Security firm claims to have hacked Chrome's sandbox

It didn't manage to do it during the most recent Pwn2Own challenge, but VUPEN Security is now claiming that it has finally managed to hack Google's Chrome browser and crack its so-called "sandbox." According to the firm, the exploit relies on some newly discovered zero day vulnerabilities, works on all Windows operating systems (and only Windows, apparently), and could give malicious websites the ability to download code from a remote source and execute it on a user's computer -- the video after the break shows an example, in which the Windows Calculator application is downloaded and run automatically. For its part, Google says it has been unable to confirm the hack since VUPEN hasn't shared any details with it -- something the firm apparently doesn't plan to do, as it says it only shares its vulnerability research with its "government customers for defensive and offensive security."

VUPEN Security

Comments

Scientist cooks up adjustable strength metals

As you may know, crafting a katana is a delicate process that involves carefully constructing a razor-sharp high-carbon edge around a soft shock-absorbent core. One day though, smiths and forging fires could be replaced by electrode-wielding mad-scientists, with the technology to selectively harden and soften metal at will. At least that's what we envisioned when we read about Jörg Weißmüller's breakthrough research in the field of nanomaterials. The German scientist discovered that by placing precious metals in acid he could create tiny ducts through corrosion. Once those channels are flooded with a conductive liquid, electrical currents can be used to harden the material and, if you change your mind about the brittle results, the effect can easily be reversed to make it soft again. The tech could eventually lead to self-healing vehicle armor or scratch-resistant cellphones -- but, really, we just want to zap our way to a high-quality samurai sword. Physorg

Google announces new ways to discover apps on Android Market, more tools for developers

Android Market may have a lot going for it, but most would surely agree that it could use some improvement when it comes to discovering apps that you aren't specifically looking for. Thankfully, it seems Google has indeed been aware of those concerns, and it's now announced five new features that should go so some way towards improving things. Those include some newly revamped top app charts that promise to be "fresher" and country specific, a brand new Editors' Choice section that highlights apps chosen by Google, a new Top Developers feature that places a special icon next to the name of developers that make the grade (currently more than 150), improved related apps on individual app pages and, last but not least, a new trending apps section that shows the apps growing fastest in terms of daily installs. What's more, while all of those features are currently exclusive to the web-based version, Google says they're also "coming soon" to the Andr...

LG adds 'Tweet-TV' enabled Android phone to its list of Mobile DTV prototypes

Whenever mobile digital television broadcasts finally take off LG will be ready and its latest concept design -- following the autostereoscopic 3D screen shown at CES -- is the Tweet-TV pictured above. At the National Association of Broadcasters show this week it's demonstrating the prototype Android phone with a Harris MDTV antenna that also pulls in relevant tweets and displays them over the broadcast being watched. Whether or not a dose of social networking will help MDTV succeed where others have failed remains to be seen but first we'll see if it manages to reach 40% of the US population later this year. The press release and a bigger picture follow after the break. LG ELECTRONICS SHOWS EXPANSIVE CAPABILITIES OF MOBILE DIGITAL TV, DEMONSTRATING 'TWEET-TV' SOCIAL NETWORKING, ELECTRONIC COUPONS, 'GLASSES FREE' 3D Prototype displays, Smartphones highlight flexibility of mobile DTV standard LAS VEGAS -- Apr 08, 2011 / (http://www.myprgenie....

NYC

Search This Blog