30-day safety report for: chromium.org
Surf with caution
This website has SSLv3 support enabled and may be vulnerable to data leakage. (updated Mar 04, 2016 GMT)
Types of Malware Found 1
SSLv3 support Summary
This vulnerability relates to version 3 of an encryption technology known as SSL (Secure Socket Layer). When a browser connects to a webserver that supports this older technology there is a risk that if SSLv3 is the primary encryption or the connection security falls back from the newer TLS technology to SSLv3 then an attacker could potentially exploit this vulnerability. While it is unusual for websites to still be using SSLv3 as the default encryption technology, it is possible for an attacker to cause connection failures that force the server to default back to the older, insecure, technology. By exploiting this vulnerability, an attacker could gain access to things like passwords and cookies, enabling him to access a user’s private account data on a website.
Supposedly open-source browser automatically downloaded a proprietary binary blob without asking or notifying user. It's an extension that apparently uses the microphone to listen for voice commands, though exactly how it works can't feasibly be verified.
This is home to the open source project that Google Chrome browser is based upon. If you like straight from the source, and have trust issues with Google, then consider trying the Chromium browser for a change - Google Chrome without the branding.