Several things about Chrome's security model stand out to me, not the least of which is their sandbox approach. This would limit the possibility of a site in one tab (process) from communicating with another, preventing malicious scripts from affecting other sites. The approach to permissions seems interesting as well. By limiting the read and write capabilities of these processes, it may hinder the functionality of certain types of spyware.

However, since Javascript, applets and plugins all seem to share processes, this could be an easy attack vector.

Only time, and an army of hackers better than I, will tell.

__________________
The best way to learn anything, is to question everything.