Google Releases Chrome 6, Pays $4337 In Bounties - Slashdot

Slashdot

Google Releases Chrome 6, Pays $4337 In Bounties 177

Posted by timothy on Thursday September 02 2010, @11:26PM
from the working-in-the-background dept.

Trailrunner7 writes "Google has released a new version of its Chrome browser and has included more than a dozen security fixes in the update. The new version, 6.0.472.53, was released two years to the day after the company pushed out the first version of Chrome. Google Chrome 6 includes patches for 14 total security vulnerabilities, including six high-priority flaws, and the company paid out a total of $4,337 in bug bounties to researchers who reported the vulnerabilities. A number of the flaws that didn't qualify for bug bounties were discovered by members of Google's internal security team." (Read on for more, below.)

Also on the Chrome front, morsch writes "Chrome 7 for Linux is planned to tie in with the Gnome Keyring and the KDE Wallet to securely store saved browser passwords. Users of the stable version of Google's Webkit-based browser might be surprised to find out that, so far, passwords are stored on the hard disk as clear text. On Windows, Chrome has always used a platform-specific crypto API call for encrypted storage. The corresponding Linux function was never implemented — until now. Unstable versions of Chrome 7 still disable the feature by default; it can be enabled using a parameter."

This discussion has been archived. No new comments can be posted.

Google Releases Chrome 6, Pays $4337 In Bounties

Search 177 Comments Log In/Create an Account

Comments Filter:

$4337 in bounties? (Score:1, Interesting)

by Anonymous Coward writes: on Thursday September 02 2010, @11:40PM (#33461190)

$ 4337 in bounties? So thats one real hard bug $ l337 and $ 3000 worth of bugs that the skript-kiddies could have got.

Share
twitter facebook
Print Preview? (Score:1, Interesting)

by bunratty (545641) writes: on Thursday September 02 2010, @11:49PM (#33461230)

Does Chrome 6 have print preview? Can you open files with helper applications without having to delete them manually later? Do Flash videos play the audio correctly?

Share
twitter facebook
Version bloat (Score:3, Interesting)

by R.Mo_Robert (737913) writes: on Thursday September 02 2010, @11:59PM (#33461284)

Any reasion for the version-number bloat? I mean, I guess it looks a bit cooler next to IE 8, but I don't really think people are that naive.

Share
twitter facebook
What's the point of Encrypting if it's so easy... (Score:2, Interesting)

by MasterEvilAce (792905) writes: on Friday September 03 2010, @12:00AM (#33461288) Homepage

What's the point of the encrypting in Windows if you can easily go to Tools -> Personal Stuff -> Show Saved Passwords, and clicking Show Password? Chrome doesn't appear to have any password-required feature to get INTO those settings and/or launch the browser. Firefox, on the other hand uses a password that protects them either when you try to view the passwords through the dialog box, OR when the passwords have to get loaded in order to be used by a site. It boggles the mind even more when you consider Chrome lets you store and view your credit card information if you choose to save it (on by default I think)

Share
twitter facebook
Re:$4,337 from a multi-billion dollar company? (Score:1, Interesting)

by Kristopeit, M. D. (1892582) writes: on Friday September 03 2010, @12:10AM (#33461366)

yeah, and why aren't they charging us for chrome? stupid billionaires.

Parent Share
twitter facebook
Re:Print Preview? (Score:4, Interesting)

by Urza9814 (883915) writes: on Friday September 03 2010, @01:10AM (#33461624)

Uhh...my Chromium 5 for Linux has print preview and proper flash support. And the same file download behavior as browsers like Firefox - I open a file the browser doesn't handle, it downloads to the folder I've specified for downloads. How is that a problem? As I said, it's the same thing Mozilla does. I don't _want_ a browser to just start deleting my downloads on it's own. If I tell it 'yes, download this file', that file should stay where it is until I decide to delete it.

Parent Share
twitter facebook
Linux Logins (Score:5, Interesting)

by idcard_1 (953648) writes: on Friday September 03 2010, @01:28AM (#33461662)

FYI your linux logins on Ubuntu are stored in this file: /home/username/.config/google-chrome/Default/Login\ Data just do "strings Login\ Data" and you have those passwords. :(

Share
twitter facebook
Re:Crazy Article (Score:3, Interesting)

by n0-0p (325773) writes: on Friday September 03 2010, @01:55AM (#33461750)

FWIW, they thanked members of the Chrome team a few months ago when they announced sandboxing support in an upcoming version of Acrobat Reader.

Parent Share
twitter facebook
Implement your own secure storage strategy (Score:2, Interesting)

by nick1000 (914998) writes: on Friday September 03 2010, @02:17AM (#33461836)

As a Linux application developer who has used keyring/kwallet for saving secure passwords in the past. I'd recommend not to use them.
Various different distributions have different versions of the these utilities and their libraries. There are so many variations that it becomes hard to support all versions. Most desktop linux end users have never used them and when they see a warning window popping up (which these utilities tend to show). They cancel the window rather than going through the authentication process.
Just my 2 cents.

Share
twitter facebook

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

1051 commentsRand Paul Has a Quick Fix For TSA: Pull the Plug
911 commentsMandatory Brake-Override Proposed For All Cars
737 commentsGimp 2.8 Finally Released
707 commentsIcons That Don't Make Sense Anymore
700 commentsDiesel-Like Engine Could Boost Fuel Economy By 50%

Your step will soil many countries.