Revealed: Chrome Really Was Exploited At Pwnium 2013

← Back to Stories (view on slashdot.org)

Revealed: Chrome Really Was Exploited At Pwnium 2013

Posted by timothy on Tuesday March 19, 2013 @01:29AM from the for-some-values-of-exploited dept.

Freshly Exhumed writes with an "inconvenient truth" as reported at Internet News: "Google Chrome running Chrome OS was hailed as being a survivor in the Pwnium/Pwn2own event that hacked IE, Firefox and Chrome browsers on Windows. Apple's Safari running on Mac OS X was not hacked and neither (apparently) was Chrome on Chrome OS. Google disclosed [Monday] morning that Chrome on Chrome OS had in fact been exploited — albeit, unreliably. The same researcher that took Google's money last year for exploiting Chrome, known publicly only as 'PinkiePie' was awarded $40,000 for exploiting Chrome/Chrome OS via a Linux kernel bug, config file error and a video parsing flaw." Asks Freshly Exhumed: "So, was it really Google Chrome, or was Linux to blame?"

2 of 102 comments (clear)

Min score:

Reason:

Sort:

Re:Linux or Chrome? by R.Mo_Robert · 2013-03-19 01:41 · Score: 5, Interesting

So, was it really Google Chrome, or was Linux to blame
Wasn't it both? They're both a component in the same vector.
If only there was "article" you could read that might tell you. From TFA: The same researcher that took Google's money last year for exploiting Chrome, known publicly only as 'PinkiePie' was awarded $40,000 for exploiting Chrome/Chrome OS via a Linux kernel bug, config file error and a video parsing flaw. So, it sounds like Linux. Google fixed this by patching Chrome OS, not Chrome per se.

--
R.Mo
XEN para-virtualized browsers in Qubes OS by Burz · 2013-03-19 02:10 · Score: 5, Interesting

The browser is a rather complex beast and there is probably no way that the application itself can ensure system integrity... at least with any consistency.
Some of us are migrating our online activities to Qubes OS which is a desktop distro (I know...) that allows you to create App VM domains for things like "personal", "work", "unsafe", etc. and also a "disposable" one that gets reset on exit. Each domain of apps is displayed in window borders that have an associated color.
Taking it further, some of the commonly-attacked system components like the network stack are virtualized as well.
Qubes employs VT-x and VT-d/IOMMU hardware to allow you to operate different types of peripherals (like bluetooth) without incurring all of the risk they normally carry. Even device drivers are paravirtualized! So the attack surface that can be used against the core system (or any other domains in the system) is kept to a bare minimum.
An added benefit of this approach is that user activities are tracked somewhat less than normal (especially if you use disposable VMs).