Saturday, 6 September 2008

Google Chrome - Crash the browser :P


Okay so this is a quick post on how to crash google chrome (not that you would want to do it, but just for fun).
  • This one was discovered by Rishi Agarwal, one of my hostel-mates: type in 'About:%' in the address bar, without the quotes, and the browser with all its tabs crashes instantly (even before you press the enter key). I think chrome was all about sandboxing of tabs... but apparently theres still some work to be done.
    (Correction: I just realized here that just typing in ':%' is enough to crash the browser!)
  • For those interested in crashing Chrome through some under the cover techniques, check out this and this
    “An issue exists in how chrome behaves with undefined-handlers in chrome.dll version 0.2.149.27. A crash can result without user interaction. When a user is made to visit a malicious link, which has an undefined handler followed by a ’special’ character, the chrome crashes with a Google Chrome message window “Whoa! Google Chrome has crashed. Restart now?”. It crashes on “int 3″ at 0×01002FF3 as an exception/trap, followed by “POP EBP” instruction when pointed out by the EIP register at 0×01002FF4.”

  • A vulnerability that tricks you into execution of an executable / JAR file. More

    Just hours after the release of Google Chrome, researcher Aviv Raffdiscovered that he could combine two vulnerabilities — a flaw in Apple Safari (WebKit) and a Java bug discussed at this year’s Black Hat conference — to trick users into launching executables direct from the new browser.

    Raff has cooked up a harmless demo of the attack in action, showing how a Google Chrome users can be lured into downloading and launching a JAR (Java Archive) file that gets executed without warning.

    In the proof-of-concept, Raff’s code shows how a malicious hacker can use a clever social engineering lure — it requires two mouse clicks — to plant malware on Windows desktops.

    The Google Chrome user-agent shows that Chrome is actually WebKit 525.13 (Safari 3.1), which is an outdated/vulnerable version of that browser.

    Apple patched the carpet-bombing issue with Safari v3.1.2.

(Nothing more as of now. ill keep adding to this list as I find out more)

Wednesday, 3 September 2008

Google Chrome - First look

So after a long and anxious wait, its finally available to the public, and I've been using Google Chrome all morning.

It seems to be fast and quick and as expected, user friendly.

Quick takes:
  • Minimalistic look, with maximum space given to the web page / content. Even the status bar is overlayed on the page when necessary and dissapears when not.
  • Intuitive interface. Switching between tabs is fast (compared to both IE and mozilla). Each tab is sandboxed separately so a slowdown or crash in one of them doesnt crash the browser (havent tested this though).
  • icon on tab to the left of page title (before the favicon appears) is a rotating arc, showing a 'busy' state. Anti clockwise rotation until the site is determined, clockwise after download begins.
  • Handy address bar: intelligent autocomplete for urls. google search results also supplement the options for easy selection.
  • Frequently browsed pages appear as a matrix on newly opened tabs. Quickly resume where the last session left off.
  • Most other features work as in firefox, including shortcuts.

Cons:
  • It takes the connection settings from IE. So everytime you need to change a proxy, for instance, you will have to tweak your IE setting.
  • Closing the entire browser does not prompt you for confirmation. Neither does it save the tabs to be reloaded at next start.
  • No easy way to bookmark pages. Right-clicking on the tab or the page doesn't have a bookmark option. The only way, as I see it, is to go into bookmarks and add the link manually. 
  • Drag drop of tabs onto bookmark toolbar doesnt work.
  • the "forward" and "back" buttons dont have a drop down menu to jump into history more than a step. 
Issues
  • On my laptop, the touchpad scroll works fine when scrolling down, but scroll up doesnt happen. I check with firefox and it works fine there, but on chrome it just doesnt. Something that needs to be fixed.
Havent gone deeper than this so far. Next thing to do is probably test it out on wine for Linux. After that, probably check if the settings and preferences are exportable if I need to get back to firefox later.
So far it seems chrome will cut into firefox's user share pretty easily. I'm already a chrome-user :P. Find out more and more and more
Below: A video by google on the philosophy behind the need for chrome.



Tuesday, 2 September 2008

The Google Browser: Google Chrome - Download



A little more about how the browser is going to be..
Google Chrome will be a multi tabs browser, with each tab owning its own process running with limited rigths for improved security and crash prevention. Google Chrome browser will also include several innovative features like a JavaScript Virtual Machine, called V8, to speed up JavaScript performance in the browser, an address bar ’omnibox’ offering search suggestions ( top visited pages or popular pages ), a special 'incognito' tab with improved privacy protection.
The entire Google Chrome Browser Blog announcement
The Beta Download: Available September 2, 2008 (Today!)

Google (GOOG) said it would be launching Chrome in 100 countries, but it will only be in beta in Windows (Google said Mac and Linux versions were coming soon).

Download links (Ill update this with information as available):
  • The Home page (http://gears.google.com/chrome/?hl=en). Yes it used to work earlier, but a few days ago, google redirected it to its search page. Probably when Chrome is released, the link will work.
  • Updates on download links: http://digg.com/tech_news/Where_to_Download_Google_Chrome.

The Google Browser...

Google just officially confirmed that it is releasing a new open-source web browser,named Google Chrome.

So after all that we've heard about Internet Explorer being the evil spearhead and firefox being the savior of us all, there's a new entry - Google's browser! [read more]

An interesting introduction to it using a comic strip (by Scott McCloud, creator of the classicUnderstanding Comics.) : http://blogoscoped.com/google-chrome/

Google's products invariable get associated with descriptions like new, simple, powerful and innovative. Not surprising, considering what they have under their belly so far:
  • Gmail
  • Gtalk
  • Google maps
  • Google Groups
  • YouTube
  • Google Spreadsheet, Docs
And now, they are going to have their own browser as well. Its a cool idea, and any competition is always good for the user [:P]. But just how good is Google Chrome going to be is just something we can only guess right now. I guess, we can take firefox to be a benchmark on which to make judgments.

Going by that, there's already rumour on slashdot that Google Chrome is based on Webkit, the same basic engine as Mac OS X's Safari. And we all know how great that runs on anything thats not a mac. Not to mention the portability issues of web applications and sites that depend on flash and client side scripting based UIs. And the mobile platform is something entirely out of picture right now. Anyway, any new entrant does deserve some time to make its mark. I dont know about you, but i'll just wait and see...

As Sadagopan points out,
Google is using the internet to systematically devalue Microsoft’s assets, forcing a “Microsoft’s Black Monday” on the wall street in future. Google is leveraging the mantra that built Microsoft: who controls the UI controls the user; who controls the API controls the programmer.
While there may be scepticism about what could a new broswer do - except introduce more confusion, as I see it, if Google Chrome delivers on its promise of speed, stability, security and reliability, it will like gmail soon command the mind share of the web users. This in turn should make it possible to push common web standards!
And it might actually happen! We have seen how firefox has been forcing web standards through its respawn in recent years. There's no reason why google wont play a big part in the process, now that it has a browser in its name. MSNBC says:
Until now, Google had been trying to undermine Internet Explorer by supporting Firefox, a Web browser developed by the open-source Mozilla Foundation. Bolstered by an advertising partnership with Google's search engine, Firefox ranks as the second most popular browser, with a market share of more than 10 percent. Google recently extended its advertising alliance with Firefox through 2011.

Bearing the stamp of Google's renowned brand, Chrome could be an even more formidable rival to Explorer.


There's also rumour that Chrome has better support for cloud applications than Mozilla, and getting a browser out is just the first strategic step in entering this valuable technology that many believe will decide the next decade of computing technology.

Anyways, I'll just wait and see before making a judgement.