Jump to content
gcooke

A Web App as a desktop?

Recommended Posts

gcooke

So I saw thing article linked on Twitter and the article itself has nothing to do with security but it got me thinking. A whole desktop build off of google chrome and made to run/launch and connect you to your web applications. It sounds like a nifty web application then a desktop to me in someways. So my question to you all is this do you think it will be exploitable as a web application is or will/would we need to take more of a normal network approach to test and get into a system running this?

I'm almost thinking the great strength of this is how it is leveraging of apps and social media may also be the downfall of security for it?

Curious what you all think of this and how a hybrid/cloud like system would best be tackled.

http://www.zdnet.com...http://www.zdnet.com/blog/open-source/splashtop-linux-for-windows-users/8379?tag=mantle_skin;content

In a quick addition here...

http://mashable.com/2011/03/01/android-malware-apps/

21 apps pulled for malware, seems like the link to all those apps through google could be an open door.

Share this post


Link to post
Bluntlee

I don't know to much about the inner workings of this app, but my theory would be to treat it like a web browser. If anything it makes an interesting attack surface.With all this social media, I could see this technology catching on fast as more and more people have to make their facebook post and their tweets, jumping right to the web makes sense.

Share this post


Link to post
z_wmiller

I've read a number of articles about chrome and keeping your data in 'the cloud'. From a 'personal' security perspective I think it's an incredibly bad idea.

Firstly, assuming you reside in the US, the rights afforded to an individual are different depending on ‘where’ that data resides. If you keep that data on your property then the fourth amendment applies. If you keep that same data in ‘the cloud’ (some company’s computer systems, etc..) it can be more easily acquired by the government (personal rights do not apply).

Secondly, the issue of ‘trust’ comes into play. Do you (or anyone else) really trust that businesses will act in ‘your’ best interests when it comes to protecting your data? It may become more ‘convenient’ to allow companies to manage your data but that convenience comes with a price: loss of control. In addition, I’ve always been a firm believer in decentralization—this may require more effort on the part of the individual but it also makes the system more ‘resilient’ (rather than having one or a few places where all data is stored…you have millions or billions of independent places where data is stored). Nature is a good example of this—independent ‘places’ (geographic, etc..) as a whole are far more resilient to shocks/changes to the environment than one mega environment of the same geographic location. It may be more convenient/efficient to have one or a few systems which manage all information but we lose individual control AND have a system that is far less resilient to shock or changes to the environment (viruses, worms, exploits, etc..)—but that’s just my take.

Share this post


Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
×