Google Chrome out for one day, already reasons to avoid

As we reported yesterday, Google has released the first beta of their new web browser, Google Chrome. Within a day of its release, there are already a couple of points that users should be cautioned of before using this new browser.

The first, is the popular "carpet bomb" vulnerability that still exists within Chrome, as pointed out on our forums by our member matessim. This vulnerability allows malicious websites to drive by download and execute programs on your machine. Our visitors may remember the uproar that this same vulnerability caused for Safari users, and that Apple patched the carpet-bombing issue with Safari v3.1.2. Chrome is vulnerable to this exploit because it is based on the same engine, WebKit 525.13, and Google did not patch or update the engine before releasing the software.

The other, and less technical, problem with Chrome exists in its EULA. More specifically, the point that would seem to give Google rights to anything you post on the Internet while using their browser, mostly in conjunction with the promotion of its services.

Update: Google has rectified the EULA issue.


"By submitting, posting or displaying the content you give Google a perpetual, irrevocable, worldwide, royalty-free, and non-exclusive license to reproduce, adapt, modify, translate, publish, publicly perform, publicly display and distribute any content which you submit, post or display on or through, the services. This license is for the sole purpose of enabling Google to display, distribute and promote the services and may be revoked for certain services as defined in the additional terms of those services." Not exactly something you're used to seeing in a web browser's license agreement.

There is also the point that Google reserves the right to automatically update and install Chrome. Interesting, "the software which you use may automatically download and install updates from time to time from Google. These updates are designed to improve, enhance and further develop the services and may take the form of bug fixes, enhanced functions, new software modules and completely new versions. You agree to receive such updates (and permit Google to deliver these to you) as part of your use of the services." ... so says the EULA.

Now we're all used to seeing automatic update functions built into software. It seems that almost anything you install these days has one. However, very few demand that I install their updates. What if I don't want to because the new version includes a bug or breaks something else on my computer? Although, one would hope that they'd use this automatic update feature to fix the flaw pointed out above.

View: Google Chrome EULA

Previous Story
eMusic rattles ISPs over legal downloads
Next Story
Demigod Hands-on Preview and Fresh Screenshots