Tweet
Google's Chrome OS(Credit:Google)
Google may see its Chrome operating system as more secure than traditional alternatives, but one security researcher believes the cloud-based OS is vulnerable, according to a Reuters story published yesterday.
WhiteHat Security researcher Matt Johansen said he found a flaw in a Chrome OS application that he was able to exploit to gain control of a Google e-mail account. Though Google fixed the flaw after it was reported, Johansen claims to have discovered other applications with the same flaw, Reuters said.
In citing the security holes in Chrome OS, Johansen specifically pointed to the ability of hackers who can steal data as it moves between the cloud and the Chrome OS browser instead of hacking directly into a user's PC.
"I can get at your online banking or your FaceBook profile or your email as it is being loaded in the browser," he told Reuters. "If I can exploit some kind of Web application to access that data, then I couldn't care less what is on the hard drive."
The vulnerable applications cited by Johansen are extensions downloaded from the Google Chrome Web Store. Though most other browsers also use extensions, Johansen believes there's a design flaw in Google Chrome OS that gives extensions "sweeping rights to access data stored on the cloud."
In response to Johansen's claims, a Google spokeswoman confirmed with CNET that the initial extension reported by the researcher was patched months ago but questioned the overall labeling of Chrome OS as vulnerable due to its use of extensions.
"It is a mischaracterization to say that this is something inherently baked into the Chrome operating system because all modern browsers run extensions," said the spokeswoman. "If anything, this is more about Chrome the browser and what do we do to protect extensions running on Chrome."
The spokeswoman also said she contacted the writer of the Reuters piece to ask for the proof from WhiteHat that this is a fundamental design flaw in the OS.
"There's a lot of work that we've been doing around security to protect extensions running on Chrome," the spokeswoman said. "Extensions running in Chrome have actually been designed to limit access privileges and to run in isolation by default. Incognito mode on Chrome OS and Chrome do not allow extensions unless they are explicitly whitelisted by the user, and enterprises can also enforce extension whitelisting for their domain."
Caesar Sengupta, director of Chrome OS, told Reuters that Google is also looking into ways to tag "questionable" extensions without making it difficult for developers to distribute their extensions to the Chrome Web Store. The spokeswoman confirmed that Google has security people working on this aspect as well.
"All modern browsers run extensions, and all major computer lines support browsers," added the spokeswoman. "These kinds of web attacks are also valid on other browsers and devices, as even extension reviews are not foolproof."
A spokesman for WhiteHat Security seemed to want to soften the tone reflected in the Reuters piece by telling CNET that WhiteHat has a good relationship with Google's security people and works closely with them on vulnerabilities.
"The Black Hat talk (which spurred the Reuters piece) is really about how moving the OS to the cloud presents different security challenges," said the WhiteHat spokesman, "i.e. we're not trying to 'call out' Google for anything."
Johansen had told Reuters that he and fellow researcher Kyle Osborn will reveal more information about the reported vulnerabilities in Chrome OS at the Black Hat hacking conference in Las Vegas this August.
Powered By WizardRSS.com | Full Text RSS Feed | Amazon Plugin | Settlement Statement | WordPress Tutorials
Comment