Everyone’s talking about Google Chrome today. It’s a new web browser much like IE, FireFox, Opera and Safari. Here are some things you should know about its security.
- It’s still in "beta", meaning they’re still testing it. It’s an unfinished product. There will be bugs to be found, including security bugs.
- There’s a debate going on about Google’s intentions on releasing a free browser. It seems Google will be collecting some information from some users on their browsing habits. It’s an opt-in service so there isn’t anything sneaking going on, and it can be turned off. But it still makes some people uncomfortable.
- Chrome has a private mode called "Incognito". Some other browsers also have this feature. It’s a good thing. It puts you in control over which web sites save information on your computer and which don’t.
- It uses a new programming model putting each page in its own process. This should make everything safer, but it’s new and time will tell how secure it really is.
And did I mention it’s in beta and security bugs will no doubt be found soon?
I suggest that as soon as Google are comfortable with the performance of this new product it’ll be a good alternative to Internet Explorer.
What I certainly don’t like about it, it that you can see your passwords!
Go to ‘Options’ -> ‘Minor Tweaks’ -> ‘Show saved passwords’.
Select a site, just click ‘Show password’ and hey presto! 🙁
So if you leave your machine unlocked or use Chrome and forget to clear this list then everyone can just go ahead and see your passwords!
Bye bye Chrome for me…
Yeah that’s a security hole as far as I’m concerned. But here’s something else that’s interesting:
– Windows and IE saves your passwords in a recoverable format. PC Wizard 2008 (free) can display then in plaintext: http://www.cpuid.com/pcwizard.php . You don’t even need to install this program, just run it from a flash drive on any Windows PC and you’ll see some interesting passwords.
– When Chrome imports your IE bookmarks, it also imports the saved user names & passwords. This surprised me. From a “usability” point of view it makes it easier to crossgrade to Chrome, but it also reminds you that your current saved passwords are readable by any program. I haven’t tested this with Opera or FireFox.
Overall I’m liking Chrome, once they get the bugs sorted out I believe it’ll be a good safe browser for everyone. Time will tell.
Thanks for the tip, that I didn’t know and probably a lot of others neither.
I like Chrome too, but it’s still a bit too rough on the edges.
Nick