Google Chrome made a huge splash in the past week, but will it really change the way you browse, and convince you to switch from your current browser? For those who want to play with it but don’t want Google to completely take over their lives, Chromium is the open source project behind Google Chrome. Linux and OS X users can also run Chrome using WINE, although success is not guaranteed. To make an educated choice, read Scott McCloud’s comic which explains the underpinnings. Make sure you’re aware of Chrome’s security vulnerabilities, and take advantage of Lifehacker’s guide to make your browsing experience as convenient and useful as possible. There are some great features, including the ability to log into multiple Google accounts using its much-lauded Incognito mode, which prevents Google Chrome from logging information on your browsing and downloading habits (websites you browse can still track your information). For convenience, you can also install Chrome on a USB drive, and take it anywhere with you. Explore the many Google Chrome blogs that have popped up to provide advice on hacking and tweaking the browser. Or you could just get all your information from 4chan.
The webcast for Google’s new Chrome browser starts at 11PDT. The browser is supposed to feature better memory management. Right now they’re opening with Led Zeppelin and Queen, so I guess it’s supposed to be rockin’ as well. Download it for Windows here. Chromium source available here.
IBM’s X-Force security team has released a mid-year report(PDF) stating that the number of zero-day exploits is growing at an alarming rate. For those of you unfamiliar with the term, a zero-day exploit is a program that is created and implemented within 24 hours of the disclosure of a security flaw. These exploits usually affect users before they even know the vulnerability exists and long before a patch is made available. The researchers also found that many of these exploits were targeted at browser plug-ins, which most users utilize on a daily basis.
[Kris Lamb], X-Force operations manager, is blaming the problem on a lack of a unified process for disclosing vulnerabilities. He also claims that the long-held practice of publishing example code of vulnerabilities should be frowned upon.
TippingPoint’s Zero Day Initiative reported a critical vulnerability affecting Firefox 3.0 yesterday. It includes the 2.0 versions as well. It’s unreleased and Mozilla is working on a fix already. Whatever the exploit is, it does require the user to visit a malicious site or click a link to executed. It came in 5 hours after the FF3 release, but since it affects previous versions, we wonder if the researcher was just sitting on it to be first. The Zero Day Initiative pays researchers for the exploits they submit.
In honor of Firefox 3.0 download day, Waxy.org has posted the full Code Rush documentary. It spans March ’98 to April ’99, as the Mozilla team publishes the first source code and then the eventual AOL acquisition of Netscape. Embedded above is a short clip of [Jamie Zawinski] pushing the code live at 10AM on March 31, 1998. The hour documentary is well worth watching.
If you’re unsure about moving from FF2 to 3, MultiFireFox still works perfectly fine with the new release.
Download Squad highlighted the xB Browser today. It’s a product offered by XeroBank and is the successor to the TorPark project. The browser anonymizes your browsing using the Tor network and doesn’t remember passwords, sites visited, or any other personal information. Scripts and plugins are disallowed by default, since they could be used to identify you. Remember that Tor just anonymizes; you’re still at the mercy of the exit nodes when it comes to security.
That’s just the free version though. Subscribers to XeroBank have access to an anonymous mail server and VPN service. If you’re a subscriber your bowser session is tunneled through XeroBank’s pool of servers and not the Tor network. We think they should have maintained a separate product name since this distinction isn’t clear outside of the FAQ.