chrome sandbox

[Mars]

Hey guys, just a quick question here. Could you guys tell me how secure and stable Google Chromes' sandbox is (any tests out there)? As a vista 64x guy, my options for having sandbox technology is a little hard to play with.

Cheers.


(And yes, i have tried forcefield - wasn't a fan lol)

I found this post from Kees, but are there any new reports?

[m00nbl00d]

Google Chrome's sandbox is as secure as the Operating System's lack of vulnerabilities.

Google Chrome's sandbox makes use of Windows's own security implementations. Brings nothing new. If vulnerabilities exist in those security implementations, then Chrome's sandbox is easily beaten.

I'll try and find the link from Google where you can read more how Chrome's sandbox works.

Edited to add link: Here it is http://blog.chromium.org/2008/10/new...ty-google.html

Is there any advantage when running Chrome instead of Firefox on Windows XP?

[simisg]

it has more pages blacklisted by default.... but you can have firefox with wot or linkscanner

[cheater87]

You can use Sandboxie with Chrome.

[Doodler]

Quote:

Originally Posted by cheater87

You can use Sandboxie with Chrome.

But I think the OP has a 64 bit machine, which isn't compatible with SBIE.

hi....see this review of chrome by mirzos.....-http://www.youtube.com/watch?v=P6sNbNKt4hY&feature=channel_page-

[Kees1958]

Sorry guys,

Stanford University has investigated that the architecture of Chrome is at least 60% less vulnarable than IE, FF, Opera, due to its internal Sandbox. Chrome was also the onbly browser not hacked at a recent 'hackers tournement'.

Search the software and services section to find the posts and the othrr malware section for it.

I know software using components also inherites the errors and exploit opportunities of these components, but the architecture chosen by Google in combination with the policy management sandbox of teh rendering engine, sure beats any browser available now.

Policy management of Chrome is implemented through different mechanisms than Windows own. Policy management is the oldest and most reliable implementation of security. Every decent OS from the 1970's had it implemented (yes I refer to midrange and mainframe OS-ses).

Also Unix is a lot older than Windows WIn32 implementation, consequent implementations of Microsoft only improved. XP was originally designed to have the browser as a part of the OS. When MickeySoft was forced to offer it as an option, they did a hasty job for sake of commerce. Vista suffered over complexity and they forgot about the old rule that increasing lines of codes, even designed with clear interfaces, requires an exponential testing effort (well nearly N2/(N-1)). On top of that MickeySoft hastely implement their own equilavents of distributed/remote code execution (they even brought two standards one competing with the Java world and one with the IBM backed mainframe world). That is why MickeySoft got a bad name, but that has nothing to do with policy management.

Policy management is and will be the most transparent, easiest to manage and secure form of security. So Chrome is a good browser, with the best policy management security implementation available at the moment.

Cheers Kees

[IceCube1010]

Everytime I see thathagat's signature, I laugh my arse off!

Very good post by Kee's. The Chrome browser feels more secure and is very fast. My only issue with it is the issue with connecting to a citix based server. The java api's are not working with Chrome yet. All my Jadvantage connections work fine with Chrome.

Ice

[fax]

Chrome sandbox does not cover plug-in, pretty limited scope

[firzen771]

i still like to have some sort of early warning system like site ratings at least and such lıke NoScript etc. cuz although ALONE chrome might be good but nothing is perfect so without any failsafes for ur browser (like with FF add ons sometimes) then ur **** out of luck when something serious actually does hit through.

[m00nbl00d]

Quote:

Originally Posted by firzen771

i still like to have some sort of early warning system like site ratings at least and such lıke NoScript etc. cuz although ALONE chrome might be good but nothing is perfect so without any failsafes for ur browser (like with FF add ons sometimes) then ur **** out of luck when something serious actually does hit through.

Due to the lack of plug-in functionality, your best bet would AVG Linkscanner. It will protect you against exploits, no matter what browser you make use of.

Or, as someone else suggested, running Chrome (and any other browser, for that matter) sandboxed with Sandboxie.

[firzen771]

Quote:

Originally Posted by m00nbl00d

Due to the lack of plug-in functionality, your best bet would AVG Linkscanner. It will protect you against exploits, no matter what browser you make use of.

trust me ive used linkscanner for quite a while recently and wasnt impressed so id rather not have another program wasting resources...

[Kees1958]

Quote:

Originally Posted by firzen771

i still like to have some sort of early warning system like site ratings at least and such lıke NoScript etc. cuz although ALONE chrome might be good but nothing is perfect so without any failsafes for ur browser (like with FF add ons sometimes) then ur **** out of luck when something serious actually does hit through.

Chrome takes their time for plug-ins. I applaud that, becauae plug-ins are the weakspots of any browser (compliments to the guys of Opera which have until now a well designed browser with secure and sufficient add-on/plug-in support).

For phising and other (limited) sate site (was preparing saté on the BBQ :-) rating (sate site rating is always dated), you could try OpenDNS, also has the benefit that checks are performed on their servers in stead on your PC. I have OpenDns set up through our router. I thought you used that also?