“Yes” to Linux; “No” to Flash; “Possibly” to your Password…
Google’s efforts to court the business sector with its Chrome Enterprise browser continue, with a beta release of the tool’s latest version including a wide ranging batch of new features including third-party code blockers and other security mechanisms.
Chrome Enterprise, first released in August 2017, adds customisable security controls, 24/7 support, and integration with management tools, VMware Workspace ONE and Microsoft Active Directory to the Chrome browser – the world’s most widely used.
A beta of Chrome Enterprise 69 showcases what’s around the corner (a stable release is expected on September 4) and IT teams with an eye to security may appreciate what they see; not least a hostile attitude to the soon-to-die Flash player, Linux for Chromebooks support and more, including beefed up Password Alerts.
Third-party Software Blocked by Default
In Chrome 69, third-party code is now blocked by default. (Those still using software that injects code into browser processes and who need to temporarily enable access can whitelist these apps with a new ThirdPartyBlockingEnabled policy.) The company is also working on [pdf] a new security feature that blocks redirects from cross-domain iframes.
“Flash, a-ah, saviour of the universe” sang Freddie Mercury in 1980. “Flash, a-ah, he’ll save everyone of us”.
Vulnerability-rife Adobe Flash, by contrast, has been a hacker honeypot for years and is set to die a death at the end of 2020. Starting in Chrome 69, sites using Flash will require users to grant explicit permission to run every time they restart their browser.
Preventing Password Reuse
Chrome 69 allows IT to put password protections in place across both Google and non-Google corporate accounts using the company’s Password Alert plug-in. When enterprise users input their passwords on websites that aren’t whitelisted by IT, or on dangerous websites, they’ll get a full-page to reset their password.
A new reporting tool meanwhile aims to help IT team gain insight into the browser, its resource consumption, and policy compliance. This stores users data in a local file on disk in JSON format, which IT teams can integrate with on-premise reporting and analytic tools, such as Spunk or Sumo Logic.
Voice Dictation as Separate Feature
Chrome 69 now offers dictation as a separate accessibility feature. Users can either click a new button in the status field to start dictating or press the keyboard command Search + D, then use their voice to input text.
Linux (beta) for Chromebooks Support
Linux for Chromebooks, in beta, allows developers to use their favourite editors and command-line tools by adding support for Linux apps.
As Winthrop Chan, Technical Program Manager, Chrome Enterprise, puts it: “By turning on Linux in Settings, you can get a Terminal app in your launcher and install any apps or packages from there. The apps will be securely sandboxed inside a virtual machine. By default, enrolled devices have virtual machines disabled, so Linux for Chromebooks is currently only supported on a select range of unenrolled devices. Policy support to enable this on enrolled devices will be coming in the future.”