New issue
Advanced search Search tips

Issue 787691 link

Starred by 2 users
Status: Unconfirmed
Owner: ----
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 3
Type: Bug



Sign in to add a comment

multiple sessions logging into this ip even if I am away. This account is ONLY ON THIS CB.

Reported by corinaau...@gmail.com, Nov 22 2017 
CHROMEBOOK  

Platform
10134.0.0 (Official Build) dev-channel swanky
Firmware
Google_Swanky.5216.238.5
Channel
Currently on dev
Blink
537.36 (@)
V8
6.4.307
User Agent
Mozilla/5.0 (X11; CrOS x86_64 10134.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3270.0 Safari/537.36
Command Line
/opt/google/chrome/chrome --ppapi-flash-path=/opt/google/chrome/pepper/libpepflashplayer.so --ppapi-flash-version=27.0.0.187 --ui-prioritize-in-gpu-process --use-gl=egl --enable-native-gpu-memory-buffers --gpu-sandbox-failures-fatal=yes --enable-logging --log-level=1 --use-cras --enable-wayland-server --user-data-dir=/home/chronos --max-unused-resource-memory-usage-percentage=5 --login-profile=user --has-chromeos-keyboard --default-wallpaper-large=/usr/share/chromeos-assets/wallpaper/oem_large.jpg --default-wallpaper-small=/usr/share/chromeos-assets/wallpaper/oem_small.jpg --default-wallpaper-is-oem --guest-wallpaper-large=/usr/share/chromeos-assets/wallpaper/guest_large.jpg --guest-wallpaper-small=/usr/share/chromeos-assets/wallpaper/guest_small.jpg --enable-consumer-kiosk --enterprise-enrollment-initial-modulus=15 --enterprise-enrollment-modulus-limit=19 --login-manager --first-exec-after-boot --vmodule=tablet_power_button_controller=1,*chromeos/login/*=1,auto_enrollment_controller=1,*plugin*=2,*zygote*=1,*/ui/ozone/*=1,*/ui/display/manager/chromeos/*=1,*night_light*=1,power_button_observer=2,webui_login_view=2,lock_state_controller=2,webui_screen_locker=2,screen_locker=2
Build Date
Thursday, November 16, 2017

------------------------------------------------
What steps will reproduce the problem?
--normal ops.
--chromebook will not fully powerwash.
--Multiple sessions are logging in from other locations. Sometimes I am notified sometimes not.
--Got into a logon  "fight" with a presumed hacker and was trying to disconnect them long enough to change my password, they logged in every minute.  I think I changed my password 15 times yesterday.


What is the expected result?
-- people cannot log into my chromebook surreptitiously and appear as me in my IP.
-- 1 session per device (I'm pretty sure--  again, this account is ONLY ON this chromebook.
--  You guys are pretty fast this device reset with bluetooth disabled, and I thank you.
I have set these chromebooks to connect to an AP that only allows ipv4.  I have images via fingbox of these chromebooks turning into alternate devices, this toshiba in particular was identified as a mobile phone at least as of a month ago


What happens instead?
--Nothing good.  
---Same old app issues, text still loads and I need to get back to my audit on mrscleannw as it indicates the version of apps loading are all discontinued or stand alone.  
--It occurred to me since I have this app that allows chrome full access to my account that if I'm using an alt version of chrome on this chromebook, there could be vulnerabilities inherant to my account due to this.  :)


Please provide any additional information below. Attach a screenshot if
possible.

1 my debug log
2  how I operate
3 Whats still in chromebook --  Please note I removed gmail, but it's still showing as pinned.
4.  My logon fight with the weirdo that kept connecting to my account
5.  Account open in another location--  NOT POSSIBLE!  I have enhanced protection too.


*** (IGNORE THIS IF IT'S TOO MUCH AND PLEASE JUST FOCUS ON THE ABOVE)   If allowed to let go, I've discovered these chrome books start conversing via ipv6. (via fingbox)  I have forced IPV4 connection only (and the chromebook settings have always said ipv4)  Possibly this is related to brutal kangaroo  (see wikileaks vault 7)but knowing chromebooks are totally unhackable, I recovered/downloaded 30 or so infected USB thumb drives that were infected on windows pcs  with something that sounds very similar to brutal kangaroo over 2 years ago.  I have screen shots of the ipv6 dialog and device changed and dual personas each device seems to change too.  This CB was the worst. Possibly because it's related to fb.  Fingbox ultimately said this cb identified as a mobile phone and my comcast router said it was an lg phone.   I think I have corrected the issue with comcast to STOP allowing default name and pw for admin access.

These cbs are not allowed on IPV6 presently.  If you want me to move this to another router I would be happy too if you wish to check ipv6.  

Please let me know if I can assist in any way.

Best regards and thank you,
Corina
debug-logs_20171121-193935
205 KB View Download
Screenshot 2017-11-21 at 6.56.05 PM.png
93.8 KB View Download
Screenshot 2017-11-21 at 11.03.52 AM.png
176 KB View Download
Screenshot 2017-11-20 at 1.35.17 PM.png
190 KB View Download
Screenshot 2017-11-20 at 1.03.22 PM.png
159 KB View Download

Comment 1 by sc00335...@techmahindra.com, Nov 22 2017

Labels: OS-Chrome

Comment 2 by corinaau...@gmail.com, Nov 25 2017 

I hope you can see this, look at the font example on techmahindra in the upper right hand corner, something is wrong with my fonts.  When I log on I see little black dots on my screen when it asks for pw or pin.   

Can I ship this or drop it off in kirkland or seattle for someone to tell what's going on, this is effecting every single account I have including my family and kids and friends. 

It has been going on for years and I will DO ANYTHING I CAN TO HELP YOU.   THIS IS CHROMEBOOK. ANDROID, GOOGLE CUSTOMER SECURITY.  I have the new enhanced protection. How can I help you????   PLEASE!!     

I have tried 400 different ways to nuke the HD, where is the malware coming from.  Going to google product forums, getting help, and getting dissed, getting all my emails deleted from other major players like MSFT and ICLOUD, even FB got rid of corinaw@yahoo.com (as Wan, Corina).  

But I still need your assistance removing key account corinaw@yahoo.com from google.  Gsuite has totally messed me up.   I asked them long ago if I could buy the product for my gmail accounts, and they said it won't work, it had to be a real domain, but it's been proved wrong, and if accounts are aliased at all the providers eventually the water is muddied and my gmail account is defined as an alias and is actually "managed", even if the gsuite is not active or paid for. 

Can't wait to go to Mill Creek police to file a police report on being hacked and make their heads spin around. (NOT).  

I make most every tier 1 and 2 tech heads spin around too and I am happy to have done a lot of good for the security of the human race--  I have educated many and been thanked profusely many times.  Now I'm working on amazon not forcing 2fa via cell SMS.  A phone call to a cell or a land line or hard token is much safer.  

I know you know this is real.  WHO CAN I PAY for HELP.   HOW CAN I HELP YOU?  PLEASE LET ME HELP.
Screenshot 2017-11-25 at 12.05.03 AM.png
408 KB View Download

Comment 3 by corina.w...@gmail.com, Dec 24 2017 


hello, Someone is creating api projects for me too.  I had deleted 3 already that I never created.  1 for me, my husband and son.  I just discovered a new one created for me today.   https://console.cloud.google.com/iam-admin/settings/project?project=api-project-347527373958   I just deleted it. Please help me.     They deleted the contents of my one drive right before my eyes, as well as a 6 month long email thread between me, chromeos devs and the playstore.   I am also enrolled in advanced protection.

Comment 4 by vsu...@chromium.org, Jan 16 2018

Components: Security OS>Systems>Network

Comment 5 by marcuskoehler@chromium.org, Jan 15

Labels: Enterprise-Triaged

Sign in to add a comment