Security firm claims to have hacked Chrome's sandbox

It didn't manage to do it during the most recent Pwn2Own challenge, but VUPEN Security is now claiming that it has finally managed to hack Google's Chrome browser and crack its so-called "sandbox." According to the firm, the exploit relies on some newly discovered zero day vulnerabilities, works on all Windows operating systems (and only Windows, apparently), and could give malicious websites the ability to download code from a remote source and execute it on a user's computer -- the video after the break shows an example, in which the Windows Calculator application is downloaded and run automatically. For its part, Google says it has been unable to confirm the hack since VUPEN hasn't shared any details with it -- something the firm apparently doesn't plan to do, as it says it only shares its vulnerability research with its "government customers for defensive and offensive security."

VUPEN Security

Comments

Scientist cooks up adjustable strength metals

As you may know, crafting a katana is a delicate process that involves carefully constructing a razor-sharp high-carbon edge around a soft shock-absorbent core. One day though, smiths and forging fires could be replaced by electrode-wielding mad-scientists, with the technology to selectively harden and soften metal at will. At least that's what we envisioned when we read about Jörg Weißmüller's breakthrough research in the field of nanomaterials. The German scientist discovered that by placing precious metals in acid he could create tiny ducts through corrosion. Once those channels are flooded with a conductive liquid, electrical currents can be used to harden the material and, if you change your mind about the brittle results, the effect can easily be reversed to make it soft again. The tech could eventually lead to self-healing vehicle armor or scratch-resistant cellphones -- but, really, we just want to zap our way to a high-quality samurai sword. Physorg

Compal's 'Ultra Mobile' Ultrabook eyes-on

Intel's already teased Compal's "Ultra Mobile" Ultrabook from afar, but when this Ivy Bridge laptop popped up on the show floor after the Computex keynote, we decided to give it a closer look. While this prototype isn't quite in the same league as ASUS' gorgeous UX21, do bear in mind that we're still looking at a relatively slim package for a 14- to 15-inch Core i7 rig. Also visible around the machine are a couple of USB 3.0 ports, an HDMI-out port, a LAN socket, and an SD card reader. Until we hear more about this Ultra Mobile, enjoy our eyes-on photos below. Compal's 'Ultra Mobile' Ultrabook eyes-on omment

Google announces new ways to discover apps on Android Market, more tools for developers

Android Market may have a lot going for it, but most would surely agree that it could use some improvement when it comes to discovering apps that you aren't specifically looking for. Thankfully, it seems Google has indeed been aware of those concerns, and it's now announced five new features that should go so some way towards improving things. Those include some newly revamped top app charts that promise to be "fresher" and country specific, a brand new Editors' Choice section that highlights apps chosen by Google, a new Top Developers feature that places a special icon next to the name of developers that make the grade (currently more than 150), improved related apps on individual app pages and, last but not least, a new trending apps section that shows the apps growing fastest in terms of daily installs. What's more, while all of those features are currently exclusive to the web-based version, Google says they're also "coming soon" to the Andr...

NYC

Search This Blog