« IE8 Privacy Feature Is Leaky | Main | NebuAd's CEO Packs His Bags »

September 2, 2008

Security & Privacy in Google Chrome

Google’s new browser has its own privacy mode along with architectural changes designed to make the browser less of a security liability.

Scott “Understanding Comics” wrote a comic book explaining some of Chrome’s features and design considerations. Pages 22 & 23 of the comic offer a little detail on what Google calls Chrome’s “privacy mode.” Pages 25 to 33 get into the security considerations.

google_chrome_privacy.png

The privacy mode isn’t explained in very much detail.

The comic says that by entering privacy mode, “you can create an ‘incognito’ window and nothing that occurs in that window is ever logged on your computer. It’s a read-only mode: You can still access your bookmarks, but none of your history is saved in the browser — and when you close the window, the cookies from that session are wiped out.”

The terms deserving examination would seem to be “logged,” “history,” and “cookies,” which, as Microsoft’s IE8 “privacy mode” has taught us, do not include the browser’s cache.

That’ll be easy enough to figure out once Google makes the browser available.

google_chrome_security.png

The security section of the comic is beefier, delving into the permissions model Google’s using with Chrome, and mentioning some interesting possibilities where plugins are concerned:

“Plugins have capabilities that aren’t public standards, so we can’t sandbox these yet.

“Though with some small changes on the part of the plugin makers, we can get them to run at a lower privilege, which would be much safer.”

Nothing specific beyond that, but when you stop to think about stuff like the Clipboard of Doom, it’s an interesting idea. On the other hand, some of the plugin makers have ambitions of becoming their own platform no less grand than Google’s. I’d like to see a Google/Adobe showdown over Flash’s privilege model.

Anyhow, the Chrome download became available while I was working on this, so I guess it’s time to go fire up VMWare and answer a few of my questions.

E-mail   0 Comments    Digg This    add to del.icio.us

Posted by mhall at 4:00 PM | Add Comment

Leave a comment











Type the characters you see in the picture above.

 




JupiterOnlineMedia

internet.comearthweb.comDevx.commediabistro.comGraphics.com

Search:

Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info


Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers