Forgot your password?
typodupeerror
Security Businesses Google The Internet

Google Chrome Developers On Browser Security 61

Posted by ScuttleMonkey
from the never-ending-war-of-escalation dept.
CowboyRobot writes "Developers of Google's Chrome browser have spoken up in an article describing their approach to keeping the browser secure, focusing on minimizing the frequency, duration, and severity of exposure. One tool Chrome uses is a recently open-sourced update distribution application called 'Omaha.' 'Omaha automatically checks for software updates every five hours. When a new update is available, a fraction of clients are told about it, based on a probability set by the team. This probability lets the team verify the quality of the release before informing all clients.'"
This discussion has been archived. No new comments can be posted.

Google Chrome Developers On Browser Security

Comments Filter:
  • Beta testers (Score:4, Insightful)

    by twidarkling (1537077) on Friday June 19, 2009 @05:07PM (#28395789)

    So basically, they're getting a random sample of their user base to beta test updates in the wild for them. I hope there's some kind of warning about this while using it.

    • Re:Beta testers (Score:5, Interesting)

      by jayme0227 (1558821) on Friday June 19, 2009 @05:14PM (#28395879) Journal

      It's certainly better than having the entire user base beta test the patch for them which is where we're at now in most cases.

    • Re: (Score:1, Troll)

      by siloko (1133863)
      Well Google is a synonym for Beta so no surprise here then . . . well actually the surprise is that they are restricting the pleasure of betaness to a selected few rather than their usual approach of using the great unwashed duped into the 'not evil' mantra . . .
      • Re: (Score:3, Funny)

        by siloko (1133863)
        A bit passe to reply to your own posts but the mod is right. I started out writing a side splitter but the beer decided that it should turn into a troll post. Pints and posting do not mix! Buenas noches ;)
    • Re:Beta testers (Score:5, Informative)

      by RoFLKOPTr (1294290) on Friday June 19, 2009 @05:19PM (#28395935)

      No, they're getting a random sample of their user base to test a ready-for-release patch so that in case there are a couple cases not within their testing scenarios where the patch is unstable or a security hole is present, they will be able to address that (if it's serious enough) before releasing it to the whole world. This is so much better than the current way of doing things, because patches are still tested in the shop to the same degree as they would be without Omaha, except this way there's even more to be sure that the patch works correctly.

      • Re: (Score:1, Troll)

        by BikeHelmet (1437881)

        I absolutely agree with you. How many times has Microsoft released a patch, only to take it down because it causes severe stability problems or breaks something?

        Hint: Lots. Probably at least twice per year, for the last few years.

        I agree, that this is way better.

        • Re:Beta testers (Score:4, Interesting)

          by hairyfeet (841228) <bassbeast1968@NOspaM.gmail.com> on Saturday June 20, 2009 @03:15AM (#28399877) Journal

          But let us be fair here: How many fricking machines are running Windows? How many hundreds of thousands or even millions of different hardware and software configurations? Just in my home I have a 733Mhz, a 1.7Ghz laptop, my boys 2.6Ghz and 3.06Ghz, and finally the 3.6GHz I'm about to give the oldest, all running XP32, while I am running XP x64 on my new AMD dual. They all have hugely different hardware and software installed, yet somehow it just seems to work.

          According to Wikipedia [wikipedia.org] you are looking at a 400 million + install base for JUST XP, and then when you figure in that they are currently supporting Win2K Pro, WinXP 32/64, WinServer 2K3 32/64, and WinVista the idea that they could put out patches that wouldn't break something is just plain crazy. The fact that the "oops" patches only happen once or twice a year is frankly a miracle when you consider how many different possible combinations of software/hardware there can be on a Windows machine.

          How many times have you see on the forums after the latest Ubuntu release "the update for foo completely hosed my (insert hardware here)"? I'm sure the Linux guys doing hardware driver support can tell you what a massive PITA it is trying to make sure an update doesn't totally hose something else, and still there are always problems. So considering the fact that unlike certain companies named after fruit I can put a machine together with so many different mish mashes of hardware together and actually have the thing work and run stable I think we can cut the guys at MSFT a little break when it comes to the occasional "oops" patch.

          • Someone sure must hate me. Every post I made in the last day is modded troll.

            According to Wikipedia [wikipedia.org] you are looking at a 400 million + install base for JUST XP, and then when you figure in that they are currently supporting Win2K Pro, WinXP 32/64, WinServer 2K3 32/64, and WinVista the idea that they could put out patches that wouldn't break something is just plain crazy. The fact that the "oops" patches only happen once or twice a year is frankly a miracle when you consider how many different possible combinations of software/hardware there can be on a Windows machine.

            Usually a random person from MSFN submits fixes for whatever Microsoft breaks. I remember when they did a half-assed update pack for Win2k when ending support - but it broke more than it fixed. Someone on MSFN figured out how to fix it breaking hibernation and power management. Someone else repacked everything in service pack format.

            Just think, rather than breaking 2 million Win2k computers, they could've broken only ~20,000 before

            • (Number inflation intentional; with something like an XP or Vista update, it'd hit many people than the Win2k update did.)

            • Just think, rather than breaking 2 million Win2k computers, they could've broken only ~20,000 before detecting the problems, if they followed this train of thought.

              I'm not arguing for or against your post, I just came here to say that 'tis a sad state of affairs when breaking 20,000 systems is presented as the better option.

              • Well, there's clearly a problem. Why else would companies have IT people run extensive tests before upgrading the whole network? :P

                If only 20k computers could be affected, worldwide, that'd be a huge improvement.

        • Microsoft takes down those patches? I thought they just released advisories on unrelated pages.

    • Re: (Score:2, Insightful)

      I wish more companies would do this with patches. Historically, some non-trivial percentage of all patches (to some OS or software) also caused a new bug under some small percentage (like 10%) of the possible software configurations out there. It's better to patch, cause issues, and roll back on a few thousand users than a few hundred thousand. A week later, the quality for all users is the same.

      • I wish Google would fix its gaping security holes at all; I don't care how they do it. On my Gentoo Firefox 2 I'm invulnerable. On my XP Chrome, accidentally clicking an on.nimp.org link necessitates a hard power down. I'm paranoid about every click on Chrome.
      • The methodology--i.e. random users--is not necessarily ideal, though. Wouldn't it be nice if there was a "labs" option in the browser so you could volunteer to be a guinnea pig? Then maybe after the early adopters, feed out the updates at a rate of 10% a day to hoi polloi.
    • by mcrbids (148650) on Friday June 19, 2009 @05:32PM (#28396109) Journal

      Any time you release a new version of software, there's an increased likelihood that there will be unforeseen bugs not specifically tested for. You can test tell you're blue in the face, but no matter how you look at it, real-life is the real test.

      And it's not just bugs. Even when things are working exactly to plan, you don't necessarily want to roll it out everywhere all at once.A good example is our password-change policy - we now require periodic changes in passwords. When we did this, requiring everybody to change their password, we did it "gracefully" over a month's time so that the help desk wouldn't be overwhelmed by idiots who don't understand the idea of changing their password.

      It's pretty sad that something so simple would cause people to freak out, but it does, and that's just humanity. Get over it, already. People are people, and it's easier to spread the work out over a period of time rather than just beat yourself up all at once.

      Gradual roll-out is a *good thing* unless it's a terrible security issue that must be addressed immediately.

    • Re: (Score:3, Interesting)

      by Ash Vince (602485)

      So basically, they're getting a random sample of their user base to beta test updates in the wild for them. I hope there's some kind of warning about this while using it.

      Since none of us actually read the licence agreement there probably is :)

  • by Anonymous Coward on Friday June 19, 2009 @05:25PM (#28396017)

    Now if they could stop running googleupdate crap ALL THE TIME (maybe use the OSs built in scheduling system to run every so often) and give me more control over when/how things get updated it will be much better.

    • by Anonymous Coward on Friday June 19, 2009 @05:48PM (#28396305)

      It _is_ killable - ironically, part of what you have to do is delete the job from the scheduler which restarts the damn thing every so often.

      It could do with a more user friendly ticky box to turn it off, but it's not completely evil.

      One thing I've never understood is why MS didn't expose the Windows Update facilities to other vendors (with user approval, of course.) A one-stop shop for updates a la Ubuntu's Update Manager would be a hell of a lot less messy, and it would actually work for people who do the Right Thing and don't run with Admin / Power User privileges.

      • Re: (Score:1, Flamebait)

        by sexconker (1179573)

        Damn thing doesn't let me kill it if I have google toolbar installed.
        Every run of the browser reenables it, so google toolbar went bye bye (who the fuck needs it anymore anyway?)

        Similar to Apple's updater.
        Install quicktime. No I would not like to keep my apple software up to date.
        Next week: "Updates are available for your appler software"
        Next restart: "You have Shitfari!"

        So, Quicktime is gone now (no, I don't use iTunes) too. (I tolerated qttask.exe for ages, I wasn't about to put up with anymore shit.)

        D

      • by EdZ (755139)
        If you have to open administrative tools and disable it's scheduled task just to turn it off, it's pretty damn evil. As is bundling it with every application, with no clean version available (or at least, no clean version that aren't buried in a forum link somewhere).

        An anecdote: last time I installed Google Earth, I immediately ran the uninstaller for Google update (incidentally, the Google Earth installer makes no mention that it is installing the Google Updater for you). Not a few minutes later, Comod
    • Here goes... If *I* know how to add a scheduled task to windows scheduler at install time (when I have the god-admin-rights) - how google does not? Oh yes, it knows... but it does not want it to be simple. Do no evil. I always put a (unchecked) .CMD file backup task to the whathever-install that I make. Could not google do the same? Yes.

  • Wake me when there is a Qt4 fork of Chromium, or a version of Rekonq that implements Chrome's separate process model.

  • No Thanks (Score:3, Interesting)

    by sexconker (1179573) on Friday June 19, 2009 @06:02PM (#28396485)

    Every 5 hours?
    Fraction?
    Probability?
    Set by the developer?
    Verify the quality?

    Yeah, no thanks.

    I want updater services to DIE.

    Check for an update when I launch your program, and give me the option to turn it off.
    Don't run in the background all the time.

    Give me the option to manually check for updates.
    If there are updates, list them and let me choose whether not to install them. Also supply details about the update, preferably without making me launch your web page.

    Tell me which updates will require restarting the program. Tell me how large they are. Give me the option to download now, and install later.

    Quality test the fucking updates yourself.
    All users should be able to get the update at the same time, with a probability of 1.

    • Re: (Score:2, Interesting)

      by Anonymous Coward

      The problem is if they do that, then 90% of the non-power user internet users won't EVER update. Which means security flaws are never patched. Which means they get a bad name for not fixing a problem that was patched 5 months ago.

      I admit that patchers and automatic updaters are a real headache and I wish most of them would just die already... But the simple fact is I'm a power user. Most people (of which my brother is one) don't care. He would rather it handle his business for him cause it's one less thing

    • Sounds like someone needs to buy them self a Mac.

      No webpage.
      Can be told to bugger off when I am busy.
      Tells me if an update requires restart.
      Can for shutoff, and run manually if you insist.
      • Oh, Windows updates work just fine with regards to what I want.

        It's the application updates I hate.

        Adobe, Apple, Google, Java, etc. are all varying degrees of in your face, shitty options, shitty deployment routines, and outright ignoring my preferences.

  • Microsoft say that Internet Explorer 8 is the secure browser!?! Plus much more: http://www.microsoft.com/windows/internet-explorer/get-the-facts/browser-comparison.aspx [microsoft.com]
    • this is quite seriously one of the most amazing pages I've ever read.

      Microsoft believes that IE8 is the greatest browser that has ever existed, and that will ever EXIST, sure chrome, firefox and opera are mean to children, drown puppies and are generally horrible, but do they really deserve this??

      I found the page may have at least had some truth, if everywhere Internet Explorer was said, you replaced it with opera.

    • "Internet Explorer 8 takes the cake with better phishing and malware protection, as well as protection from emerging threats"

      "Firefox and Chrome have more support for emerging standards like HTML5 and CSS3, but Internet Explorer 8 invested heavily in having world-class, consistent support for the entire CSS2.1 specification"

      "Internet Explorer 8 is more compatible with more sites on the Internet than any other browser"

  • by tonywong (96839) on Saturday June 20, 2009 @03:39AM (#28399959) Homepage

    And get into HTML5 for video etc:

    "Google Chrome must support plug-ins such as Flash Player and Silverlight so users can visit popular Web sites such as YouTube. These plug-ins are not designed to run in a sandbox, however, and they expect direct access to the underlying operating system. This allows them to implement features such as full-screen video chat with access to the entire screen, the userâ(TM)s webcam, and microphone. Google Chrome does not currently run these plug-ins in a sandbox, instead relying on their respective vendors to maintain their own security."

"And do you think (fop that I am) that I could be the Scarlet Pumpernickel?" -- Looney Tunes, The Scarlet Pumpernickel (1950, Chuck Jones)

Working...