Issue metadata
Sign in to add a comment
|
Security: Forced Enrollment Bypass on Chromebook
Reported by
gwampydw...@gmail.com,
Sep 10 2016
|
||||||||||||||||||||||
Issue descriptionVULNERABILITY DETAILS Using a USB loaded with Chrome Version R36, a person can go into developer mode and avoid the mandatory device enrollment for devices under enterprise management. VERSION Operating System: [Chrome OS, 53.0.2785.103 Stable] Asus Chromebook c200 REPRODUCTION CASE Workaround instructions: 1. Preload a USB flash drive or SD card with chrome OS version R36. 2. In chromeOS, press the keys [esc]+[refresh]+[power] to bring the chromebook into the "Chrome OS is missing or damaged" screen. 3. Insert the recovery media (with version R36) into the corresponding slot and wait for the chromebook to finish 'recovering' the OS. The chromebook will then reboot. 4. As soon as the starting screensaver appears, press [esc]+[refresh]+[power] to bring the chromebook into the "Chrome OS is missing or damaged screen". 5. Press [Ctrl]+[d]. 6. The chromebook will then boot into developer mode and will not be forcibly re-enrolled. Also, the chromebook will not be re-enrolled on future restarts. Total Time taken: 7 minutes 3 seconds --Dwagon
,
Sep 11 2016
,
Sep 12 2016
rspangler can you help triage this bug? Thanks.
,
Sep 12 2016
This is expected behavior, given that we haven't rolled the kernel version between R36 and R53. So it's possible to roll back to an old version using an old recovery image. As soon as we roll the kernel versions, this approach will not work.
,
Sep 12 2016
,
Sep 13 2016
,
Sep 14 2016
Raising priority since escaping enrollment issues are always P0.
,
Sep 16 2016
,
Sep 19 2016
,
Sep 20 2016
What Randall said on c#4. There's movement on issue 436305.
,
Sep 24 2016
Pri-0 bugs are critical regressions or serious emergencies, and this bug has not been updated in three days. Could you please provide an update, or adjust the priority to a more appropriate level if applicable? If a fix is in active development, please set the status to Started. Thanks for your time! To disable nags, add the Disable-Nags label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Oct 4 2016
,
Jan 11 2017
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by gwampydw...@gmail.com
, Sep 10 2016