It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Google's 'unbreakable' Chrome browser falls prey to TWO hacks as search giant pays Russian hacker

page: 1
6

log in

join
share:

posted on Mar, 9 2012 @ 11:46 PM
link   
This is why I never jump into the latest new thing. I never upgraded on Yahoo, I just got different e-mail addresses, and why I won't download Chrome from Google While I'm no fan of Google and heir practices I know some people on here must be using the Chrome from Google. Call me stupid I don't like companies nor people who have to know everything about you. Now this has been hacked. You'd think Google would've been prepared for this to have happened. I'm sorry if any of you here have been affected by this. Hope you can remove the program.



Rob Waugh






TextGoogle's 'unbreakable' Chrome browser has fallen prey to computer hackers.
The browser - the world's second most-popular - was hacked in five minutes at a hacking conference in Vancouver by French security researchers. Another researcher then showed off a second hack that could take over a Windows machine using an infected website - and earned a $60,000 'bounty' from Google for the hack






Read more: www.dailymail.co.uk... te.html#ixzz1ogpvihz9




posted on Mar, 9 2012 @ 11:50 PM
link   
Google offered people money to crack their browser.

arstechnica.com...


Google's Chrome browser on Friday fell to a zero-day attack that pierced its vaunted security sandbox, the third such attack in as many days at a contest designed to test its resistance to real-world threats.

A teenage hacker who identified himself only as PinkiePie said he spent the past week and half working on the attack. It combined three previously unknown vulnerabilities to gain full system access to a Dell Inspiron laptop that ran a fully patched version of Chrome on top of the most up-to-date version of Windows 7. He spent the past three days holed up in hotel rooms and conference areas refining attack so it would break out of the sandbox, which was designed to prevent code-execution attacks like his, even when security bugs are identified.


Gotta love how those out of the loop post things spouting doom and gloom.

My wife wouldn't let me participate because she thinks it's a way for the government to collect names. She got me paranoid enough to not take a risk for $20,000...



posted on Mar, 10 2012 @ 12:03 AM
link   
It takes significantly longer than 5mins to find an expoilt, this group just rocked up to the contest, pulled a "here's one I prepared earlier" manoeuvre and walked out with some easy cash.

Googles approach is a good way to encourage people to report security holes... unfortunately the large cash prizes in infrequent contests mean most hacker groups will deliberately sit on their exploits. They'd be much better off offering smaller cash prizes on a weekly or monthly basis and not advertising who the winners were. Doing it this way would remove the "fame" incentive and the tendancy for these groups to keep their exploits quite until the next big contest.

The fact that Chrome automatically updates itself in the background is miles ahead of the approach that IE & Firefox take. With Chrome you have no choice, you must use the latest version. With IE & Firefox, users can and do just click "cancel" when prompted about installing an update (assuming they get prompts in the first place). This results in thousands of machines running out of date browsers with known security vulnerabilities.



posted on Mar, 10 2012 @ 12:07 AM
link   
HACK A GOOGLE?

aww they're just silly



now thats how you hack google.

they're grubs. I don't like chrome one bit, I mean back when they still had the google addon for mozilla, they didn't even have it for chrome. weak. they're no longer anything but a factory to get you, as a person, to be their revenue. And they make it so that you think you have no choice.

Yes you do.

Boycott anything google. Simple. no google touches my PC unless I directly allow it. Made damn sure of that. I will not be a revenue raising unpaid worker for them.



posted on Mar, 10 2012 @ 12:10 AM
link   
reply to post by LordGoofus
 


that, sir, is called My Choice. Not something dictated, but chosen.

But then chrome is a limited useless browser, with screen real estate as it's valued feature.

I like my addons. And I do not like to have them disabled when an update screws things up.

But then, for the mindless masses I guess that's the way it goes. I am not one of the grandads or grandmothers who need their hand held, I can fix my own computermagic.



posted on Mar, 10 2012 @ 12:30 AM
link   
i use chrome and dont mind it, i like how its set up and the ease of use. i havent really seen any down sides to it on my end. i dont really do much on line, i dont buy any thing online, i dont visit my banks website for any thing, i try not to put in any of my more personal datta on any place i go like ss# the like, and i dont go out and play in places i shouldnt. what i do use it for is downloading things from youtube, watching tvshows from a few websites like tv-links and tube pluss, researching random thing and of course checking out the ATS and the like.


if some one did hack chrome what would they be looking to do and how would that affect me?
so what can they really get from from the places i go to online?
is it really somethng to worry about if you are not doing any thing against the law?


now i know they just changed around there settings what did chrome change on them should i change them from the default setting and if i should any one know how?




also one more thing, if chrome is the devil what is a good fast easy to use browser i can look in to. one that wont bog down my computer with add on's and as fast as chrome?
edit on 10-3-2012 by NISMOALTI because: also one more thing...



posted on Mar, 10 2012 @ 06:42 AM
link   
reply to post by 1loserel2
 


In my opinion, everyone who has the skills and the time, and has a respect for decent levels of privacy, should have been attacking Chrome, and every google product from every angle in order to render it dead in revenge for thier un-provoked attacks on our freedom and privacy as internet users.

It says something about human apathy when the only hacker getting through thier security, is some Russian dude, that they paid to do the job as a security excersize. I very much doubt that this Russian is any kind of TechnoGod, that his methods could not be emulated or indeed surpassed by other, less corruptable persons with that skill set.

Im no hacker myself, hell I can barely program a VCR, but the fact is that if I was, I would be busy with the Google problem for sure.



posted on Mar, 10 2012 @ 07:35 AM
link   
I like Google Chrome I have privacy settings,but I think the net is not secure or private, no matter what your browser. I like it because, it has a built in translator, pdf file opener, and spell check for everything I type. I had IE and it was much more trouble than it was worth. Google is smooth and easy to use. I like that they hire people to hack them, it improves my security. I know I am in the minority here.



posted on Mar, 10 2012 @ 08:26 AM
link   
Google offered a paid reward to anyone who could demonstrably hack their browser (without first installing any exploits). So it's actually a good thing, when done in a controlled setting like this it makes Chrome that much more secure - unlike certain other browsers that live in denial about their vulnerability (like IE and iframe exploit). I disagree with the DailyMail's headline that Chrome "fell prey" to hackers, when it was Google that put up the bounty to hackers with its 'Pwnium' contest. They used this contest result to then patch the browser and make it more secure.

I try to get by with FF and Sandboxie, but I use Chrome if I have a suspect site I want to check out.



posted on Mar, 10 2012 @ 01:25 PM
link   
with suspected sites, or when I need total security, I run Opera sandboxed on a system that I run through Tor.



posted on Mar, 10 2012 @ 04:36 PM
link   
lol that didn't take long.

for them to seriously believe that no one could hack them is ludicrous and naive. if people can hack government encoded sites and databases i'm sure it probably wasn't even that complicated for them.

And for the record I like Safari the best. If not safari then firefox.
edit on 10-3-2012 by OGOldGreg because: (no reason given)



posted on Mar, 10 2012 @ 04:52 PM
link   

Originally posted by OGOldGreg
lol that didn't take long.

for them to seriously believe that no one could hack them is ludicrous and naive. if people can hack government encoded sites and databases i'm sure it probably wasn't even that complicated for them.

And for the record I like Safari the best. If not safari then firefox.
edit on 10-3-2012 by OGOldGreg because: (no reason given)


I think that it is a good thing, to throw open your product, and invite people to come and break it. All too often the software developers that work on a project (like Chrome, I.E, Firefox, and all other software), think it is totally proven and no weaknesses in it. But, they cannot think outside the box. It takes a total outsider, with a different agenda, to see weak points that the development team would never have seen. It is just human nature.

I can remember with dread, when I was a very junior developer, many years ago, seeing some persons walking up to the keyboard, and break my software within seconds, when I thought I tested it thoroughly. I have seen so many other software developers afterwards in the same situation, saying "But you were not supposed to do this, or that".

Just remember, it is humans, like you, like me that writes the software, and we all think inside our little boxes. You need to open it up for total outsiders to come and mess with your holy work, to bring out the faults in it.



posted on Mar, 10 2012 @ 05:06 PM
link   
With all this privacy thing in the news lately who in their right mind would use a google browser when we all know what will happen down the road here.......

Regards, Iwinder



posted on Mar, 11 2012 @ 06:50 PM
link   
Once they actually find something that will be "hackproof" it will be skynet and we'll all be #ed anyway



posted on Mar, 13 2012 @ 12:41 AM
link   
reply to post by 1loserel2
 


You really should understand a topic before posting about it. Google offers money to people who find explots, so that the users (us) are never effected. Just an FYI google products are typically extremely difficult to hack, apple Safari and IE traditionally are easy prey at hacking contests.

They paid the hackers through a public program they run, for helping them protect the customers, it wasn't some kind of shady pay off.



posted on Mar, 13 2012 @ 12:46 AM
link   
reply to post by OGOldGreg
 


The idea was not they were hackproof, the idea is they were hackable and wanted it patched so end users were not effected. You keep using your Safari.

Pwn2Own 2010 results.
Safari (apple) was the very first one hacked.
Google Chrome was the only one unable to be hacked.
downloadsquad.switched.com...

Pwn2Own 2011 results.
Pwned:
* Safari
* Internet Explorer
* iPhone 4
* BlackBerry Torch 9800
nakedsecurity.sophos.com...

Firefox, Chrome, Android and Windows Mobile 7 all remained unpwned.

Apple is not difficult to hack, they get hacked every single year.



new topics

top topics



 
6

log in

join