Google Chrome Sandbox?

Apple Safari also uses webkit...
​

 

With the latest Sandboxie beta version you dont need the -no-sandbox switch anymore. Its fixed

 

Thank you very much. I will dl it now.

 

Duplication of post, should have posted here

Interesting read on Chrome's security architecture

http://crypto.stanford.edu/websec/chromium/chromium-security-architecture.pdf

In short: The browser has seperated browser kernel and sandboxed rendering engine. The browser kernel does not allow the rendering engine to commmunicate directly with the OS (ergo is sandboxed). A POC with an known vulnability in the XML parser of Chrome (XXE vulnability) prooved that the exploit was blocked from accessing the file system (unable to read data from harddisk), but was able to mess within the sandboxed rendering engine.

Because Chrome 'inherites' all the exploits of the components it uses (which is true for any program using components) and no software is error free, Chrome can not be 100% bullet proof. On the other hand Chrome is definitely a lot safer safer than other browsers at the moment.

According to the guys from Stanford, Chrome would have not be vulnarable to 67,4% of the browser exploits of the past year (and would have protect you against 70.4% of the real serious exploits of the past year), by using this two layered security model (user interaction with browser kernel, sandboxed rendering engine doing all the internet related tricky stuff )

Guess what: I believe them the Stanfordians are a respected bunch of eggheads

Besides security, look and feel (which is personal taste, but I like the minimal layout) it is also fast. Try for yourself by clicking the links in Newby's post. Try your favourite browser against the latests build of Chromium
https://www.wilderssecurity.com/showpost.php?p=1340595&postcount=5

First test: higher is better (but it is a Google test, so it will be manipulated to proove Chrome's benefits)
Second test: lower is better (standard Sun test, so should be a little to the disadvantage of IE and to the advantage of java based browsers like FireFox)

 

thank you Kees for the explanation.
Ice

 

Kees just in case you dont know heres another good test for javascript:
http://dromaeo.com/

 

New Version of SR IRon

http://www.srware.net/en/software_srware_iron_news.php

Cheers

 

Kees, just downloaded the portable version.

This version, while running the latest version of sandboxie with default settings, now allows for downloaded files to be recovered.

 

Download the text file. rename to adblock.ini and just copy it to the Iron folder (e.g: C:\Program Files\SRWare Iron\) and you have an adblocker included.

 

SRWare Iron runs fine!