Researchers crack Chrome OS via extensions

[Simon]

A pair of security researchers have found a way to steal data from Chrome OS via extensions.

Google claims Chrome OS is more secure than other OSes because - among other features - it is updated constantly, meaning it won't be left unpatched by users.

At the Black Hat conference in Las Vegas, Matt Johansen and Kyle Osborn from White Hat Security revealed how to steal user data by targeting extensions used by the browser-based operating system.

The researchers used a cross-site scripting attack targeting extensions, accessing data on any open tab - even if the webpage doesn't have a vulnerability of its own.

"You're talking about a super pared-down version of the operating system," Osborn told MIT's Tech Review. "And they're trying to rebuild functionality through extensions."

Indeed, the researchers said one simple way to target Chrome OS would be to create malicious extensions or apps, as Google doesn't vet either before letting users install them.

Read more: http://www.pcpro.co.uk/news/security/369118/researchers-crack-chrome-os-via-extensions

[Steve]

It's the lack of vetting by Google that's the worry to me. Why spend time and effort developing a browser and an OS and then let any 'old cr*p' be installed on it.

[Technical Ben]

Google. "We have avoided the need for having a virus scanner, by only allowing apps to install."
User. "How do you scan user installed viruses then?"
Google. "Oh, well that's the great thing, viruses are not *apps*!"


I'd have thought Google would have done better than that. New terminology for software =/= software unable to be malicious.
You have to actually sandbox the apps super well before you can say they are totally safe. Granted Google are trying this, but your programs (I refuse to call them Apps) will always be a weak spot.