On Thu, Jan 13, 2011 at 07:58:31PM -0500, Larry Seltzer wrote: > >>Chrome has it's own security problems. (a lot of them). While I agree > it's a freaking fast browser, I'm still on Safari. > > Chrome is sandboxed. Very, very few of the vulnerabilities in it are > exploitable in a meaningful way. In fact, the critical vulnerability they > reported yesterday > (http://blogs.pcmag.com/securitywatch/2011/01/new_chrome_version_includes_ > cr.php) is actually not exploitable because it's not in live code.
The sandbox is currently broken. I know people that can get out of it. For obvious reasons, I can't really disclose more than that. > > I'd send you the list of critical vulnerabilities in Safari, but I'm > afraid Verizon will start throttling my account for excessive bandwidth > usage. I understand that. They are essentially the same engine, if it affects Safari, it'll probably affect Chrome, but not necessarily vice versa. J _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
