Information Finders stands by their original claim and point out that where there is indeed an encrypted database that Chrome stores passwords, the rest of the data is collected regardless of what the user selected. In their original finding they noted that there three additional databases that are completely unencrypted and that store user information. This information can be accessed locally, remotely and through the use of malware. These databases are present in Windows 7 and Windows 8 according to their findings.
Until now many of the exploits and hacks that have been run against Google Chrome have been an effort to force a break out of their sandbox and to take control of the browser. The focus has changed recently simply because of the greater focus on privacy and how the software that we use collected information about us. We imagine that if Edward Snowden had not released the information about Prism and the other programs run by the NSA and how some companies are complicit in their surveillance there might never have been a renewed focus on what is being collected about us.
This last fact is probably the reason that Google has released a statement on the flaw so quickly and is denying that it exists at all. This move will probably hurt them more than help especially now with everyone concerned about their privacy and the collection of their personal information. Google’s knee jerk reaction was also a little premature considering the fact that Information Finders states that it is very possible that other browsers also have the same behavior. We hope that Google just fixes the flaw and stops trying to ignore it.
Tell us what you think in our Forum