As computer security guru Bruce Schneier likes to say, “Security is a process, not a product.” He was proven right again when Google announced that, while its Linux-based Chrome OS hadn’t been cracked in its Pwnium Chrome OS contest, one hacker was successful in creating an an unreliable exploit.
Specifically, the hacker known as Pinkie Pie, who cracked the Chrome Web browser on Windows last year in Google’s security contest, “submitted a plausible bug chain involving video parsing, a Linux kernel bug and a config file error. The submission included an unreliable exploit demonstrating one of the bugs.”