After a few months of initial research, security specialists have come out to say that Google's Chrome OS is vulnerable to many of the same serious attacks that afflict all web surfers. Even though Google claims Chrome OS is a security breakthrough, the report says that users remain susceptible to exploits that can intercept email, documents, and passwords stored on centralized servers, many of which are maintained by Google.

Two members of the WhiteHat Security's Threat Research Center...discovered a slew of serious and fundamental security design flaws that with no more than a single mouse-click may victimize users by:

- Exposing of all user email, contacts, and saved documents.
- Conduct high speed scans their intranet work and revealing active host IP addresses.
- Spoofing messaging in their Google Voice account.
- Taking over their Google account by stealing session cookies, and in some case do the same on other visited domains.

While Chrome OS and Chromebooks has some impressive and unique security features, they are not all encompassing. Google was informed of the findings, some vulnerabilities were addressed, bounties generously awarded, but many of the underlying weaknesses yet remain -- including for evil extensions to be easily made available in the WebStore, the ability for payloads to go viral, and javascript malware survive reboot. With the cloud and web-based operating systems poised to make an impact on our computing future, Matt and Kyle ready to share all their never-before-seen research through a series of on-stage demonstrations.
So if you are thinking of switching to Chrome for its remarkable new security, it may be time to think again as it seems to be as insecure and vulnerable to easy attacks as any other web-based applications.

Original quote from http://blackhat.com/html/bh-us-11/bh-us-11-briefings.html#Johansen