Security and Administrative Problems with Google Chrome

My Review of Google Chrome

As implied in my previous post, I was going to try Chrome when it was released. Well I just did.

Impressions

  1. As a browser, it’s okay. I didn’t try many sites, but those I did rendered okay. I didn’t try to log into my account at Gmail or other AJAX intensive sites, but I guess Gmail should work fine, since it comes from the same company. But its JavaScript execution is supposed to be faster than the other browsers.

  2. There’s nothing ground-breaking about Chrome. Its features have been in Opera for a long time, so I guess I don’t have much to say about it. It doesn’t seem as configurable as Opera. Its options dialog box are sort of limited. And some options are scattered all over the place. For example, the only way you can configure the search engine list is to right click the address bar. You can’t find it in the Options dialog. Not very organized.

  3. I couldn’t test out the search box addition thing, mentioned in the Chrome tips for webmasters, on my blog, because (*sob*) I don’t have a search box on my blog. Now that I know about that, I’ll add the search widget to my blog when I have more time although I don’t even know if Chrome is going to be popular enough to warrant the effort.

Problems

  1. What I find interesting is that Gmail installs into “c:\Documents and Settings\YOUR-USERNAME\Local Settings\Application Data”. Yeah. The program, data, and everything. Look into “Program Files” and you’ll see nothing. Weirdest place for the installation of a program I ever saw. I’m sure Windows administrators will have something to grumble about. Imagine a shared office machine with 100 users. You’ll have to install 100 copies of Chrome just for each of them to use. Not to mention that installing in that directory circumvents the “Deny write” policies that administrators have for the “Program Files” directory, to protect the machine and users from themselves.

  2. Others have been saying that Chrome lends itself to the same carpet bombing security hole that plagues Safari. I’ve not tested it myself, but the basic idea is that websites can code their websites so as to make Chrome download any executable they want onto your system. Since the default download directory is the desktop, if they name an executable “My Computer” with the explorer icon, unsuspecting users may double-click it and install the virus on their system.

  3. Do you know that the installer sets up a Windows schedule so that Google Updater runs every 10 minutes? It runs whether or not Chrome is running. Every 10 minutes! Don’t believe me? Check your Windows scheduler.

  4. When I got tired of playing, I tried uninstalling it. Well, guess what. The Google Updater cannot be uninstalled. Or maybe it just got overlooked by the uninstaller. So even when Chrome is gone, the Updater still runs every 10 minutes.

Verdict

Chrome is good if all you’ve ever experienced is Internet Explorer and the default Firefox install. It probably won’t convert anyone using a Firefox with lots of extensions installed, or anyone using Opera. Those people are probably hard-core browser users with lots of customizations and depend heavily on the features of those browsers.

Chrome also has its flaws, but I guess Google is still new to the desktop application business, so I suppose the kinks will be worked out eventually.

Filed in Browsers, Software, Opinion.

Advertisements

One Response to Security and Administrative Problems with Google Chrome

  1. […] example, after posting my review of Chrome, I’m curious to know what percentage of visitors of my blog use Chrome. Ars Technica wrote […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: