You are here: Features Drew's News Google Chrome Security Warning

Google Chrome Security Warning

Google_WarningBy Emily Driscoll

If you are sick and tired of your computer taking forever to boot up and get connected to the internet (you’ve got things to do and people to see!), Google is touting a product with you in mind. Google’s Chromium OS has taken the technology community by storm with boasts of being built on “speed, simplicity, and security.”

Developers at Google are advertising this cloud-based system as a way for users to access web-based information quickly and safely from anywhere in the world. But how safe is it really?

A researcher at the website risk management and solution company WhiteHat Security has discovered flaws in the Chrome OS security system. Researcher Matt Johansen says he was able to get access to a Google e-mail account through a defect in a Chrome OS application and that after it was reported and fixed, he found other applications with similar flaws. 

But let’s back up for a second. For those who aren’t security or programming whizzes, here is how the operating system works in simple terms. Most desktop computers and laptops come installed with an operating system, like Mac OS or Windows, which is software that runs programs and stores data on your computer. Standard operating systems require a lot of hard drive space and the user has to manually update programs and manage the security and device drivers—who has time to do all that? 

The Chrome OS, built on an open source version of Linux and the Chrome web browser, was designed to store your data and information on the web (a cloud) instead of your computer’s hard drive. The cloud lets users instantly access their information at anytime, anywhere. Chrome OS is meant to work only with specific hardware components, so you’ll have to get a Chromebook (Google’s netbook-style computer) to use the Chrome OS. 

A major attraction of the operating system is its applications or extensions, which can be downloaded from the Google Chrome Web Store. In the app-happy world we live in, the ability to have applications at your finger tips to store readily-available information on the web sounds ideal, right? 

In theory, yes—but not if there are potential holes in the system. Even though a slew of other browsers use extensions, Johansen found that the extensions used by Chrome OS may be able to access data stored on a user’s personal cloud. Instead of having to rifle through a victim’s PC contents, a hacker could weasel their way in to e-mail, banking/credit card, and social media accounts as info is loaded onto the browser. 

To give credit where it’s due, Google has improved some areas of security by taking the user’s hard drive out of the picture and has a “sandboxing” feature, which keeps apps from interfering with each other and prevents bad apps from getting into the system.  While their efforts have garnered praise in the tech community, security experts say that sandboxing isn’t completely impenetrable either. 

The moral of the story? Be a smart consumer; even if companies are advertising products as secure and safe, hackers are right on their tails and adapting to get around security measures. Look over any terms or conditions of a cloud-based system very carefully before you commit to anything. Limit the amount of personal information you put on the internet (on your hard drive or through cloud-based systems) and always purchase your apps from a legitimate source.