scottshad
join:2008-05-03
pluto | reply to Kiziller
Re: Google's Chrome Browser - Security & Privacy Issues
If chrome is obsolete, then I guess I am too...
I do take exception to your "crap". I the last time I checked we are still a free country, and information, reqardless of location is good business. |
|
dazzlerz
@net.au | reply to SUMware
the take from the snake: »www.darkreading.com/blog.asp?blo···d=163001 |
|
FunnyBones
Premium
join:2004-01-22
usa
 ·Vonage
| reply to Postman99
said by Postman99 :» www.grc.com/sn/sn-161.htmSecurity Now 161: Chrome Hosts: Steve Gibson with Leo Laporte Steve drills down to determine the security levels offered by Google Chrome. The correct link that works...
»twit.tv/sn161
--
Are you part of the cattle? |
|
Postman99
@net.au | reply to SUMware
»www.grc.com/sn/sn-161.htm
Security Now 161: Chrome
Hosts: Steve Gibson with Leo Laporte
Steve drills down to determine the security levels offered by Google Chrome. |
|
Grail Knight
Who Dares Wins
Premium
join:2003-05-31
 ·Verizon Online DSL
1 edit | reply to Mele20
Relax old timer. 
Sumware has certainly provided a nice concise thread full of informative links on THE SUBJECT. unlike that other thread.
Edit* Strike
--
"Lego Succurro Lima" |
|
Its a Secret
Whatever
Premium
join:2008-02-23
U B Funny
 ·Shaw
| reply to Mele20
said by Mele20  :Why did you start this thread? Was there something wrong with my thread? I believe it was stated on page one:said by SUMware :My concern reflects the opinions of the above members. Sometimes information can be overlooked in a large thread. This thread was started as a convenience for members.  It's not like it was a slight to you...
--
"In the future, that which is not mandatory will be illegal" |
|
Mele20
Premium
join:2001-06-05
Hilo, HI
| reply to SUMware
Why did you start this thread? Was there something wrong with my thread? I thought the rules were that we stay in one thread on a subject? That rule is no more?
ALL ANYONE NEEDED TO DO WAS READ THE EULA. No one concerned with Privacy and Security issues would have installed it after reading the Eula (except out of curiosity and knowing they would uninstall it after satisfying their curiosity). All these objections now appearing are just folks wanting attention...blog writers, etc. It was extremely obvious from the EULA what intention Google had for this piece of crap. I use the word "had" on purpose....I don't think Google is going to get very far with this garbage.
--
"The same ferocity that our founders devoted to protect the freedom and independence of the press is now appropriate for our defense of the freedom of the internet. The stakes are the same: the survival of our Republic". Al Gore, The Assault on Reason |
|
SUMware
Premium
join:2002-05-21
1 edit | reply to SUMware
More Vulnerabilities Reported
Google Chrome vulnerabilities starting to pile up September 5th, 2008
Security vulnerabilities in the new Google Chrome browser is beginning to pile up.
Following our coverage of the carpet bombing combo threat and denial-of-service crashes, several readers have sent pointers to Chrome exploit code floating around the Web: (read article for information and Google's response).
Edit: Google's response includes this, "We expect to release the fix soon through an automated update to the browser, so users will not have to take any action to be protected." Doesn't that make you feel better? |
|
redhatnation
Premium
join:2005-06-02
Woodbridge, VA
·Comcast
| reply to redhatnation
Re: "...you just had to wait a couple of hours"?
said by redhatnation :said by Kiziller :said by Its a Secret :WTF? Let me get right on that for ya... Let me save you the trouble. I'm gonna have that whole big long thread re-quoted in this one just so you won't miss anything. What else do you really not care to know about it ? I'm sure you are using it, aren't you ? From ; » Chrome Browser (Google) combats IE8's Privacy Toolssaid by redhatnation :"Google Update Task uninstalls itself when there is no Google software using it. It may take a few hours for Google Update to detect it is time to uninstall." The automation is cute. Using a standard add/remote method is arguably better though. Now, is that a clean install or does it leave junk behind like Norton ? Be sure to update the other thread with any pertinet info. Don't want anybody to miss anything now. Hey, a quote! Mine was a clean install/uninstall using Add/Remove Programs applet. The scheduled task hasn't removed itself yet. Been a few days now. Turns out it was operator error. Task tried to remove itself but Spybot S&D was prompting whether I should allow the removal or not.
Scheduled task is now gone. |
|
SUMware
Premium
join:2002-05-21
| reply to SUMware
Re: Google's Chrome Browser - Security & Privacy Issues
Here's an interesting opinion offering from The Register. I've excerpted it below, but it's worth taking a look at the entire article.
History shaped Google's Trojan Horse
4 Sep 2008 - quote:
Google wants to shift users to a new platform - its own - for which there is much hype but no great enthusiasm. Like similar migrations the new platform offers very few advantages - and plenty of disadvantages. Not only are great chunks of functionality missing, but even when you're supposed to be "online and always connected", you might not be.
Chrome is simply a technology demonstration - and I can't see Firefox users with their carefully-cultivated selection of add-ons, or Opera users, making the jump any time soon. But Chrome is a Trojan Horse for bundling Google's Gears onto your PC - and in the hope that manufacturers look to Google services for new Eee-type lightweight PCs, perhaps running something like gOS, the Ubuntu-derivative.
Gears is simply designed to make Google's online services more attractive, and makes it looks like Google's is setting the standard: leading where everyone else follows. (That isn't entirely unfair.) And as a technology demonstration, Chrome succeeds.
So will Google succeed? Well, you tell me... But your 80s throwback will offer a couple of perspectives, that I've looked for this week, but failed to find.
One of these is that "the company that knows secrets about the future™" is a myth created by the press - particularly the glossy end of the US business press. It's a powerful narrative, and suits their lazy writers, but the reality turns out to be very different.
Years later, we discover the company was simply blundering on in a state of chaos, slapping tactics together until they passed for a strategy, and winging it. And so a consequence of this myth-making is that it makes the poster child - the Google or the Microsoft - look much cleverer and more coherent than it really is. It's an elaborate game of bluff.
At the time Windows offered business a cheap and cheerful "standard", but Microsoft's success was not based on technical excellence - on any unique knowledge of 32-bit computing or excellence in UI design - but rather more to its iron grip on the PC distribution channel. PC manufacturers paid Microsoft whether they shipped MS-DOS and Windows with the PC or not. So why ship anything else? Antipathy to IBM helped Microsoft enormously, too, of course.
But I simply don't see where Google has the same grip over routes to market that Microsoft could exploit.
While much of the press has creamed itself over Chrome this week, it's almost rude to point this next one out. When there's one computer serving the planet - even if it's Google's - that's a single point of failure.
And in that sense, Google's vision of computing looks less like a piece of risk insurance, than a very big risk indeed.
|
|
SUMware
Premium
join:2002-05-21
| reply to SUMware
Glad to hear that members are finding this thread helpful.
Interesting reads.
said by Ctrl Alt Del :said by SUMware :As you type, your text is sent back to Google, which analyzes it and makes the auto-suggestions. That's why you don't even need to press Enter for the text to head to Google. Which is what the search bar in Firefox does as well. By default "Show search suggestions" is enabled, and that too will send everything you type back to Google. Granted it's not the Address bar, but it works the same way. Both features can be turned off in their respective browser: turn off suggestion service in Chrome, turn off Show search suggestions in Firefox. Thanks for the reminder. |
|
burris
Premium
join:2000-08-22
Miami, FL
·VOIPo
·AT&T Southeast
·ViaTalk
| reply to Frodo
said by Frodo :Removal was less than clean. After removing it, I had to manually clear out the folder at C:\Documents and Settings\~userid~\Local Setting\Application Data\Google. That was where the cache was located. Also located there was the history acquired from Firefox. There was also registry settings at HKLM\Software\Google and HKCU\Software\Google. These locations are my recollections, since I've cleared them out, nothing to go back and check on. In C:\Documents and Settings\~userid~\Local Setting\Temp I found the remnants of the googleupdate.exe, somewhat renamed, and a couple of dlls beginning with go*.dll. What I find handy is Revouninstaller...
»www.revouninstaller.com/
I used this to remove all the pieces of chrome...
Now I have to let my PC air out.. |
|
CUBS_FAN
Next Year Again..
join:2005-04-28
Chicago, IL
·Comcast
·Vonage
1 edit | reply to Kiziller
Why rumble thru a book looking for subjects when there is an index in the back that'll point you to the right page  |
|
Ctrl Alt Del
Premium
join:2002-02-18
1 edit | reply to SUMware
said by SUMware :Chrome is a security nightmare, indexes your bank accounts September 04, 2008 After playing around with Google’s brand new Chrome browser, we’ve discovered that its history search box will fetch all types of data - even text from HTTPS-protected financial sites like Washington Mutual and Capital One. With a few utterly simple keywords like balance, account and Sept., everything from balance information, account numbers and even how much you spent at Costco can be pulled up. And all of this alarming information amounts to nothing once you read this from the same article: quote:
So is this all a big deal? Well anyone who wants to search your financial information would need local access to your machine and if a person is sitting at your computer, you have a lot more things to worry about than him/her using Chrome’s history search.
said by SUMware :Chrome: Google's biggest threat to your privacy September 4, 2008 The danger comes from one of Chrome's niftiest features, what it calls the Omnibox. The Omnibox is, in fact, the browser's Address Bar, but it has a feature that looks at what you type, and then auto-suggests sites that it thinks you're about to enter. As you type, the suggestions appear. As you type, your text is sent back to Google, which analyzes it and makes the auto-suggestions. That's why you don't even need to press Enter for the text to head to Google. Which is what the search bar in Firefox does as well. By default "Show search suggestions" is enabled, and that too will send everything you type back to Google. Granted it's not the Address bar, but it works the same way. Both features can be turned off in their respective browser: turn off suggestion service in Chrome, turn off Show search suggestions in Firefox.
--
less talk, more music |
|
Its a Secret
Whatever
Premium
join:2008-02-23
U B Funny | reply to FunnyBones
What's Facebook and MySpace?  |
|
FunnyBones
Premium
join:2004-01-22
usa
·Vonage
| reply to danny9
Great post on google I think privacy is pretty much killed on the net but some of us that have been in the game for while know how corporations work. I am going to go a bit off topic but think about it like this you have webpages like myspace&facebook that have been logging all your faces in a big database and even youtube. Google has also been logging all your data with intellipedia and google urchin and many other avenues that even include googles cache and others like the internet archive or clusty. I think privacy is becoming a word to make you feel all fuzzy inside sort of like google and open source and I know for one I wont be using it.
Well with all that said I was reading a few blogs that have some nice info....
»www.web-strategist.com/blog/2008···r-chrome
»www.betanews.com/article/The_Goo···20545728
--
Are you part of the cattle? |
|
danny9
Go Ahead, Make My Day
Premium
join:2002-07-14
Clinton Township, MI
clubs: 
·VoicePulse
·Comcast
| reply to SUMware
Good post SUMware.
Starting this thread separate from the other was the right thing to do.
Let's keep the issues apart from each other.
The privacy issues are what really bother me about Chrome.
As bad as I wanted to try this, I'm gonna wait to read Google's remarks to their Eula and the security and privacy issues you have bought up.
Thanks,
Dan
--
VoicePulse 07/29/04 |
|
Frodo
join:2006-05-05
Lees Summit, MO
| reply to Kiziller
said by Kiziller :
Seems like I read in another thread that removal was automatic, you just had to wait a couple of hours. Maybe that process was a clean un-install. Since I run Deep Freeze, I just rebooted afer a couple of minutes of fiddling with it. Took 50 seconds to rid my box of all traces.
Well, I didn't poke around the registry or the folders mentioned until the next day. Meanwhile, the computer had run several hours after the uninstall, and several hours on the next day, before I began to poke around. So, I don't know, but in my case, the uninstall needed a little boost from me. Actually now, I've poked a little more and in C:\Documents and Settings\~userid~\Local Settings\Temp, there is a file "chrome_installer.log" which contained some references that I used for cleaning up. Trouble is, I don't see the same references as when I supposedly "cleaned up" this box, so I can't cite them. That meant that something ran after I thought I had the box cleaned up. However, the file hasn't been touched in 2 days. I think I'll see if I can configure auditing on the file. |
|
OZO
Premium
join:2003-01-17
1 edit | reply to SUMware
Regarding to the history search box and Omnibox. If I can recollect, the story is just repeating itself...
I remember that m$ started collecting users data in IE and kept it in hidden places (folders, index files, registry, etc). Of cause it was done thinking about "user's benefits"... Users have discovered that and start complaining about it - "how can I remove it?" Ok, here is our (m$'s) solution - press on this button and you won't see it anymore (literally). But those, who really want to see it - they still be able to do the job. Later users have discovered that as well and start removing personal data by many different ways (including running in Safe Mode, using hundreds of cleaning programs, etc.). Finally, m$ allowed to clear the records and for those who they called - tin foil hats - even to remove the index file, hoping that NTFS will take good care about it, without any notice for many...
It looks like the same story we have with Google browser too - we see the first step again: "we do it all for user's convenience", of cause... Then, users discover and start to complain that private info may be easily found and seen by anyone. Next step, accordingly to the story - they will hide it from users, until those "smart-asses" will discover all the places, ... What's next? See paragraph above. It could be very similar.
But wait! Now it's even "better". With m$'s approach - your data may be transferred on a month by month interval (when users usually automatically run so-called "Malicious Software Removal Tool"). With this new approach the data may hit the target almost at real time - here is a service running on background. Enjoy the new level of care about you and your data...
--
Keep it simple, it'll become complex by itself... |
|
Its a Secret
Whatever
Premium
join:2008-02-23
U B Funny
·Shaw
| reply to Kiziller
Re: "...you just had to wait a couple of hours"?
said by Kiziller :
Let me save you the trouble. I'm gonna have that whole big long thread re-quoted in this one just so you won't miss anything. What else do you really not care to know about it ? I'm sure you are using it, aren't you ? Wow, you're quick on the uptake, eh?
I guess you have it all covered for us. We don't even need to read anything except your posts to get the skinny, right?
--
"In the future, that which is not mandatory will be illegal" |
|
