Hacker News new | past | comments | ask | show | jobs | submit login

They can message between native applications (e.g. the AV software) and Chrome. They can also inject scripts into every page (something AV software loves doing for some reason).

If Chrome has a security hole that the AV vendors know about then they can fix it at source. This is a lot more robust than opening a giant hole in Chrome's sandbox in order to insert its own code inside.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact