Webmonkey has a pleasing write-up on Google’s Chrome OS

Google CEO Eric Schmidt showed up at Tuesday’s event to drive home his belief the time is right to release Chrome OS.

“We finally have a viable third choice for an operating system on the desktop,” he said.

I guess what he is trying to say is that Google is now ready to officially support a Linux distribution — their own? Maybe this does not matter. Apple does not say they officially support a BSD distribution. It is just OS X. I guess what I really find amusing is that the CEO calls it “finally” viable, yet soon after in the same article…

Google admits there is still much work to be done on Chrome OS, and the bug tracking page shows numerous stability problems and hardware shortcomings.

“We’ve made amazing progress but we still have a lot of work to do,” [Product Management VP] Pichia said.

If you want to try it out today, you can join Google’s developer program and install Chrome OS on a wide range of hardware. But as Google VP of engineering Linus Upson said Tuesday, the process is still rather hairy for non-geeks.

“The question is, how comfortable are you compiling from source,” he joked.

Finally!

An unstable operating system with limited hardware support that has to be compiled by source.

Yes, finally, Google has another (not yet) viable Linux distribution. I guess viability is in the eye of the beholder. Does an OS get a higher viability rating based primarily on the number of Chrome applications supported?

When I read Pichia’s statements on this project, relative to the claim of a viable desktop option, for some reason I am reminded Colin Powell presenting to the United Nations on Iraq’s weapons of mass destruction.

In other words, the press release might have more accurately said Google is now purported, or alleged, to be working on a distribution of Linux. Evidence has not yet been found that this OS actually exists as a stable and usable release for desktops.

On the other hand, it could say that the Sun network computing model is finally viable because it now is connected to the Chrome Web Store that has launched already where you can download skins and plug-ins for your browser…err, I mean you can download applications for your browser. I mean operating system. I mean a store that makes your network computing OS viable. You can read the New York Times, for example. Finally.

All that being said, I do have to give the Google credit for forcing *.google.com certificates and secure pages on the Chrome Web Store. Nice touch; it could be a sign of changes to come. Wonder if and when encrypted Google search, etc. will be forced.

The PCI Security Standards Council has released an official statement on mobile payment applications — look for something from them next year. Nothing will be approved before then, but on the other hand they did not say mobile payment applications are prohibited.

The PCI SSC is committed to an ongoing evaluation of emerging payment technologies. The impact of mobile payment technology on the security of cardholder data will be a key focus for the Council in 2011.

Until such time that it has completed a comprehensive examination of the mobile communications device and mobile payment application landscape, the Council will not approve or list mobile payment applications used by merchants to accept and process payment for goods and services as validated PADSS applications unless all requirements can be satisfied as stated.

The payment cards themselves are running pilot programs with mobile payments, as I’ve mentioned before, so expect more updates in the near future.

I will be giving presentation on cloud log management at BayThreat this weekend. Anton has posted a nice summary page on his blog where he also modestly claims his presentation will be “hilarious”.

What:

There’s a new information security conference in the South Bay at The Hacker Dojo, December 10th & 11th. Perfect for those of us with exhausted travel budgets. We’re an active community with tons of the smartest folks in the biz. It just makes sense that we would get a regional con of our own!

The theme for BayThreat is as simple as black & white: “Building & Breaking Security.” Two tracks, each tackling opposite sides of the security fence. As Security Professionals, it is up to us to take that dichotomy and mold it into the shades of gray we use to protect our environment.

Shades of the Gray Area

We’ve invited speakers from all over the Bay Area and beyond to a two day conference at the Hacker Dojo in Mountain View, CA. The Dojo is a familiar place for the security community, as it hosts the #DC650 meetings every month.

We’re excited to host speakers with security expertise from both sides of the fence. Early-acceptance speakers include Anton Chuvakin, Neel Mehta, Ryan Smith, Gal Shpantzer, Jim McLeod, Allen Gittelson, and Dan Kaminsky. The Call For Abstracts is now closed.

When: December 10-11, 2010

Where: Hacker Dojo, 140A South Whisman Rd, Mountain View, CA 94041 (map)

How much: nominal fee of (!) $45

Schedule: TBA here