I, like many others, have been playing around with the Chrome browser for a couple of days now and I feel there is one element of the browser that needs to be addressed to avoid possible future issues.
For those that haven't used the browser yet, there is a feature in Chrome that allows you to add shortcuts to your Desktop/start menu/quick launch bar. It's a nice way to add links to applications and favourite websites into your operating system desktop.
It all sound rather good and looks great when you click these shortcuts it pops up a Chrome browser window and displays your stored favourite. The only problem is the window that appears is stripped of all interface tools including the URL “omni” bar.
Not a problem you may think, but considering that continual phishing attempts occur on a frequent basis, is this shortcut a path to dangerous destinations?
The Chrome browse will highlight the main website of a url when used in full mode, but this feature isn't even visable if opened from a shortcut, plus there appears to be no way to force it to appear.
Now the shortcuts that are added are effectively only application shortcuts that open a browser window:
With increasingly more creative cyber-villains around at the moment, is there a chance that a nasty virus could alter this shortcut, pointing it at a lovely bank clone website?
Or even worse call home for a continually changing phishing website URL making them harder to track, block and blacklist.
To further add to the problem there is no indicator on these shortcut browser windows to show you are on a website that is encrypted!
The lack of a url (omni) bar and an encryption indicator means there is no way of telling if you are infact pointing at a real or fake website.
Hopefully these issues will be squashed as the Beta moves forward, but it's certainly one to ensure gets fixed.