Google Chrome: Security Issues were Considered from the Start

Google Chrome: Security Issues were Considered from the Start
Page content

Separate processes for separate tabs

Chrome’s best security feature is one that the user does not see. It’s the way each tab, or displayed web page – and all the associated trappings within that web page – are run as a separate process in Windows. (Linux and Mac versions have also been promised.) This means that animated graphics, JavaScript programs, embedded music players, and other things that are not expressly HTML (hyper-text markup language- which directs the most basic rendering and drawing instructions for a web page) are run in separate sessions. These sessions have strictly limited capabilities. So if the user goes to a “black hat” website that tries to run a malicious script, the script may be prevented from doing its evil task. At worse, a problem that completely crashes the tab won’t take out the other tabs.

A process in Chrome runs with far more restricted “rights” than other web browsers. Processes can “compute” (or run), but they’re restricted from reading the contents of your desktop or looking in your private folders. This prevents some malware from being installed to your PC without your knowledge. It also prevents malware running in one tab from finding out what you’re doing in another tab.

A common type of problem that happens in tabbed browsers arises when a poorly written JavaScript application in a web page fails to complete. A conventional browser has no other choice than to wait for the operation to complete. In Firefox, for example, one can encounter a “bad script” that brings the browser to its knees. (Vista grays out Firefox and says it’s “not responding.”)

Chrome, on the other hand, may not be immune to the bad script, but the JavaScript running in another tab is in a separate session. It will continue even if the previous tab is slow, “hung up,” or crashed.

Another interesting effect happens when the user closes a tab in Chrome. The “old” rendering engine, the associated structures (data constructs in memory), and any scripts or other applications running from the page are “thrown away.” In other words, all the memory space used for that tab is released.

This can be compared with the allocate memory - recover memory model of other browsers. Have you ever used your browser with multiple tabs open all day long and found that it became slower and slower or unstable as time went along? This is due to tiny problems with the allocation and recovery of memory from opening and closing tabs and visiting different websites. Thus, the common wisdom is to try closing some tabs, and, if that doesn’t work, close and restart the browser. Running what’s in the tabs as separate processes may avoid this problem and make Chrome the most stable web browser yet created.

Interestingly, installing Chrome in Vista does not require elevated privileges. Instead of installing in “Program Files,” it installs under Users/user/AppData/Local/Google/Chrome. Although this allows it to be installed without administrative privileges, it means that it also has to be installed for each user of the machine. The more common practice is to install applications to Program Files and then put user-specific files under the User directory. I don’t think this is either good or bad, but is nice to see an installer play well with Vista’s User Access Control (UAC).

Task Manager shows activity per tab

Google Chrome provides a “task manager” that allows you to see what going on with each page. It’s selected under the “page” icon, then Developers, then Task Manager. It shows the name of the page in the tab, the memory used, and CPU activity for each page. Click the “Stats for nerds” link at bottom left for even more information about resource usage.

Incognito

The “Incognito” mode in Chrome allows the user to surf without leaving “tracks” on the PC. When active, it does not keep a history of websites visited and erases any cookies collected when the session ends. This is at best a minor feature for most of us, because we actually don’t often need to track ourselves. (At work, it may be handy sometimes to hide what we’re really doing, but if management is determined to track your online habits, they won’t let a web browser stop them.) Besides, the tracking we really need to worry about happens at our local ISP, our office network, and, yes, at Google. Similar functionality is available for Firefox and has been announced for Internet Explorer 8.

Google’s suggestion is that you might want to use Incognito to keep a surprise gift secret. Right! (Microsoft’s similar “InPrivate” mode for IE has been called “porno mode” by some Internet pundits.)

Website blacklists

Chrome automatically downloads lists of black hat websites to avoid. These may be misleading, phony, or phishing sites, or distributors of malware. This appears to be done in the background, and in keeping with Google’s stated design goal of keeping the user away from the whirling gears, does not require any action or confirmation from the user.

Automated site testing

Since Google is in the business of ranking web pages, they can prioritize their testing to make sure that Chrome won’t swoon and die on the sites users are most likely to visit.

Clear browsing data

“Clear browsing data” is a selection under the main Settings menu accessed from the “wrench” icon at the top right in Chrome. It offers to “obliterate” your choice of browsing history or download history, empty the browser cache, delete cookies, and clear any saved passwords. You have the choice of doing this for the last day, last week, last month, or the whole shebang.

This reminds me of the old IBM OS/2 advertisement that had a young man with green hair telling potential buyers, “It obliterates your software!” That’s not saying much about IBM’s marketing prowess, but it came long before “You’re getting a Dell, dude!")

New JavaScript engine

Chrome includes the “V8” JavaScript engine from Google’s Danish team. Besides providing a pretty phenomenal performance improvement in interpreting and running scripts, the new engine is designed to work within the separate process model for each tab. (Since it’s also open-source, other web browsers can adopt it.)

Vulnerabilities

Please remember that the current version of Google Chrome is the first public beta. As exciting as this introduction and getting to know the software has been, vulnerabilities are either present or yet to be discovered. Within hours of the introduction, Aviv Raff discovered an issue in the browser of a type which was demonstrated at this year’s BlackHat Conference. It’s known as a “blended carpet bomb."

I won’t go into details about it, but accessing it would require a very specific type of dastardly website and triggering it would take specific steps by the user that knowledgeable Bright Hub readers would not do. (This particular vulnerability was also part of Apple’s Safari in a previous version. We can assume that Google will soon fix it.)

Conclusion

Security in Google Chrome was not an afterthought; it was a consideration from the ground up. Certainly running each tab as a separate process should keep one badly written script in one tab from hanging up the program, crashing the browser, or taking down the other tabs. Limiting the capabilities of scripts within a process provides security by preventing unauthorized access to files on the PC. Automatic black lists will warn the user when approaching known malicious websites. And when there is a mysterious problem, Task Manager will show you which tab contains the problem.

At this point, I can only say “Kudos to Google” for Chrome’s first beta version. Since it’s capable of doing automatic program updates the same way it does automatic black list downloading, I expect to see it improve as I use it. Google has raised the bar for Firefox, Internet Explorer, and Safari.

Google, thank you also for making it open-source.

Additional Articles on Google Chrome

Additional articles discussing Google Chrome and how it rates against other Windows Browsers

Additional articles discussing features of Google Chrome and how to use them