Search found 43 matches
- Thu Dec 01, 2011 8:41 pm
- Forum: Security
- Topic: Google Chrome vs. FX+NS; integral sandboxing vs. 3rd-party
- Replies: 37
- Views: 60329
Re: Google Chrome vs. FX+NS; integral sandboxing vs. 3rd-par
Agreed. It's not the CA system, it's that *Comodo itself* was breached by a hacker in a foreign country who was able to log in as a privileged Comodo exec with the authority to issue certs. That's not confidence-inspiring, especially for a company in the business of firewalls and overall security. ...
- Thu Dec 01, 2011 4:53 am
- Forum: Security
- Topic: Google Chrome vs. FX+NS; integral sandboxing vs. 3rd-party
- Replies: 37
- Views: 60329
Re: Google Chrome vs. FX+NS; integral sandboxing vs. 3rd-par
Comodo was breached by a hacker who issued fradulent SSL certs in Comodo's name. So they should clean up their own house first. They did fix this one quickly, but It makes one less willing to trust them completely, or at least, it's a credibility hit. Did everyone forget this? VeriSign and Comodo a...
- Thu Dec 01, 2011 12:48 am
- Forum: Security
- Topic: Google Chrome vs. FX+NS; integral sandboxing vs. 3rd-party
- Replies: 37
- Views: 60329
Re: Google Chrome vs. FX+NS; integral sandboxing vs. 3rd-par
Yes and No. I agree with you that in whole its not that different. However, it does have features by default that frankly baffles me that Chrome doesn't. To see what I mean, install them side by side and compare the config page. A couple that stand out the most are as follows but certainly not comp...
- Wed Nov 30, 2011 6:13 pm
- Forum: Security
- Topic: Google Chrome vs. FX+NS; integral sandboxing vs. 3rd-party
- Replies: 37
- Views: 60329
Re: Google Chrome vs. FX+NS; integral sandboxing vs. 3rd-par
Just to note the Dragon browser adds very little in terms of security - purely SSL, which is of course Comodo's strongpoint as the #2 cert provider. And then it does some other things by default that are easily configurable in Chrome/ium (block 3rd party cookies.) @Tom Without that, you can't save b...
- Sat Nov 26, 2011 4:05 am
- Forum: Security
- Topic: Google Chrome vs. FX+NS; integral sandboxing vs. 3rd-party
- Replies: 37
- Views: 60329
Re: Google Chrome vs. FX+NS; integral sandboxing vs. 3rd-par
The program is a black box: nobody knows in detail how its supervisor mechanisms work or can easily do a code review. Chrome uses OP-style sandboxing at the browser level, is bug-hunted relentlessly, and was analyzed w/ source by several experts on bug-hunting and sandboxing. It's received *much* m...
- Thu Nov 24, 2011 4:16 pm
- Forum: Security
- Topic: Google Chrome vs. FX+NS; integral sandboxing vs. 3rd-party
- Replies: 37
- Views: 60329
Re: Google Chrome vs. FX+NS; integral sandboxing vs. 3rd-par
Thanks for the new topic. I think the last topic had clearly answered the question asked. I'll get to this later but for now I need to read through the links provided. So far they're fun. EDIT: @NickP I get some of the issues you mentioned about Chrome but many of those issues apply directly to Fire...
- Wed Nov 23, 2011 7:42 am
- Forum: Security
- Topic: Google Chrome vs. FX+NS; integral sandboxing vs. 3rd-party
- Replies: 37
- Views: 60329
Re: Chrome, NoScript, and WebRequest API
Always happy for another opinion. If your friend would like to throw his opinion out there I'd absolutely love to hear it.
As always, thanks for your time.
As always, thanks for your time.
- Tue Nov 22, 2011 5:27 am
- Forum: Security
- Topic: Google Chrome vs. FX+NS; integral sandboxing vs. 3rd-party
- Replies: 37
- Views: 60329
Re: Chrome, NoScript, and WebRequest API
In other words, they did it until they got caught. So does any thief. Had CNET not cited that, woud that TOS still be with us today? Any reason why it wouldn't? It was removed retroactively. I seriously doubt they'd try to slip something into the TOS, which is going to get reviewed to hell and back...
- Mon Nov 21, 2011 6:17 am
- Forum: Security
- Topic: Google Chrome vs. FX+NS; integral sandboxing vs. 3rd-party
- Replies: 37
- Views: 60329
Re: Chrome, NoScript, and WebRequest API
Interesting info, thanks. I suspect that they realize that if there were no ad-blocking capability at all, most users would choose another browser. They still get a good deal of marketable user data from Google searches, and my tinfoil-hat side tends to, uh, "doubt" their statements that ...
- Mon Nov 21, 2011 5:23 am
- Forum: Security
- Topic: Google Chrome vs. FX+NS; integral sandboxing vs. 3rd-party
- Replies: 37
- Views: 60329
Re: Chrome, NoScript, and WebRequest API
Well that is one heck of a post I'll certainly be getting to that... probably tonight, maybe tomorrow.
- Sun Nov 20, 2011 10:10 pm
- Forum: Security
- Topic: Google Chrome vs. FX+NS; integral sandboxing vs. 3rd-party
- Replies: 37
- Views: 60329
Re: Chrome, NoScript, and WebRequest API
No I meant an in-the-wild exploit. I know there have been vulnerabilities shown and proven.
- Sun Nov 20, 2011 7:53 pm
- Forum: Security
- Topic: Google Chrome vs. FX+NS; integral sandboxing vs. 3rd-party
- Replies: 37
- Views: 60329
Google Chrome vs. FX+NS; integral sandboxing vs. 3rd-party
(This lengthy, but very interesting, discussion was split from NoScript > General, "Chrome, NoScript, and WebRequest API" , as the specific questions in the OP there had been answered. The responses in this post are to the divergent issues that came up in the resolving reply to the other t...
- Wed Oct 19, 2011 9:46 pm
- Forum: NoScript General
- Topic: [RESOLVED] Chrome, NoScript, and WebRequest API
- Replies: 2
- Views: 9839
[RESOLVED] Chrome, NoScript, and WebRequest API
Having a discussion over on wilderssecurity forum and we were wondering if there's anything holding back a NoScript/NoScriptLike extension from working properly in Chrome considering the new WebRequest API. One user was suggesting that if it were possible you would be already on it - implementing No...