More growing pains for Google Chrome

A fresh round of problems has descended on Google and its new Chrome web browser.

A fresh round of problems has descended on Google and its new Chrome web browser.

Fresh on the heels of a pair of security flaw reports, the company is now dealing with an amended end-user licensing agreement (EULA) and a warning from the US government of new security risks.

The EULA change stems from a section in the agreement which was causing privacy advocates to cry foul. The term stated that Google would retain "a perpetual, irrevocable, worldwide, royalty-free, and non-exclusive licence to reproduce, adapt, modify, translate, publish, publicly perform, publicly display and distribute any Content which you submit, post or display on or through, the Services."

According to Google, the clause comes from the blanket terms of service on which all of its services are based. The reasoning behind the rule is that it allows Google to display the material on its own servers, a basic element for any web-based publishing or hosting service.

With the Chrome browser, however, the rule raised serious privacy concerns. Worried users pointed out that the agreement could give Google the ability to capture and re-post anything the user did within the browser.

As a result, Google completely deleted the offending passage and changed the section to simply read " you retain copyright and any other rights you already hold in Content which you submit, post or display on or through, the Services."

"Whenever we release a product in beta as we just did with Google Chrome, we can always count on our users to come up with ways to improve it," wrote Google senior product counsel Mike Yang in a company blog posting.

"We're sorry we overlooked this, but we've fixed it now."

The EULA issue, however, is not the only problem facing Chrome. On Wednesday the US Computer Emergency Response Team (US-Cert) issued a warning to user's about a security risk in the browser's default settings.

US-Cert notes that the browser is initially set to accept all downloads without user notification. This allows for the possibility of an attacker placing malicious application's on a user's system without any previous warning.

The organization advises users to turn on the 'ask where to save each file before downloading' option under the browser's 'minor tweaks' preference tab in order to negate the security risk.