Product reviews, deals and the latest tech news

With this new Chromebook exploit, you could sideload your laptop for work

If you’re one of the more than 50 million people who use Chromebooks for school (this number is about a year out of date), you’re probably used to the limitations placed on your device to protect you from straying too far from its intended purpose as a learning tool.

Company-issued business laptops are similarly restricted to prevent you from doing specific non-work-related activities, forcing you to purchase a separate computer to use as your own.

Until now, that is. SH1MMER is a new admin control attack that can bypass Google’s security measures by exploiting vulnerabilities in officially supported products. The shim is an exploit often used by laptop repair technicians to perform diagnostics and repairs.

Admin restrictions on Chromebooks

How the shim works is detailed in a post on GitHub:

Only the KERNEL partitions are verified for signatures by the firmware, however RMA shims are a manufacturing tool that enable signing of specific permission functions. If we disable the read-only flag on the other partitions, we’ll have free reign to make whatever changes we choose.

Unenrolled Chromebooks “behave totally as if it is a personal computer and no longer include malware or blocker extensions” when users follow the steps outlined on the SH1MMER website, which involve loading a USB with at least 8GB of storage with a shim image.

Multiple sources, including an educational forum, indicate that Google is aware of the vulnerability discovered by the so-called Mercury Workshop and disclosed on January 13.

According to the corporation, IT departments in both schools and businesses need to keep an eye out for idle computers. Blocking websites that disseminate exploits, such as,,, and, is also possible, as is disabling enrollment rights and access to the Chromebook Recovery Utility extension.