Leo: So an operating system is kind of at the mercy of the application that's
running. If an application has memory leaks, or it doesn't release memory properly,
then it can't help the fragmentation.
Steve: Correct. And in fact there is this notion in modern high-level languages like
Leo: Garbage collection, yeah.
Steve: ...there is something, I was just going to say, the garbage collector. Again,
Google designed it so that they have a more - they're able to have a more aggressive
theirs is able to track the usage of pointers which point to these temporary objects with a
is security. By running pages in their own process, you get the benefit that the OS
already brings to interprocess isolation. Now, that's sort of an oxymoron, as we know,
because interprocess isolation could be and should be arguably much better under
Windows than it currently is. There is not sufficient interprocess isolation.
And Google makes a point of talking about how add-ons to Chrome can weaken the
interprocess or, in this case, the intertab isolation and also the isolation of the tab with
the OS. Google is deliberately working to sandbox the operation of the pages running in
the browser. They have a model where you're either user or sandbox. We could think of
it a little bit like NAT routers. We know how, for example, the big, bad Internet is outside
of our NAT router, and we don't allow unsolicited traffic into our protected local network.
Well, similarly, the model that Google has adopted is sort of like a NAT wrapped around
individual browser pages where the page is unable to make an unsolicited access, an
unsolicited request outside of itself. It's only the privileged OS on the outside, the user
space, that is able to communicate inward. And the app is only able to respond to
external requests. It's not able to initiate any communication itself. So that's, to the
degree that that succeeds, that's a nice model.
My problem with the browser is that it is, well, to say it is feature-lean is an
understatement. And this is where I wonder who they're trying to sell this to. I don't
mean "sell" literally, because it's free. But we know that Firefox users love the features of
Firefox which IE lacks, and IE is slow in adopting these things. Like, oh, gee, tabs, for
example. But also simple security features. For example, okay, get this. Chrome, like all
contemporary browsers, offers to save your passwords. And you can turn that off, but it's
on by default. The problem is, it will also show your passwords. But there is no provision
for a password to protect the passwords. Meaning that anyone can sit down at your
Chrome browser, I mean, other than you - your kids, a coworker, anyone - and look at
all of your passwords, and which displays all of your usernames and passwords in the
clear, and write them down. There is no provision for protecting that. Plus, for example,
in Firefox you're able to create - and Opera - to create a master password which will
protect access to those.
Leo: You know, it's funny, I noticed that. My, what do you call it, the Gibson alarm
Steve: A Gibsonian response.
Leo: Yeah. I noticed that it was saving my passwords, but it didn't ask me for a
password to protect it. And I was wondering how they store it. So they store it in the
Steve: Well, it's you click a button to say "Show Passwords." And...
Leo: I guess it would have to. If you don't give a password, how else are they going
to do it, yeah.
Steve: Yeah. Well, so, okay. So there's that. And absolutely no scripting management of
any kind. You can't turn it off. I mean, even IE lets you turn it off. Even, I mean, and
Firefox, and Opera, I mean, everybody...
the ways I use it, I don't use it as a day-to-day browser. What I've done is that I've
taken, like, Gmail and made that be a separate application running in Chrome on my
desktop. And again, that's not safe if it's saving the Gmail password. But at least, I
mean, you know, that's kind of how I'm using it. I'm not using it to browse
randomly. And I suspect that's the intent; right?
Steve: So I recognize that they wrote Chrome to have an application for running
running Firefox. And as I said, even IE you're able to do, like, per-site handling in IE and
in Firefox and in Opera. There is zero per-site features in Chrome. There is nowhere in
there can you say I want to whitelist a site or blacklist a site. There is no provision for
that kind of granularity. And the cookie handling could not be weaker in terms of privacy.
Now, we know that, you know, they bought DoubleClick, the king of third-party cookies.
So that's a bit of a concern. You've got three settings for cookies, which is wide open or
completely closed, which we know is just impractical, you just can't do anything with the
'Net that way. But no whitelisting. You can't say "closed except for these sites." I mean,
again, even IE, the least privacy-concerned browser, supports that.
Leo: How is its third-party cookie handling?
Steve: Well, it's bad. That's the third setting is restrict - quote, "Restrict how third-party
cookies can be used." Well, no one's really even sure what that means...
Leo: Right, right.
Steve: ...in the first place. But we do know that, unfortunately, and maybe this is a
consequence of their WebKit heritage, they are equally bad as Safari in that they block,
when you turn on "Restricting third-party cookies," it blocks them coming in, but not
going out. Which means that you have this problem with what's called "cross-context
leakage," meaning that if you were to go to PayPal and click on a link at PayPal, since
PayPal loops you through DoubleClick, your browser visits DoubleClick, it's there in a
first-party context because it actually pulled up a DoubleClick page through a redirect.
That allows DoubleClick to put a cookie on your browser in a first-party context. Then it
bounces you back to PayPal. Now, wherever else you go, not PayPal but anywhere that is
serving DoubleClick ads, because a DoubleClick cookie snuck into your browser, slipping
through in a first-party context, even though you said I want to block third-party cookies,
it's sending them out.
Leo: Now, a couple of people in the chatroom saying, well, Steve, you're being
unfair because this is version 1.0, don't compare this to Firefox.
Steve: And I said you only get one chance to make a first impression.
Leo: Well, and I'd also point out it's version 1.0, but you are competing against
version 3.0 of Firefox and version 8 of Internet Explorer.
Steve: I see. And Google knows nothing about browsers. Google has never seen a
browser before. They don't know how they work. They've never seen Firefox or Opera or
IE or Safari. These are newbies over there at Google who really don't understand the way
the web works.
Leo: Obviously not. So you're right, they should have known better, yes.
Steve: It's nuts. I mean, it is nuts, Leo. And if nothing else, look at the adoption rate.
Almost, well, 1.57, 1.6 percent people used it. And I and a lot of other people said, okay,
well, no thank you. I'm not using something that is by default storing the passwords I
use for logging on and giving me no ability to protect that storage from somebody who
might have access to my browser at any time in the future. I mean, that's crazy. It's just
Also no provision in cookie handling for distinguishing between session and permanent
cookies. Even IE, again, you're able to say, look, I don't mind session cookies, that is,
cookies that are persistent only while I'm using the browser, as long as you throw them
all away at the end. Other browsers provide that. No provision for handling sites
individually. I mean, I truly - I don't get what they're thinking, who they're aiming this at
because IE users, who we might say, okay, are just not going to move away, and they're
not clued in to security and privacy, so they just stay with IE, well, they're not apt to use
some other browser. They're not going to move from IE. People who do, do for a reason,
because they want these additional features. And Chrome doesn't have any of them. I
mean, any of them. It just boggles my mind. Oh, yeah, I just - and no scripting
management, weak cookie handling, I don't know, I'm just...
Leo: Well, I mean, obviously...
Steve: Oh oh, oh, oh, and they call that thing at the top the "Omnibox"?
Steve: I call it "Omnispy."
Leo: Why is that?
Steve: It is a real-time keystroke logger.
Leo: So here's the deal on that, just to explain. As you type in a URL or a search
term, it will supply - it goes out to, by the way, not necessarily to Google, whoever
your search engine of choice is, and gets - kind of prefills it with suggestions. Firefox
has been doing this for a while. You consider that keystroke logging.
Steve: Well, I was curious how it worked. So I turned on a packet capture. I fired up
Wireshark, turned it on, and then, as I typed keys into the Omnispy box at the top of
Chrome, as I began to, it initiated a connection to Google, and every single key I typed
in, it sent that keystroke back to Google. And it's like, again...
Leo: Well, that's how it works, right, it's telling - it's sending the keys - Firefox does
the same thing. It sends the keystroke to Google. Google then provides completion
in real time from that keystroke, or those series of keystrokes.
Leo: I mean, it's not like you're entering a password there.
Steve: Well, I just wanted people to be aware...
Leo: And, by the way, you can turn that off. [Indiscernible] you can turn that off.
Steve: You can turn it off, but it's on by default. And maybe it's convenient. Many people
have said they're a little unnerved by having a single box instead of a URL and a search
area separately. I sort of like the idea from a conserving space. And it's like, okay, I'm
not too worried. But again, people need to understand that what they type in there, even
when they're typing in a URL, certainly it's the case that when you go to Google and you
enter a search phrase into Google's page, obviously they know what you've entered. This
moves that boundary all the way up to your keyboard, when you're typing even a URL
you know. So if you type in a URL you know, that you would like not to be watched
typing - now, you do have the advantage, however, of using the Incognito window, which
is a nice feature of Chrome, where that feature is not available, and what you do in that
window stays in that window. No cookies are written permanently, no caching is made
permanently. So it's a simple way of doing something, you know, the example they give,
Google gives, is buying a secret present for someone, and so your spouse won't look at
Documents you may be interested
Documents you may be interested