Security News
Google has announced the Auto Update Expiration date will be extended from 5 years to 10 for all Chromebooks, guaranteeing a decade of monthly security updates. Google says that starting in 2024, all Chromebooks released after 2021 will automatically qualify for ten years of security updates, delivered automatically to the device every four weeks.
A new exploit has been devised to "Unenroll" enterprise- or school-managed Chromebooks from administrative control. Enrolling ChromeOS devices makes it possible to enforce device policies as set by the organization via the Google Admin console, including the features that are available to users.
A new exploit called 'Sh1mmer' allows users to unenroll an enterprise-managed Chromebook, enabling them to install any apps they wish and bypass device restrictions. To bypass these restrictions, security researchers from the Mercury Workshop Team have developed a new exploit called 'Shady Hacking 1nstrument Makes Machine Enrollment Retreat', or 'Sh1mmer,' that lets users unenroll their Chromebooks from enterprise management.
Users of enterprise-managed Chromebooks now, for better or worse, have a way to break the shackles of administrative control through an exploit called SHI1MMER. SH1MMER - you may pronounce the "1" as an "i" - is a shim exploit, or more specifically, a weaponized Return Merchandise Authorization shim. A shim is Google-signed software used by hardware service vendors for Chromebook diagnostics and repairs.
Samsung is being sued for selling the Samsung Chromebook Plus 2-in-1 even though they allegedly knew for years of a defect that caused displays to break. The class action lawsuit has been filed by Tony McCoy out of the U.S. District Court for the District of New Jersey and claims that Samsung concealed the defect of the Chromebook and denied covering repair costs, even though the flaw affected numerous customers.
Since Thursday evening, Google has been investigating reports of customers having issues enrolling their Chromebooks with a network error. According to user reports, "Network not available" errors are displayed on the screen after booting into Chrome OS and trying to enroll the devices.
Google is investigating reports of black screens showing up on users' Chromebooks when trying to log into their Chrome OS accounts. The company has acknowledged this issue on the Google Customer Care Portal almost one hour ago and is yet to provide updates or a workaround for customers impacted by this bug.
For a more secure experience, use DNS-over-HTTPS on your Chromebook. Jack Wallen shows you how.
You've probably connected that laptop to coffee shop networks, where there's either no password, an easy password or zero guarantees of the level of security applied to the Wi-Fi. What do you do? One thing you most certainly should do is configure both Chrome OS and Chrome to use secure DNS. By doing this, all of your DNS queries are encrypted, so you don't have to worry so much that some ne'er-do-well is listening in on the packets you send out. The first thing we'll do is enable Secure DNS in Chrome, which uses DNS-over-HTTPS to encrypt all DNS traffic.
New Mexico Attorney General Hector Balderas is suing Google over its alleged slurping of students' data off of the free Chromebooks it passes out to needy schools and from its free G Suite for Education products, including Gmail, Calendar, Drive, Docs, Sheets, and other apps. According to the complaint, which was filed in the US District Court for the District of New Mexico on Thursday, Google has marketed its suite - formerly known as Google Education - to schools, parents and children as a "Free and purely educational tool", but in actuality, it comes "At a very real cost that Google purposefully obscures."