Do not use Google Chrome

By White Cuban
in Web Browser Discussion & Support

 Share

Recommended Posts

Proficient

darkmanx21

Posted
Posted

Did we already not know this? I mean it's beta, it's going to have gaping flaws everywhere. It's still a little stupid to release something with such a huge hole though. More like irresponsible considering this is Google, right? Because when they mess up, it's cool. When others mess up it's a media frenzy.

I don't think this is going to be easy for Google by any means. Other browsers are better Maxthon, IE, Firefox, Opera..why the huge fuss over this? Those browsers do everything and more so why would I take a step back? My two cents. It will probably take years before it makes it out of Beta. :D

Veteran

White Cuban

Posted
  • Author
Posted
Did we already not know this? I mean it's beta, it's going to have gaping flaws everywhere. It's still a little stupid to release something with such a huge hole though. More like irresponsible considering this is Google, right? Because when they mess up, it's cool. When others mess up it's a media frenzy.

I don't think this is going to be easy for Google by any means. Other browsers are better Maxthon, IE, Firefox, Opera..why the huge fuss over this? Those browsers do everything and more so why would I take a step back? My two cents. It will probably take years before it makes it out of Beta. :D

i dont recall any of the browser having such bugs that it seems like they were done in purpose, cmon now, how dumb do you have to be to make the things that it does happen. my guess is dumb as google (which is pretty high up the scale.)

Collaborator

Hello1024

Posted
Posted

This isn't exactly a huge problem, and in fact I'd prefer if google DIDN'T fix it.

The "problem" is that google auto-downloads any file type, rather than popping up copious security warnings like IE does. It's not a serious security problem because it still requires one mouse click to actually run that exe file.

Remember that a malicious file on your PC does no harm as long as it isn't executed, and in this case it requires an explicit mouse click on the chrome gui to make it run, which is just the way it should be.

Grand Master

kjordan2001

Posted
Posted
i like chrome personally,.. but just type :% in the address bar and your entire browser will crash

but i still like chrome

Confirmed on that, wonder what about that makes it crash.

I'm also going into withdrawal anytime I use Chrome for some mouse gestures. I think browsers should have those built in now because they're so handy.

Enthusiast

draakhs

Posted
Posted

So let me get this right. Everyone is going crazy because the browser expects people to have common sense and click for themselves if they want to execute an exe or not? omg please someone call the webpolice.

And the thing that they are allowed to post anything you surf to on the internet is probably so they are able to debug things if they happen. Not to mention google likes playing with ads so could be related to that. I doubt they are going to post your 50 porn sites you surf to a day on the front page of google.

Grand Master

Rob Veteran

Posted
  • Veteran
Posted
This isn't exactly a huge problem, and in fact I'd prefer if google DIDN'T fix it.

The "problem" is that google auto-downloads any file type, rather than popping up copious security warnings like IE does. It's not a serious security problem because it still requires one mouse click to actually run that exe file.

Remember that a malicious file on your PC does no harm as long as it isn't executed, and in this case it requires an explicit mouse click on the chrome gui to make it run, which is just the way it should be.

So let me get this right. Everyone is going crazy because the browser expects people to have common sense and click for themselves if they want to execute an exe or not? omg please someone call the webpolice.

You're missing the point entirely. Browsers should run in a sandboxed environment owing to the nature of the web; allowing files of any kind to be saved to the user's machine without their consent (outside of the designated areas for cookies etc.) is a security flaw and I fail to see how you can think otherwise.

Enthusiast

draakhs

Posted
Posted
You're missing the point entirely. Browsers should run in a sandboxed environment owing to the nature of the web; allowing files of any kind to be saved to the user's machine without their consent (outside of the designated areas for cookies etc.) is a security flaw and I fail to see how you can think otherwise.

Hmm I was replying to the fact Chrome does not refuse exe files but opens a dialog box to check if you want to execute it. To me there is nothing wrong with that.

Which of all these is it? Because I like info on the internet... everyone goes crazy and starts throwing stuff everywhere. Someone in this topic says they execute it without warning, another says they open a dialog box another says they download it without warning without executing it...

Also it's a beta, there have been much bigger flaws in live versions from for example IE.

Grand Master

Rob Veteran

Posted
  • Veteran
Posted
Hmm I was replying to the fact Chrome does not refuse exe files but opens a dialog box to check if you want to execute it. To me there is nothing wrong with that.

Which of all these is it? Because I like info on the internet... everyone goes crazy and starts throwing stuff everywhere. Someone in this topic says they execute it without warning, another says they open a dialog box another says they download it without warning without executing it...

Also it's a beta, there have been much bigger flaws in live versions from for example IE.

Ah, we're talking about different things:

The issue is that with iframes the file can be downloaded onto the desktop of the user. Without any prompts whatsoever. Yes, it won't be opened, but the mere fact that anything is automatically downloaded, particularly an executable file, is a security risk. It's not that I, or the original poster, is suggesting EXE files should be blocked: it's that without any user interaction whatsoever I could construct a page that downloaded twenty EXE files onto the user's desktop, just by visiting. That's poor.

Veteran

ninjamunky

Posted
Posted
its funny how people react to some lame sentence in terms of service.

I'll say... it's as if all these people think they're going to publish some world-changing thesis paper and Google's going to steal it cause they used Chrome.

I think it's funny how paranoid and ignorant everyone is.

Mentor

Dave Diller

Posted
Posted
I'll say... it's as if all these people think they're going to publish some world-changing thesis paper and Google's going to steal it cause they used Chrome.

I think it's funny how paranoid and ignorant everyone is.

IMO it's more than that. If they can apparently have control of what you post when using Chrome...how can they tell that you're using Chrome? Do the log keystrokes or something?

Mentor

wellofsouls

Posted
Posted
Its using the old version of webkit... there is a newer version that this bug is fixed on.

Its the carpet bomb bug people were going crazy about before.

first this has nothing to do with WebKit the rendering engine. WebKit does not handle file downloads. It's the UI shell that decides what to do with a file that the rendering engine don't understand (ie. not web pages).

Second, back when Safari the browser had the carpet bombing exploit, there was no option to stop that. All downloads are automatically with no option to change that. For Chrome just go to Options -> Minor Tweaks -> check "Ask where to save each file before downloading", and you'll be prompted every time a download start.

damn, I was about to test incognito on porn sites

I'll hold off for a while, until they fix it.

well, you can "fix" it yourself, by enabled an option in the Options menu.

It doesn't say the exe is being executed, it is just being downloaded so some user interaction is still required. Don't get me wrong though, I understand how serious of an issue it is.

well combined with an exploit in Windows (which I'm not sure if it's still there) or Java, the downloaded file can be automatically executed.

You'd think Google would've fixed the EXE flaw before releasing this, it's a damn big security hole.

well, I guess Google expected that anyone who wanted to fix it can fix it themselves, by ticking a checkbox in the Options menu. :laugh:

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Save 31% on Samsung T7 Portable SSD

      By TheGodOfKratos · Posted

      Still 3x what it should cost. So, it seems the trick is to increase price by 6x so that a reduction in price back to 4x looks like a steal. "You savvy shoppers win again!" I'm glad I'm not in a desperate spot to actually even need this overpriced crap. Hopefully, it comes back down by the time for when (or if) I ever do.
    • Does your iPad support the latest iPadOS version? Here's the iPadOS 27 compatibility list

      By Noveed · Posted

      No M1? Wow!
    • Microsoft AI boss no longer believes that AI will replace human workers

      By Noveed · Posted

      Although AI is great and has it's use cases they likely have massively overhyped it and it has not delivered as per their expectations. I fully expect them to start saying the same things again when it does get to a certain level of intelligence!
    • Microsoft wants to end printer driver headaches with Windows Ready Print

      By Usama Jawad96 · Posted

      Microsoft wants to end printer driver headaches with Windows Ready Print by Usama Jawad A few days ago, Microsoft released Windows 11 Experimental build 26300.8553, bringing a ton of enhancements such as Start menu customization, search improvements, Taskbar polish, and other minor UI tweaks. Another relatively major enhancement snuck deep within the change log was related to upgrades to the Windows printing experience. Now, Microsoft has shared more details about these benefits. For starters, Microsoft has renamed its Modern Print Platform to Windows Ready Print. The company believes that this name highlights its shift in strategy, which now focuses on modernizing, securing, and streamlining the printing experience for Windows devices. Some of the upgrades present in Windows Ready Print have already been seeded to customers and partners. This includes ending support for third-party printer drivers via Windows Update and transitioning towards the Internet Printing Protocol (IPP) and the native Windows IPP printer driver. In line with these changes, new printer installations will default to Windows Ready Print on eligible devices starting from July 2026. However, Microsoft recognizes that not all environments will be able to migrate to this platform immediately, so it will allow users to choose between installing the printer via Windows Ready Print or the traditional OEM process. Users will be able to toggle this configuration through Settings > Bluetooth & Devices > Printers & Scanners > Printer preferences. This control applies only to new printer installations, and its functionality can also be modified via Group Policy as follows: Launch Group Policy Editor Navigate to Local Computer Policy -> Administrative Templates -> Printers Find and select 'Configure Windows Ready Print driver ranking' -> double click to open it Select 'Enabled' (if you wish to enable Windows Ready Print driver selection) or 'Disabled' (if you wish to explicitly disable Windows Ready Print driver selection). Select Apply Select OK Similarly, if you set up Windows protected print mode through the same setting in Windows 11, it will also default to using Windows Ready Print exclusively. Microsoft hopes that these improvements will help eradicate dependency on OEM-specific driver installation processes and simplify printer installations. We'll likely find out more about other tangible benefits in the coming months.
    • Proton releases Proton Drive CLI for Windows, Mac, and Linux

      By IATW · Posted

      Hey what's about the proton vpn firefox extension ? It's not working today

  • Recent Achievements

    • One Year In
      Primer1st earned a badge
      One Year In
    • Experienced
      JayZJay went up a rank
      Experienced
    • Reacting Well
      Sir_Timbit earned a badge
      Reacting Well
    • Week One Done
      rubentuben8 earned a badge
      Week One Done
    • Week One Done
      ARaclen earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      513
    2. 2
      PsYcHoKiLLa
      230
    3. 3
      Edouard
      138
    4. 4
      ATLien_0
      87
    5. 5
      Steven P.
      81
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!