Chrome Password Security is Shot, Google Pack Serves Chrome as Default Browser
Now that Google has removed the Beta tag from the web browser it developed in a little over 100 days, Google Chrome 1.0 is featured as the default browser in Google Pack, the selection of free software that Google provides for well over two years now. In terms of security, in recent tests conducted by CIS (Chapin Information Services) it has come to light that Google Chrome password security scored the lowest points, just as Safari.
Until now, the web browser that Google Pack featured was Mozilla’s Firefox. You might think that this is not big deal, but it is (to Mozilla and Firefox fans in particular). Google fired off a series of threats to Mozilla: the first threat was when Google started to develop its own browse which boasted incredible surfing speeds; the second was when Google decided to stop promoting Mozilla’s products; the third threat is represented by the current decision to pull Firefox from Google Pack. The thing is that experienced internauts are well aware of Mozilla Firefox and Google Chrome, but novices that turn to Google and Google Pack for advice will undoubtedly remain blissfully unaware.
According Garret Rogers from ZDNet, one additional move on the part of Google could put the Mozilla Project in trouble: “The last (and final, I think) move that Google could make would be to remove themselves as Mozilla’s main source of income. About $60 million per year (that’s around 85% of Mozilla’s total income) comes from Google to ensure they remain the default search engine on the browser. Canceling this relationship could seriously damage Mozilla, unless a company like Microsoft decides to start giving their largest browser competitor the cash it needs to survive - an unlikely, but possible scenario.”
Moving on to security, the one thing that you expect your browser to provide above all other features, it turns out that Google Chrome and Safari 3.2 are tied in terms of password protection – both are at the bottom of the score list. According to Chapin Information Services (CIS), an attacker could gain access to your passwords due to three unsolved issues within the browser: not checking where the passwords are sent, not checking the location that requests passwords, and invisible form elements.
“These three problems, combined with seventeen others so far identified in Chrome's password manager, form a toxic soup of potential vulnerabilities that can coalesce into broad insecurity. Currently, the password manager that is closest to solving the first three problems is built into Opera 9.62,” says CIS.
Until now, the web browser that Google Pack featured was Mozilla’s Firefox. You might think that this is not big deal, but it is (to Mozilla and Firefox fans in particular). Google fired off a series of threats to Mozilla: the first threat was when Google started to develop its own browse which boasted incredible surfing speeds; the second was when Google decided to stop promoting Mozilla’s products; the third threat is represented by the current decision to pull Firefox from Google Pack. The thing is that experienced internauts are well aware of Mozilla Firefox and Google Chrome, but novices that turn to Google and Google Pack for advice will undoubtedly remain blissfully unaware.
According Garret Rogers from ZDNet, one additional move on the part of Google could put the Mozilla Project in trouble: “The last (and final, I think) move that Google could make would be to remove themselves as Mozilla’s main source of income. About $60 million per year (that’s around 85% of Mozilla’s total income) comes from Google to ensure they remain the default search engine on the browser. Canceling this relationship could seriously damage Mozilla, unless a company like Microsoft decides to start giving their largest browser competitor the cash it needs to survive - an unlikely, but possible scenario.”
Moving on to security, the one thing that you expect your browser to provide above all other features, it turns out that Google Chrome and Safari 3.2 are tied in terms of password protection – both are at the bottom of the score list. According to Chapin Information Services (CIS), an attacker could gain access to your passwords due to three unsolved issues within the browser: not checking where the passwords are sent, not checking the location that requests passwords, and invisible form elements.
“These three problems, combined with seventeen others so far identified in Chrome's password manager, form a toxic soup of potential vulnerabilities that can coalesce into broad insecurity. Currently, the password manager that is closest to solving the first three problems is built into Opera 9.62,” says CIS.
