Regarding the security issues: One major difference between Browser resident apps and Air and JavaApps are > the security parameters. Since it is installed it falls under that part of > the controlled OS which can be blocked by Administrators, so the sandbox > that Flash traditionally has for example is not really found (or > externalized) in AIR apps (basically the same technology).
While you discuss the various securities for the apps in the browser a colleague and I discovered a quite critical security issue with Chrome as a windows application: Chrome do not install itself in the OS application area x:\Program Files it installs in the users local account area. On WIndows XP there is not any immediate difference around this, security wise. But it makes room for a huge security hole in Vista. The user area is fully writable and any application might write to this area (even malicious). If the application would reside in x:\Program Files (as it should) UAC would kick in an save the user. For more information check: blog.reis.se<http://blog.reis.se/2008/09/05/GoogleChromeCriticalSecurityIssues.aspx>and techie notpad<http://blog.noop.se/archive/2008/09/05/google-chrome-plays-outside-of-vista-security-zones.aspx>around this issue and also what Chrome leaves behind<http://myitforum.com/cs2/blogs/rtrent/archive/2008/09/03/here-s-what-chrome-s-uninstall-leaves-behind.aspx> . So we have an app that can update what ever it wants without noticing you and even if you remove it it will leave the updater behind. --- Håkan Reis Dotway AB +46(768)510033 My blog || http://blog.reis.se My company || http://dotway.se Our conference || http://oredev.org - See you in 2008 ________________________________________________________________ Welcome to the Interaction Design Association (IxDA)! To post to this list ....... [EMAIL PROTECTED] Unsubscribe ................ http://www.ixda.org/unsubscribe List Guidelines ............ http://www.ixda.org/guidelines List Help .................. http://www.ixda.org/help
