Slashdot Mirror

← Back to Stories (view on slashdot.org)

German Government Endorses Chrome As Most Secure Browser

Posted by Soulskill on from the taking-the-browser-war-across-the-pond dept.

New submitter beta2 writes "Several articles are noting that the German IT security agency BSI is endorsing Google Chrome browser: 'BSI ticked off Chrome's anti-exploit sandbox technology, which isolates the browser from the operating system and the rest of the computer; its silent update mechanism and Chrome's habit of bundling Adobe Flash, as its reasons for the recommendation. ... BSI also recommended Adobe Reader X — the version of the popular PDF reader that, like Chrome, relies on a sandbox to protect users from exploits — and urged citizens to use Windows' Auto Update feature to keep their PCs abreast of all OS security fixes. To update applications, BSI gave a nod to Secunia's Personal Software Inspector, a free utility that scan a computer for outdated software and point users to appropriate downloads.'"

6 of 174 comments (clear)

  1. Re:Yes, because... by Justin_Schuh · · Score: 4, Insightful

    You may personally have the expertise to make good security decisions about your browser. However, all empirical evidence shows that the vast majority of users are not capable of that, and are much better served by a browser that manages updates for them.

    That said, you can disable automatic updates and perform them manually if you choose. However, I also consider myself capable of making those security decisions, and I still prefer the silent update dramatically over manually updating.

  2. Re:Yes, because... by heypete · · Score: 5, Insightful

    Perhaps not, but the vast majority of users don't care. Many users are not unlike my mother, who constantly clicks "Later" or "Not Now" whenever programs ask to install updates. For this reason, her computer is routinely several months behind the current updates.

    Having Chrome auto-update silently and without needing admin rights (as it by default installs itself only for the user that opened the installer, not system-wide) is enormously convienient (and the right choice) for most people.

  3. Re:Endorsed as Most Secure? Must have a back door by gparent · · Score: 2, Insightful

    It's open source, where the fuck are they going to put the backdoor? If you're really paranoid, compile it yourself after reading the source code over.

  4. Re:Maybe... by Anonymous Coward · · Score: 3, Insightful

    How exactly is the GP's comment "FUD" when you yourself admit that Chrome does indeed communicate some information to Google?

  5. Re:'and add their own in-browser render engine' by circletimessquare · · Score: 4, Insightful

    you're wrong

    BSI is 100% right for citing Chrome bundling flash as a reason for recommendation

    when adobe pushes a security update, chrome automatically pushes a browser update. and if the user leaves the browser running for days, chrome starts politely reminding them they have to close and reopen the browser. this is as good as you can do to make sure flash is as up-to-date as possible

    it is not the most ideal model of security, period. it is simply best-of-the-pack security model. and so it deserves a recommendation for that practice from BSI

    --
    intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
  6. Re:Maybe... by geminidomino · · Score: 3, Insightful

    How exactly is the GP's comment "FUD" when you yourself admit that Chrome does indeed communicate some information to Google?

    In a default, opt-out fashion, no less.