Chromebooks are inherently secure machines—they’re essentially impervious to viruses and similar threats found on other machines. The one primary weakness is a physical one, but Google is making moves to fix that, too.
There’s a malicious USB tool called a Rubber Ducky that emulates a keyboard and has the capability of injecting up to 1000 keystrokes per minute onto any machine which it’s inserted. As long as a would-be wrongdoer has physical access to your computer, all they need to do is insert the USB key and let it do the rest.
Since this is a physical weakness, that means Chromebooks are just as susceptible the Rubber Ducky attacks as other machines. But Google is working on a new feature for Chrome OS called USBGuard that will eliminate this threat by blocking access to USB ports on locked Chromebooks.
While this is still a work in progress, it appears that the feature won’t simply block access to USB ports across the board, but instead keep ports that are currently in use alive. So, if you’re transferring files from a USB drive and the ‘book goes to sleep, the transfer will continue. Similarly, users will be able to whitelist specific devices—like mice and keyboards, for example—so they’re always available regardless of the Chromebook’s lock state.
The USBGuard flag is already available on the Chrome OS Canary channel for those who live dangerously but should be available to more users on other channels in the coming weeks or months.