Google Chrome Os And Its Security Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Google Chrome OS is an open source operating system designed by Google to work exclusively with web applications. Announced on July 7, 2009, Chrome OS is set to have a publicly available stable release during the second half of 2010. The operating system is based on Linux and will run only on specifically designed hardware. The user interface takes a minimalist approach, resembling that of the Chrome web browser. Because the browser will be the only application residing on the device, Google Chrome OS is aimed at users who spend most of their computer time on the Internet.

Work-in-progress reviews

At a November 19, 2009 news conference, Sundar Pichai, the Google vice president overseeing Chrome, demonstrated an early version of the operating system, which included a desktop that closely resembled the Chrome browser. However, beside the regular browser tabs, the interface also had application tabs, which take less space and can be pinned for easier access. The netbook running the operating system booted up in seven seconds, a time Google is working to improve.

On the same day, Google released Chrome OS's source code under the BSD license as the Chromium OS project. As with other open source projects, developers are modifying code from Chromium OS and building their own versions, whereas Google Chrome OS code will only be supported by Google and its partners, and will only run on hardware designed for the purpose. Unlike Chromium OS, Chrome OS will be automatically updated to the latest version. InformationWeek reviewer Serdar Yegulalp wrote that Chrome OS will be a product, developed to "a level of polish and a degree of integration with its host hardware that Chromium OS does not have by default," whereas Chromium OS is a project, "a common baseline from which the finished work is derived" as well a pool for derivative works. The product and project will be developed in parallel and borrow from each other.

Because Chrome OS and Chromium OS will share the same code base, early versions of Chromium OS give a preview of Chrome OS. The Chromium OS alpha release includes an applications page, launched by a button in the upper-left corner of the screen. The page links to Google-developed Web applications, including Gmail, Google Apps, Picasa, and YouTube, as well as other applications, including Yahoo mail, Pandora, Hulu, Facebook and Twitter. Chromium also provides a calculator, clock, battery indicator, and network status indicator. The function key F12 brings up a multi-window view, with the option to open additional browser windows and switch between them. The F8 key toggles a keyboard overlay that shows the function of all the shortcut keys, including task and memory managers comparable to those found on the Chrome browser, and a command-line interface that accepts common Linux commands.

Design goals and direction

3.1 User interface

Design goals for Google Chrome OS's user interface include using minimal screen space by combining applications and standard Web pages into a single tab strip, rather than separating the two. Designers are considering a reduced window management scheme that would operate only in full-screen mode. Secondary tasks would be handled with "panels": floating windows that dock to the bottom of the screen for tasks like chat and music players. Split screens are also under consideration for viewing two pieces of content side-by-side. Google Chrome OS will follow the Chrome browser's practice of leveraging HTML5's offline modes, background processing, and notifications. Designers propose using search and pinned tabs as a way to quickly locate and access applications.

3.2 Architecture

In preliminary design documents for the Chromium OS open source project, Google describes a three-tier architecture: firmware, browser and window manager, and system-level software and userland services.

The firmware contributes to fast boot time by not probing for hardware, such as floppy disk drives, that are no longer common on computers, especially netbooks. The firmware also contributes to security by verifying each step in the boot process and incorporating system recovery.

System-level software includes the Linux kernel that has been patched to improve boot performance. Userland software has been trimmed to essentials, with management by Upstart, which can launch services in parallel, re-spawn crashed jobs, and defer services in the interest of faster booting.

The window manager handles user interaction with multiple client windows much like other X window managers.

3.3 Hardware support

Google Chrome OS is initially intended for secondary devices like netbooks, not a user's primary PC, and will run on hardware incorporating an x86 or ARM. While Chrome OS will support hard disk drives, Google has requested that its hardware partners use solid state drives due to their higher performance and reliability, as well as the lower capacity requirements inherent in an operating system that accesses applications and most user data on remote servers. Google Chrome OS consumes one-sixtieth as much drive space as Windows 7.

Companies developing hardware for the operating system include Hewlett-Packard, Acer, Adobe, Asus, Lenovo, Qualcomm, Texas Instruments, Freescale and Intel.

In December 2009, Michael Arrington of TechCrunch reported that Google has approached at least one hardware manufacturer about building a Google-branded Chrome OS netbook. According to Arrington's sources, the devices could possibly be configured for mobile broadband and be subsidized by one or more carriers.

Market implication

When Google announced the Chrome browser in September 2008 it was viewed as a continuation of the battle between Google and Microsoft ("the two giants of the digital revolution"). As of December 2009, Microsoft dominates the usage share of desktop operating systems and the software market in word processing and spreadsheet applications. The operating system dominance may be challenged directly by Google Chrome OS, and the application dominance indirectly through a shift to cloud computing. According to an analysis by PC World, Google Chrome OS represents the next step in this battle.

In November 2009 Glyn Moody writing for the Linux Journal predicted that Google's market model for the Chrome OS will be to give the software and the netbook hardware that it will run on away for free, as a means of expanding its advertising-based model. He said: "The unexpected success of netbooks over the last two years shows there is a market for this new kind of computing; giving away systems for free would take it to the next level. Then, gradually, that instant-on, secure, secondary netbook might become the one you spend most time on, and Google's ad revenues would climb even higher...."

4.1 Relationship to Android

The successive introductions of Android and Google Chrome OS, both open source, client-based operating systems, have created some market confusion, especially with Android's growing success. Microsoft CEO Steve Ballmer accused his competitor of not being able to make up its mind. Google has downplayed this conflict, suggesting that the two operating systems address different markets, mobile and personal computing, which remain distinct despite the growing convergence of the devices. Co-founder Sergey Brin suggested that the two systems "will likely converge over time".

Five security technologies in Google Chrome OS

Chrome OS' reliance on a password is a major security problem, but in other ways it has great security. Here's why!

Google's Chrome OS has many virtues. Based on a solid foundation of Ubuntu Linux, it uses the Chrome Web browser as its interface to any and all applications. Chrome OS is also not so much a Windows replacement, as it's an attempt to get rid of the entire traditional idea of a PC desktop. If Google is successful with this, one big reason will be its vastly improved security.

Before I go into why Chrome OS will be much more secure than Windows, I have to point out that Google has one big, honking huge security problem to fix first: it's reliance on the fatally flawed login/password model. If they can beat that problem, then Chrome is likely to be most securing 'desktop' operating system we'll have ever seen. Here's why.

First, Google accepts that it's impossible to make an absolutely secure operating system. They use a phrase to describe this design philosophy that I think every developer should have tattooed on their hands: "The perfect is the enemy of the good." In other words, Google won't waste its time on trying to find some perfect system that only exists in fantasy. Instead, Google is spending time on making the best practical security system. This is how it plays out.

5.1 Harden the operating system

Chrome developers are using a variety of Linux security techniques to minimize how much system access any given program will have and to reduce the number of exposed attack surfaces. In addition, Chrome OS is adopting a defense in depth approach. The core idea here is that you use multiple layers of security so even if someone breaks in at one point, they're faced with yet another security barrier.

Google is using multiple methods to harden Chrome, but I'm going to glance at just two here. One, namespaces is rather old. The other, cgroups (Control Groups), is quite new, but the pair has similar goals. In each, the idea is to isolate a hierarchical collection of tasks, cgroups, or a set of processes, and process trees, namespaces, from unlimited access to the system.

So, using both techniques, when an application runs on Chrome its processes gets only as much access to the operating system as it needs to do its job. If the program doesn't need say to use the local file system, then it won't be able to read or write to files. You get the idea, by strictly limiting, what any given application can do to the over-all system that makes it that much harder for even a successful attack on a program to do much harm to the computer, the operating system, or other programs.

5.2 Sandboxing the operating system

All of the above makes it easier for Google to create an operating system where as many processes and operations as possible are 'sandboxed' from each other. Sandboxing is a common security technique and you often see it used in Web applets and the like. With Chrome, Google takes sandboxing to a new level.

For example, in future versions of Chrome OS say you have two Web pages up. One is a secured Web page that uses SSL (secure socket layer) to secure its Internet connection and the other is an ordinary Web page. On other operating systems you use the same TCP/IP network stack to access both of them. Not on Chrome OS you won't. Instead, each gets its own separate stack. So, even if a successful attack is made on the plain-Jane network stack, nothing happens to the secured link.

This is in stark contrast with Windows where application and process interoperability trumps security every time. Chrome OS will have program interoperability. Instead of doing it as Windows does at a low level, Chrome OS relies on mid-level IPC (interprocess communication) mechanisms), such as D-Bus and ICCCM (Inter-Client Communication Conventions Manual) and on higher, application level mechanisms such as those provided by HTML 5 for safer application and process interoperability.

5.3 Locking down the file systems

OpenBSD is generally regarded as the most secure general purpose operating system out of the box. Chrome OS will give it a run for its money though when it comes to file systems. In Chrome OS, everything that can be locked down in the file system is locked down.

Like what? For starters, the root partition, where software lives on Linux systems, is read-only. You can't add a program to it even if you tried. Oh, and your home directory?

Where you keep your files and settings? You can't put executable files or device drivers there either. When Google said that all Chrome OS applications would be Web applications, they weren't kidding.

Oh, and if something is wrong with the data from a Web application? The plan is to minimize the damage from poisoned data by restricting data from each Web domain to its own local storage and then controlling access to that data at a process level. Here again we see the idea of sandboxing to prevent attacks from spreading making its appearance.

5.4 Secured, automatic updates

An eternal problem with most operating systems is that if a user doesn't choose to update the system, they're vulnerable to the very next attack to come down the road. Or, even more annoying, you can be stuck patching and patching again until the vendor gets it right.

With Chrome OS that's not a problem. You turn on your computer and it gets the newest patches. Something goes wrong with your computer? The entire operating system is replaced with the latest patches included. A new zero-day exploit comes out? Chrome OS auto-updates to fix it as soon as possible rather than waiting for the next monthly Patch Tuesday.

5.5 Verified boot

Do you know if your computer is secure when you boot it up? Probably no. But, you will with Chrome OS. Every time you start a Chrome OS based device, it will check first its firmware and then start checking its core programs for unauthorized changes as you start using the system. If it finds any, it will tell you about a potential security problem and how to restore the system to a new, good version of the operating system.

No fuss, no muss, and from what I can see of the design it looks like it will also put a real road-block even in the way of a cracker who had stolen your device and is trying to break into it.

All-in-all, Google Chrome OS security is outstanding... once you get pass that login/password problem. If Google can come up with a fix for that, then we may well be looking at the more secure desktop operating system that's ever showed up.