Mele20
Premium
join:2001-06-05
Hilo, HI
| reply to Grail Knight
Re: Chrome BETA Available
said by Grail Knight  :Cookie Options are similar to Fx w/ third party special handling. Font options are few and I did not see any link color options but I admit I gave it a quick once over. Maybe in 6 months I will revisit it. Left some feedback for Google to ponder along with EULA feedback although being Google I doubt the EULA will change much. I don't have it to test but others in GRC newsgroups are reporting that it leaks TPC just like Fx. Not nearly as bad as all versions of IE (including IE8beta2) which is totally incapable of blocking TPC. Chrome blocks incoming TPC but fails on outgoing just as Fx does so if a cookie is acquired as FP, Chrome, like Fx, will return it to a THIRD party requester. But at least Chrome, like Fx, block incoming TPC which IE is incapable of doing.
Evidently also (according to GRC NG posts) there is no distinction between session and permanent cookies and no way to delete all session cookies at the end of the session. There is no white or black list. Even if I did not object strenuously to the EULA, I would not be interested in a browser with such primitive cookie handling.
There is no way I can provide feedback to Google because Google requires that you have an account with them if you wish to provide feedback. I have no intention of ever having an account with Google. They should have some other method for providing feedback for those of us not wishing to establish a Google account.
--
"The same ferocity that our founders devoted to protect the freedom and independence of the press is now appropriate for our defense of the freedom of the internet. The stakes are the same: the survival of our Republic". Al Gore, The Assault on Reason |
|
Sparrow
Crystal Sky
Premium
join:2002-12-03
Sachakhand
1 edit | Uninstall the beta, Mele, and you will be automatically redirected to a feedback page. That is where I posted my concerns.
I don't need Google to verify they received my concerns, I know they will read them or at least take a head count on the radio button options as to why you uninstalled the browser.
Other than the EULA, posters complaining about the lack of amenities currently being offered, please keep in mind that 2 September 2008 is BETA day, not Final Release day. 
--
"Be simple, be earnest and spread that simplicity throughout everything you do." |
|
Grail Knight
Who Dares Wins
Premium
join:2003-05-31
 ·Verizon Online DSL
| reply to Mele20
quote:
I don't have it to test but others in GRC newsgroups are reporting that it leaks TPC just like Fx.
GRC results do not excite me like they do others considering I know of Fx test results from a properly configured browser and people I trust to test correctly that passes the GRC tests.
--------------
As for the EULA it is what it is and Google makes money from collecting providing ads based on what data they collect in return they offer free programs that are very good and superior search results. Their browser will come along no doubt but not without feedback.
quote:
There is no way I can provide feedback to Google because Google requires that you have an account with them if you wish to provide feedback. I have no intention of ever having an account with Google.
Is it that hard to make up information for a throw away account?
--
"Lego Succurro Lima" |
|
SUMware
Premium
join:2002-05-21
| reply to Mele20
said by Mele20 :I don't have it to test but others in GRC newsgroups are reporting that it leaks TPC just like Fx. Not nearly as bad as all versions of IE (including IE8beta2) which is totally incapable of blocking TPC. Chrome blocks incoming TPC but fails on outgoing just as Fx does so if a cookie is acquired as FP, Chrome, like Fx, will return it to a THIRD party requester. But at least Chrome, like Fx, block incoming TPC which IE is incapable of doing. Firefox 3 does not leak incoming and outgoing TPC on XP nor Linux on my box as tested numerous times at GRC. |
|
Lanik
Lab-nik
Premium,ExMod 2002-03
join:2001-06-25
Bay Area
| reply to Mele20
said by Mele20 :I don't have it to test but others in GRC newsgroups are reporting that it leaks TPC just like Fx. Some of us still know from last time how that test turned out: »[OT] FireFox cookie nonsense
--
"If it ain't broke don't fix it." |
|
Mele20
Premium
join:2001-06-05
Hilo, HI
| reply to SUMware
said by SUMware :[Firefox 3 does not leak incoming and outgoing TPC on XP nor Linux on my box as tested numerous times at GRC. Either you didn't do the test correctly or you failed to do the Cross Context test at all. It the latter test that Fx fails (it passes the main cookie test but only because the Mozilla developers caught wind of Steve's project before Fx3 was released and rushed a fix through for it but they did not fix the cross context vulneralbilities only the glaring major TPC ones. IE (all versions) fail the main test and the Cross Context. The tests have to be done properly and, unfortunately, even for us testers that was not always simple and obvious. The tests are not yet available to the general public.
--
"The same ferocity that our founders devoted to protect the freedom and independence of the press is now appropriate for our defense of the freedom of the internet. The stakes are the same: the survival of our Republic". Al Gore, The Assault on Reason |
|
Mele20
Premium
join:2001-06-05
Hilo, HI
| reply to Lanik
said by Lanik :said by Mele20 :I don't have it to test but others in GRC newsgroups are reporting that it leaks TPC just like Fx. Some of us still know from last time how that test turned out: » [OT] FireFox cookie nonsense I don't know what you guys ranted on about. It was obvious you can't stand Steve Gibson and you had no idea what you were talking about as far his cookies tests go so I stopped reading that thread as soon as I saw the Gibson haters try to smear him.
--
"The same ferocity that our founders devoted to protect the freedom and independence of the press is now appropriate for our defense of the freedom of the internet. The stakes are the same: the survival of our Republic". Al Gore, The Assault on Reason |
|
SUMware
Premium
join:2002-05-21
1 edit | reply to Mele20
Final Results | | 
Final Results | |
said by Mele20 :said by SUMware :Firefox 3 does not leak incoming and outgoing TPC on XP nor Linux on my box as tested numerous times at GRC. Either you didn't do the test correctly or you failed to do the Cross Context test at all. The tests were performed correctly with Firefox 3.0.1 (just minutes ago, twice, without Proxo, NoScript, etc.) and included the Cross Context test.
said by Mele20 :The tests are not yet available to the general public. If the GRC tests themselves are not fully available or malfunction, oh well! LOL.
Mele, evidently you are running the world famous FUBAR browser (and, knowing you, also probably misconfigured). |
|
Mele20
Premium
join:2001-06-05
Hilo, HI
| reply to SUMware
Re: Chrome BETA Available
I can reproduce the results you got ....anyone can....by cheating. Everyone doing the test correctly sees Fx leaking TPC on the context test. Your cheap attack on my character makes me even more certain that either you don't how to do the tests or you cheated.
If you look at the pages there you'll see they are not finished. That is because Steve Gibson decided to work on the DNS Nameserver Spoofability Test and that is almost finished now so he will be finishing up the cookie forensics tests soon.
--
"The same ferocity that our founders devoted to protect the freedom and independence of the press is now appropriate for our defense of the freedom of the internet. The stakes are the same: the survival of our Republic". Al Gore, The Assault on Reason |
|
SUMware
Premium
join:2002-05-21
2 edits | reply to Mele20
Re: Chrome BETA Available
said by Mele20 :I can reproduce the results you got ....anyone can....by cheating. Everyone doing the test correctly sees Fx leaking TPC on the context test. Your cheap attack on my character makes me even more certain that either you don't how to do the tests or you cheated. So, you accuse me of cheating? You are absolutely hilariously stunning!!!
What can I say except that you clearly have more pressing personal issues than TPC. |
|
