
WhiteHat Security’s Aviator web browser has been criticised by a Google Chrome security engineer for its inability to keep up with the search engine’s browser updates.
The censure follows the security firm’s decision to release the source code of its web browser, allowing the cybersecurity industry to more closely scrutinise the software, which is based on Chromium, an open source version of Chrome.
Justin Schuh, an information security engineer at Google, said: "You probably shouldn’t be using the WhiteHat Aviator browser if you’re concerned about security and privacy."
"We found that the overwhelming majority of changes [to Chromium] were superficial and branding related, but done so in a way that seriously complicates the process of tracking upstream security fixes."
"That’s why Aviator is perennially at least two major releases behind Chrome, and ships with dozens of publicly disclosed vulnerabilities that are already fixed in the stable Chrome release."
Responding to the criticism, Robert Hansen, vice president of WhiteHat Labs, said his firm had never claimed to be as quick at patching as Google, and conceded that there were bugs in Aviator’s code.
"Advising users to not use Aviator misses the bigger picture," he said. "To tell people that if they use Chrome, add Disconnect and change some privacy settings you’ll get the same thing as Aviator is not at all accurate."
"We have made changes in Aviator that are beyond configuration, such as the browser’s ability to stop referring URLs from being sent cross domain as well as always being in private mode by default."
He added that customers need "privacy options by default", as many lack the technical ability to configure browsers to protect their privacy.