Page 1 of 2
Security experts are eyeing Google's new Chromebooks notebook with caution, maintaining that a cloud-based OS could create gaping security holes that would leave users' data vulnerable to a cyber attack.
Google announced the impending release of its own notebook, dubbed Google Chromebooks, Wednesday during its Google IO Conference in San Francisco. The search giant's own low-end notebook will be manufactured by Samsung and Acer, utilizing 2 GB of RAM and 16 GB of SSD storage, and will come equipped with the Chrome OS, the first commercially available consumer operating system relying on cloud technology.
The cloud technology enables users to reinstall and reauthenticate their credentials to the cloud, allowing them to completely restore their information and regain a smooth computing experience should the Chrome operating system crash or become infected with malicious code.
Meanwhile, Google touts that one of Chromebooks' biggest differentiators is its sandbox technology, which enables users to lose or break their notebook, without fear of losing their data.
Google claims its Chromebooks employs "defense in depth," relying upon multiple layers of protection, which include automatic security updates and sandbox technology. At its core, sandboxing isolates Web sites and applications and runs them in a restricted environment, which eliminates the potential to compromise a user's entire system if exposed to malware.
"So if you visit an infected page, it can’t affect the other tabs or apps on your computer, or anything else on your machine. The threat is contained," Google said on its Web site. "So while it's still important to take precautions to protect your data, Chromebooks let you breathe just a little bit easier."
The marketing around security might be a hook for Google's enterprise ambitions. The search giant disclosed during its Google IO conference plans to offer a monthly subscription service for enterprise and education sectors, which incorporates a Web-based management console, automatic updates, warranty, support, and hardware lifecycle upgrades.
However, the release follows shortly after researchers at France-based Vupen Securityfound a way to break into Google's Chrome browser, including its sandbox technology, which would enable potential hackers to launch malicious attacks on unsuspecting users by luring them to an infected Web site that would install malware onto their systems.
While Vupen released demos of the exploit, it has yet to publicly release the exploit code to Google, or anyone else, with the exception of its government customers.
Meanwhile, security experts contend that the cloud-based architecture makes Google's Chrome OS a likely target for future attacks, especially in light of the recent exploit, by galvanizing other hackers to follow suit.
Costin Raiu, senior malware researcher for Kaspersky Lab, said in a blog post Thursday that hackers would likely figure out a way to access users' data stored in the cloud, making the Chrome OS more vulnerable to attack , despite more sophisticated endpoint security protections.