Google Chrome patch?
Wednesday, September 3rd, 2008Described in my previous entry, Google’s newly released browser, Chrome has a major security vulnerability.
Rumor has it, they have a quick fix.
Major security exploit published for Google’s Chrome
Wednesday, September 3rd, 2008Less than 24 hours after the release of Google’s new web browser, Chrome, a vulnerability has been discovered and released into the wild.
The proof of concept is described in this zdnet article. This carpet-bombing technique allows an unsuspecting user to download and execute a JAR file without warning.
A harmless demonstration can be found on the discoverer web-page.
http://raffon.net/research/google/chrome/carpet.html
Simply browsing to the site in IE, Fx 3 and you will be prompted with the typical download prompt.
Browsing to the site with Chrome and the Java Jar file is automatically download to your host.
I think, I’ll wait for version 2, maybe 3 or 4.
Google Chrome
Tuesday, September 2nd, 2008
I downloaded and installed Google’s web browser Chrome. So far I am very impressed.
The user interface takes a little getting used to, I’m just not used to the Tabs on top of an almost non-existent bunch of tool bars. It seems speedy, appears to work well with WordPress and all the sites I’ve tried so far.
Ironically, the thing I miss so far from the Google browser is the Google toolbar. I used it all the time for searching. But I used even more so as a Word Finder on web pages If I wanted to look for a word, I would type the word in the search bar, the word would appear on the right of the bar. I could then click on the word and be brought to the first, and successive instances.
Maybe there is some option to turn it on.
I like how it builds, the most visited page. Don’t like the integrated search and URL field.
I’ll give it a whirl and see.
OMG. You can go through all your saved password list, and have it display the plaintext of the saved password. Handy for those who forgt passwords. But cripes, I can now go up to any machine left running, get the website, username and password. The user also need not have actually visited the site in Chrome, when installing Chrome probably imported them from IE.
That’s not a good thing.