Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

"Please note that enabling Chrome’s "Automatically send usage statistics and crash reports to Google" means that, in the event of a crash, parts of memory containing private key material might be sent to Google."

I hope that has more than a FAQ warning when they release it to the Chrome Store. Otherwise....:/

It isn't perfect but it is probably the best in-browser option given the constraints available.



Does this also mean parts of memory containing, say, passwords could be send to Google?


This "end to end" encryption happens in the browser. Google is the browser. Google dont need your keys, they have the plain text.


Also, other browser extensions may be able to access what is going on in the browser. So Google and (insert list of other parties.)


Other software on your computer might as well. Or people walking by in the hallway. So Google and (insert everyone in the world).


I think he was thinking the "Save Password" feature.


I'd hope not. My guess is the extensions data in memory are included with the crash reports and it doesn't distinguish between extensions.


Maybe encryption/decryption could be performed in a separate, isolated process, which stack would never be sent? It seems like Chrome multiprocess architecture could allow for this.


Under "JavaScript crypto has very real risk of side-channel attacks": End-To-End’s crypto operations are performed in a different process from the web apps it interacts with.


If process isolation is already done, disabling stack dumps for crypto processes seems like a logical next step that shouldn't be hard to accomplish.


It's probably relying on normal process isolation (and extensions run in a different process), but in order to disable stack dumps for it, you'd have to have some way of indicating "this process is special", which rules out treating it like any other extension.

Maybe there could be some new extension permission for "encryption extension" or something, but it's possible that could be abused...


There's already permissions that are only usable by Google's own extensions, so they could do something like that.


I'd agree that is better...but I am guessing that Google doesn't want to build this functionality directly into Chrome. Anyone who isn't Google wouldn't have the option for Chrome...Chromium isn't 'mainstream' :(

EDIT: Maybe the other guy is right and you didn't mean baking it into the browser. xD


That makes it largely unusable even to test for a few users, I guess.


If you are testing you are not mailing about nuclear secrets.


simple, just turn that feature off.


If you wanted this to be available for the general public then it could be slightly more troublesome.


Yes, but as long as it is clearly mentioned by the Install button in big, bold letters it isn't a problem.


sure, but you can always check the code locally after downloading the extension. Someone would eventually notice.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: