Google Chrome Falls Twice to Hack Challenges

Status
Not open for further replies.

freggo

Distinguished
Nov 22, 2008
778
0
18,930
I agree with alidan.
It's kinda like the NASA approach. If we fail, we fail very publicly; and then fix the problem.

The bad part is not having a bug or vulnerability in a piece of software (with the size and complexity of today's programs that's virtually unavoidable) but taking forever to admit it is there (as advised by In-House counsel my guess) and than taking even longer to fix it.

Take any version of Windows for example :)


 

rex86

Distinguished
Aug 23, 2011
28
0
18,580
It's OK for a software to be have some security weaknesses. It's NOT OK if those weaknesses are left unpatched.
 

drwho1

Distinguished
Jan 10, 2010
367
0
18,930
In my experience with this browser, it is very vulnerable to VIRUSES.
Most of them are TROJANS and most of that (at least on my experience) have been thru JAVA exploits.

When I re-installed Windows 7 64bit I simply avoided (a have not installed) anything that would "require" JAVA to run thus eliminating a lot of unnecessary risks.

Still, I got a virus after that and it was another Trojan (and I'm 100% certain) that it was thru this browser. The truth is that sadly there will always be some moron (very intelligent moron) that will be creating some new way to harm others. Staying away of known (even if look friendly) or especially if they look "too friendly" and "helpful" because most times than not, that's precisely how this threats are masked.
 

mikeynavy1976

Distinguished
Feb 14, 2007
90
0
18,590
This is already bad PR. The title of the story says it all. Instead of focusing on Google's immediate patching abilities, the media immediately calls them out. "Google Chrome Falls Twice to Hack Challenges" doesn't sound "positive". A lot of people know Google's strategy for offering money to challenging hackers to compromise their product so as to improve it. Many more will, without reading the article, hope or think that it is Google challenging that their product is invincible only to get nailed twice.
 

gm0n3y

Distinguished
Mar 13, 2006
1,548
0
19,730
[citation][nom]freggo[/nom]I agree with alidan. It's kinda like the NASA approach. If we fail, we fail very publicly; and then fix the problem.The bad part is not having a bug or vulnerability in a piece of software (with the size and complexity of today's programs that's virtually unavoidable) but taking forever to admit it is there (as advised by In-House counsel my guess) and than taking even longer to fix it.Take any version of Windows for example :)[/citation]
I agree. Having bugs is a natural part of software development. Recognizing them and fixing them is what's important.
 
G

Guest

Guest
[citation][nom]drwho1[/nom]In my experience with this browser, it is very vulnerable to VIRUSES.Most of them are TROJANS and most of that (at least on my experience) have been thru JAVA exploits.When I re-installed Windows 7 64bit I simply avoided (a have not installed) anything that would "require" JAVA to run thus eliminating a lot of unnecessary risks.Still, I got a virus after that and it was another Trojan (and I'm 100% certain) that it was thru this browser. The truth is that sadly there will always be some moron (very intelligent moron) that will be creating some new way to harm others. Staying away of known (even if look friendly) or especially if they look "too friendly" and "helpful" because most times than not, that's precisely how this threats are masked.[/citation]

You can't really blame chrome for someone using java exploits.
 

stingray71

Distinguished
Oct 28, 2010
51
0
18,580
You'd expect that sorta of title from an Apple bias site. In reality, I applaud what Google is doing. Glad I made the switch to Chrome few months ago.
 

cookoy

Distinguished
Aug 3, 2009
623
0
18,930
let's just hope that the next time these security firms or experts find some exploits in chrome, they would not keep it to themselves and just wait for the next google challenge before revealing their discovery to get rewarded
 

Vladislaus

Distinguished
Jul 29, 2010
582
0
18,930
[citation][nom]jacekring[/nom]Google doesn't code Java you know....and you can disable Java completely in the browser in the settings. Got to Options -> Under The Hood -> Privacy -> Content Settings -> Java and select do not allow any site to run Java Script.But frankly, you are getting those Trojans because you visit to many free porn sites....(j/k)[/citation]
Java and Javascript are two completely distinct languages. Also both are executed in different manners. JavaScript is executed by the browser, Java is executed in the browser usually by a plugin.
 

RogueKitsune

Distinguished
Jul 29, 2009
27
0
18,580
I like what how fast Google pushes bug fixes out to stable chrome, but i still prefer my nightly builds of 64-bit Firefox (I even got Netflix to work in it somehow ^_^)
 
G

Guest

Guest
Just pick a browser. Your not going to find one that is perfect.
 
Status
Not open for further replies.