Google Chrome 5.0 vs Mozilla 3.x
in [Freeware]
|
Prev: alt.comp.freeware links at Mon Jun 7 21:20:01 2010
Next: alt.comp.freeware newsgroup statistics for 05/2010
From: Poutnik on 8 Jun 2010 19:08 In article <Xns9D91943B96EF0bearbottoms1gmaicom(a)news.albasani.net>, bearbottoms1(a)gmai.com says... > > > My recommendation is don't use it. I'd hate for you to have the best > up-to-date browser. :) I am not using it, and not saying to others not to use it. Just expressed opinion. > > BTW, a web-browser is likely the single most important software to have > the most up to date version. I agree, having my browser always updated. It would be shame if it is not, as far as my job is SW vulnerability monitoring for big global company. -- Poutnik The best depends on how the best is defined.
From: za kAT on 8 Jun 2010 19:51 On Wed, 9 Jun 2010 01:08:43 +0200, Poutnik wrote: > It would be shame if it is not, as far as > my job is SW vulnerability monitoring > for big global company. Heh! Pulling rank with Bottom will not work! He is a world fey mouse... extraordinaire researcher! -- zakAT(a)pooh.the.cat - Sergeant Tech-Com, DN38416. Assigned to protect you. You've been targeted for denigration!
From: VanguardLH on 8 Jun 2010 22:32 Spamblk wrote: > VanguardLH <V(a)nguard.LH> wrote in news:hujrt1$9bt$1(a)news.albasani.net: > >> As I recall, Google doesn't give users the ability to disable their >> automatic update of Chrome > > According to the Chrome promo video titled "Browsers, privacy and you" this > is stated: > >: Chrome helps protect you and your personal information from malicious >: websites through our safebrowsing technology. And to make sure that >: Chrome is up to date with the latest security updates, Chrome >: automatically checks for updates on a regular basis. > > Or put another way Chrome automatically phones home, with its unique ID, on > a regular basis. I don't remember for which version and thereafter, but it looks like Google removed the ClientID string to identify your particular install. I think that change was pretty recent.
From: VanguardLH on 8 Jun 2010 22:45 Mike Gasson wrote: > On 07/06/2010 23:30, VanguardLH wrote: >> Poutnik wrote: >> >>> mtg says... >>> >>>> Should I be concerned about using Chrome considering what Google are >>>> reputed to do with people's history and browsing data? >>> >>> Well, Chrome was installed on my Pc for a while only. after realizing >>> it had installed itself into my profile even without asking for >>> location and it had installed a service just for google updates. only >>> one thing left - to say "it was nice to meet you" >> >> Installing under your %userprofile% path is how Google gets around >> permissions in Windows. It allows non-admin accounts to install >> software. That's because you have write permissions in your profile >> path. They dump their files there to get around security in Windows. >> It is a known security hole. Some users will change permissions on >> their %userprofile% folder, including child objects (subfolders and >> files), to remove execute permissions because it was supposed to be >> storage for data, not executables. That means neither Google's Chrome >> or Earth will install or run there anymore. Because they won't install >> under the expected %progdir% path, and if not allowed to install or run >> under %userprofile%, they aren't usable. Their deliberate attempt to >> thwart Windows security is why I only trialed Chrome but wouldn't leave >> it on my host. >> >> As I recall, Google doesn't give users the ability to disable their >> automatic update of Chrome (unless you uninstall/remove some software). >> They auto-check every 4 hours (I hear there is an extension that can >> change the interval). They want to push their updates onto your host >> which changes its state and without your permission. It doesn't take >> long under Windows users realize they need to change the AU service to >> "notify only" for Windows updates rather than leave the default of >> "download and install". You don't get a choice with Chrome. They will >> push out a new version with permission onto your host despite you had a >> working setup and now you get their new-but-yet-to-be-discovered bugs. >> Not only does Chrome may an unprompted update check, they also allow >> auto-updates of extensions (i.e., of some non-Google software); see >> http://code.google.com/chrome/extensions/autoupdate.html. So not only >> is Google shoving updates onto your host for Chrome but it will also >> shove updates onto your host for 3rd party software. Oh joy. You can >> regulate when updates are allowed for Chrome using GPO but I don't know >> a lot of corporations that are even putting Chrome on their authorized >> software list or including it in their sysprep images. In the past, an >> update to fix a vulnerability left the vulnerable code on your host, so >> the update didn't remove the vulnerability. I don't know if you're >> still stuck with having to uninstall to do a fresh install to get >> cleaned code. >> >> Users reporting installation problems had to shut down their firewall >> (Windows or 3rd party). So they had to reduce security for a local >> installation. >> >> http://www.tomshardware.com/news/Google-Chrome-internet-explorer-ie8-Privacy,10050.html >> >> Regarding privacy, Chrome sends info on every keystroke in the Address >> bar back to Google. Nothing gets sent in IE8 until you hit the Enter >> key and then they only places that info goes is to your DNS server and >> the site to which you wanted to connect. However, IE8 also has its own >> Search bar and you'll notice it has immediate lookups as you type. You >> have to disable the Suggestions feature of the search providers >> installed in IE8. However, whether you get suggestions as you type or >> not, that info goes only to the search provider, and only to Google if >> that is your search provider. Then there was the privacy issue of >> assigning your Chrome install with a unique ID (ClientID) to track you; >> http://www.ghacks.net/2009/11/29/google-chrome-privacy-protector/ and >> http://www.downloadsquad.com/2010/03/12/google-to-strip-unique-client-id-from-future-google-chrome-insta/. >> There is an "Iron" version of Chrome that strips out some items that >> generate concerns about privacy >> (http://www.srware.net/en/software_srware_iron_chrome_vs_iron.php). >> Never used Iron so I don't know if they stay current with Chrome (and >> Chromium on which Chrome is based) to take advantage of the latest speed >> enhancements. >> >> Google doesn't care about your privacy, security, or stability. That's >> not their goal. > > WoW! > I think that is enough for me to remove it. Pity, as it is very fast on > my system, but kie you say, I want to retain -some- control. > Thanks for the detailed info. I did another 2-hour trial of Chrome (released and beta versions). You can only download the latest version of them (because you download their installer that grabs the files online). From the articles talking about where is the ClientID string, I didn't find it. I think it is a recent change that Google removed it. I don't remember finding an option to disable the immediate per-character search provider (Google) lookups. There really aren't many user-configurable options to look at. It takes an extension to get Chrome to open a tab in the foreground; otherwise, everytime you click on a link, it opens in the background. That's find if you're a nut going around clicking dozens of links and then go look at those web pages later. However, in the majority of my web browsing, I want to go look at that linked page NOW. It's ridiculous that you need to use an extension to change this tab behavior. It's an option in Opera (but well buried by having to look at the definition for the middle mouse button under Shortcuts). I went to the IE9 test drive site and ran several of Microsoft's tests (probably geared specifically to show off IE9) and used them with both Chrome 4/5 and Opera 10.53. They were close in several test but in some Opera was lightyears ahead. I hadn't really considered Opera as an alternative to IE7/8 until now. Seems it is as fast or faster than Chrome and more HTML5 compliant, has lots more features, more configurability, but lacks the huge library of extensions available to Firefox (but then if I'm looking for a substitue for IE8 where I use it as the secondary web browser then the primary web browser is something that I want mean and more lean - but Chrome is a bit too lean plus I don't like its installation or other behaviors). I'll be playing with Opera in a virtual machine for awhile to see if that'll be by alternate (or perhaps primary web browser). While I read that IE9 will be accelerated (still not quite as fast but definitely closes the gap), it has hadware-assisted acceleration using the GPU for graphics and streamed media that make it really fast. Alas, the minimum platform on which IE9 can be installed is Windows Vista but I'm not willing to yet leave Windows XP and why I'm looking at an alternate to IE8. For a lot of web browsing, I really don't see the differences noted by these benchmarks; however, there are some Javascript-heavy, AJAX, and Java applet'ed web sites where Chrome, Opera, and even FF make them a lot faster.
From: »Q« on 9 Jun 2010 00:07
In <news:Xns9D91943B96EF0bearbottoms1gmaicom(a)news.albasani.net>, Bear Bottoms <bearbottoms1(a)gmai.com> wrote: > Poutnik <me(a)privacy.net> wrote in > news:MPG.267877fb74c85655989680(a)news.felk.cvut.cz: > > > In article <6bds065eugt1ia2u1c2qrmkpb8kfpfmcqc(a)4ax.com>, > > Spam(a)uce.gov says... > > > >> >I think the one thing I object to the most in Chrome is that it > >> >checks for updates automatically whether or not you want it to. > >> > >> It has to do that in order to report the results of its spying > >> activity. > > > > Otherwise it would be enough to check update at startup > > and it would not need a service running. > > > > And, such update should be default, but configurable > > and optionally able to be switched off. > > > > Current policy reminds me MS, > > who "knows" the best what users want and need. > > My recommendation is don't use it. That's good advice, Bottoms. It would be somewhat more acceptable if it didn't send a unique identifier as it tracks your usage, but still pretty bad. |