Recently Google announced its Google Chrome netbooks aka Chromebooks. They have great features like 3G support, boot time of seconds, automatic updates, review of core files integrity on every boot and more. With all these new functionalities on netbooks the security is extremely important because they have no experience with this set of technologies and they don’t know how people will take these changes and how “hackers” will take this new challenge.
Let’s review some of the security concepts and possible cons within the Chromebook.
First of all, I’m really impressed with the way Google is handling the Chromebook security. It’s something that definitely wasn’t taken lightly.
Starting with the concepts we have Automatic Updates. This feature forces the system to update automatically without user intervention. In fact, the user may not be aware of the system updates. This could be one of the first places that “hackers” will try to break because of the lack of user intervention. Maybe trying a Google update servers spoofing.
Sandboxing is another great feature that helps to contain the infection if one of the components is affected. This is possible running each one of the processes and applications in a restricted environment. Making more difficult to communicate with other applications of processes. This feature has been used in another programs like Internet Explorer or Google Chrome Browser and the security behind the sandboxing has been compromised more that once. So we can expect that this can be one of the easiest characteristics to be broken.
Verified Boot: I think this will be one of the hardest things to break because it’s relatively new and it implies to take control of the user machine, maybe remotely, to change and decrypt core files and their hashes. I think there won’t be an exploit for this functionality at least in a couple of years.
Data Encryption: Most of the files will be stored in Google Cloud Servers but cookies, your downloads and cache files will be stored physically in the computer and will be encrypted at a hardware level not a software level. This increases the difficult to stole and decrypt the files. This will be another hard to break security challenge.
Guest mode: Apparently it will be like a user in the computer with restricted privileges and without signing in, but obviously, the stored data of the main user will not be erased just blocked. Frequently the methods to block the access to these files are not as strong as you may think and they are easy to deceive. First exploits will be focused on this security leak so, try not to use it very often.
If you want to read more about the security in Google Chromebooks you can find more information in these links:
http:/.chromium.org/2008/10/new-approach-to-browser-security-google.html
http://www.chromium.org/chromium-os/chromiumos-design-docs/protecting-cached-user-data
http://www.chromium.org/chromium-os/chromiumos-design-docs/verified-boot