Tuesday February 20, 2018

Update for Chromebooks Enhances Security, Wipes All Data

In a report from Androidpolice, security researchers recently discovered a bug in the Infineon TPM firmware which allows hackers to potentially brute-force a Chromebook to obtain encrypted data. The bug potentially affects all Chromebooks using the newest Infineon TPM chip, the full list can be found in the original article. The downside is, the way the TPM module works, it requires you to wipe the computer in order to update the firmware.

News Image

Doesn't sound to me like most people will need to do this update, as the chance of a brute-force on most people's devices are fairly slim. Makes me wonder if the Intel patch for Meltdown and Spectre will just be a bottle of kerosene and a match.

I did the whole process on my ASUS Chromebook C302, and it only took about a minute. Sadly, wiping your Chromebook is more of a pain with the advent of Android apps, since most of them don't back up user data to the cloud (like the rest of the OS does).