A fresh round of problems has descended on Google and its new Chrome web
browser.
Fresh on the heels of a pair of
security flaw reports, the company
is now dealing with an amended end-user licensing agreement (EULA) and a warning
from the US government of new security risks.
The EULA change stems from a section in the agreement which had raised the
hackles of privacy advocates.
The terms stated that Google would retain "a perpetual, irrevocable,
worldwide, royalty-free, and non-exclusive licence to reproduce, adapt, modify,
translate, publish, publicly perform, publicly display and distribute any
content which you submit, post or display on or through, the services".
According to Google, the clause comes from the blanket terms on which all of
its services are based.
The reasoning behind the rule is that it allows Google to display the
material on its own servers, a basic element for any web-based publishing or
hosting service.
With the Chrome browser, however, the rule raises serious privacy concerns.
Worried users pointed out that the agreement could give Google the ability to
capture and re-post anything the user did within the browser.
As a result, Google completely deleted the offending passage and changed the
section to read: "You retain copyright and any other rights you already hold in
content which you submit, post or display on or through, the services."
"Whenever we release a product in beta, as we just did with Google Chrome, we
can always count on our users to come up with ways to improve it," wrote Google
senior product counsel Mike Yang in a
company
blog posting.
"We are sorry that we overlooked this, but we have fixed it now."
The EULA issue, however, is not the only problem facing Chrome. On Wednesday
the US Computer Emergency Response Team (US-Cert) issued a warning about a
security risk in the browser's default settings.
US-Cert noted that the browser is initially set to accept all downloads
without user notification. This allows for the possibility of an attacker
placing malicious applications on a user's system without warning.
The security organisation advises users to turn on the 'ask where to save
each file before downloading' option under the browser's 'minor tweaks'
preference tab in order to negate the security risk.
Do you agree?
Have your say on this article