Technology, Top News

Google Chrome is 10 – gets a new UI and an old vulnerabiliy

It’s not Cupcake – that was Android. It’s CHROME!

IT SEEMS like just yesterday that we all thought that Netscape and Internet Explorer 5 were our only options for browsing the web.

Indeed in some public libraries, that’s still the case.

But we digest – Google Chrome is 10! Huzzah! And it’s celebrating with a new look, and erm… a pretty bad vulnerability.

Let’s start with the good. The Material redesign of Chrome that has been tipped for what seems like forever, and indeed was available with some under the hood tinkering, is now the standard and will be all up in your shiz when you next update Chrome.

It’s just different enough to notice, but a long way from a revolution – and that’s how it should be. It’s not exactly a nice surprise if you weren’t expecting it and suddenly have to relearn how to use it.

Lots of rounded corners (mmmm) and the omnibar can now give you answers to some things (like definitions and translations) without even going to the page. There’s also a better password manager.

But muting the celebrations is news from cybersecurity firm SureCloud which has discovered an issue that affects all Chromium-based browsers – that means not just Chrome but Opera too – which could mean your saved passwords can be laid bare through your router.

Because the saved passwords are served up over an unencrypted Cleartext HTTP connection, a vulnerable wifi network will make it easy for someone with a mind to, to sniff out those credentials and nick them.

The Chromium Project got notice of this in March but said that it was by design and that there were no plans to change it.

It’s sad that Surecloud has rather cynically chosen to release this on Chrome’s 10th anniversary, but release it, it has and the current advice is pretty much as you’d expect – don’t store open wifi hotspots. Don’t log in to your router unless you have to, and never, but never, save your credentials for a webpage that doesn’t use HTTPS – this is one of the reasons Google has been pushing for encryption so hard.

But back to the update – if you really want to push things along, go to the Chrome menu and click ‘About Chrome’. Once its downloaded, it’ll ask you to restart your browser, and BOSH. μ

Source : Inquirer

Previous ArticleNext Article
Founder and Editor-in-Chief of 'Professional Hackers India'. Technology Evangelist, Security Analyst, Cyber Security Expert, PHP Developer and Part time hacker.

Send this to a friend