Quote Originally Posted by Hungry Man View Post
ACtually the Chromium developers are working on a password management system that's far more ambitious than a simple master password - it's an entire LastPass-type system but with Google's servers.

It's been in the works for about two months now and it's already showing some features (like password generation.)

I agree that it would be nice to not have to use a 3rd party extension. But if their new management system works as well we won't have to.

As for the Chrome sandbox I think the credit is well deserved. Bypassing it on Windows is incredibly difficult - bypassing it on Linux is way harder and, with the proper configuration, really just not feasible for any cost-effective attack (and by "proper configuration" I'm talking about grsecurity kernels with hardened chroots etc on a 3.5 kernel) but, of course, it's not invincible.

That's not super on topic though. The point is for an attacker to see your password file they need at least one 'hop' to a higher privileged sandbox.
I was under the impression the Chrome developers weren't interested because "it provides a false sense of security" but apparently not. Good to hear.

Now I'm using Opera next, because for some reason the Chrome version of FVD doesn't work properly, and Firefox is too slow for my liking