Security: Powerwash a chromebook without password
Reported by
davi.sor...@gmail.com,
May 27 2016
|
||
Issue descriptionThis template is ONLY for reporting security bugs. If you are reporting a Download Protection Bypass bug, please use the "Security - Download Protection" template. For all other reports, please use a different template. Please see the following link for instructions on filing security bugs: http://www.chromium.org/Home/chromium-security/reporting-security-bugs VULNERABILITY DETAILS I have an asus c300 chromebook, and I use the smart lock system with my nexus 5, I saw that the pc can be unlocked without the password and that's ok, but the bluetooth range is "several" meters. I study in a university where the classes are very big (500+ students) so if one people steal a chromebook in a class he can unlock it with the smart lock because as i tested it works in a class, but the very problem is that he can make a powerwash without any password. That's the problem, since the cromebook is unlocked we can make a powerwash and steal it... I think that some actions need the real autenthication of the user. VERSION Chrome Version: [51.0.2704.55] + [beta] Operating System: [Chrome OS 51.0.2704.55 beta (64-bit)] REPRODUCTION CASE I already described
,
May 29 2017
Issue has not been modified or commented on in the last 365 days, please re-open or file a new bug if this is still an issue. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
||
►
Sign in to add a comment |
||
Comment 1 by mea...@chromium.org
, May 27 2016Labels: -Type-Bug-Security -Restrict-View-SecurityTeam OS-Chrome Type-Bug