Is chromium safe?

[Compman55]

Quite a few folks on here commented on the shear speed of chromium. I tried it out and sure enough it is the fastest browser I have ever tried.

So if I enter passwords / cc numbers is it safe?

 

[Chiefcrowe]

Not sure, personally I am skeptical of all google related browsers.

 

[Nothinman]

Chromium is FOSS and has been available for ~4 years now, if it were stealing personal information that would've almost assuredly been caught by now. Chrome isn't open, but it's not in Google's best interests to steal data like that and they're scrutinized pretty hard by the security and development community.

 

[cl-scott]

Chromium is FOSS and has been available for ~4 years now, if it were stealing personal information that would've almost assuredly been caught by now. Chrome isn't open, but it's not in Google's best interests to steal data like that and they're scrutinized pretty hard by the security and development community.

Not necessarily. The oft overlooked aspect to open source software, is that someone has to actually be looking. Having the source out there is the ever important step 1, but unless someone actually goes through it all, you could have pretty much anything in there and no one would know.

I'm also reminded of the Obfusicated Code contests.

 

[Nothinman]

Not necessarily. The oft overlooked aspect to open source software, is that someone has to actually be looking. Having the source out there is the ever important step 1, but unless someone actually goes through it all, you could have pretty much anything in there and no one would know.

I'm also reminded of the Obfusicated Code contests.

It's true there's no guarantee that someone is auditing the code, but with closed software there is 0 chance someone is looking so I'll still take FOSS software over closed any day. The whole debate is stupid though, would you rather have some transparency or none?

 

[TheRyuu]

Quite a few folks on here commented on the shear speed of chromium. I tried it out and sure enough it is the fastest browser I have ever tried.

So if I enter passwords / cc numbers is it safe?

Typically the point of attack is not going to be the browser but the database where those numbers are stored on the site you're using.

Not necessarily. The oft overlooked aspect to open source software, is that someone has to actually be looking. Having the source out there is the ever important step 1, but unless someone actually goes through it all, you could have pretty much anything in there and no one would know.

I'm also reminded of the Obfusicated Code contests.

It's in Google's best interest to make it safe (as much as they can anyway, perfection is unachievable I suppose), remember they are a business.

 

[cl-scott]

It's true there's no guarantee that someone is auditing the code, but with closed software there is 0 chance someone is looking so I'll still take FOSS software over closed any day. The whole debate is stupid though, would you rather have some transparency or none?

I'm just playing devil's advocate here. I'm all for open source, but I'm also all for people having very realistic expectations about what they'll be getting. So that means pointing out that something being open source isn't a magic bullet solution to these sorts of things. Things can slip into open source programs the same as closed, but you are quite right that open source gives you at least the potential that someone might have nothing better to do than read through tens of thousands of lines of code. However, that's all it is, POTENTIAL. There's no guarantee that it will ever actually take place, or that anyone who does take up the task, will necessarily find everything that may be contained in the code base.

 

[mechBgon]

An article of possible interest: http://threatpost.com/en_us/blogs/which-browser-offers-most-secure-password-storage-082412

 

[nemesismk2]

Not sure, personally I am skeptical of all google related browsers.

my thoughts exactly

 

[Compman55]

My next question would be what version is everyone running and is it a stable build.

Mine is Version 23.0.1245.0 (153295)

 

[dinker99]

I don`t like Chrome but if I have to use it for something I use the SWIron version:

http://www.srware.net/en/software_srware_iron.php

 

[jkroeder]

Iron has been long debunked as an unnecessary fork since it does practically nothing. It's just a rebranded build of Chromium. It's also quite well known that Iron was released just to make money off of ad revenue by playing the paranoia card on people. Iron is a bit of a scam, quite frankly.


There are more reputable Chromium forks such as Comodo Dragon

 

[Magellan1]

I don't think it steals passwords and cc numbers...any popular program like chrome usually undergoes thorough inspection by security firms and amateur programmers alike (e.g.: analysis of it's connections to the internet and design..etc) this can be done without having the source code. sometimes these programs even get "reverse engineered", so if it is stealing passwords it will be all over the media by now.

It does however track your browsing history via the auto suggest feature (when you type a URL in the address bar) since anything you type in the address bar is sent to Google's search servers, good news is you can turn that feature off from chrome's options.