I am pleased that Google has produced <a href=http://dev.chromium.org/Home/chromium-security/core-principles>this page</a> about the security of the chromium browser.
I read it closely and record and contemplate here places where it seems obscure from my perspective.
<p align=center>A bit about my perspective and what I call things</p>
I think that there is necessarily a concept of ‘my files’ and the ‘browser’s files’.
Unfortunately there is no name for either of these categories.
I want to say somehow that neither the browser nor its guests will see, modify, move or delete my files, even if the user does not know the meaning of the word “file”.
I want further to be clear about when a file delivered to me has become my file to care for.
Upon delivery I want the browser to expunge any knowledge of where I told it to put my file.
<p>Perhaps I must study <a href=http://dev.chromium.org/chromium-os/chromiumos-design-docs/verified-boot>this</a> first.
It is not clear whether “read-only portion of firmware” is indeed not writable by privileged code, or merely not normally written.
I will assume that physical access is necessary, at least, to change the “read-only portion of firmware”.
<hr>Google’s <a href=http://queue.acm.org/detail.cfm?id=1556050>Chrome Security Architecture</a>