Google Says: Bet You Can’t Hack A Chromebook

google-logoWe have been recommending the Google Chromebook to our clients for use as a dedicated online banking system.  The reason we like this platform even more than a Linux LiveCD boot disk is that because the Chrome operating system simply supports the operation of the notebook itself, and the Chrome browser.  That’s it.  There is not a way to install any programs to a Chromebook.  All applications have to be cloud based (like Office 365), and accessed through the browser.  This means that there should be no way to install malware to a Chromebook either.

Last year Google offered a $50,000 prize to anyone who could demonstrate a Chromebook breach, and the money went unclaimed.  This year the bounty is $100,000.

Researching this a bit on the web, it does appear that there is a hack that would allow a Chromebook owner to install Android phone apps on a Chromebook.  Presumably, because these come from the Google Store, there should be a low risk, but this does seems to offer some sort of portal onto these systems.

Nonetheless, we are still standing by our recommendation:  If you bank online, use a Chromebook dedicated to that purpose.  Never, ever read email on your banking system.  And do not try out the Android App hacks, either.  If you use a little operational security and self-discipline, you should be able to avoid losing your bank balance to cyber-criminals running banking Trojan exploits.

More Information:

0

About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.