Google Clarifies SharedArrayBuffer Email
Google’s Search Central issued a clarification over a confusing message sent out last week by the Google Search Console regarding SharedArrayBuffer issues. Google also updated it’s guide to guide to enabling cross-origin isolation.
What is a SharedArrayBuffer?
SharedArrayBuffer, in simple terms, is the behind the scenes JavaScript methods of functioning that helps them accomplish their tasks in an efficient manner.
According to the Mozilla web workers documentation:
“Web Workers are a simple means for web content to run scripts in background threads.”
And according to another Mozilla developer page:
“With the SharedArrayBuffer, both web workers, both threads, can be writing data and reading data from the same chunk of memory.”
Memory is important because JavaScript works with browser memory and if the page doesn’t handle it well then that can lead to unintended consequences like memory bloat.
The Mozilla developer page further explains:
“ArrayBuffers give you a way to handle some of your data manually, even though you’re working in JavaScript, which has automatic memory management.
…In a typical app, the work is all taken care of by a single individual—the main thread.
…And under certain circumstances, ArrayBuffers can reduce the amount of work that the main thread has to do.”
It goes on to explain that sometimes it’s not enough to split up the work and that’s where the above-mentioned web workers come into play, sharing the same chunk of memory.
Google’s Martin Splitt summarized it like this in 2017 when SharedArrayBuffers were a coming feature:
“JavaScript is single-threaded and long-running scripts make the page unresponsive
Web Workers allow running JavaScript in separate threads, communicating with the main thread using messages.
Messages that transfer large amount of data in TypedArrays or ArrayBuffers cause large memory cost due to data being cloned
…SharedArrayBuffers are an upcoming feature, allowing data to be shared between threads.”
Why You Received the SharedArrayBuffer Message
Google’s Search Central blog explains that the reason publishers received the “mysterious” message was because of something on their web pages is using SharedArrayBuffers, which is a coding trick to speed up JavaScript processes.
According to Google:
“The usage might be due to frameworks, libraries, or other third-party content included within your website.”
Why is SharedArrayBuffer (SAB) a Problem?
SABs became problematic after the discovery of the Spectre and Meltdown Vulnerabilities.
These vulnerabilities affect all Computer Processing Units (CPUs) and allow an attacker to read what’s in the memory. The attack affects all computer devices including Internet of Things devices.
Chrome initially suspended the use of SABs but then re-allowed them after a workaround that essentially isolated the processes.
Chrome and Firefox Change How SharedArrayBuffers are Handled
The reason for the email was an attempt to get the word out about how Chrome will be handling SharedArrayBuffers and to help publishers get on board with processes that will make their sites and their site visitors safer.
In late May 2021, Chrome 91 will be released with a new restriction that will provide a more robust defense against the Spectre and Meltdown vulnerabilities.
“Cross-origin” is a reference to resources (like images, CSS and JavaScript files) that originate outside of a site.
So what’s going on with Chrome 91 and what Google is requiring is setting security policies on resources and essentially locking down what’s allowed according to Chrome’s (and Firefox’s) policies for protecting site visitors and publishers against Spectre vulnerabilities.
That’s good for site visitors but could be bad for site publishers who use SharedArrayBuffer objects without cross-origin isolation.
According to Google’s clarification (making reference to Chrome version 91):
“…cross-origin isolation was standardized as a way to safely enable the SharedArrayBuffer object. Starting with version 91, planned to be released in late May 2021, Chrome will gate the SharedArrayBuffer object behind cross-origin isolation.
…After Chrome 91 is released, the SharedArrayBuffer object without cross-origin isolation will no longer be functional.”
What You Have to Do to Fix SharedArrayBuffer Issue
There are two tasks that need to be accomplished.
- Identify SAB use on your website.
- Fix or remove the functionality
Identifying SAB Usage
Google recommends these steps for identifying SharedArrayBuffers:
“You have two options:
Use Chrome DevTools and inspect important pages.
(Advanced) Use the Reporting API to send deprecation reports to a reporting endpoint.
Learn how to take the above approaches at Determine where in your website SharedArrayBuffer is used.”
Google’s guide to cross-origin isolation offers instructions for using Chrome Dev Tools for identifying use of SharedArrayBuffers.
- “Open the Chrome DevTools on the page you suspect might be using SharedArrayBuffer.
- Select the Console panel.
- If the page is using SharedArrayBuffer, the following message will show up:
[Deprecation] SharedArrayBuffer will require cross-origin isolation as of M91, around May 2021. See https://developer.chrome.com/blog/enabling-shared-array-buffer/ for more details. common-bundle.js:535- The filename and the line number at the end of the message (for example, common-bundle.js:535) indicate where the SharedArrayBuffer is coming from. If it’s a third-party library, contact the developer to fix the issue. If it’s implemented as part of your website, follow the guide below to enable cross-origin isolation.”
Link: How to Enable Cross-origin Isolation
A Lot to Take In
This is a lot to take in because there is a significant amount of development jargon and acronyms to memorize.
The various developer pages are difficult to understand because they tend to define multiple acronyms at the beginning of 2,000 word articles then exclusively refer to the acronyms with no further explanation throughout the article, as if the reader is able to easily retain the meaning of COEP or COOP.
Citations
Official Google clarification:
Clarifications About the SharedArrayBuffer Object Message
Security header background information resource: ScottHelme.co.uk
COEP COOP CORP CORS CORB – CRAP That’s a Lot of New Stuff!
Mozilla developer page about what SharedArrayBuffers are:
A Cartoon Intro to ArrayBuffers and SharedArrayBuffers
Google developer page on analyzing cross-origin isolation
A Guide to Analyzing Cross-origin Isolation
Google developer page on enabling cross-origin isolation
How to Enable Cross-origin Isolation
Google Warns About Misuse of Its Indexing API
Google has updated its Indexing API documentation with a clear warning about spam detection and the possible consequences of misuse.
Warning Against API Misuse The new message in the guide says:
“All submissions through the Indexing API are checked for spam. Any misuse, like using multiple accounts or going over the usage limits, could lead to access being taken away.”
This warning is aimed at people trying to abuse the system by exceeding the API’s limits or breaking Google’s rules.
What Is the Indexing API? The Indexing API allows websites to tell Google when job posting or livestream video pages are added or removed. It helps websites with fast-changing content get their pages crawled and indexed quickly.
But it seems some users have been trying to abuse this by using multiple accounts to get more access.
Impact of the Update Google is now closely watching how people use the Indexing API. If someone breaks the rules, they might lose access to the tool, which could make it harder for them to keep their search results updated for time-sensitive content.
How To Stay Compliant To use the Indexing API properly, follow these rules:
- Don’t go over the usage limits, and if you need more, ask Google instead of using multiple accounts.
- Use the API only for job postings or livestream videos, and make sure your data is correct.
- Follow all of Google’s API guidelines and spam policies.
- Use sitemaps along with the API, not as a replacement.
Remember, the Indexing API isn’t a shortcut to faster indexing. Follow the rules to keep your access.
This Week in Search News: Simple and Easy-to-Read Update
Here’s what happened in the world of Google and search engines this week:
1. Google’s June 2024 Spam Update
Google finished rolling out its June 2024 spam update over a period of seven days. This update aims to reduce spammy content in search results.
2. Changes to Google Search Interface
Google has removed the continuous scroll feature for search results. Instead, it’s back to the old system of pages.
3. New Features and Tests
- Link Cards: Google is testing link cards at the top of AI-generated overviews.
- Health Overviews: There are more AI-generated health overviews showing up in search results.
- Local Panels: Google is testing AI overviews in local information panels.
4. Search Rankings and Quality
- Improving Rankings: Google said it can improve its search ranking system but will only do so on a large scale.
- Measuring Quality: Google’s Elizabeth Tucker shared how they measure search quality.
5. Advice for Content Creators
- Brand Names in Reviews: Google advises not to avoid mentioning brand names in review content.
- Fixing 404 Pages: Google explained when it’s important to fix 404 error pages.
6. New Search Features in Google Chrome
Google Chrome for mobile devices has added several new search features to enhance user experience.
7. New Tests and Features in Google Search
- Credit Card Widget: Google is testing a new widget for credit card information in search results.
- Sliding Search Results: When making a new search query, the results might slide to the right.
8. Bing’s New Feature
Bing is now using AI to write “People Also Ask” questions in search results.
9. Local Search Ranking Factors
Menu items and popular times might be factors that influence local search rankings on Google.
10. Google Ads Updates
- Query Matching and Brand Controls: Google Ads updated its query matching and brand controls, and advertisers are happy with these changes.
- Lead Credits: Google will automate lead credits for Local Service Ads. Google says this is a good change, but some advertisers are worried.
- tROAS Insights Box: Google Ads is testing a new insights box for tROAS (Target Return on Ad Spend) in Performance Max and Standard Shopping campaigns.
- WordPress Tag Code: There is a new conversion code for Google Ads on WordPress sites.
These updates highlight how Google and other search engines are continuously evolving to improve user experience and provide better advertising tools.
AI
Exploring the Evolution of Language Translation: A Comparative Analysis of AI Chatbots and Google Translate
According to an article on PCMag, while Google Translate makes translating sentences into over 100 languages easy, regular users acknowledge that there’s still room for improvement.
In theory, large language models (LLMs) such as ChatGPT are expected to bring about a new era in language translation. These models consume vast amounts of text-based training data and real-time feedback from users worldwide, enabling them to quickly learn to generate coherent, human-like sentences in a wide range of languages.
However, despite the anticipation that ChatGPT would revolutionize translation, previous experiences have shown that such expectations are often inaccurate, posing challenges for translation accuracy. To put these claims to the test, PCMag conducted a blind test, asking fluent speakers of eight non-English languages to evaluate the translation results from various AI services.
The test compared ChatGPT (both the free and paid versions) to Google Translate, as well as to other competing chatbots such as Microsoft Copilot and Google Gemini. The evaluation involved comparing the translation quality for two test paragraphs across different languages, including Polish, French, Korean, Spanish, Arabic, Tagalog, and Amharic.
In the first test conducted in June 2023, participants consistently favored AI chatbots over Google Translate. ChatGPT, Google Bard (now Gemini), and Microsoft Bing outperformed Google Translate, with ChatGPT receiving the highest praise. ChatGPT demonstrated superior performance in converting colloquialisms, while Google Translate often provided literal translations that lacked cultural nuance.
For instance, ChatGPT accurately translated colloquial expressions like “blow off steam,” whereas Google Translate produced more literal translations that failed to resonate across cultures. Participants appreciated ChatGPT’s ability to maintain consistent levels of formality and its consideration of gender options in translations.
The success of AI chatbots like ChatGPT can be attributed to reinforcement learning with human feedback (RLHF), which allows these models to learn from human preferences and produce culturally appropriate translations, particularly for non-native speakers. However, it’s essential to note that while AI chatbots outperformed Google Translate, they still had limitations and occasional inaccuracies.
In a subsequent test, PCMag evaluated different versions of ChatGPT, including the free and paid versions, as well as language-specific AI agents from OpenAI’s GPTStore. The paid version of ChatGPT, known as ChatGPT Plus, consistently delivered the best translations across various languages. However, Google Translate also showed improvement, performing surprisingly well compared to previous tests.
Overall, while ChatGPT Plus emerged as the preferred choice for translation, Google Translate demonstrated notable improvement, challenging the notion that AI chatbots are always superior to traditional translation tools.
Source: https://www.pcmag.com/articles/google-translate-vs-chatgpt-which-is-the-best-language-translator
