A release of the Chrome OS 110 operating system is available, based on the Linux kernel, the upstart system manager, the ebuild / portage assembly tool, open components and the Chrome 110 web browser. The Chrome OS user environment is limited to a web browser, and web applications are involved instead of standard programs, however, Chrome OS includes a full multi-window interface, desktop and taskbar. The source texts are distributed under the Apache 2.0 free license. Chrome OS build 110 is available for most current Chromebook models. Chrome OS Flex edition is offered for use on regular computers.
Key changes in Chrome OS 110:
- The mechanism for auto-completion of input when searching in the launcher interface (Launcher) has been redesigned. Improved handling of typos and errors when entering search phrases. Provided a clearer division of results into categories. A more intuitive navigation through the results using the keyboard is proposed.
- The troubleshooting app offers a keyboard input test to make sure that all key presses work correctly.
- Improved implementation of reading aloud text in a selected block (select-to-speak). The ability to start reading aloud through the context menu is provided, which is shown when you right-click on a selected piece of text. An automatic change of the speaker language is provided depending on the language of the text selected by the user. The select-to-speak settings have been moved to the standard configurator page, instead of opening in a separate browser tab.
- The utility for sending notifications about problems when working with the system, as well as wishes and suggestions, has been updated. As messages are typed in, the utility now brings up relevant help pages that could potentially be helpful in tackling the problem yourself.
- To improve the quality of speech when using Bluetooth headsets with limited bandwidth, a speech model based on a machine learning system is used to restore the high-frequency part of the signal lost during high compression. The feature can be used in any application that receives audio from a microphone, and is especially useful when participating in video conferences.
- Added new tools for debugging and diagnosing issues with printing and scanning documents. Crosh introduces the printscan_debug command to provide more detailed reports about printer and scanner activity without putting the device into debug mode.
- When using test releases, the current branch of ChromeOS - Beta, Dev or Canary - is displayed in the lower right corner next to the battery indicator.
- Support for the Active Directory Management system, which allowed connecting to ChromeOS-based devices with an account from Active Directory, has been discontinued. Users of this functionality are advised to migrate from Active Directory Management to Cloud Management.
- The parental control system provides the ability to confirm access to blocked sites from the child's local system without using the Family Link application (for example, when a child needs to access a blocked site, he can immediately send a request to parents).
- The camera app has added a warning that there is not enough free space on the drive, and proactively stopping video recording before the free space is completely exhausted.
- Added the ability to view PPD files (PostScript Printer Description) for installed printers (Settings > Advanced > Print and scan > Printers > Edit printer > View printer PPD).
Additionally, we can note the publication of tools for unbinding Chromebook devices to a centralized management system. With the help of the proposed toolkit, for example, it is possible to install arbitrary applications and bypass restrictions installed on corporate laptops or devices in educational institutions, in which the user cannot change settings and is limited to a rigidly defined list of applications.
To remove the binding, the sh1mmer exploit is used, which allows you to execute the code through manipulations with the Recovery mode and bypass verification by digital signature. The attack boils down to downloading publicly available "RMA shim", disk images with components for reinstalling the operating system, recovering from a crash, and diagnosing problems. The RMA shim is digitally signed, but the firmware only checks the signature for the KERNEL partitions in the image, which allows you to make changes to other partitions by removing the read-only flag from them.
The exploit makes changes to the RMA shim without disturbing its verification process, after which it remains possible to run the modified image using Chrome Recovery. The modified RMA shim allows you to disable the binding of the device to the centralized management system, enable booting from a USB drive, gain root access to the system and enter command line mode.
Source: opennet.ru