Google Chrome #1 in the world, #2 in US

[TenYardFight]

Strange. I wonder if my stats are so dramatically IE because of is visited by corporate users.

[300DDR]

That certainly sounds plausible. It's likely most of my traffic is "consumer" rather than "corporate."

[xF1x0r]

Quote:

Originally Posted by YeOldeStonecat

Chrome....comes with a sandbox feature. Check out what a sandbox is. While I won't claim it is impossible to get infected while using Chrome..it is far ahead of most other browsers when it comes to security. I have never had to clean malware off of a computer of a Chrome user. I have stumbled upon sites with my own computer that had a rogue jump up at me on my screen..and not gotten infected. Chrome kept it in the "padded room" of the sandbox.

At "pwn20wn" this year, Chrome was the vector for a full system compromise by a French Team (64bit Windows, not sure which version), through the sandbox. Chrome was also taken down twice at CanSecWest this year. I'm not sure about other browsers, I looked but didn't see any mention.

I've heard many rumblings regarding it's (Chrome's) insecurities, which admittedly are merely hearsay without sources.

I like FF because the code is "seasoned" - it's been around quite awhile, it's fully OSS, peer reviewed and it has a MASSIVE development base, of which has probably the best track record for fixing problems once notified.

Regardless of my preferences tho, I've found that it's usually very difficult to get a customer off a browser, they're used to what they use, and it seems most of the time, they only want to learn the minimum to keep using their computer. I offer advice, but usually just let them do what they gonna do and do my best to stomp out fires when needed..

Personally tho, I'll stick with FF & NoScript..

edit: I may not be entirely right on the FF auto-sandbox thing, looking into exactly what it does now, I heard wrong somewhere..

Yep, I was wrong - there is no "automatic sandbox" in FF. But both Avast 6 and Sandboxie come with an "Auto Sandbox FF" feature. My bad..

[YeOldeStonecat]

Quote:

Originally Posted by xF1x0r

At "pwn20wn" this year, Chrome was the vector for a full system compromise by a French Team (64bit Windows, not sure which version), through the sandbox. Chrome was also taken down twice at CanSecWest this year. I'm not sure about other browsers, I looked but didn't see any mention.

I do recall reading that.
The group that pulled off the attack was pissed because nobody could bust Chrome at that contest last year.
And they had to use 2x attacks to bust through it.

But here's something interesting....the 2 guys that headed up that French group which succeeded in busting Chrome....one of them quoted:
"Bekrar" ...also noted that Chrome is "one of the most secure browsers available."
Source
http://www.pcmag.com/article2/0,2817,2401305,00.asp

[xF1x0r]

Quote:

Originally Posted by YeOldeStonecat

"Bekrar" ...also noted that Chrome is "one of the most secure browsers available."
Source
http://www.pcmag.com/article2/0,2817,2401305,00.asp

And that may be true, atm, as far as code integrity; but true security goes beyond code integrity, and I personally consider google's tracking habits a blatant security violation in the "CIA" (Confidentiality, Integrity, Accessibility) model.

To each our own, but personally, lately, google creeps me out more and more.. (Why do they want my phone number SO badly??)

I'm just waiting for a google/FB merger - now THAT would be a valuable database..