Google Chrome är ute nu

[Supertequila]

http://www.google.com/chrome

 

Googles nya webläsare.

[Dead-Inside]

Tankade när den var "ute nu" (den andra).

 

Såg inget speciellt än så länge. Blir säkert bra med lite plugins och dylikt.

[brainslicer]

3 September 2008, 14:43

Google Chrome beta comes with security holes

 

http://www.heise-online.co.uk/security/Google-Chrome-beta-comes-with-security-holes--/news/111458

The vulnerability appears to use a vulnerability in Webkit, previously noted in Safari, called Carpet Bomb and a bug in Java. With the Safari Carpet Bomb, Safari downloaded DLL files to the desktop automatically, which were, for reasons unknown, automatically executed by Windows at startup. Apple has defused the Carpet Bomb in Safari 3.1.2, but Chrome uses an earlier branch of the Webkit renderer and still has the problem.

 

Another problem was found in Chrome's protocol handling, as a demonstration page shows. The protocol handler name has a "special" character at the end of its name, and this character causes the handler to crash, taking down the browser. The failure appears to be down to the protocol handler not being isolated to a process in Chrome's multi-process architecture.

 

See Also:

• Wanna get some free Chrome coffee?, Exploit by Aviv Raff
  
• Google Chrome Browser Vulnerability, Exploit by Rishi Naran

edit:

även i Sitics senaste veckobrev finns en hel del länkar om chrome:

http://www.sitic.se/publikationer/veckobrev/sitics-veckobrev-v-36-1

Google släpper webbläsaren Chrome

http://blogoscoped.com/google-chrome/

http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080903&ref=rss

 

Chrome: Googles största hot mot integriteten?

http://blogs.computerworld.com/chrome_googles_biggest_threat_to_your_privacy

 

Att bryta sig ur Chromes "sandbox", intressanta sårbarheter

http://blogs.technet.com/robert_hensing/archive/2008/09/03/breaking-out-of-the-chrome-sandbox-2-interesting-vulns-in-24-hours-got-ie8.aspx