[ISN] Chrome OS has security flaws, claims researcher

From: InfoSec News <alerts_at_private>
Date: Fri, 1 Jul 2011 05:14:22 -0700 (MST)
http://news.cnet.com/8301-1009_3-20075801-83/chrome-os-has-security-flaws-claims-researcher/

By Lance Whitney Security
CNet News
June 30, 2011

Google may see its Chrome operating system as more secure than 
traditional alternatives, but one security researcher believes the 
cloud-based OS is vulnerable, according to a Reuters story published 
yesterday.

WhiteHat Security researcher Matt Johansen said he found a flaw in a 
Chrome OS application that he was able to exploit to gain control of a 
Google e-mail account. Though Google fixed the flaw after it was 
reported, Johansen claims to have discovered other applications with the 
same flaw, Reuters said.

In citing the security holes in Chrome OS, Johansen specifically pointed 
to the ability of hackers who can steal data as it moves between the 
cloud and the Chrome OS browser instead of hacking directly into a 
user's PC.

"I can get at your online banking or your Facebook profile or your 
e-mail as it is being loaded in the browser," he told Reuters. "If I can 
exploit some kind of Web application to access that data, then I 
couldn't care less what is on the hard drive."

[...]


___________________________________________________________
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/
Received on Fri Jul 01 2011 - 05:14:22 PDT

This archive was generated by hypermail 2.2.0 : Fri Jul 01 2011 - 05:17:59 PDT