Artificial intelligence stands no chance against Natural Stupidity - http://www.defcon1.com/~paolo/
|
|
|
Kaspersky says Google Chromebook security is better, and worse
SECURITY CONSULTANCY Kaspersky Lab shot down claims Google has made about the security of its Chromebook, such as it "doesn't need virus protection".
Kaspersky expert Costin Raiu said the statement came at a pretty bad time, with French security firm Vupen announcing this week that it broke into Google Chrome's security protection.
You would imagine criminals would quickly get busy on the Chromebook, trying to find ways of infecting it using a similar type of exploit, which would simply need a user to browse a booby-trapped web page.
However, Raiu said that the Chrome OS is designed in such a way that it has a good self healing capacity, is easy to update, and is resilient against any outside modification. Reinstallation also won't be a problem, as none of the data is held on the computer.
He said, "It's a new operating system, it has new security defenses into place (self healing, updates) and it's used in a different way - the data is not on the computer but in the cloud."
But of course, hackers could go for the information Google has in the cloud. As Sony found to its cost, any leak would could be disastrous.
"With Cloud centric OS'es, the race will be towards stealing access credentials, after which, it's 'game over'," Raiu said.
"Who needs to steal banking accounts, when you have Google Checkout? Or, who needs to monitor passwords, when they're all nicely stored into the Google Dashboard?" µ
Tags: Security
Share this:
Share
Okay, Google. These are the guys who are quite literally taking over the web, you use Google without even realising your using it.
In some ways I trust them, in other's I don't. Especially when they were exploited for viewing everyone's online activity. So if there is one feature I would like to be available on a chromebook, it would be encryption. I want to encrypt all my files, before sending them to a Google Server for two reasons. Google might get curious and root around there servers to see what information is being uploaded. Two, if a security breach were to occur my files would be safe and sound regardless whether or not the unauthorised third party got there hands on them.
I won't be uploading or infact using a chromebook until I know I can encrypt my files with a system I only know how to decrypt. So I don't want Google releasing an app for encryption, because they will know how to decrypt it. It's complicated. I'm just extremely weary of moving to the cloud unless I can be 99.9% sure that I've done everything in my power to keep my files safe.
Steve