Having read all the concerns on here, and having worked with field officers from State, I think some folks have pointed out some great things to work on, but State is still making the right decision. We can secure buildings reasonably well, even in very dangerous parts of the world where we are the prime targets by a factor of 10.
Securing the best vehicle for navigating the network has proven quite a bit harder. Keep in mind, State is quite small compared to some other agencies, and most people with secrets are pretty sharp, and they are working infinitely more with information than with physical security.
Also, if we have stuff that obviously needs to be heavily secured, we use other networks.
For the NIPRnet, firefox_vs_opera_vs_ie.jpg remains fairly relevant: http://imgur.com/SYgZ5
I've worked at government agencies (recently) that banned all "third party browsers". Compared to that kind of policy, I think choosing Chrome is wonderful.
While this is a great step forward, it could be rendered pointless if auto-updating is disabled and updates are not pushed out quickly after going through an approval process. Given how quickly Google pushes out major updates, old versions of Chrome could simply be as prevalent as old versions of IE, with little long term benefit.
Great step forward for whom? Is it meaningful at all that the US State Dept is letting people use Chrome now? Is this going to push adoption of modern browsers in other circumstances? Remember, the State Dept has a massive group of people that are working and monitoring social media and the like, so their people were probably clamoring extra loud for this.
> Remember, the State Dept has a massive group of people that are working and monitoring social media and the like, so their people were probably clamoring extra loud for this.
Every company probably has people clamoring for modern browsers. Don't sites like Facebook and Gmail no longer function under older versions of IE? Those versions are particularly prevalent at megacorps.
Wait - these people aren't allowed to just install Chrome if they choose? (I'm a student and have no idea what working at a big corp/for the government is like)
Nope - they don't have an administrator account and installing unsupported software isn't allowed. You can't really manage or secure a sizable number of seats without those rules.
I think it's more the point that places where IE has remained due to policy, may be coming around to realize that the security and performance of Chrome is worth the lessened ability to control every aspect of their users' browsing experience.
If the State Department is comfortable with their employees using Chrome, why not [insert random business/organization still clinging to IE out of tradition/"security"].
"No doubt, the State Department will officially adopt Facebook at about the same time the revenue-challenged site follows Friendster into social networking oblivion"
I read a lot of stuff, every day, about how evil google and its chromey thing steal all our personal information and use it to advance their super villain take over of the world.
So, um, why would any body bothered by security want to use google?
Google with Evil turned up to 11 is trying to serve you more adverts. State is more interested in the fact that Google is having to offer hackers more money to hack Chrome in pwn2own. Last year they didn't even try.
"Google’s Chrome Web browser managed to remain untouched. In fact, Computer World reported that nobody even attempted to crack into Google Chrome , despite the $20,000 Google offered to anyone who could successfully exploit it."
And there wasn't interest with a 25+% install share on the web?
Not sure what you are trying to get at with your post? Are you implying that NaCL is vulnerable because of it's nature and now will be an major attack vector?
But NaCL in my view can be made(or already is in my opinion) solid and with more focus will become safer and coupled with fast updates, it should make it a lot less of an issue as Flash or ActiveX vulnerabilities have been.
considering that a flash movie embedded in an excel document is what took down RSA, I don't think NaCl is going to be moving much on the priority list of places to look for vulnerabilities.
One notable point: If they're using Chrome, they could actually uninstall flash on all the computers since chrome utilizes their own, embedded version.
As far as I know, NaCl is still only enabled for very manually installed Chrome Web Store apps. If they want to target the tiny niche of developers that have free-for-all NaCl turned on, well, have at it.
It still has a pretty serious security hole: Passwords are visible in plain text. A quick trip into "Personal Stuff" and "Manage saved passwords..." is all you need in order to expose this info.
I ran a quick test. Without straining much, you can click the "show" button on about 40 passwords in one minute. A quick Ctrl+P and the entire list is printed in plain text! It probably wouldn't take much longer than that to email it or transmit the plain text list via some other method.
If you have three to five minutes on someone's workstation you can walk away with the login information for absolutely everything they've done through the browser, banking, social, email, whatever.
What sucks is that people have been very vocal on the Chrome support forum about this particular issue and, well, they've been summarily ignored.
Maybe I'm missing something fundamental here but I just can't understand why Google would leave this huge gaping hole in there. It can't be that hard to at least provide one more layer of security. You should not be able to see any passwords without a master password.
I've looked at some of the arguments pointing out that this could provide a false sense of security. My point (and that made by countless others) is very simple: The way it works today a ten-year-old could steal all of your passwords inside of five minutes without even having to work very hard. A layer or two of security would make it so that a far more knowledgeable and seriously involved process (or spying software) would have to be utilized to steal your stuff. I vote for option #2.
I use Chrome as my primary browser, but I am not a civil servant at a government office. I am keenly aware of the security hole.
That said, I don't recommend it to family and friends because a non-techie will screw themselves in an instant with this browser. Imagine Uncle Pete taking his laptop to be serviced and having all of his personal login data fully exposed to the 17-year-old pimple-faced kid at the computer shop. Terrible stuff.
Google: Please fix this before it becomes the source of embarrassment and huge personal loss to lots of people.
User access to user settings is not a "security hole". And I don't think there is a way to protect your logged in, unattended session without demolishing productivity. If you walk away from your computer, lock it. I would expect the State Department to have some protections in place (proximity cards, mandated timeout settings, etc) when actual privileged information is concerned and being accessed.
Yes, it would probably be nice if Chrome had the kind of protection of passwords database with a master password that Firefox does. But it still isn't a "security hole".
Also, as has been written before (and in that chrome bug, I believe), it's trivial to hack the Firefox master password if you are at the physical machine, to say nothing of browser history, account cookies, etc that are stored in the clear.
It might be a good UI change, but agreed that it isn't the kind of "security" that the State Department is concerned about.
I believe Chrome does use Keychain on OS X. The problem is people click the "always allow" access button the first time Chrome tries to access an already stored password, they enter their password, and then the user isn't prompted anymore. Your passwords are safe and encrypted...Chrome can just display them when it's open because it has access, as the user instructed.
Right, and the whole office scenario is even scarier than the "Uncle Pete at the computer shop" scenario. In non-techie offices --say, the doctor's office, dentist, the local real-estate shop, whatever-- people don't have a clue about security. And, they have even less of a clue about Chrome being so dangerous. Imagine everyone going out for lunch and leaving their computers unattended (and unlocked).
Given that scenario, someone up to no good who stays behind with the express purpose of stealing personal data can have a treasure trove of information by the time everyone is back. And --again, this is my biggest point-- they don't have to be a hacker to do this. All they have to do is point and click and they got everyone's data (and the businesses data as well).
It's about time that Google fix this so that it actually requires some skill and effort to steal your data.
This is also one of the reasons none of my notebooks have Chrome. Imagine loosing it or having it stolen.
How is it not a security hole? Does it not expose critical data with ease?
Walking away from an unlocked machine isn't the only scenario that would expose personal login data this way.
Also, my post refers to a more general use of Chrome. I would hope that a government installation might have several layers of security on top of any application in order to prevent these holes from being exploited.
The "Uncle Pete" example is a very real and plausible scenario.
The fact that nearly anything on a computer is hackable isn't the point either. I kind of draw the line at the stage where a precocious ten year old can steal your data while jumping on one foot and whistling the latest Lady Gaga song with one hand tied behind his back and one eye closed.
If that doesn't define a security hole I don't know what would.
As others have pointed out - the problem is not locking your machine when you leave it alone. Suppose that you're using whatever browser that you think does this right, and an adversary gets unencumbered access to the machine because you didn't lock it while you were away. How much protection do you think FireFox or whatever is going to provide relative to the keylogger that is now running on the box?
It's not a slam dunk that Chrome would be better if it had a master password anyway given that rarely used passwords tend to be forgotten quickly, and no one wants Chrome to inflict us with some Vista UAC clone.
Finally, it's extremely annoying to read hyperbolic comments in which the author responds to criticism by redirecting to some irrelevant corner case viz "my post refers to a more general use of Chrome". If that were really the case, then why "the sky is falling" tone in the original post?
With Chrome in "civilian" hands by the millions the sky could very well be falling.
How many pieces of software on a typical computer hold information that, if it got into the wrong hands, could literally ruin somene's life? For the average Internet user the browser is the only answer. I can't understand why it is that it is wrong to demand at least enough access difficulty to frustrate a smart ten year old.
Here's the other problem: Google, as far as I know, does not make the user aware of the potential exposure. This can't be good.
Yes it is if you lose a laptop on a train or in a taxi your fucked - chrome still exposes passwords en clair FS amateur night or what.
Of course unless you want to play the oldest trick in the book the "lost despatches trick" (see operation mincemeat for a ww2 example) it might be an advatage :-)
Adding a master password would be fairly trivial, but we specifically chose not to because it endangers users by creating false sense of security. Anyone with access to your account can trivially get at your saved passwords in any browser. Hiding this fact only encourages careless behavior on the part of users, who will naively assume it's unnecessary to lock the machine.
Simply put, if you let someone have unrestricted access to your account, then it's not your account anymore. There's nothing the browser can do to change that. If you need further clarification, I encourage you to read through the bugs filed for this request:
I think this is part of a class of problems that delegate th responsibility of protecting data to the user. I find myself facing similar issues with my wifi for instance. In Ubuntu, showing your wifi password is also trivial and it does not prompt for a master password. that 17 kid will have uncle pete's data and free wifi.
I agree with you but there's probably a big difference between your typical Linux user and "Uncle Pete" caricature.
Up until browsers it is unlikely that a single piece of software on millions of computers held the keys to someone's entire personal and financial life. Sure, some --few-- people might have kept that data in unencrypted text files, but it is probably fair that this was ver, very rare.
Today millions store access data to everything they do on the net, from financial to social, in their browsers.
Is it too much to ask that browser makers take the stuff seriously and give the user the option to protect this data?
Give the techies the option to turn it off if they wish. For uncle Pete it should be turned on by default.
I dont see how your approach will solve problem. If anything, it will further alienate normal users and portray the solution as requiring a minimum level of geekness.
I imagine that the answer is "less so than Microsoft is". What is with the hellish trolling on this story? Did every shill for IE get some kind of bat signal?
Securing the best vehicle for navigating the network has proven quite a bit harder. Keep in mind, State is quite small compared to some other agencies, and most people with secrets are pretty sharp, and they are working infinitely more with information than with physical security.
Also, if we have stuff that obviously needs to be heavily secured, we use other networks.
For the NIPRnet, firefox_vs_opera_vs_ie.jpg remains fairly relevant: http://imgur.com/SYgZ5