Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Chromebooks for Risky Situations?

Rich Kulawiec rsk at gsp.org
Wed Feb 6 07:52:23 PST 2013


On Wed, Feb 06, 2013 at 10:24:28AM -0500, Tom Ritter wrote:
> - ChromeOS's update mechanism is automatic, transparent, and basically
> foolproof.  Having bricked Ubuntu and Gentoo systems, the same is not
> true of Linux.

Concur on this point, and wish to ask a related question:

Many operating systems and applications and even application extensions
(e.g., Firefox extensions) now attempt to discover the presence of updates
for themselves either automatically or because a user instructs them to do.
Is there any published research on the security consequences of doing so?
(What I'm thinking of is an adversary who observes network traffic
and thus can ascertain operating system type/version/patch level,
installed application base/version/patch level, etc.)

---rsk



More information about the liberationtech mailing list