Five reasons Google Chrome OS Security Wins
- Wednesday, November 25, 2009, 5:17
- NEWS, SOFTWARE
- Add a comment
They use a phrase to describe this design philosophy that I think every developer should have tattooed on their hands: “The perfect is the enemy of the good.” In other words, Google won’t waste its time on trying to find some perfect system that only exists in fantasy. Instead, Google is spending time on making the best practical security system. This is how it plays out
1. Harden the operating system
Chrome developers are using a variety of Linux security techniques to minimize how much system access any given program will have and to reduce the number of exposed attack surfaces. In addition, Chrome OS is adopting a defense in depth (PDF Link) approach. The core idea here is that you use multiple layers of security so even if someone breaks in at one point, they’re faced with yet another security barrier.
Google is using multiple methods to harden Chrome, but I’m going to glance at just two here. One, namespaces (PDF Link) is rather old. The other, cgroups (Control Groups), is quite new, but the pair have similar goals. In each, the idea is to isolate a hierarchical collection of tasks, cgroups, or a set of processes, and process trees, namespaces, from unlimited access to the system.
via itworld.com
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=559fea92-ce0f-4b64-8516-e4f11aabd8ad)
About the Author
admin has written 2448 stories on this site.
Write a Comment
Gravatars are small images that can show your personality. You can get your gravatar for free today!