With client side attacks on the rise due to greater success than attacks on network infrastructures directly, has Google paid enough attention to this trend as it enters its own browser into the fray?

In this article on CNN, Google tends to keep talking about changing the web as we know it and being more innovative. But MS on the other hand, with it's IE8 Beta now also available, is pushing the secutiy features of it's new offering such as InPrivate Browsing - not how it adds new innovations to the web itself.

Either way, it makes for interesting times.

Get Chrome Beta:
http://www.google.com/chrome

IE8 Beta:
http://www.microsoft.com/windows/internet-explorer/beta/default.aspx

Some other random thoughts about Chrome:

1. What will now happen to Google's co-markleting efforts with Firefox?
2. Is Google neglicting those that alternate browsers the most, non-Windows users, by only releasing a Windows version?

Hmmmmmm...

Don

Just what we need another piece of beta software running on the interweb ....
No seriously, why can't ANY developer deliver a browser that runs in a complete sandbox with a normal browsing experience. For some reason, they designed web content with need to access your system either with user privileges or system privileges that most 3rd party software runs as. UGH :-(

On a side note, anyone play around with Checkpoint's Forcefield? Its pretty cool, but breaks many java apps.

Received a link to this link to milw0rm in my inbox. I haven't had a chance to ( and probably won't) test the impact of the exploit but that is some fast work.

It's not remote execute code yet but it does set alarm bells off in my head. Think I'll let others play guinea pig for a while yet.

Courtesy of El Reg:

Chrome vulnerable to carpetbomb bug - Should be self explanatory. If you're going to rip code from third partied, make sure you patch any bugs, especially the known and well publicised ones....

Issues with Chrome EULA - Apparently the EULA allows Google to use any material posted to the web by yourself via Chrome without any copyright restrictions etc.

<edit to add...>
yet another Milw0rm exploit
</edit>

now I'll definitely let others be the guinea pigs, might give Chrome a crack in a couple of years.....

IE8... from the company that brought you Vista!!

Don

Chrome sports quite a few neat security features that are intriguing.

The sandboxed tabs seems to be one of the best features in the new browser, which will limit data leak from one tab to another.  Whereas most browsers run each tab inside the parent process, with Chrome, each tab is it's own independent process.  This means that one tab can't reach into the memory space of another tab (which actually effectively firewalls the tabs from one another, especially nice for the "incognito" tabs).

I'm a little perplexed by the incognito mode frankly.  It seems like a nifty feature, sure, but not all that practical if you're really serious about privacy.  The browser still collects cookies and transmits personal information and doesn't provide any of the protection that anonymous browsing via TOR or the privacy protection of encryption.  Your session can still be sniffed and the only real advantage is none of the data utilized by the browser is written to disk.  This might be nice in that the browser doesn't "remember" the URL's to sites you've visited or cache images, but you can customize most browsers to mimic this functionality.

I tried IE8 for grins and had a minor problem with signing into VMWare Server. Hopefully that will get worked out before IE8 goes into production. I have to use IE7 since the tools for the server don't work with Firefox. errrr.......