Showing posts from January 20, 2011

CR48/ChromeOS - From browser sandbox to browser-in-a-hardware sandbox

I finally got a  Cr48  to play with. After being a linux sysadmin for the better part last decade, I tried to do what every honest sysadmin would try. To root it. I couldn't even get a bash prompt. Ctrl-Alt-T gives a shortcut to something called crosh  which is basically a limited command-set shell. I tried a series of injection based and chrome extension based attacks and was still no where closer to the dream after 2 hours. I further read that if the box ever gets compromised in a bad way, there are ways it can detect it, which will automatically trigger an OS refresh at the next bootup. Thats when I realized that I Cr48 is an an extension to the idea of browser sandbox which makes an attempt to create a secure and stable browser experience. With Cr48, even if your OS is compromised, the detection, refresh and replace is so fast that its almost like a crashed browser tab which is replaced with a fresh new one. A few weeks ago I stopped visiting one of the news websites I loved to