Chrome OS’ Unique Approach to Security Leaves Even Experts Unsure
All Things Digital, By Ina Fried
On Wednesday, a Kaspersky Labs researcher posted to a security Web site his finding that the initial Chrome OS-based computers from Samsung appeared to be using an older version of Adobe Flash, potentially putting users at risk.
Indeed, the version of Flash running on the latest stable build of Chrome OS is not the latest version of Flash.
“This doesn’t bode well for Google’s security boast,” Kaspersky’s Roel Schouwenberg said in the Securelist posting. “ChromeOS is supposed to be all about being able to trust Google to take care of security for you. Google has gone through great lengths to secure ChromeOS itself, but security doesn’t stop there. A platform needs to be properly managed if it intends on being and staying secure.”
However, a Google representative said there are indeed additional security patches applied to that version of Flash, closing the vulnerabilities corrected with more recent releases of the Adobe software.
Either way, the issue highlights the different approach Google is taking with security in its new operating system.