UK’s CESG Detects Weaknesses in Chrome OS Built-in VPN

Reading Time: 2 minutes

According to the UK’s official authority for the assurance of information and data security, the Chrome OS may be experiencing data leakage.

The official statement released by the Communications-Electronics Security Group (CESG) states that:

“All data should be routed over a secure enterprise VPN to ensure the confidentiality and integrity of the traffic, and to benefit from enterprise protective monitoring solutions”


The above excerpt is taken from the latest publication, titled: End User Devices Security Guidance: Chrome OS, published yesterday. The CESG is the United Kingdom’s official department for the monitoring of information security. The CESG’s recommendations are considered and respected on a global scale because of their authenticity and reliability.



The recommendation is based on the rationale that using the built-in VPN will not fully ensure data security for Chrome OS users, because it starts transmitting data before the VPN connection can be established.

This means Chrome OS users will need to adopt an improved technique to secure their online security. One tried-and-tested method is to use an external VPN. Fortunately, most modern internet-enabled devices and software are built to be compatible with VPN. Here is a ranking of the top VPNs that are currently leading the online security industry.




Chrome OS came out in the summer of 2009 and is one of the few Operating Systems that is gaining popularity in parallel with the expanding prevalence of the ‘cloud’. As a truly wired-in platform, it keeps user-data and applications on the cloud and it is therefore no surprise that the Chrome OS user base is observing an accelerating expansion.

However, the recent report confirms that neither the latest Chrome OS and nor the built-in VPN have been tested adequately prior to commercial release. This is more than a little worrying because Chrome OS is supposed to be powered by the best minds in the world and if this is an example of what the Chrome OS can be expected to deliver, then there is very little reason why anybody would switch to Chrome OS.

Guidelines were also issued for BlackBerry 10.2.1 and Android 4.4 users. The guidelines for BlackBerry 10.2.1 made it apparent that the  users are not in any clear and present danger. However, Android users were not so lucky.

The CESG recommended that Android users using any version preceding Android KitKat should upgrade to the latest Android OS as soon as possible. The problem lies in the fact that the Android KitKat is vulnerable because of NSA’s involvement in creating the SELinux. The SELinux is the security module used in the Android KitKat Operating System.

Android KitKat was flawed when it came out, and we covered it in a post earlier.

The possibilities are infinite when you have an Android device in your hand – and so are the dangers! You need to reinforce your Android device’s security by using a VPN for Android. I have been working on Android security for quite some time now.

Most people consider VPN apps to be nothing more than website-unblocking tools. VPN is actually a highly sophisticated software  with a cutting edge online security mechanism.

If you are not using Android KitKat right now, you know that you will eventually have to upgrade to it. Using an Android device without taking any additional protection measures is the worst thing you can do to your data and your online security.

If you just can’t get enough of the VPN Industry then follow us on Twitter and Facebook and stay updated on the latest news and events.

Related Articles

Danish Pervez

Danish Pervez

All Posts by Danish Pervez

Danish Pervez's Biography :

When the world sleeps, Danish Pervez is online researching consumer preferences and identifying next-gen trend waves. Experience in IT, combined with his diverse expertise in marketing and research - both traditional and digital - gives him an insight well worth reading and sharing.

Leave a Reply

Your email address will not be published. Required fields are marked *

By submitting this form you agree to our Terms of service and Privacy Policy