News

Google researcher: ‘secure’ Chromodo browser is unsafe

By admin
Spread the love

Security researcher Tavis Ormandy of Google’s Project Zero team has identified a vulnerability in security company Comodo’s Chromodo browser. The vulnerability allows scripts to read data in other scripts.

The Chromodo browser is based on Chromium and according to the makers offers ‘speed, security and privacy’. According to Ormandy, however, this is a claim that Comodo cannot live up to, because the browser is far from safe. According to Ormandy, the leak stems from the browser completely disabling the “same origin” security policy.

This policy means that only scripts originating from the same page can read data from other scripts on the page. Without this policy enabled, users are vulnerable to a variety of attacks, which could involve interception of data. When installed, the browser also takes over all links and settings from Chrome and DNS settings are adjusted.

Ormandy says that Comodo has come up with a solution, which he says does not solve the problem. According to PCWorld, he would therefore have come out with the vulnerability earlier. The site further reports that Comodo was unable to comment. Ormandy has created a new issue for the insufficient solution.

Tweet from Ormandy in response to the Chromodo leak

You might also like
Apps

Popular apps Pixelmator and Photomator are now from Apple

News

MacOS Sequoia 15.3.1 is out: what’s new for your Mac?

News

iOS 18.3.1 is out (and this is why you have to update)

Apps

Apple launches invitations app (and that is reason for a party)

News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products