|
|
|
|
|
|
by londons_explore
1790 days ago
|
|
|
Chrome OS is probably the most secure system to use from an exploit perspective. Just never install an Android app on it (that feature doesn't have the same guarantees as the rest of the system), and preferably use a guest account on it (that's how they run it in security competitions) You basically have to break four layers to exploit that. You have to break the web renderer, then out of the browser sandbox, then you need to exploit the kernel to be able to write outside the (non persistent) guest account storage, then you need to exploit the firmware/secure boot chain so secure boot doesn't detect your modifications to the filesystem when the system next boots. |
|
|