Through a small bug in Chrome OS, it would be possible to trace the log of the WiFi connections used in the last 7 days, to pact to have physical access to the Chromebook through the Guest Mode, therefore not requiring the password to access another user.
Discovered by the “ Committee on Liberatory Information Technology ” team, also formed by several former Google employees , this annoying vulnerability can be, for now, stemmed by disabling the Guest Mode and the creation of new users . This is the solution proposed by a Google employee , at least until they can fix it.
The bug allows you to trace the logs of the WiFi connections used by the computer, showing when and where the device was when connected to the internet: it is not an operation for everyone, but it could potentially disclose the movements made in the period of time recorded in the logs, up to the last seven days . These data are not password protected , therefore it will be sufficient to access the chromebook in guest mode and navigate to a standard destination to view the logs saved in the local memory , and not only those registered using the Guest Mode , but also those of other users.
This flaw may not be particularly appealing to cybercriminals, but we can only imagine how annoying this invasion of privacy can be, however small it may be, and we trust that Google will fix it soon .
