-
Kamakshi S
12:12 13th Oct, 2013
Google Chrome Stores Sensitive Data In Plain Text | TechTree.com
Google Chrome Stores Sensitive Data In Plain Text
Google needs to revise what it classifies as "evil".
Most e-commerce sites try hard to bring in secure algorithms to ensure that your credit card and other sensitive information is well-encrypted, and hence safe. But who'd protect you if your browser exposes such details, that too in plain text? It doesn’t matter if you’ve turned "Incognito" mode on; a report on Identity Finder reveals that Chrome keeps local copies of data in very unsecure databases.
As per the reports, the company used its "in-depth Sensitive Data Manager", on a PC where Chrome was being used as a primary browser. Scans threw up very critical and private information in Chrome's SQLite databases and protocol buffers, which includes "names, email addresses, mailing addresses, phone numbers, bank account numbers, social security numbers and credit card numbers". The data is within reach of any one who can access the computer directly, of via a local network, if it is connected to one. The report further adds, "Attackers could acquire vast amounts of personal information without requiring users to enter anything into a form, or system credentials". The most damning fact is that the issue has been persistent since chrome 2.0. And since all of this data is on your local drives, even deleted data can be recovered to misuse it. While the company has notified Google about its findings, the search giant is yet to respond. Chances are they're already aware (as is always the case), but perhaps have it on low priority security threat.
This is second such instance in a matter of months where Chrome has been shown to be inadequate in securing user data. Earlier, a study by NSS Labs on the latest versions of Internet Explorer, Firefox, Chrome, and Safari proved how insecure Chrome is of the lot. While IE has been declared the safest of the lot, Chrome failed tests with respect to privacy-related issues, among them third party cookies and geolocation.
It's amazing how many of these (little) security threats casually come and go in the digital world. For now, the smartest thing to do is to delete your cache data, switch your primary browser, and pray that your data hasn’t been abused yet. And while you're at it, check out Identify Finders report summary below:
News Corner
- DRIFE Begins Operations in Namma Bengaluru
- Sevenaire launches ‘NEPTUNE’ – 24W Portable Speaker with RGB LED Lights
- Inbase launches ‘Urban Q1 Pro’ TWS Earbuds with Smart Touch control in India
- Airtel announces Rs 6000 cashback on purchase of smartphones from leading brands
- 78% of Indians are saving to spend during the festive season and 72% will splurge on gadgets & electronics
- 5 Tips For Buying A TV This Festive Season
- Facebook launches its largest creator education program in India
- 5 educational tech toys for young and aspiring engineers
- Mid-range smartphones emerge as customer favourites this festive season, reveals Amazon survey
- COLORFUL Launches Onebot M24A1 AIO PC for Professionals
TECHTREE