Probably a naive question
Why aren't these extensions sandboxed from each other?
Google has billed its Chrome operating system as a security breakthrough that's largely immune to the threats that have plagued traditional computers for decades. With almost nothing stored on its hard drive and no native applications, there's no sensitive data that can pilfered and it can't be commandeered when attackers …
Why aren't these extensions sandboxed from each other?
Excellent question actually. I had thought that the Goog security model was to give everything its own sandbox so nothing shares.
While you can isolate extensions that have instances in different tabs, I don't see how you can completely isolate two extension instances that are active for the same tab.
Anyone care to enlighten us?
I'm surprised this is a problem, because even if extensions exist in the same environment it is possible to program them in such a way that no other extension can read the data of an other extension.
What? I don’t have that much experience of Java, but do I understand you correctly that this is a problem because the data definitions are coded outside the main method and are therefore appear as global data???? (or something like that)
Is it a Java problem of a Google Chrome problem?
In either case it looks like a fail of epic proportions for both the developers of the extensions and the Sun/Oracle developers of Java for sloppy programming.
The languages may have a similar name and a superficially similar syntax, but that's all they have in common.
A brief look at the Chrome extensions API shows interfaces for browser windows, visit history, cookies... Are you *sure* that extension you just downloaded hasn't been sending all your cookies off to some shady remote server somewhere?
Note the "getAll" and "getAllCookieStores" methods. Sure, the manifest needs to specify permissions for that, but we know what users do when an OS asks them about it - "<foo> wants to do <bar>, is that OK?" - "yes".
Being unable to write native code clearly reduces the range of attacks possible on the platform, but claiming that security problems are a thing of the past or trying to punt them off as a 'web problem' is nonsense. Well, it's marketing, which is much the same thing ;-)
Personally, I've adopted the "50 foot barge pole" policy with this particular OS.
I can't believe people still confuse them after all these years.
...the exploits they are discussing are at the browser level or above, and it's not like these types of issues are unique to the browser in ChromeOS.
When someone rootkits ChromeOS... now *that* will be interesting.
"When someone rootkits ChromeOS..."
Why bother? Since ChromeOS forces everyone to keep everything of value in the cloud, the browser is the only thing on the device *worth* exploiting.
Why does anyone rootkit anything?
Not disagreeing, but there must be some good reason why the virus/botnet/rootkit writers spend so much time on that sort of stuff.
they fixed it when it was pointed out to them.
because the fix was automatically pushed to every system. I love that feature.
(And I understand that someone's IE6-based internal Web app may not appreciate security updates at Google's whim ...)
"(And I understand that someone's IE6-based internal Web app may not appreciate security updates at Google's whim ...)"
Not likely. This is ChromeOS ... it doesn't use IE6 ... it runs within Chrome.
Microsoftians need not worry about a new overlord, just yet.
“Whose problem is this to fix? LastPass did everything correctly. It's the other extension developers that developed an extension with a vulnerability in it.”
Then LastPass's approach doesn't make sense in the current setting and a sane situation is out of reach. If security depends on other developers doing the right thing, you are hosed. The browser needs to be fixed, the approach needs to be fixed or scrapped.
It's like with Social Security. You can't afford it. Cuts or more taxes? You still can't afford it. It doesn't make sense - it's economically out of reach.
Just increase your debt limit until you can.
Isn't that the same as most other OS's?
Most attacks these days against modern OS' expliot 3rd party flaws, not direct attacks against the OS itself (Adobe looking at you).
True, but Chrome has pushed the security of their Chrome OS. If it's only as bad as more orthodox OSes that's not a particularly impressive marketing message: 'Chrome OS: Not Any More Insecure than Mac or Windows.' That doesn't give you a reason to switch to Chrome OS. It has to be _better_ than what you're currently using.
The public misunderstanding as to information security is worsened by the fact that to most people, the OS is everything that runs on the computer. A Mac isn't just the hardware and base software, but all the applications that run on it. So if a third party flaw allows for an exploit in OS X, people take that as an argument against the claim that 'Macs don't get viruses', because a Mac is a computer, and the computer was compromised. Never mind where the intrusion came from.
Sure, if you don't install anything and lock everything down, your computer is very secure. But Chrome OS needs extensions just like Windows, OS X and Linux need local software packages. Claiming the default installation is secure isn't all that impressive.
Chrome OS isn't really more secure. It's just insecure in a different way.
"“Whose problem is this to fix?” Johansen continued. “We don't really have an answer for that. LastPass did everything correctly. It's the other extension developers that developed an extension with a vulnerability in it.”"
Didn't he answer his own question? If LastPass did everything correctly and the other extension developers developed an extension with a vulnerability in it, doesn't that, by default, make it the other developers' problem to fix?
Given that Google are trying to build a new execution environment from (almost) scratch in a very short period of time, it's inevitable that problems are going to be incorporated.
The traditional OSes have been developed over decades and they're still not right yet. What's so special about Google's approach to make it likely that ChromeOS is trouble free in such a short period of time? Personally speaking I won't be touching it with a barge pole.
Google's only motivation for developing ChromeOS is to capture more of the advertising market. They're a commercial, profit driven company just like every other. ChromeOS is a dangerous strategy because it succeeds only if a substantial number of people can be persuaded that it provides a level of service and security above that which is offered by the more conventional platforms (Win/Mac/*nix). It will be difficult to provide such assurances if security researches keep finding massive holes like this. And by going way beyond the scope of other things like Google Docs, gmail, etc. they're taking on a much bigger task and are less likely to succeed.
For security law enforcement must attack the masterminds -- the people freely distributing the hacking tools and techniques to anyone.
Any sophisticated system can be hacked -- it is just a matter of time and expertise.
Security only exists when the time it takes to develop the hack is shorter than the time it takes to imprison the hacker.
Well that is my conclusion. Having spent years playing with Linux flavours, Chrome and the rest, at least with windows it is improving massively yet will never be even 99% secure. So I just accept that despite my best efforts there is always a risk of security breach, and I manage my data accordingly.
By the way, where has the Bill icon gone?!
"Chromebooks raise security protections on computing hardware to new levels", quoth your Google spokesperson.
Right. Ignorant about both security *and* non-PC platforms, then, and apparently confused about the distinction between operating system and hardware. I think we can safely disregard anything from that source.