Google launches internet browser - Chrome

[flesso]

I think Google Chrome will over come its teething problems, and its not expected to be perfect since it is only a beta release. The release of the Safari web browser for Microsoft Windows saw some of the same problems that Google Chrome has since its release, most notably the vulnerability involving the downloading files without the user's knowledge.

[WelshTom]

Quote:

Originally Posted by flesso

I think Google Chrome will over come its teething problems, and its not expected to be perfect since it is only a beta release. The release of the Safari web browser for Microsoft Windows saw some of the same problems that Google Chrome has since its release, most notably the vulnerability involving the downloading files without the user's knowledge.

They're probably going to fix that soon though. Safari had the exact same problem and didn't fix it for months - very slow responding. Hopefully, Google will be a lot quicker.

[flesso]

Quote:

Originally Posted by WelshTom

They're probably going to fix that soon though. Safari had the exact same problem and didn't fix it for months - very slow responding. Hopefully, Google will be a lot quicker.

Another thing that Google will need to do bring Google Chrome up to standard is to update the Apple WebKit version that has been used. Although Safari may have had the same issues, they were using the latest version of WebKit and other bases need for development I believe.

[WelshTom]

Quote:

Originally Posted by flesso

Another thing that Google will need to do bring Google Chrome up to standard is to update the Apple WebKit version that has been used. Although Safari may have had the same issues, they were using the latest version of WebKit and other bases need for development I believe.

Erm... no they weren't. Safari was using the older version of Apple Webkit hence the problems.

[jc8654]

Well as there has been a security update for Safari to solve the issue I'm sure Google Chrome will have the same treatment. My guess is when they started building that the flaw hadn't been found and so when it came to light, it made more sense to continue with their current design path than go back and change things. Once they've reached the stage they now have, I would think fixing the security flaw will be one of their main things to do.

[Ben]

Quote:

Originally Posted by jc8654

Well as there has been a security update for Safari to solve the issue I'm sure Google Chrome will have the same treatment. My guess is when they started building that the flaw hadn't been found and so when it came to light, it made more sense to continue with their current design path than go back and change things. Once they've reached the stage they now have, I would think fixing the security flaw will be one of their main things to do.

Not sure if Google will fix it as a priority update. I think they know a handful of bugs in their browser and will fix a dozen of them in their next beta release which presumely won't be for some time.

[jc8654]

That's what I meant - it will be one of the things they are going to address in their next release I would think.

[WelshTom]

It's not exactly hard to fix anyway. They simple need to update their version of WebKit :P

[jc8654]

I think Chrome needs to get some more addons like Firefox but I guess that all comes with good time.

Some other things which I've just noticed with Chrome (which I'm incidentally using to write this post. First off, in other web browsers when I want to change some text to bold, I can usually do control and B. In Google Chrome for some reason that doesn't work. Second thing (and this is one I do like), there is an inbuilt spell checker for forms etc. It comes up like word with a red line underneath if it doesn't recognise the word and you can right click and choose the corrected version.

[WelshTom]

Quote:

Originally Posted by jc8654

I think Chrome needs to get some more addons like Firefox but I guess that all comes with good time.

Some other things which I've just noticed with Chrome (which I'm incidentally using to write this post. First off, in other web browsers when I want to change some text to bold, I can usually do control and B. In Google Chrome for some reason that doesn't work. Second thing (and this is one I do like), there is an inbuilt spell checker for forms etc. It comes up like word with a red line underneath if it doesn't recognise the word and you can right click and choose the corrected version.

Yup, I didn't know Google Chrome had a spell check facility, but it's a good idea. I have to rely on addons in Firefox achieve the same effect.

[jc8654]

What other features do you think we should see in Google Chrome?

Things I like so far:
Spell check
Developer tools and viewing source code
Default page layout and links

[WelshTom]

Erm.. what do you mean by default page layout and links?

[Ben]

Quote:

Originally Posted by WelshTom

Erm.. what do you mean by default page layout and links?

lol. I must say you really seem keen to post in this thread *hint*

[jc8654]

The home page with the 10 most viewed sites you've been on... I really like the feature as all the sites I really use are there within a click. Granted you can get the same think with links bar in IE but with Chrome you have a much bigger area to click and you can see the site you want at a glance.

[WelshTom]

Security flaws

Multiple security experts have criticized what serves as the automatic file download feature that comes enabled by default in Google Chrome. They argued that it could be used easily by an attacker to trick a user into opening a malicious executable file.
A denial-of-service vulnerability was found that allowed a malicious web page to crash the whole web browser. Google Chrome developers confirmed the flaw, and it was fixed in the 0.2.149.29 release.

Security

Chrome periodically downloads updates of two blacklists (one for phishing and one for malware), and warns users when they attempt to visit a harmful site. This service also is made available for use by others via a free public API called "Google Safe Browsing API". In the process of maintaining these blacklists, Google also notifies the owners of listed sites who may not be aware of the presence of the harmful software.
Each tab in Chrome is fit into its own process to "prevent malware from installing itself" or "using what happens in one tab to affect what happens in another". The Sandbox Team is said to have "taken this existing process boundary and made it into a jail"; for example, malicious software running in one tab is unable to sniff credit card numbers, interact with the mouse, or tell "Windows to run an executable on start-up" and it will be terminated when the tab is closed. This enforces a simple computer security module whereby there are two levels of multilevel security (user and sandbox) and the sandbox can only respond to communication requests initiated by the user.
Typically, Plugins such as Adobe Flash Player are not standardized and as such, cannot be sandboxed as tabs can be. These often need to run at, or above, the security level of the browser itself. To reduce exposure to attack, plugins are run in separate processes that communicate with the renderer, itself operating at "very low privileges" in dedicated per-tab processes. Plugins will need to be modified to operate within this software architecture while following the priniple of least privelage. Chrome supports the NPAPI, but does not support the embedding of ActiveX controls. Also, Chrome does not have an extension system such as Mozilla's XPinstall architecture. Java applets support is available in Chrome as part of the pending Java 6 update 10, which currently is in Release Candidate testing.
A private browsing feature called Incognito mode is provided as well. It prevents the browser from storing any history information or cookies from the websites visited. This is similar to the private browsing feature available in Apple's Safari and the latest beta version of Internet Explorer 8.

[flesso]

Quote:

Originally Posted by WelshTom

Security flaws

Multiple security experts have criticized what serves as the automatic file download feature that comes enabled by default in Google Chrome. They argued that it could be used easily by an attacker to trick a user into opening a malicious executable file.
A denial-of-service vulnerability was found that allowed a malicious web page to crash the whole web browser. Google Chrome developers confirmed the flaw, and it was fixed in the 0.2.149.29 release.

Security

Chrome periodically downloads updates of two blacklists (one for phishing and one for malware), and warns users when they attempt to visit a harmful site. This service also is made available for use by others via a free public API called "Google Safe Browsing API". In the process of maintaining these blacklists, Google also notifies the owners of listed sites who may not be aware of the presence of the harmful software.
Each tab in Chrome is fit into its own process to "prevent malware from installing itself" or "using what happens in one tab to affect what happens in another". The Sandbox Team is said to have "taken this existing process boundary and made it into a jail"; for example, malicious software running in one tab is unable to sniff credit card numbers, interact with the mouse, or tell "Windows to run an executable on start-up" and it will be terminated when the tab is closed. This enforces a simple computer security module whereby there are two levels of multilevel security (user and sandbox) and the sandbox can only respond to communication requests initiated by the user.
Typically, Plugins such as Adobe Flash Player are not standardized and as such, cannot be sandboxed as tabs can be. These often need to run at, or above, the security level of the browser itself. To reduce exposure to attack, plugins are run in separate processes that communicate with the renderer, itself operating at "very low privileges" in dedicated per-tab processes. Plugins will need to be modified to operate within this software architecture while following the priniple of least privelage. Chrome supports the NPAPI, but does not support the embedding of ActiveX controls. Also, Chrome does not have an extension system such as Mozilla's XPinstall architecture. Java applets support is available in Chrome as part of the pending Java 6 update 10, which currently is in Release Candidate testing.
A private browsing feature called Incognito mode is provided as well. It prevents the browser from storing any history information or cookies from the websites visited. This is similar to the private browsing feature available in Apple's Safari and the latest beta version of Internet Explorer 8.

I'm not going to be touching Chrome with a barge pole.

[WelshTom]

A barge pole? What? And why not? What's wrong with Chrome? What don't you like about it?

[flesso]

Quote:

Originally Posted by WelshTom

A barge pole? What? And why not? What's wrong with Chrome? What don't you like about it?

Its ugly, unsecure what from you've said, very very basic a load of complete tash IMO.

[WelshTom]

Quote:

Originally Posted by flesso

Its ugly, unsecure what from you've said, very very basic a load of complete tash IMO.

Chrome is still in the beta stage, you can expect all of those things. Rest assured though that I can easily see it being one of the competitive web browsers in the near future.

[jc8654]

All software goes through stages of bugs and testing. That is why things are in Beta to iron out the bugs and issues before it goes to final release.

You can't expect the entire program to be bug free and 100% perfect on Beta otherwise it simply wouldn't be Beta.

Granted, I won't be doing anything too secure with Chrome at the minute and I'll be avoiding any even slightly dodgy websites but I can see once the problems get ironed out it could well be up there with Firefox and maybe even go past it.