Chrome Vulnerable To Hackers, Says Researcher [A Combination Of Factors, Including Extensions, Give The Chrome System Unusual Vulnerability In Tests]

Posted on TFTS by Steve Anderson on Thursday, 30. June 2011 under: Computers & Computing, PCs, Notebooks, Netbooks & Tablets

New research emerges today showing that the Chrome operating system may have some serious flaws on its hands that leave it unusually open to being hacked.

Matt Johansen out of WhiteHat Security started dropping the word on this one, saying that there was a flaw with an application in Chrome, which in turn let him seize control of a Google email account. Google, for its part, responded to the news of the flaw in rapid fashion and fixed it, but the WhiteHat Security researcher found other instances of the same flaw in other applications soon after.

The problem, based on reports, seems to revolve around Chrome’s use of extensions that can be downloaded from the Google Chrome Web Store, which in turn may allow hackers access to data that passes between a user’s system running Chrome and anything in a cloud storage due to the way Chrome treats an extension’s rights to access data.

Google, for its part, acknowledges the first issue with the extension that they repaired, but takes some issue with calling Chrome a “vulnerable” operating system over its use of extensions. Though in all honesty, I’m not seeing that to be the problem so much as the way some extensions work. It’s not that Chrome uses extensions, but that some extensions go a little too far when it comes to granting access to cloud storage data. Indeed, WhiteHat was quick to point out that it works with Google on a regular basis, and wasn’t trying to issue some kind of challenge to Google, just point out a possible flaw in the system, especially with regards to cloud storage, that could stand some addressing.

I find myself wondering if this will affect the way people regard the Chrome OS, and possibly dissuade some from using it. Chrome’s penetration into a marketplace already deeply entrenched by Microsoft and Apple, though, may prove a bit problematic to begin with, so they don’t need more issues. So I’ll open it up to you guys.

Do you think these potential issues will dissuade some possible Chrome users? Or do you think those who would use Chrome anyway probably already know about the security challenges in question? We always like hearing from you, so head on down to the comments section and tell us what you think!