Google Chrome criticised over lack of security

News by Dan Raywood

Users should wait to use Google Chrome after its vulnerabilities were exposed.

Users should wait to use Google Chrome after its vulnerabilities were exposed.


Randy Abrams, director of Technical Education at ESET, claimed that as vulnerable code was used users should only use Chrome when they are not viewing sensitive pages.


He claimed that the oversight by Google is indicative of either a lack of attention to security in development, or a mandate to put something out there by a certain date without regard for quality from a security standpoint.


He said: “Google's inattentiveness to security was one of the feature presentations at the Blackhat conference this year. Anyone who has followed Google with respect to security would not trust that Chrome will be safe to use for quite some time.


“Google is at about the same place Microsoft was a decade ago. They have some bright security people, but marketing is trampling over security right, left and centre. Like Microsoft, security inside of Google is only likely to have an appropriate voice when their lack of security starts to affect the bottom line."


Abrams was also critical of the sandboxing feature as he claimed that each tab mitigates some of the security risk but does not protect a user who visits a malicious site and then conducts personal or financial transactions in the same tab.


He said: “If you throw bullies and weaklings into the same sandbox, the bully still kicks the crap out of the weakling. In every day terms if one tab is compromised and the same tab is used to visit your bank, your money is not safe.”

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews