AfterDawn: Tech news

New exploit in Chrome for Android abuses your trust in the address bar

Written by Matti Vhkainu @ 29 Apr 2019 10:52

New exploit in Chrome for Android abuses your trust in the address bar Google's Chrome is considered to be among the safest browsers for a good reason. Google has spent copious amount of time providing users with the most secure browser they can make, and largely they've succeeded.
However, there are always going to be problems that haven't been taken care of and exploits that could happen at any given time. One of these is, what a software developer Jim Fisher calls the inception bar.

He has figured out a way to fool users with a fake address bar on Chrome for Android. People can usually rely on their address bar showing valid information, but with this exploit Fisher has managed to replace it fairly convincingly with a fake URL bar.

When you scroll down on Chrome for Android, the address bar slowly slides away, normally when you go back up it's waiting for you again at the top. With the exploit Fisher's bar appears at the top and won't be replaced with the actual one even when scrolled up.

There are, fortunately, a few ways to determine that you are indeed seeing a fake bar and not a real one. First, at least with this iteration of the code, it appears in the middle of scrolling down, which should raise some concerns.



If you aren't sure if this is indeed a fake bar still, you can lock and unlock the device to reveal the actual bar, after which the fake bar is shown below (pictured above).

If you'd like to try and see how real the bar indeed looks in action, head to James Fisher's blog on an Android device and give it a try. If you don't have an Android device handy, he has a video demonstrating the effect.

Needless to say that if you come across one of these exploits in the real world, you probably shouldn't be trusting the website.

Previous Next  
Comments have been disabled for this article.

Latest news

Samsung has a new subscription service for smartphones Samsung has a new subscription service for smartphones (01 Jun 2020 10:38)
Samsung's has an upgrade program for smartphones, incidentally just like the one Apple has, for a while now. However, the company seems to have wanted a more comprehensive hold on their customers, ....
HP announced their next-gen VR headset: Reverb G2 HP announced their next-gen VR headset: Reverb G2 (01 Jun 2020 9:36)
While HP isn't the one name you come up with when discussing VR, the company has been challenging more committed VR companies for some time now. Their initial claim for VR fame was HP WMR ....
Microsoft rolls out new Windows 10 update with cloud reinstall and tons of improvements Microsoft rolls out new Windows 10 update with cloud reinstall and tons of improvements (28 May 2020 11:34)
Microsoft has yesterday announced that its long-awaited Windows 10 v2004 update has been given the green light. While the May update, as they like to call it, includes numerous improvements, ....
1 user comment
Trump threatens social media with regulation after tweet fact check, Zuckerberg and Dorsey respond Trump threatens social media with regulation after tweet fact check, Zuckerberg and Dorsey respond (28 May 2020 10:28)
The United States President has attacked the social media after Twitter added the first fact check link to his tweet. President Trump threatened to regulate or even close social media if there ....
OnePlus is returning to its roots with upcoming affordable smartphone OnePlus is returning to its roots with upcoming affordable smartphone (27 May 2020 11:10)
OnePlus has become one of the larger smartphone manufacturer, and for its size it has managed to gain significant momentum in the Android space. However, it all started in 2014 with an aggressive ....
1 user comment

Latest user comments

News archive