Google's new browser Chrome contains a number of key security features Google hopes will put it on par with Apple's Safari, Mozilla Firefox and Microsoft Internet Explorer. Chrome follows in the footsteps of other browsers, especially with its blacklisting of known rogue sites and its inclusion of Incognito mode. But are the anti-phishing and secure browsing features enough to win users over from rival browsers?
Google has outfitted its Chrome
browser with a number of security features designed to help Chrome make a
splash in a market still dominated by Microsoft Internet Explorer.
But whether or not the features are enough to differentiate Google's browser
remains to be seen.
For the most part, Google Chrome follows the footsteps of other browsers,
especially with its blacklisting of known rogue sites and its inclusion
of an "Incognito" mode. Like Internet
Explorer 8's InPrivate Browsing, Incognito mode allows users to hide their
Web surfing histories, and no cookies are stored beyond the lifetime of a
Also in the area of security, Google decided to sandbox the rendering
"What this means is that for an attacker exploiting your computer to
get bad code on to your computer, what he has to do is he's not only got to
exploit the rendering engine but he also [has] got to find some way to get out
of the sandbox," explained Ben Goodger, a software engineer for Google.
"The sandbox prevents the rendering engine from being able to read or
write to your file system, mess around with your registry or even mess around
with your desktop. So that's an extra layer of security."
Running each tab in Chrome in a sandbox allows a Web application to be
launched in its own browser window without the ability to write or read files
from sensitive areas. Plug-ins are run in separate processes that communicate
with the renderer.
Still, with security becoming something of battleground for browsers of late
with the beta version of Internet Explorer 8 and the new versions of Mozilla's
Firefox and Opera 9.5, Google's moves may not separate it enough from the
pack to win users over.
On the plus side, Google Software Engineer Darin Fisher said, the open-source
code ensures that security researchers and others will have plenty of
opportunities to bang on the product and make their feelings known.
"All this code is currently open source,"
Fisher said. "Basically it makes it so that security researchers have a
very acceptable product to work on, and they will come out of the woodwork to
share their findings."