Feeds

Google Chrome OS: Too secure to need security?

Confident anti-virus-less chocolateers may be repeating Apple's mistakes

Security for virtualized datacentres

I'm not telling you my mantra...

"How often did the mantra that MacOS was immune to malware need to be repeated until the vast majority of users believed it and continue to do so, even after Apple went as far as incorporating rudimentary AV software into MacOS," Ferguson writes.

"Criminal activity extends far beyond file-based threats, encompassing social engineering, phishing, social networks and email borne threats. The palette is continually expanding and the techniques are continually evolving. To assure your customers that they will not have to deal with online cybercrime simply by switching OS is foolish to say the least," he concludes.

We put Ferguson's arguments to Google, which pointed us towards documents arguing that the security of Chrome networks doesn't rely on any one component (such as sandboxing), but rather "defence in depth", which it claims is better than existing models.

Chromebooks use the first operating system designed with this ongoing threat in mind. It uses the principle of "defense in depth" to provide multiple layers of protection, so if any one layer is bypassed, others are still in effect. So while it's still important to take precautions to protect your data, Chromebooks let you breathe just a little bit easier.

Google let the dig that it was adopting the "security arrogance" of Apple slide, perhaps wisely. While Google's re-imaging of security architectures is welcome, it is unlikely that security problems will change, much less disappear, with wider adoption of the operating system. Google has earned plaudits from the security community for the superior stability and security of its Chrome browser as compared to Firefox. However, the recent rash of Trojans infecting Android devices has drawn criticism. Eugene Kaspersky, for example, has even gone so far as to describe Android as the new Windows.

Whether Chrome OS more closely represents its browser namesake or Android in terms of security will do much to determine the overall security landscape over coming years.

A security overview of Chrome OS can be found here. Ferguson's analysis is here. ®

Security for virtualized datacentres

More from The Register

next story
Just don't blame Bono! Apple iTunes music sales PLUMMET
Cupertino revenue hit by cheapo downloads, says report
The DRUGSTORES DON'T WORK, CVS makes IT WORSE ... for Apple Pay
Goog Wallet apparently also spurned in NFC lockdown
Cray-cray Met Office spaffs £97m on VERY AVERAGE HPC box
Only 250th most powerful in the world? Bring back Michael Fish
Microsoft brings the CLOUD that GOES ON FOREVER
Sky's the limit with unrestricted space in the cloud
'ANYTHING BUT STABLE' Netflix suffers BIG Europe-wide outage
Friday night LIVE? Nope. The only thing streaming are tears down my face
IBM, backing away from hardware? NEVER!
Don't be so sure, so-surers
Google roolz! Nest buys Revolv, KILLS new sales of home hub
Take my temperature, I'm feeling a little bit dizzy
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
Simplify SSL certificate management across the enterprise
Simple steps to take control of SSL across the enterprise, and recommendations for a management platform for full visibility and single-point of control for these Certificates.