Chrome Blog
The latest news from the Google Chrome team
Chromebook security: browsing more securely
Friday, July 29, 2011
In the past, we’ve written a good deal about the Chrome sandbox and
other security features
that we built into the Chrome browser. These features demonstrate the Chrome team’s overall focus on providing usable security even as we continue our rapid development work on the project.
Chromebooks take Chrome and its core values (simplicity, speed and security) and apply them to our own operating system infrastructure. The result is a multi-layered set of defenses which boosts the security of Chromebooks against malicious software that could compromise and linger on the system. While no software is perfect or completely secure, we believe we’re taking an important step forward.
Let’s take a quick look at some of the Chromebook security features that, when paired with
good web hygiene
, make it easier to browse the web safely. (We’re already handling updates and malware resistance on the Chromebook automatically!)
Baked in, seriously
Our security model is rooted in two pieces of hardware that ship with every Chromebook: a custom firmware chip and a
Trusted Platform Module
(TPM). The custom firmware chip consists of two parts: a
read-only firmware
and a read-write firmware that can be updated. When you press the power button, our read-only firmware starts a process we call
Verified Boot
. It uses an embedded 8192-bit
RSA
public key to verify the cryptographic signature on the read-write firmware.
After the read-only firmware verifies and runs the read-write firmware, the latter performs a similar verification operation on the operating system kernel before running it. The operating system kernel will then
continue the verification process
as it loads all of the system software, like Chrome.
The goal of Verified Boot is to provide cryptographic assurances that the system code hasn’t been modified by an attacker on the Chromebook. Additionally, we use lockable,
non-volatile
memory (NVRAM) in the TPM to ensure that outdated signatures won’t be accepted. To put this into perspective, the system does all this in about 8 seconds.
If you don't want to boot Google-verified software — let's say you
built your own version
of Chromium OS — no problem. You can flip the
developer switch
on your device and use the Chromebook however you'd like. It’s yours, after all!
Up-to-date, automatically
Since no software offers perfect security (and we all want new features too), Chromebooks include an
automated update system
that is modeled on
Chrome’s popular auto-updater
. The updater checks with the server securely and downloads updates when they become available. It keeps the
system updated against emerging threats
and allows for new features to be rolled out seamlessly. Since every Chromebook keeps two copies of the operating system, it's easy to update and then switch to the new version without interrupting your normal flow. In addition, it allows for the Chromebook to revert to the known working version if there are any problems during the update.
Signing in, with confidence
Signing in to the Chromebook is as simple as using your Google Account. The first user of a Chromebook can
determine
who else is allowed to sign in or choose to keep her machine open for anyone to sign in. In addition, every user has a private, encrypted store which means that, if you share your Chromebook, other users won’t be given access to your data. The encrypted store is implemented using the Linux kernel's
eCryptfs
with keys that are protected by the TPM.
Or don't sign in at all
Chromebooks also offer the ability to browse without signing in. We call this function Guest Mode. When Guest Mode is used, Chrome runs with the usual privacy measures of
incognito mode
, but none of the browsing data, including downloads, will stick around. When you exit Guest Mode or reboot your Chromebook, the browsing data is deleted.
A helping hand, even when things go wrong
While we're dedicated to pushing the envelope with Chromebook security, we want to also be prepared in case something unexpected happens. That's why the read-only firmware included in every Chromebook also provides a recovery mode. Recovery mode lets you install a fresh, up-to-date version of the operating system from a recovery device plugged into the USB port. That means that if an attacker manages to install malicious software, you can use recovery mode to help remove it and return your Chromebook back to the way it was.
Getting better over time
Experiencing the web securely, on any platform and with any browser, is a combined matter of the underlying infrastructure, browser design, and user action. How is data stored? Who and what can access that data? How does the user participate in these decisions?
With Chromebooks and Chrome, we’ve made advances in the security infrastructure of the operating system and the browser that should allow you to browse the web more comfortably. Beyond what we’ve discussed here so far, we continue to improve features like our
Safe Browsing API
and our
extensions model
that help protect users from malicious web content.
As a savvy web user, you’ll still want to think carefully before you enter your username and password into a suspicious website, or before you grant broad
data access
to an unfamiliar extension. Remember, it never hurts to follow
these tips
for staying safe on the web.
Security is an ongoing effort, and we aren’t stopping here! Keep your eyes open for more usability and security advances from Chrome and Chromebooks.
Posted by Will Drewry and Sumit Gwalani, Chromebook Security Team
Labels
3d
53
accessibility
apps
chrome
Chrome Blog
chrome for a cause
chrome notebook
chrome os
chrome web store
chromebook
college basketball
cr-48
demo lab
demolab
extensions
Flash
google cloud print
googlenew
holidays
HTML5
instant
lab tech
mac
web apps
webgl
webrtc
Archive
2016
Sep
Aug
May
Apr
Mar
Jan
2015
Dec
Nov
Oct
Sep
Aug
Jun
May
Apr
Mar
Feb
Jan
2014
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2013
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2012
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2011
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2010
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2009
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feed
Google
on
Follow @googlechrome
Follow
All things Google Chrome
Download Chrome
Download Chrome for Mobile
Chromium Blog
Chromium homepage