Google Chrome is out of beta stage but still has critical vulnerabilities related to password management in the browser
Though Google Chrome might be out of its beta stage, it still has a long and difficult journey ahead. As Guardian's Technology Blog reported, critical vulnerabilities were found in Google Chrome by Chapin Information Systems (CIS). Five popular browsers were tested. Chrome did not perform well in the tests.
As per CIS, Google Chrome has critical flaws related to its password management function. CIS had tested Opera 9.62, Firefox 3.0.4, Internet Explorer 7.0, Safari 3.2, and Chrome 1.0. Opera 9.62 and Firefox 3.0.4 faired well in the test by passing seven of the 21 tests, while Chrome 1.0 and Safari 3.2 managed to pass only two.
Chrome's password manager had revealed critical flaws in the tests. Hackers can easily obtain user passwords since the browser neither checks password request location nor password sent location. Also, form elements coded to be invisible can trigger password management. Users will have to rely on some other software, web service, or their memory to remember their passwords.
CIS says, "These three problems, combined with seventeen others so far identified in Chrome's password manager, form a toxic soup of potential vulnerabilities that can coalesce into broad insecurity."
Chrome has a lot to catch up on when it comes to community-based development; after all, browsers become better and faster after developers learn from the mistakes of others.