January 20, 2011

CR48/ChromeOS - From browser sandbox to browser-in-a-hardware sandbox

I finally got a Cr48 to play with. After being a linux sysadmin for the better part last decade, I tried to do what every honest sysadmin would try. To root it. I couldn't even get a bash prompt. Ctrl-Alt-T gives a shortcut to something called crosh which is basically a limited command-set shell.

I tried a series of injection based and chrome extension based attacks and was still no where closer to the dream after 2 hours. I further read that if the box ever gets compromised in a bad way, there are ways it can detect it, which will automatically trigger an OS refresh at the next bootup.

Thats when I realized that I Cr48 is an an extension to the idea of browser sandbox which makes an attempt to create a secure and stable browser experience. With Cr48, even if your OS is compromised, the detection, refresh and replace is so fast that its almost like a crashed browser tab which is replaced with a fresh new one.

A few weeks ago I stopped visiting one of the news websites I loved to visit for my daily news fix on indian Politics. This site was ridden with virus/malware, some of which were not caught in time and had infected my computer multiple times before. Thanks to Cr48 I can start visiting this news site again without being afraid.