[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ISN] Chrome OS has security flaws, claims researcher



http://news.cnet.com/8301-1009_3-20075801-83/chrome-os-has-security-flaws-claims-researcher/

By Lance Whitney Security
CNet News
June 30, 2011

Google may see its Chrome operating system as more secure than traditional alternatives, but one security researcher believes the cloud-based OS is vulnerable, according to a Reuters story published yesterday.

WhiteHat Security researcher Matt Johansen said he found a flaw in a Chrome OS application that he was able to exploit to gain control of a Google e-mail account. Though Google fixed the flaw after it was reported, Johansen claims to have discovered other applications with the same flaw, Reuters said.

In citing the security holes in Chrome OS, Johansen specifically pointed to the ability of hackers who can steal data as it moves between the cloud and the Chrome OS browser instead of hacking directly into a user's PC.

"I can get at your online banking or your Facebook profile or your e-mail as it is being loaded in the browser," he told Reuters. "If I can exploit some kind of Web application to access that data, then I couldn't care less what is on the hard drive."

[...]


___________________________________________________________
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/