
Security researchers hack Google’s Chrome OS - evo_9
http://venturebeat.com/2011/08/03/security-researchers-hack-googles-chrome-os/
======
robtoo
From the outline presented here, it sounds like generic web vulnerabilities,
rather than something ChromeOS-specific. But with content like "hackers could
have a field day accessing data on Chromebooks. [...] With Chromebooks, no
data is stored on the device" it's hard to tell.

eweek has a slightly better write-up:

[http://www.eweek.com/c/a/Mobile-and-Wireless/Google-
Chrome-O...](http://www.eweek.com/c/a/Mobile-and-Wireless/Google-Chrome-OS-
Hacked-Using-ScratchPad-Extension-in-Black-Hat-Preview-343583/)

 _In his demonstration, a friend shared a folder containing a note with
malicious code, which was then accessible on the CR-48 through the ScratchPad
extension. Once the note was opened, the note was able to then steal all his
contacts saved in Gmail because he was already logged into Google's services._

Sounds like poorly-filtered ScratchPad notes (which presumably aren't supposed
to contain executable code) combined with xss or csrf.

EDIT: Does ChromeOS give apps access to all cookies for all sites?

~~~
abraham
Chrome OS allows cookie access on domains you specify in your manifest.
[https://code.google.com/chrome/extensions/permission_warning...](https://code.google.com/chrome/extensions/permission_warnings.html)

------
abraham
The security flaw is that it accesses the internet.

