Recently, Google shared with the public the core principles that are meant to keep Chrome users safe. The manifesto published on the official Chrome blog highlights seven directions that motivated Google teams to work on the browser’s security. The first characteristic of this work was the care to keep all the aspects out of the users’ way. That means that while Google teams are “carefully balancing usability, capability and security” users are not annoyed by excessive prompting and announcements on this matter.
Another aspect highlighted by Chrome report, relies on a special design of architecture in such mode that a layered defense is meant to avoid single points of failure. The strategy is described as one of the most effective parts of Chrome’s security but not the only one as the official blog writes: “We also employ the best available anti-exploit technologies—including ASLR, DEP, JIT hardening, and SafeSEH—along with custom technologies like Safe Browsing, out-of-date plugin blocking, silent auto-update, and verified boot on Chrome OS.”
In addition, the security is perceived and handled as a part of an complex piece of software.