Five reasons Google Chrome OS Security Wins

Posted by admin on Nov 25th, 2009 and filed under NEWS, SOFTWARE. You can follow any responses to this entry through the RSS 2.0. You can leave a response or trackback to this entry

google-chrome-os

They use a phrase to describe this design philosophy that I think every developer should have tattooed on their hands: “The perfect is the enemy of the good.” In other words, Google won’t waste its time on trying to find some perfect system that only exists in fantasy. Instead, Google is spending time on making the best practical security system. This is how it plays out

1. Harden the operating system

Chrome developers are using a variety of Linux security techniques to minimize how much system access any given program will have and to reduce the number of exposed attack surfaces. In addition, Chrome OS is adopting a defense in depth (PDF Link) approach. The core idea here is that you use multiple layers of security so even if someone breaks in at one point, they’re faced with yet another security barrier.

Google is using multiple methods to harden Chrome, but I’m going to glance at just two here. One, namespaces (PDF Link) is rather old. The other, cgroups (Control Groups), is quite new, but the pair have similar goals. In each, the idea is to isolate a hierarchical collection of tasks, cgroups, or a set of processes, and process trees, namespaces, from unlimited access to the system.

via itworld.com

Reblog this post [with Zemanta]

  • Share/Bookmark






Leave a Reply

Get Adobe Flash playerPlugin by wpburn.com wordpress themes
toolbar powered by Conduit

eXTReMe Tracker