 2024.

  2. Beginning September 30, 2024:

As part of this change, Google Sync will also be sunsetted: 
  • Beginning June 15, 2024: New users will not be able to connect to Google Workspace via Google Sync.
  • September 30, 2024: Existing Google Sync users will not be able to connect to Google Workspace. Here is how you can transition your organization off Google Sync. To find Google Sync usage in your organization, please go to the Admin Console, navigate to Devices > Mobile & Endpoints > Devices, and filter by Type: Google Sync.


See below for more specific guidance for admins, end users, and developers regarding this change.


Who’s impacted

Admins and end users


Getting Started

Admins
Preparing your end users
In order for your end users to continue using these types of apps with their Google Workspace accounts, they must switch to a more secure type of access called OAuth. You’ll receive more information via email with affected users in your organization in the coming months. We recommend that you share the user instructions (included below) to help them make the necessary changes. 


Mobile Device Management (MDM) Impact
If your organization uses a mobile device management (MDM) provider to configure IMAP, CalDAV CardDAV, POP or Exchange ActiveSync (Google Sync) profiles, these services will be phased out according to the timeline below:
 

June 15, 2024

MDM push of password based IMAP, CalDAV, CardDAV, STMP, POP and Exchange ActiveSync (Google Sync) will no longer work for customers who try to connect to an LSA for the first time.

If you use Google Endpoint Management, you will not be able to turn on "Custom Push Configuration" settings for CalDAV and CardDAV.

September 30, 2024

MDM push of password based IMAP, CalDAV, CardDAV, SMTP and POP will no longer work for existing users. Admins will need to push a Google Account using their MDM provider, which will re-add their Google accounts to iOS devices using OAuth. 


MDM push of password based Exchange ActiveSync (Google Sync)  will no longer work for existing users. Admins will need to push a Google Account using their MDM provider, which will re-add their Google accounts to iOS devices using OAuth.


If you use Google Endpoint Management, “Custom push configuration-CalDAV” and “Customer push configuration-CardDAV” (more details about the settings here) will stop being effective. 



Scanners and other devices
If you have scanners or other devices using simple mail transfer protocol (SMTP) or LSAs to send emails, you’ll need to either: configure them to use OAuth, use an alternative method, or configure an App Password for use with the device. 


End users
If you are using an app that accesses your Google Account with only a username and password, take one of the following actions to continue to access your email, calendar, or contacts. If you do not take one of the following actions by September 30, 2024, you will begin receiving an error message that your username-password combination is incorrect and you will not be able to log in. 


Email Applications

Outlook 2016 or Earlier

Move to Microsoft 365 (formerly known as Office 365, a web-based version of Outlook) or Outlook for Windows or Mac, both of which support OAuth access.

Alternatively you can use Google Workspace Sync for Microsoft Outlook

Thunderbird or another email client

Re-add your Google Account and configure it to use IMAP with OAuth.

The mail app on iOS or MacOS, or Outlook for Mac and use only a password to login

You’ll need to remove and re-add your account. When you add it back, select “Sign in with Google” to automatically use OAuth.

MacOS:

iOS:




Calendar Applications
  • If you use an app that uses password based CalDAV to give access to your calendar, switch to a method that supports OAuth. We recommend the Google Calendar app [Web/iOS/Android] as the most secure app to use with your Google Workspace account.
  • If your Google Workspace account is linked to the calendar app in iOS or MacOS and uses only a password to login, you’ll need to remove and re-add your account to your device. When you add it back, select “sign in with Google” to automatically use OAuth. Read more.


Contacts Applications
  • If your Google Workspace account is syncing contacts to iOS or MacOS via CardDAV and uses only a password to login, you’ll need to remove your account. When you add it back, select “sign in with Google” to automatically use OAuth. Read More.

  • If your Google Workspace account is syncing contacts to any other platform or app via CardDAV and uses only a password to login, switch to a method that supports OAuth.


All Other Applications
If the app you are using does not support OAuth, you will need to switch to an app that offers OAuth or create an app password to access these apps.



Developers
To maintain compatibility with Google Workspace accounts, update your app to use OAuth 2.0 as a connection method. To get started, follow our developer guide on using OAuth 2.0 to access Google APIs. You can also refer to our guide on OAuth 2.0 for mobile & desktop apps


Users with personal Google accounts: In the coming weeks we will be removing the IMAP enable/disable toggle from your Gmail settings. IMAP access is always enabled over OAuth and your current connections will not be impacted. No action is required of users. 

Availability

  • This change impacts all Google Workspace customers.

Resources


Chrome Dev for Desktop Update

The Dev channel has been updated to 119.0.6034.6 for Windows, Mac and Linux.

A partial list of changes is available in the Git log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

Prudhvi Bommana
Google Chrome

Client-side encryption in Gmail is now available on mobile devices

What’s changing 

We’re expanding client-side encryption in Gmail to Android and iOS devices, so you can read and write encrypted messages directly from your device. This allows your users to work with your most sensitive data from anywhere on their mobile devices while adhering to compliance and regulatory requirements. The Gmail mobile apps support encrypted mail natively, so users don't need to download multiple apps, or navigate to an external portal, to access their encrypted messages. 


While Workspace encrypts data at rest and in transit by using secure-by-design cryptographic libraries, client-side encryption ensures that you have sole control over encryption keys and access to your data. Client-side encryption ensures sensitive data in the email body and attachments are indecipherable to Google servers — you retain control over encryption keys and the identity service to access those keys. For more information, check out our original announcement and the Workspace blog.


Getting started

  • Admins: Admin will need to enable the Android and iOS clients in the CSE admin interface in order for users to have access. This can be done in the Admin Console by going to Security > Access and data control > Client-side encryption > Identity provider configuration. 
  • End users: To add client-side encryption to any message, click the lock icon and select additional encryption, and compose your message and add attachments as normal. Visit the Help Center to learn more about using client-side encryption for Gmail.



Updates regarding the transition from spaces organized by topic to in-line threading in Google Chat

What’s changing 

In 2022, we introduced in-line threading for Google Chat and since March 2023, all newly created spaces in Google Chat are in-line threaded by default. 


On September 30, 2023, we will begin taking the next step toward a single, streamlined flow of conversation in Google Chat: all existing spaces organized by conversation topic will be upgraded to the in-line threaded experience. We’d like to share more information regarding the migration, what to expect, as well as what’s next for Google Chat. 


Who’s impacted 

Admins and end users


Why it’s important

Whether it’s a 1:1 conversation  or a space, Google Chat plays a critical role in collaborating and communicating. Our goal is to continue evolving Chat to best serve our users and keep teams productive and connected. 


As such, we’ve heard from our customers that the way conversations were structured in spaces could be improved. Specifically, users found topic-based conversations to be restrictive and tricky to navigate. With topic-based conversations users would struggle to keep track of individual topics as new replies were added, and often find themselves scrolling back through threads to locate relevant topics.. Over time, topic threads have become noisier and more complex for many users.


What became clear was the need for a continuous conversation flow. In-line threading allows users to reply to any message and create a discussion separate from the main conversation and users have reported a much higher satisfaction rate as compared to topic-based spaces. Users can also follow specific threads, whereby they’ll receive notifications for replies and @ mentions in that thread, helping to cut through clutter and stay on top of what matters most.


What to expect during the upgrade period

Beginning September 30, 2023 we will begin upgrading conversations grouped by topic to in-line threading. We anticipate this change to be completed by March 2024


In order to minimize disruptions on day-to-day work, we will do our best to initiate upgrades during off-peak times on weekends. Should you be using Chat during these upgrades, spaces that are being upgraded will be inaccessible for a few minutes. Admins can use this form to specify a specific month and whether they prefer the upgrade to take place on weekdays or weekends. Please note this will be on a best effort basis and this form must be submitted by October 15, 2023. Based on the preference selected by a customer, we’ll choose one of the upgrade windows on a weekday or a weekend in the selected month and upgrade all the eligible spaces during off-peak hours. 

Prior to the upgrade

A minimum of two weeks prior to the upgrade taking place, a banner will be displayed in impacted spaces notifying users about the impending change. Users will be able to click through to the Help Center for more information.


During the upgrade

As mentioned above, we plan to execute these changes during off-peak times to help minimize disruption. If you’re using an impacted space when the upgrade commences, most functions such as sending and receiving messages will be inaccessible. Typically, this will only last for a few minutes, after which users simply need to refresh the browser tab to access and use the newly upgraded space. Other direct messages, group conversations and in-line threaded spaces will not be impacted and will remain accessible during the upgrade



After the upgrade 

Once the upgrade is complete, the space will use the in-line threaded model. Messages sent before the upgrade will be retained, and will be arranged chronologically, instead of by topic. There will also be a separator titled “Begin New Topic” to indicate every time a new topic was started. 

In some cases, when people have responded on older topics, the new chronological order takes precedence. This means that messages may not appear next to the original topic, but rather according to their timestamp. When this occurs, the new response will quote the last corresponding message that it is replying to, as seen in the image below. 

You’ll also see a separator between the last message sent before the migration, and a message indicating that the space has been upgraded to a space with in-line replies. Going forward, all new messages will feature in-line threaded functionality. 


More new ways to work with threads

To further elevate the in-line threading experience, we’ll be introducing several new features during the remainder of the year and into 2024. Here’s a preview of some of those features — be sure to subscribe to the Workspace Updates blog for the latest updates on availability. Meanwhile, please refer to this post for even more features coming to Google Chat. 


Resizable threads panel

You’ll be able to easily resize the threads sidebar to best suit your screen size or increase the focus on threads most important to you.


Home shortcut 
“Home” is the place to manage and catch up on your Chat messages. Messages from your followed threads will be shown in Home. You can also filter to only see your followed threads and unread conversations. You’ll be able to open a conversation or reply from the Home view.

Select "Home" from the sidebar. 






You can choose to get notified for all messages, and automatically follow all threads within a space ensuring you don’t miss any updates.


Thread participants 
You will be able to see avatars of users that have replied to a thread to get better context and decide whether the thread is relevant to you.


Getting started


Availability

  • This update impacts all Google Workspace customers 

Resources




Kakao Games increased FPS stability to 96% through Android Adaptability

Posted by Dohyun Kim, Developer Relations Engineer, Android Games

Finding the balance between graphics quality and performance

Ares: Rise of Guardians is a mobile-to-PC sci-fi MMORPG developed by Second Dive, a game studio based in Korea known for its expertise in developing action RPG series and published by Kakao Games. Set in a vast universe with a detailed, futuristic background, Ares is full of exciting gameplay and beautifully rendered characters involving combatants wearing battle suits. However, because of these richly detailed graphics, some users’ devices struggled to handle the gameplay without affecting the performance.

For some users, their device would overheat after just a few minutes of gameplay and enter a thermally throttled state. In this state, the CPU and GPU frequency are reduced, affecting the game’s performance and causing the FPS to drop. However, as soon as the decreased FPS improved the thermal situation, the FPS would increase again and the cycle would repeat. This FPS fluctuation would cause the game to feel janky.

Adjust the performance in real time with Android Adaptability

To solve this problem, Kakao Games used Android Adaptability and Unity Adaptive Performance to improve the performance and thermal management of their game.

Android Adaptability is a set of tools and libraries to understand and respond to changing performance, thermal, and user situations in real time. These include the Android Dynamic Performance Framework’s thermal APIs, which provide information about the thermal state of a device, and the PerformanceHint API, which help Android choose the optimal CPU operating point and core placement. Both APIs work with the Unity Adaptive Performance package to help developers optimize their games.

Android Adaptability and Unity Adaptive Performance work together to adjust the graphics settings of your app or game to match the capabilities of the user’s device. As a result, it can improve performance, reduce thermal throttling and power consumption, and preserve battery life.

Moving image of gameplay from Ares: Rise of Guardians

Results

After integrating adaptive performance, Ares was better able to manage its thermal situation, which resulted in less throttling. As a result, users were able to enjoy a higher frame rate, and FPS stability increased from 75% to 96%.

In the charts below, the blue line indicates the thermal warning level. The bottom line (0.7) indicates no warning, the midline (0.8) is throttling imminent, and the upper line (0.9) is throttling. As you can see in the first chart, before implementing Android Adaptability, throttling happened after about 16 minutes of gameplay. In the second chart, you can see that after integration, throttling didn’t occur until around 22 minutes.

Graph showing high graphic quality setting measuring thermal headroom against thermal warning level in frames-per-second

Graph showing enabled android adaptability measuring thermal headroom against thermal warning level in frames-per-second

Kakao Games also wanted to reduce device heating, which they knew wasn’t possible with a continuously high graphic quality setting. The best practice is to gradually lower the graphical fidelity as device temperature increases to maintain a constant framerate and thermal equilibrium. So Kakao Games created a six-step change sequence with Android Adaptability, offering stable FPS and lower device temperatures. Automatic changes in fidelity are reflected in the in-game graphic quality settings (resolution, texture, shadow, effect, etc.) in the settings menu. Because some users want the highest graphic quality even if their device can’t sustain performance at that level, Kakao Games gave them the option to manually disable Unity Adaptive Performance.

Get started with Android Adaptability

Android Adaptability and Unity Adaptive Performance is now available to all Android game developers using the Android provider on most Android devices after API level 30 (thermal) and 31 (performance Hint API). Developers are able to use the Android provider from the Adaptive Performance 5.0.0 version. The thermal APIs are integrated with Adaptive Performance to help developers easily retrieve device thermal information and the performance Hint API is called every Update() automatically without any additional work.

Learn how Android Adaptability and Unity Adaptive Performance can help you stabilize your game’s FPS and reduce thermal throttling.

Chrome Beta for Android Update

Hi everyone! We've just released Chrome Beta 118 (118.0.5993.32) for Android. It's now available on Google Play.

You can see a partial list of the changes in the Git log. For details on new features, check out the Chromium blog, and for details on web platform updates, check here.

If you find a new issue, please let us know by filing a bug.

Krishna Govind
Google Chrome