Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
AZ Huang <aitjcize@gmail.com>
Chromium OS
What is Chromium OS?
Chromium OS
Features
● Fast booting (only on Chromebook ;)
○ Boot within 5 seconds!
○ Customized firmware + bootloader:
■ Firmware(i.e...
Security: Web Apps?
● Chrome extensions:
○ Pure HTML5
○ With NaCl: Native Client binary
■ Sandboxed environment
■ Small pe...
ARC: App Runtime for Chrome
● Currently only supports for apps (officially):
○ Duolingo - A fun and free way to learn a ne...
ARC: App Runtime for Chrome
● Hack: vladikoff/chromeos-apk
○ Run other Apps on Windows/Linux/MacOS
Security
● But every piece of software has bugs …
○ Browser loopholes?
○ Sandbox is penetrated?
● OS modified, data stolen...
Security: Verified Boot
● How can I prevent firmware/filesystem/kernel
being modified by malware?
RO
firmware
(root key)
R...
Security: Filesystem Verifying
● Linux: dm-verity
Security: Verified Boot
● What if firmware / kernel / filesystem actually
got modified?
● Have a duplicate of everything!!...
Security: Verified Boot
● With verified boot, filesystem is read-only?
What about user data?
○ Stateful partition
Filesyst...
Security: A copy of everything?
● Benefits:
○ AU(Auto update) can be done in another copy.
○ If AU failed, we can always f...
Boot Priority
Physical Security
● What if someone grab your device, can he
read the files (browser cache/bookmarks…)?
● Stateful partiti...
Hacking Chromium OS
● Crouton: Chromium OS Universal Chroot
Environment
○ Run Ubuntu(chroot) on Chromebook!
Hacking Chromium OS
● Chrbuntu:
○ Booting with ChromeOS kernel + any rootfs
○ You still need kernel modules under /lib/mod...
Hacking Chromium OS
● Chromium OS SDK:
○ A Gentoo chroot environment
● Become a chromium OS developer!
○ http://www.chromi...
Thank you!
Chromium OS Introduction
Chromium OS Introduction
Upcoming SlideShare
Loading in …5
×
Upcoming SlideShare
EMSCRIPTEN: 將應用快速 PORT 到 JAVASCRIPT 上的神物
Next
Download to read offline and view in fullscreen.

12

Share

Download to read offline

Chromium OS Introduction

Download to read offline

Code & Beer #12
Chromium OS Introduction
https://code-beer.hackpad.com/WtAf9qA1qOx#:h=#12-Chromium-OS-Introduction

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all

Chromium OS Introduction

  1. 1. AZ Huang <aitjcize@gmail.com> Chromium OS
  2. 2. What is Chromium OS? Chromium OS
  3. 3. Features ● Fast booting (only on Chromebook ;) ○ Boot within 5 seconds! ○ Customized firmware + bootloader: ■ Firmware(i.e. BIOS): coreboot ■ Bootloader: depthcharge ● Simple and Safe: ○ Security: browser sandbox + verified boot ● Based on Gentoo ● Has keyboard!
  4. 4. Security: Web Apps? ● Chrome extensions: ○ Pure HTML5 ○ With NaCl: Native Client binary ■ Sandboxed environment ■ Small performance overhead ● Android Apps?
  5. 5. ARC: App Runtime for Chrome ● Currently only supports for apps (officially): ○ Duolingo - A fun and free way to learn a new language before your next trip ○ Evernote - Write, collect and find what matters to you, with a full-size keyboard and touchscreen ○ Sight Words - A delightful way for you to help improve your child's reading skills ○ Vine - Create short, beautiful, looping videos in a simple and fun way
  6. 6. ARC: App Runtime for Chrome ● Hack: vladikoff/chromeos-apk ○ Run other Apps on Windows/Linux/MacOS
  7. 7. Security ● But every piece of software has bugs … ○ Browser loopholes? ○ Sandbox is penetrated? ● OS modified, data stolen...
  8. 8. Security: Verified Boot ● How can I prevent firmware/filesystem/kernel being modified by malware? RO firmware (root key) RW firmware Verifies Kernel Filesystem Verifies Verifies
  9. 9. Security: Filesystem Verifying ● Linux: dm-verity
  10. 10. Security: Verified Boot ● What if firmware / kernel / filesystem actually got modified? ● Have a duplicate of everything!! Filesystem A Kernel A RW firmware A RO firmware Kernel B RW firmware B Filesystem B Boot Boot
  11. 11. Security: Verified Boot ● With verified boot, filesystem is read-only? What about user data? ○ Stateful partition Filesystem A Kernel A Stateful partition (stores user data) Filesystem B Kernel B Filesystem C Kernel C Reserved, not used for now OEM Encrypted
  12. 12. Security: A copy of everything? ● Benefits: ○ AU(Auto update) can be done in another copy. ○ If AU failed, we can always fallback to the previous version. Filesystem A Kernel A Filesystem B Kernel B Currently Booting AU Becomes default at next boot Boot failed? fall back to the previous version
  13. 13. Boot Priority
  14. 14. Physical Security ● What if someone grab your device, can he read the files (browser cache/bookmarks…)? ● Stateful partition is encrypted ○ Key stored in TPM ● TPM: Trusted Platform Module: ○ Preventing firmware version rollback ○ Store user data encryption keys ○ Protect certain RSA keys
  15. 15. Hacking Chromium OS ● Crouton: Chromium OS Universal Chroot Environment ○ Run Ubuntu(chroot) on Chromebook!
  16. 16. Hacking Chromium OS ● Chrbuntu: ○ Booting with ChromeOS kernel + any rootfs ○ You still need kernel modules under /lib/modules ;) ○ http://chromeos-cr48.blogspot.fr/ ○ http://askubuntu.com/questions/356243/true-ubuntu- on-chromebook-arm-samsung
  17. 17. Hacking Chromium OS ● Chromium OS SDK: ○ A Gentoo chroot environment ● Become a chromium OS developer! ○ http://www.chromium.org/chromium-os ○ http://chromium-review.googlesource.com
  18. 18. Thank you!
  • hoonkyungpark1

    Sep. 18, 2019
  • hczcolin

    Nov. 28, 2015
  • bestlong

    Mar. 25, 2015
  • mshang5

    Feb. 25, 2015
  • qqorth

    Jan. 26, 2015
  • lh132

    Jan. 25, 2015
  • milksleisure

    Jan. 24, 2015
  • sarshia1

    Jan. 24, 2015
  • syuusyou

    Jan. 24, 2015
  • longbao738

    Jan. 24, 2015
  • TheVansonLin

    Jan. 24, 2015
  • immeisheep

    Jan. 24, 2015

Code & Beer #12 Chromium OS Introduction https://code-beer.hackpad.com/WtAf9qA1qOx#:h=#12-Chromium-OS-Introduction

Views

Total views

9,509

On Slideshare

0

From embeds

0

Number of embeds

5,971

Actions

Downloads

58

Shares

0

Comments

0

Likes

12

×