Hacking Google Chrome OS

Hacking Google Chrome OS

Google recently announced Chrome OS powered computers, called Chromebooks, at Google I/O and the company is getting ready to market them to businesses as well as consumers. What's different about Chrome OS and Chromebooks, other than the entire user-experience taking place exclusively in a Web browser (Google Chrome), is everything takes place in the cloud. Email, document writing, calendaring, social networking – everything. From a security perspective this means that all website and Web browser attack techniques, such as like Cross-Site Scripting, Cross-Site Request, and Clickjacking, have the potential of circumventing Chrome OS's security protections and exposing all the users data.

Two members of the WhiteHat Security's Threat Research Center, Matt Johansen and Kyle Osborn, have spent months hacking away on Google's Cr-48 prototype laptops. They discovered a slew of serious and fundamental security design flaws that with no more than a single mouse-click may victimize users by:

  • Exposing of all user email, contacts, and saved documents.
  • Conduct high speed scans their intranet work and revealing active host IP addresses.
  • Spoofing messaging in their Google Voice account.
  • Taking over their Google account by stealing session cookies, and in some case do the same on other visited domains.

While Chrome OS and Chromebooks has some impressive and unique security features, they are not all encompassing. Google was informed of the findings, some vulnerabilities were addressed, bounties generously awarded, but many of the underlying weaknesses yet remain -- including for evil extensions to be easily made available in the WebStore, the ability for payloads to go viral, and javascript malware survive reboot. With the cloud and web-based operating systems poised to make an impact on our computing future, Matt and Kyle ready to share all their never-before-seen research through a series of on-stage demonstrations.

Presented by