Security flaws for Chrome; needs more polish
Yesterday’s release of the long-rumored Google browser, dubbed Chrome, signaled a heavyweight entry into the burgeoning field of cloud computing. Based on the WebKit HTML rendering platform which has well-served Apple’s Safari browser, the browser also features the “V8″ JavaScript rendering engine said to improve execution speed in excess of fifty-fold. Google appears to be positioning the sites-as-apps model leveraged by the browser to heighten the profile of their growing web application suite. Yet, in spite of Google’s multi-year dedication to the project, exploits have been appearing within the last twenty-four hours.
In a technique called “Carpet Bombing,” a spin on the age-old technique social engineering offers the user an opportunity to reap rewards they would probably appreciate. In the (safe) proof-of-concept, a user’s confidence is gained by the promise of free coffee coupons and is offered a download to obtain them. Unfortunately, the file in question is a JAR file which can be executed by any machine running Sun’s Java VM. Any unwitting user attracted by the offer need only attempt to open the file, thereby executing the malicious code contained in the JAR.
The exploit is made possible because Chrome runs on an outdated version of the aforementioned WebKit rendering engine. Chrome’s useragent — what the browser reports to a website upon access — reports WebKit version 525.13, or Safari version 3.1. Apple patched this exploit in late June with the release of Safari 3.1.2.
Other exploits of a more innocuous nature are also appearing. The EvilFingers security blog demonstrates that the browser can be easily crashed. By rigging a site to refer to a non-existent handler, succeeded by a “special” character, Chrome is made to crash without fail. A handler is a method of interpreting the protocol, such as HTTP:// or FTP://, cited at the beginning of an address.
While the flaws remain superficial, they’re undeniably careless. As the browser continues to go through the ever-important vetting process, more exploits are bound to surface.
