Google's Chrome OS Will Attempt to Reinvent the Security Model
ZDNet's Dana Blankenhorn has an interesting post up called "Crome OS will rise or fall on the safety dance." In it, he notes that there are a number of security initiatives in Google's upcoming operating system for netbooks, including "system hardening, process isolation, secure auto-update, verified boot, intuitive account management, defenses in depth, and devices secure by default." Indeed, one of the most ambitious aspects of Chrome OS is the tough stance that it will take on the security front. Here are some details on that tough stance.
Chrome OS is built to behave quite different from other operating systems, bypassing a number of types of boot processes and others in order to optimize performance. Additionally, however, the OS will actually reimage itself if malware is detected. If Google does this properly, Chrome OS systems may be free of the guaranteed performance decay that Windows systems tend to have over time. Every Windows user is used to how that decay creeps in as a system continues to be used.
However, Google is going to be banking on the idea that that users will like the idea of having a system reimage the instant malware shows up. Additionally, Blankenhorn notes that Chrome OS "has to develop an ecosystem of applications around itself that are themselves secure." That's true, if Google's end-to-end secure intentions are to be realized.
I've seen some posts going around on Chrome OS that characterize it as an easy OS to do, since it's only aimed at netbooks, and will work only with cloud applications, not the intricate workings of local apps. I don't think Google has an easy job ahead, though. Security is one of the primary areas where what Google wants to do will be difficult.