A Closer Look At Chromium and Browser Security

GhostX9 writes "Tom's Hardware's continuing series on computing security has an interview with Adam Barth and Collin Jackson, members of Stanford University's Web Security Group and members of the team that developed Chromium, the open-source core behind Google Chrome. The interview goes into detail regarding the sandboxing approach unique to Chromium, comparisons between the browser and its competition, and web security in general."

Good

[maz2331 (1104901)]

These are all great ideas, and I hope Firefox and/or MSIE pick up on them, simply because I can't stand the Chrome UI.

Sorry, but that thing just isn't what a browser is supposed to be.

The uhderlying technology can be the greatest ever, but if the interface sucks, well, I won't use it.

Re:Good

[mhousser (1359089)]

I love the interface! What I don't love, however, are the millions of ads that I forgot existed. I'll move to Chrome the minute it supports plugins and AdBlocker is ported to it. Chrome's plugin API will be finished later this year.

Re:Good

[by Anonymous Coward]

It supports greasemonkey scripts if you append --enable-user-scripts to its shortcut. And theres a script for it that works exactly like adblock.

Re:

[Jurily (900488)]

It supports greasemonkey scripts if you append --enable-user-scripts to its shortcut.

And now you have two problems.

Re:Good

[asdf7890 (1518587)]

OK, let's here it: why is user scripting a security hole?

With early versions of GreaseMonkey, the way the user scripts were applied to pages would allow the page to affect easily the GM in ways that could lead to cross-site attack vectors.

That is why GM had a fairly complete redesign around the middle of 2005, remove the issue(s) that affected all scripts, but individual scripts can still be vulnerable depending on their design - hence you should be careful not to let a script apply globally for security reasons as well as efficiency ones. For a decent description of the problems with earlier GM versions and problems that you can still create for yourself in the latest versions, this article [oreillynet.com] does a decent job.

The other major problem with user scripting is using scripts from other sources without performing an exhaustive code review first. How do you know that the script you have just enabled isn't subject to one of the flaws? How do you know it isn't intentionally malicious? There have been several cases of this in the past, hence the warning message before you add a script to GM in recent versions and the warning message that appeared on userscipts.org for some time (as malicious scripts were found in their archive).

Like many things, user scripting isn't a problem if both programmers and users are educated, careful and care. There lies the problem.

I use GM myself, with scripts of my own devising or those from elsewhere that I have sufficiently reviewed, but I would not recommend it (or equivalents) to the general populous as they do not need any further ways to dig themselves into a malware riddled hole.

Re:

[Genocaust (1031046)]

I like others, also love the UI. It took some getting used to over Firefox, but I do like the clean look of being able to focus on actual content -- not the browser itself.
As to Adblock, yeah, wow, there are a lot of ads out there I didn't even know existed! Using OpenDNS I manage to block most of them just by domain through their blacklist service, though. It's not perfect, but better than nothing for now!

Adblock for Chrome -- Use SwWare Iron "Chrome"

[blahbooboo (839709)]

Srware Iron is Chrome compiled without all the Google spyware crap and it has adblock built in.

I LOVE IT! Firefox (all versions) is sooooo slow compared to Chrome/Iron.

http://www.srware.net/en/software_srware_iron.php [srware.net]

Re:Adblock for Chrome -- Use SwWare Iron "Chrome"

[sortius_nod (1080919)]

So what about its adblock, the thing doesn't render pages correctly. From what I can tell it is a badly compiled version of chrome.

When they get it right, then I might think about using it... uninstall time.

Re:

[blahbooboo (839709)]

So what about its adblock, the thing doesn't render pages correctly. From what I can tell it is a badly compiled version of chrome.

When they get it right, then I might think about using it... uninstall time.

I get some weird font smoothing occassionally on Slashdot, otherwise works perfectly for me. It's so blazing fast when I go back to Firefox I am shocked how agonizingly slow the browser is to render pages...

Re:

[msimm (580077)]

I'm sure this has been pointed out else where, but thanks for the tip. It's a nice browser without the crap.

Re:

[mcrbids (148650)]

rware Iron is Chrome compiled without all the Google spyware crap and it has adblock built in.

Unfortunately, they don't have a download in RPM or source form, so I can't install it on my Fedora Core 10 laptop.

Without *nix support, Chrome(ium) is a non-starter.

Re:

[Ian Alexander (997430)]

http://www.srware.net/en/software_srware_iron_download.php [srware.net]

It's the last two download links. Good luck compiling it on F10 since it looks like a Windows app...

Re:

[blahbooboo (839709)]

Thanks for the link man. I'm sick of firefox cause of its slowness, but I was also getting sick of Chrome, so this should be a good alternative.

Does anyone have the following problems I have with Chrome?

(1) It freezes up continually, and when it does freeze up, it effects the entire computer.

(2) When accidently clicking on a PDF link the entire thing crashes, and computer freezes up.

I love chrome cause of its speed, but goddamn. The amount of restarts of my computer I've had with it I'm seriously looking for another browser (NOT firefox).

Are you using Adobe Acrobat for PDFs? That's likely your problem and not the browser.

Uninstall that crap and use Foxit PDF Reader instead.

Re:Good

[cryptoluddite (658517)]

Chromifox [mozilla.org] makes firefox look a lot like Chrome. Chrome is a nice toy, but it's UI is pretty lacking when you want to do something like maximize screen space on a 1024x600 screen.

Re:

[Anpheus (908711)]

F11.

It works on Chrome's Dev branch, which any self-respecting slashdotter would use to provide useful feedback to the developers of Chrome.

Re:

[cryptoluddite (658517)]

In firefox I can go full screen, but still keep the URL bar, so I know what site I'm on. I can get a menu bar by pressing Alt once. I can put the NoScript button on the URL bar. I can even put a button to toggle fullscreen, since it's often easier to trackpad to a button than find F11 on a small non-backlit keyboard. Or firefox can drop down this UI when the cursor is at the top.

Chrome can do none of these things, even in the current beta version. The UI in many ways is restrictive and lacks many nicet

Re:

[i.of.the.storm (907783)]

There is actually something handy called AdSweep [adsweep.org] that works with Chrome, but it's not regex based like Adblockplus so it seems to only work on sites that are built into it. It's better than nothing, I guess, but there are still about 300 other things that Firefox does for me that Chrome is far from doing, and a lot of them hinge on a good extension platform. I just don't think it can get better than XUL/js for extension writing.

Re:

[PopeRatzo (965947)]

Maybe instead of complaining about a browser that displays ads, you might want to stop visiting websites that have intrusive and overwhelming ads.

I use Slashdot and Chrome and don't see any ads because I'm a subscriber, but even if I wasn't, the low number of ads here is one reason I like it.

Re:

[cbrocious (764766)]

If you use Privoxy [privoxy.org], the majority of those ads will go away, and you can do custom filtering for fun and profit easily.

Re:

[f()rK()_Bomb (612162)]

Get bfilter, you can run it with adblock filters, stops 98% of ads.

Re:

[by Anonymous Coward]

The uhderlying technology can be the greatest ever, but if the interface sucks, well, I won't use it.

That describes in a nutshell why OS/2 never caught on big.

Re:

[drolli (522659)]

Insightful? The OS/2 interface was extremely consistent and extremely configurable. e.g. make a template for a file which containe certain context menu options. etc...

Re:

[by Anonymous Coward]

I've always felt that the OS/2 UI was far superior to the Windows versions of the time (3.x/95). Heck, it makes more sense to me then Windows Vista/7 does.

bad OS/2 Warp interface

[rs232 (849320)]

"That describes in a nutshell why OS/2 never caught on big"

Yea, OS/2 Warp [os2bbs.com] never came near to matching Windows 95 [google.com] in GUI functionality.

Re:

[v(*_*)vvvv (233078)]

I agree the interface is lacking, but that is why I can whole heartedly recommend it to all my novice friends and family. It is secure, it is simple, and it does exactly what people who know little about computers want to do - get online and go to a specific web site.

Gmail is also great. Simple, secure, and uncluttered. Create an app icon and add it to the start menu, and you have a very simple email solution. The only problem I have though is their grouping of threads, which is unnecessary. That should be

Re:

[voidphoenix (710468)]

Gmail is also great. Simple, secure, and uncluttered. Create an app icon and add it to the start menu, and you have a very simple email solution. The only problem I have though is their grouping of threads, which is unnecessary. That should be a lab feature if any. And why can't they just add folders? Who cares which is better. Some people just want folders, not labels, and if its so easy to give it to them, denying it is selfish. Just give it up, and give people what they want!

Labels can work _exactly_ like folders if that's all you want. The main difference is that a message can be in more than one "folder" if you need it to be.

Re:

[v(*_*)vvvv (233078)]

Right. Except such explaining and adjusting is precisely what is inconvenient to someone who already learned how to use folders over a long period of time, and isn't very competent with computers.

Labels can work _exactly_ like folders if that's all you want. The main difference is that a message can be in more than one "folder" if you need it to be.

You might be surprised at how hard this sentence is for some people to comprehend.

Re:Good

[similar_name (1164087)]

My biggest complaint about the interface is it unnecessarily creates its own window/title bar. As such I can't use RBtray on it to keep Chrome windows 'always on top'. Which I like to do so I can stick a hulu window in the corner of my screen while I'm browsing.

Re:

[weicco (645927)]

I read Playing in the sandbox - page and I really don't see what is so great in there compared to IE on Vista. Same NTFS Access Control Lists are used as any other Windows application. And I'm not 100% sure about this, but doesn't Chrome run on user privileges when IE (on Vista) uses more restricted privileges?

My understanding is that you can't totally sandbox browser unless you do it on kernel level like FreeBSD jail does. And even then browser must be able to access user files if user wants to upload some

Re:

[Bert64 (520050)]

I used to run a browser in a chroot on linux, partly because i had a 64bit system but needed some 32bit plugins (java, flash) and partly for the security benefit...
In terms of user files, you simply leave them in the sandbox, the host system can access the sandbox but the sandbox can't access the host which is how it should be.

Re:

[f()rK()_Bomb (612162)]

Since Chrome was the only browser left standing in the Pwn2Own contest, i think its pretty obvious that their sandboxing is vastly superior to IE.

Re:

[blind biker (1066130)]

Firefox won't pick up on those ideas in the foreseable future, perhaps never. I hope you enjoy your IE experience!

(for the record, I think the Crhome UI is excellent. Nothing superfluous, and rather pleasant to look at)

Re:

[coryking (104614)]

UI is the easy part.

Yeah, right. If the UI was the easy part, why do almost all UI's suck?

skinning

If you think skins are gonna fix a UI, I've got news for you. Having the ability to add girls sitting on the hoods of of cars wearing tightly clad bikinis does not make a good UI.

Re:

[Bert64 (520050)]

Skinning seems to hurt performance, a lot...
Take any app where skinning was added later, and compare the old and new versions side by side... windows media player is a good example since it would leave the old unskinnable version installed when you installed the skinnable version 7, on a machine in those days (p3/600) i had a bunch of video files which would play fine in the old player, and skip when using the new one.

Re:

[Bert64 (520050)]

And the google updater (alongside the apple updater, adobe updated, and whatever else updater) you have running only exist to get around a flaw in windows - the lack of a consistent package management system such as apt. If you install enough apps with updaters on windows they will eventually bog your system down real badly, and start using your bandwidth when you least expect it.

Google Main Page Says To Use Chrome Only In IE

[by Anonymous Coward]

When I go to the main google page in IE 8, it has this huge icon telling me to use Chrome in the top right corner. When I go there in FF, its not there. Is google singling out IE users?

Re:Google Main Page Says To Use Chrome Only In IE

[Tacvek (948259)]

Perhaps. My guess is they have logic like the following:

If you use Firefox, you probably already have heard about Chrome, and have decided not to switch. If you use IE, you probably have no idea that other browsers even exist, but you may know and like Google, so would be willing to give this Chrome thing a try.

Re:Google Main Page Says To Use Chrome Only In IE

[by Anonymous Coward]

Or maybe they just wrote the page such that standards-compliant browsers won't show the advert.

Re:

[shentino (1139071)]

That would be good marketing though...

As only the people with crappy browsers like IE would have their experiences improved by switching, while those with browsers that follow the rules probably already have satisfied users who would be meh about leaping from one cloud to another.

Re:

[GodfatherofSoul (174979)]

Could be another battle in Google's big middle finger crusade pointed at Microsoft.

Re:

[by Anonymous Coward]

Of course they are!

Firefox has the "Tell me if the site I'm visiting is a suspected attack site" option checked by default. (Tools --> Options --> Security) This option sends every site one visits to Google for verification, so Google is already getting a complete history of each site visited for FF users. [IE sends this information to Microsoft.]

Thus, Google has more incentive to switch an IE user to Chrome than a FF user.

Re:Google Main Page Says To Use Chrome Only In IE

[by Anonymous Coward]

I am sorry but that's incorrect. Firefox uses a local database of suspicious URLs that is updated every 30 min. URLs are never send to Google, Google sends suspicious URLs to Firefox.

The functionality you describe was optional in older versions of Firefox (to eliminate the max 30 min. delay for ultra paranoid people) but was removed on request of Google because it caused them too much load.

Re:

[zuperduperman (1206922)]

It's interesting that they are attacking IE8 and not just IE6 & 7. They had good technical arguments for attacking IE6. IE7 somewhat, but almost none for IE8. This brings them 1 step closer to getting into monopolist problems with Chrome - they can hardly go to town claiming Microsoft is pushing IE unfairly on Windows when they themselves are cross-fertilizing their own browser from their search business.

Re:

[Bert64 (520050)]

IE8 may be a significant improvement from 7, but it is still massively behind other browsers... It has no SVG support, it's javascript engine is still massively behind the other browsers (javascript is very important for google) and it's css support while a big improvement is still behind other browsers...
Also, doesn't IE8 require you to insert a non standard tag into your site in order to make it attempt to follow standards?

Re:

[Bert64 (520050)]

IE is a browser controlled by a company that competes with google's profitable business areas, and is used by that competitor to drive traffic to it's services which compete with google...
Firefox is not a competitor, google make no money from chrome, they just want users to be running a browser that defaults to google, which firefox also does. I imagine they also want users to be running standards compliant browsers, as it makes life much easier for them to write apps for them.

Re:

[Dan541 (1032000)]

It's because IE users don't know any better. Firefox users are not going to switch to something else, at least not easily.

Not so good. Time to make gooder.

[JavaManJim (946878)]

I like Chrome's Home Page web thumbprints.

I dislike that I cannot control these. For example right now, I have two timesonline.uk up. Permanently it seems. The "tool" icon does not allow Home Page editing. It should.

So,
A. If anyone out there can enlighten me on how to adjust Home Page icons. Go ahead.
B. If not Chrome developers, are you listening? Add web page adjustments to the Home Page. Pretty please?

Thanks

Re:

[by Anonymous Coward]

The current dev branch of chrome just added support for adjusting thumbnails of new pages.

Re:

[JavaManJim (946878)]

Thanks, I hope it grows out of dev branch soon.

Re:

[downix (84795)]

Have you read the article, where he discusses IE7, IE8, Firefox and Safari's own sandboxing techniques for comparison to Chromes?