Slashdot Mirror
Chrome OS Doesn't Trust Apps Or Users
holy_calamity writes "Google's Chrome OS chiefs explain in Technology Review how most of the web-only OS's features flow from changing one core assumption of previous operating system designs. 'Operating systems today are centered on the idea that applications can be trusted to modify the system, and that users can be trusted to install applications that are trustworthy,' says Google VP Sundar Pichai. Chrome doesn't trust applications, or users — and neither can modify the system. Once users are banned from installing applications, or modifying the system security, usability, and more are improved, the Googlers claim."
Doesn't that make it even more closed than an iProduct?
That can be said of nearly every invention since fire: no users, no problems.
.nosig
As long as they allow input from a mouse or keyboard.
I trust me more than I trust Google.
Really, not letting most users or applications modify the OS is a good thing. Microsoft (and others) have had a TERRIBLE model in permitting this. Third-party stuff has no business altering the foundation of the system's operation. Now, not letting an application that doesn't want to monkey with the OS get installed is probably going too far. I mean, who's gonna run an OS they can't put an app on? That's broken.
Keep them from installing the OS and the box will be very secure, though usability may suffer a bit. I've always thought that security wonks are only really happy with a system while it's powered off or still in the box.
It must have been something you assimilated. . . .
Great idea Mr. Jobs, I mean Schmidt. Sorry.
Link to the printable version - skips the two overly obnoxious ads that get in the way before you could read the article.
http://www.technologyreview.com/printer_friendly_article.aspx?id=26882
Seriously did they say that? I can see steve over there with a big See, I TOLD you so, pointing at everyone else....
Damn, this makes Microsoft look OPEN, doesn't it??
Oh, the irony.
Do not meddle in the affairs of sysadmins, for they are subtle, and quick to anger.
for that person that you are constantly fixing their pc for. You know because they installed this free app that poped up in their face and now nothing works.
If the apps can't be trusted, what would be wrong with running them inside a sandbox.
The browser is the sandbox, you can still run your fancy web apps there.
Companies don't trust their employees and Chrome is a sandbox within a sandbox. This is a good thing in the corporate world where centralized control is valuable.
Chrome is a very thin client that really works.
... now back to the bit mines.
Explain to me again why Apple is so evil, please.
Google is the worst when it comes to Customer Service too. You'll get a laptop that has issue conencting to the net and you'll also only have technical support via the net.
... than when Google wrote it.
End of line.
Wow!
I am not sure there is anything else that could be said...
system modifies you!
1234
The same as your luggage.
"Lame" - Galaxar
If you could install an app, or adjust the system as a user, then maybe you wouldn't provide as much data to Google. Google do not make money from computers or operating systems, they make it from the information they extract from you.
Never underestimate the dark side of the Source
I don't know any sysadmins who trust apps or users, either.
No folly is more costly than the folly of intolerant idealism. - Winston Churchill
Then it's not the part they care about. A malicious application installed by a naïve user will always be able to send emails (because the user will demand the ability to do that), and therefore send spam. And it'll still be able to delete the user's files.
I am trolling
Once users are banned from installing applications COMMA or modifying the system security COMMA usability COMMA and more are improved COMMA the Googlers claim.
I had to read that sentence five times to sort it out; Once straight through, again for each coma, and finally pieced back together again.
All I know is that my Commodore 64 never got owned. Well, at least not until I got an EPROM burner.
-- I have a private email server in my basement.
I agree it is broken, but the idea is you link to a remote web app. Chrome would be a lot better if it came with a built in web server you could drop an app into to store and run locally.
Now we're just a hop and a skip away from "Once users are banned from browsing non-Google-approved websites or attempting to use non-Google services, security, usability and more are improved."
For those that always say "but you can modify it!" or "well you don't have to use it" (the latter of which is true even for Apple's iEcosphere), that doesn't address the problem. The problem is that a whole lot of people will see the convenience and the stability and they won't modify it and they will use it, making the whole concept of walled gardens and lockin more popular among consumers who want ease (as opposed to choice) and companies who want to make money. Large groups of people will forget that they ever had a choice to begin with. I'm not trying to evoke 1984 here or say that we're all going to be slaves to Google, but in the world of consumer technology right now, the leading idea that is getting the most users and making the most money is "step into the [Apple/Microsoft/Google/Facebook] world and bask in the luxury of having everything work together and not having to make choices."
Just like the old adage about privacy and security, is it worth trading choice for convenience?
If the machines are cheap enough then the solution is to wipe Google OS and install Linux... Problem solved!!! All the apps you need with none of the OOgling...
I thought the whole point of Chrome OS was that it was a client for running cloud-based webapps? Given that, it makes sense to lock down the machine - unless they're saying that it won't even run non-google Web apps?
In a survey of 100 programmers, 111111 thought that duck-typing was a good idea.
So much for actually being able to do what we want
Google doesn't get advertising dollars from you running a local app and disconnecting from the network. They *do* get advertising dollars for every online app you regularly use because that's the only way for you to get anything done.
I spend most of my work day with a couple browsers, a couple Putty sessions, Outlook, Excel, and a few other apps open. Imagine how many page impressions that would generate if every single one of those apps was based in "the cloud" and had a little section where Google could insert ads?
Still wondering why this is being touted by Google as the most innovative and revolutionary feature ever in OS design?
Sorry, but I don't trust having all my apps run from the web. Just the other day I was on a tight deadline trying to print a document from Docs when it crapped out on me refusing to print. It was late at night, so it's understandable if they needed to do some server maintenance. Or possibly it wasn't even Google's fault because there may have been issues with my ISP, but either way I was helpless to do anything. I would prefer to having things run locally and automatically sync to the cloud when possible.
Didn't Steve Jobs patent that entire concept of treating your customer as your enemy?
As an end user I don't give a flying rats ass about the operating system. I only care about *MY* data. I don't care if the OS is compromised or gets deleted as I can just re-install it or install a different OS I like better.
When my data is compromised it makes me sad. Protecting the OS from privledged execution does not automatically protect the end users data because it requires no such elevated privledge to access my data. The OS vendors are acting like news casters who think it is newsworthy to report on stories they have a personal interest in but noone else really cares about.
Turn it off, disconnect all cables (especially power and internet) and hide it in the attic.
The whole point of Chrome OS is to shift the application from running natively on the hardware to running in the cloud. You're thinking of the web browser as the application, Google is thinking of GMail as the application.
You guys didn't pick up on this....the "users can't be trusted" part is a direct jab at Windows and their crappy control system. Chrome OS is based on Linux, which only lets those in the administrator group install programs/modify the system et all. It's a much safer system...just look up 'unix security'.
I use the charts in the Google Apps spreadsheet app.
Recently, they "upgraded" the chart software.
Under the upgraded software, the charts now look like total shit.
The documentation is vague and shallow. The options panes are missing or disable important features that might help me produce charts that don't look like shit. The only way to downgrade to charts that work is to revert to older versions of the document and not to accept the upgrade when making changes in the future.
Google has lost the plot. The last thing I want at this point is to give them control of application compatibility of my data.
I'd urge this on my mom and dad in an INSTANT. I'd never use it, but it would be great for them.
One should never trust an application, I'm in agreement on that.
The user owns the machine, they should be trusted to decide what is done with it. If you think I'm wrong... let me explain...
The reason we don't want to trust users is because they have a demonstrated history of bad choices, which result in a lot of work for the geeks who have to clean up the mess. We have a better track record, so we ass u me that it must be because we are smarter than they are. This is only true to a limited extent.
The reason the user makes bad choices is because are given the wrong choice to make. Instead of asking what extent of permission a program should be granted, the user is given an all or nothing choice. It's not possible for them to "try out" a program without risking everything. This is just plain nuts.
Capability based security offers a way to express the wishes of the user in a manner which NEVER trusts an application... but rather places the responsibility for limiting system changes in the operating system, where it belongs.
It is only when we finally get out of or smug self congratulatory slumber that it's possible consider that the typical user is not an idiot prone to randomly pressing OK.
We need to offer sane choices, and a sane security model... Capability Based Security is the only way to go.
Google... unfortunately, isn't any wiser and misses the boat here, but by a slightly smaller margin.
It's the return of the professional sys admin, just sufficiently distributed for economical home use. Suddenly a lot of geeks won't need to be handling IT for friends and family. For an awful lot of people it's a good deal.
It's an extension of GMail, where an awful lot of complicated technical, privacy, and security configurations are completely and well taken care of by Google. They've finally managed to take it all the way to the end-user hardware.
Me and the /. choir have our own issues with this, but that's not the same as saying this won't be popular, or will necessarily work badly.
Honestly this is smart... well as long as the power user still *CAN* change things if they want (i.e. using the jailbreak switch).
Obligatory (probably poor) car analogy:
To fill up gas you don't open the hood and take apart the engine. Sure you can get under the hood and if your a mechanic you should be able to mess around as much as you want. But its better for the user (driver) to not have to worry about anything besides the interface (steering wheel and gas and brake).
Its silly that users who have no idea how the system works should be expected to decide what applications to trust. The default should be zero trust of the user and that shouldn't need to be changed for 90%+ of users out there. And thats what Chrome does.
This is a great security model. In fact, in order to keep my home safe I won't allow any devices in that are controlled by an outside third party either.
And I think Ubuntu should be modified accordingly. There's no reason, however, why apps shouldn't be native and machine based, when data access is as expensive as it is. It's just a matter of restricting installed software to the software center, denying root to everything else, and making applications request special permissions like "create and modify files in Documents". Android does it.
We (meaning the Open Source community) need to come up with a viable alternative to the Trusted Computing/ "App" model on mobile platforms quickly. This means something portable which doesn't absolutely suck. Fortunately, the bar isn't too high right now -- the quality of most apps is around the sophistication of your average 1991 shareware program. Your work PC notwithstanding, mobile seems to be the future of most computing right now -- and that seems to be shaping into a closed, trusted-computing fragmented nightmare.
The typical "if you don't like mobile devices don't use them" attitude is a bit like saying "if you don't like the TSA, don't travel". Any suggestions?
"Once users are banned from installing applications, or modifying the system security, usability, and more are improved, the Googlers claim."
No security is perfect, there WILL eventually be a remote execution exploit, and the users will be banned from installing applications, or modifying the system in order to fix it. I hope it comes with a USB drive I can boot from to wipe the system clean...
However, there WILL also eventually be a remote execution exploit that enables the users to install applications, or modify the system security to provide additional usability, and more functionality than the Googlers intended.
ChromeOS is just begging to be sprung free of the Google jail.
Hint: When the "Attackers" are the folks who purchased the device, their physical access to the device will render all "defenses" useless.
Also: DO NOT WANT, will simply use any other unrestricted laptop or tablet PC available.
And user eyeballs is the product. Google can't serve you ads if you're not online.
We have a lot in common then...
I've got an OS like that in my DVD player.
It doesn't trust me to watch FBI warnings...
XKCD:Xeric Knowledge Comically Dispen
This makes perfect sense once you understand that the majority of the people working on ChromeOS (in Google's Kirkland offices) are Microsoft refugees. Since most people psychologically try to solve problems in their new jobs they were unable to solve at their previous ones, what better way to keep from having the most virus infested OS on the planet than to prevent anybody from ever installing or changing anything! I bet the colleagues they left behind at Microsoft are envious beyond belief.
Wow, talk about those who don't understand the past are doomed to repeat it. Microsoft (and PCs from IBM in general) were popular precisely because individual business departments got to install their own apps instead of having to use only the ones that the guys on the raised floorboards deemed they could have.
It's why the PC won in the first place; talk about hubris from Google.
I guess Google figures people will like it if comes with Rounded Corners + Gradients this time.
it failed to sell me when they required net just to login now you cant modify the system. this os will be dead on arrival.
" Once users are banned from installing applications, or modifying the system security, usability, and more are improved, the Googlers claim."
For years I have fought IT staff who held the position that the computers should never actually be used by putting applications on them. They used the exact same logic shown here.
Google does not trust apps. The reason I got into open source was because I did not trust OS and library vendors.
The reason I have never used Apple products was their attitude of "It you want to do what we don't allow you to do, you are obviously wrong in wanting to do it".
I don't see this as progress.
Jolicloud, a competitor to Google OS, has an app at the Chrome Web Store. Jollicloud decided to integrate its platform inside the Chrome browser. You can use Jolicloud services instead for Google's. Though definitely restrictive, Google is not locking you into its services.
It is getting pretty tiresome to watch Google keep inventing all kinds of Apple technology a few years late. The fact that apps and users can't modify the system in iOS is something that fucking Andy Rubin (of Google) has criticized about it. What the fuck is up at Google?
I used to do some work fixing up computers that people would bring in.
At least 75% of the computers I fixed, the problem stemmed from the user being a complete moron.
From deleting key system files to trying to get that free $1000 that blinking pop up offered.
So I can understand why you wouldn't want to trust your users.
don't allow users to power on the device and don't allow any apps to run. Then we'll all be safe.
So you will be constantly using data if these things have 3G or 4G connections? And AT&T though the iPhone used too much data.
And what happens when your internet service is down or you are out of a data coverage area? Kinda useless then isn't it?
A computer with chrome on it.....I`d have thousands. Keep away.
The Chrome Files: Trust No One -- The Truth Is Out There (but we won't let you download it).
Microsoft tried locking out third parties from altering the kernel and they all cried anti-competitive and demanded API access... and now we have "anti-virus" programs that are hostage-ware that integrate into Microsoft's "security center". All so that we could get shitty Norton.
I wouldn't trust either applications or user requests to install them either.
Filthy buggers.
They have small hands too - have you ever noticed that?
-- Tigger warning: This post may contain tiggers! --
Comment removed based on user account deletion
This sentence is horribly mangled:
"Once users are banned from installing applications, or modifying the system security, usability, and more are improved, the Googlers claim."
This would be a much better alternative:
"Googlers claim that once users are banned from installing applications or modifying the system security, usability and more is improved."
Of course, asking editors here to do their job is so much pissing in the wind...
Be realistic. If Chrome OS was going to explode in use it already would have. It has it's uses but I don't see a lot of the IT crowd embracing it. They'd rather just install a "real" OS and have complete control. If this OS is pushed it will be from the suit level, at the top, with golf course business deals.
Tiger Blooded Bi-Winning Machine
"Operating systems today are centered on the idea that applications can be trusted to modify the system" only applies to Microsoft operating systems. Unix and Linux don't trust applications. Application packaging systems are often trusted by users to properly install an app, but Unix/Linux requires the user to have sufficient privileges to allow the app installer to perform the installation. Few Unix/Linux apps are given root privileges.
And then somehow, magically, trusting giant corporations becomes ok again.
I bet you can't install ad blocking either. Google is not the champion of Open, they are the champion of Google.
Yeah, but they still can't get HTTPS on their own damn cloud products. Here's a quick look at Google's security beyond the local device:
I turn on my laptop, turn on my VPN, surf. In the process I got owned by my buddy running Firesheep. Here's how:
Laptop has tabs open.
Wifi connects before VPN kicks in.
Chrome tries to refresh a tab containing a PUBLIC Google Doc where I was not logged in, and Chrome sends out my authentication without HTTPS on it.
Firesheep grabbed the Google account, which is my Reset password account for everything else. Owned.
Later we learned that Chrome's sync bookmarks tool also sends your Google account authentication without HTTPS. All the time.
So if you're on an open network, Google is spamming your authentication to anyone who's listening, because they can't get their shit together to use HTTPS when they authenticate.
So, yeah. Security. Good job.
All this Chrome OS cloud stuff reminds me of the mid to late '90s. I remember when IBM, Oracle, SUN and a few others pushing stripped-down, inexpensive appliance-like computers as the next big thing. I think at the time it was called a "network computer" for handling E-mail, word processing, "surfing" the internet, database accessing, etc. Then storage and memory prices fell so quickly, there was never really a market for an internet appliance. Also most people at the time were on dial up. Internet connections may be faster now, but why would anyone want to buy a "network computer", given that HD storage and RAM don't really impact the end price as much as they used to? Is Google looking at a "free PC" subscription-based business model like most mobile phones?
My opinion at the time was the "network computer" makers missed the boat in the platform wars, so were trying to redefine the game in some way that didn't involve Microsoft. Why is it any different this time around? This is not a troll, I am just curious about the business case for Chrome OS, especially considering the success of its stable mate Android.
I think Apple has a patent on it...
This coming from the company that created the Google Chrome webbrowser, which purposely bypasses ALL of Windows Security features to allow it to be installed even on the most locked-down user accounts. Seems ironic that that they would tout this when their own software uses the same techniques utilized by malware and virus authors.
Any app I run could modify my .bashrc or install something to $HOME/local and run on log-in. As long as I have network access, the program can create a botnet.
Put identity in the browser.
Really, not letting most users or applications modify the OS is a good thing. Microsoft (and others) have had a TERRIBLE model in permitting this. Third-party stuff has no business altering the foundation of the system's operation.
Now, not letting an application that doesn't want to monkey with the OS get installed is probably going too far. I mean, who's gonna run an OS they can't put an app on? That's broken.
Define "app".
ChromeOS allows the offline install of webapps like Google Docs, which allows you to use every regular function of google docs offline, with no web connection. You can create, save, and edit documents, including saving them to external media, without an internet connection. You can even print them if you have a network connection, even if there is no internet.
How is that not an app?
ChromeOS is not an operating system like you are used to. That doesn't automatically mean its a bad idea.
-Taylor
Worldwide Military budgets: $2100 billion. Worldwide Space Exploration budgets: $38 billion. Really, world? Really?
Currently in the middle of the 5th virus removal of the year for my father, who only uses the computer to surf the web anyway. If I can knock a couple trojans off my workload without the tech support overload a linux system would have, it would so be worth getting him (and a couple of my aunts, my grandfather, my brother...).a chromeOS system.
By all means mod me troll. I'm always happy to see my enemies are afraid to debate me.
yes, but the world is different. IT dept are sick of maintaining everyones data, that are sick of be version police, they are sick of the constant cycle of upgrades, and business are sick of paying for it.
Corporations want everyone on the same version all the time, and now they can REGARDLESS of the hardware.
The Kruger Dunning explains most post on
Chrome has BUILT IN ad blocks.
Next.
The Kruger Dunning explains most post on
At least not this user, not after Google's stunt with Buzz or white washing the pictures in Google of Tianammen Square at the request of the PRC.
Using a browser or OS from google only seems a little bit better to me than using a browser or OS made by Facebook.
No, the whole point of Chrome OS is to shift applications from targetting the OS to targetting the browser (thereby commoditizing the OS.)
This differs from a shift from "running natively" to "running in the cloud" in that one of the major areas where Google has put effort to enable the browser to be the platform for more robust applications is in allowing browser-based applications to run disconnected from the internet and leverage local hardware resources in a way that previously was restricted to native applications. Features and technologies related to that that Google has actively sought to develop and/or promote leading and that are included in Chrome OS include (off the top of my head):
* HTML 5 local storage and other offline-functionality related APIs,
* Native Client
* O3D
* Cloud print
* More robust in-browser media support, including bundled-in Flash and PDF support
The way things are now? Yes. But if it had a built in web server for local apps and sufficient local storage, it wouldn't need to use data services to access remote apps and data as much.
If it drops the cost of the device to some sort of sub 100 dollar range the thing suddenly becomes awesome again.
I'm actually supporting chrome devices having tons of ads. The more ads the bigger the drop in cost and I can just put linux on it. And google can bet on people not formatting and using it for a while.
Semi offtopic but a device maker getting paid per use really gives incentive to make a device that is addictive and lasts forever. It kicks the ass of planned obsolescence.
I'm pessimistically betting they will. Why? Because Control is Fun!
To me this looks like the fabled Trusted Computing, where trust means trusting the vendor and not you.
The less active stuff you do with your machine the more you can be a nice media consumer paying by the megabyte of streamed video.
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
No, but UNIX and Linux trusts applications to modify my data. That's far worse than modifying the system.
There's no reason why applications should run with my userid, and with all my user rights.
If Chrome OS does not trust the user or any potential software that they may install to be trustworthy, then why the hell does Google seem to trust JavaScript? Better yet--why the hell is the pile of security bugs known as Adobe Flash so trusted by Google that not only does Chrome support it, it fucking comes with it?
Clearly if Google didn't "trust" random code that a user might come across, they would build right into the browser something like NoScript and not bundle Flash with their browser. What if I visit some malicious Flash-based porn site or or some non-Google-approved online document application? The browser will run all scripts with no problem.
This is just an attempt to block people from installing local/offline software and to keep them using Google online services, which will no doubt be recommended all around the web brows... er, I mean operating system. AKA, lock-in and some serious crippling, Apple-style.
... we may well prevent you from doing something brilliant."
Probably either Thompson or Ritchie, speaking about Unix.
--dave (anyone sell additional memory chips for humans?) c-b
davecb@spamcop.net
... has a half-life of less than a day. Guess that might be appropriate for a prototype machine, but hopefully Google will be moving on to Cr-50 sometime soon.
browser based applications will require network connection to the extent that they don't take advantage of the features of HTML5 and other technologies implemented in the Chrome browser for the specific purpose of enabling offline web applications.
But how much data will a web application be able to store in CACHE MANIFEST and localStorage? Enough to make, say, a podcast downloader work? And to what extent will it support WebGL for advanced graphics, for which iOS currently requires a native app?
If ChromeOS allows apps to access files on external media, then in what way is that more secure than traditional apps?
Oh, and how does one print if you can't install printer drivers?
I'm appalled by the idea that the person who pays several hundred dollars for a computing device shouldn't be able to do any damned thing he pleases to it.
Then I guess you'd be appalled by video game consoles, especially those that cost five hundred and ninety-nine U.S. dollars on launch.
But if it had a built in web server for local apps and sufficient local storage
Google Chrome already supports CACHE MANIFEST and localStorage, two HTML5 technologies allowing web applications written in JavaScript to run offline. The question is just how many megabytes they can be.
Google can't serve you ads if you're not online.
Of course it can. It can download the advertisements to localStorage whenever you sync your data between your device and the Internet.
...and I'm not buying a portable computer that only works when it can talk to Google's servers (though I'll happily beta test one!). Preventing apps from mucking around with system files is a no-brainer, but that doesn't mean they have to live in the cloud. For corn's sake, they make portable apps for Windows that work fine without touching the OS.
Never let a lack of data get in the way of a good rant.
I have a 300 GB drive full of MP3s and movies in my desktop system. [...] The process of *correctly* syncing all that data is a lot more difficult (and still requires a lot of bandwidth between all of your devices) than simply storing it "in the cloud" and streaming it from a central location to whichever device you want to access it on at the moment.
What use is 300 GB of MP3s and movies in the cloud if your cellular ISP will only let you access 5 GB of data per month? At least if you have them on your home server, you can sync them over Wi-Fi at up to 54 Mbps.
Imagine this: an operating environment where neither the users nor user applications can modify the system. What a novel idea.
I like being banded.
Even when it's an amniotic band that bans oxygen from getting to a developing limb, bans it from fully developing, and then bans you from being able to use it as one would use a fully developed limb?
I'll remain a free range web user, but thanks anyways Google.
First off, you're way out of date. Windows has supported the permissions structure you're advocating since NT 3.1 came out (it pre-dates Windows 95, although until XP came out the permission-less 9x systems existed in parallel). The first user created had root permissions, but nothing required that you do everything as that user; my day-to-day XP account had limited permissions. For Vista and Win7, by default even members of the Administrators security group run programs with limited permissions, though they can get root (Admin) access on-demand. Except for installers (and not always for those) Windows programs aren't usually given root permissions either.
Also, there's a difference between trusing users (logon credentials) and trusting apps. The usual behavior is that an app has whatever permissions the user running it has. Linux, through AppArmor or SELinux, offers some ways to limit the trust in an application, but most default installs don't use these. The Windows application-level trust system, Mandatory Integrity Control, is less fine-grained than something like AppArmor, but is easy to apply and is used on several out-of-the-box programs, including Internet Explorer. Such apps are marked as being "Low Integrity Level" and therefore are not permitted to write to any portion of the filesystem not *also* marked as Low IL, regardless of the permissions of the user running the program. Similarly, a program can't send messages to a program with a higher IL, so for example standard limited-user programs (default Medium IL) can't attempt to take over Administrator-level (High IL) programs. MIC is only available on NT 6.x (Vista, Server 2008, and Win7) but so far as I know OS X has nothing even vaguely equivalent.
There's no place I could be, since I've found Serenity...
Really? where?
..it better trust the machine's owner completely, or else these machines are just Trojan Horses. If the machine doesn't ultimately answer to you, then who does it answer to? Someone who isn't you, that's who.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Um.. then what is the point of having it?
---- Booth was a patriot ----
Do you idiots ever research anything you declare to be true? In Chrome, and Chrome OS, you can install packaged apps, which bundles the complete web app, including all HTML, images, JavaScript code, and any extras. Running this app generates no network requests whatsoever. Furthermore, offline (cached) applications can also be completely local. And... (I might be mistaken on this point)... web apps included in the Web Store DO NOT need to be hosted by Google -- only the package info does (which specifies the app URL).
where's that thing where they commit to a reasonable, and high, level of availability, safety and security for my work, my data, my life's bread crumbs ? I'm not even touching on confidentiality.
oh, there's none ?
and they've got free rein to do whatever they want with my data, my apps, my OS ?
kthxbye.
The Cloud - because you don't care if your apps and data are up in the air.
So what you are saying is that IT departments would prefer not to exist?
I actually agree with the idea of an appliance-like approach for some things. I can wrap my mind around the connected and disconnected application scenarios based on HTML5 technologies. What I can't quite figure out is if this is a user's only computing device, how do you connect it to a home printer, scanner, etc. devices? I'll admit I have not read up on this particular device, but, in general, I am not certain how well such a scenario plays out.
Since Linux is running underneath, a certain level of device support would be available, but there is a large amount of user-space software that is usually needed to operate peripherals. Again, it could just be that this isn't part of this product's intended appeal. But I suppose I just can easily hear in the back of my mind of a family member buying one of these because of a low cost and then wondering why they can't connect their iPod, printer, or camera to it. I don't see how you can get away from the need of a "real" desktop system at some point. Perhaps we simply aren't "there" yet.
Looking at Google Cloud Print information, it looks like the intent is not only that you can use the Google Cloud Print service to access a Cloud-aware printer (or one with a cloud-aware proxy), but that support will exist for compatible third-party cloud print services. So, presumably, if you had both a cloud print service and a cloud-aware printer on your local network, you could print via cloud print without access to the internet and the Google Cloud Print service.
Microsoft (and others) have had a TERRIBLE model in permitting this. Third-party stuff has no business altering the foundation of the system's operation.
Microsoft fixed this issue almost ten years ago with .Net. The .Net framework allows you to grant or deny any permission to any application (or to every application). The default configuration is that applications launched from storage outside the local machine are not trusted to do anything other than display a user interface, regardless of the permissions of the user running the application. It would be trivial to change the configuration so that only Microsoft software could modify the OS. The only problem is that vendors of shrink-wrap software have predominantly chosen to not use .Net.
.... Master System....
http://www.engadget.com/2010/12/08/european-carriers-want-content-companies-and-smartphone-makers-t/
So carriers are apparently looking for both users and content providers to pay for the same thing and providers liek Google want us to use even MORE bandwidth? Not to mention rumblings of carriers going to pay as you go plans more and more. Somehow I don't see this working out so well!
Build it, Drive it, Improve it! Hybridz.org
If an app can write to external media, then in what way is it secure?
If you can't install printer drivers, how can you print?
...anyone over 3.0!
"Microsoft (and others) have had a TERRIBLE model in permitting this. Third-party stuff has no business altering the foundation of the system's operation"
And as soon as Microsoft try to stop third parties altering the foundation of the system's operation, somone complains because they can't sell their $FIREWALL or $VIRUS_SCANNER or $SECURITY_BLOATWARE.
Can't entirely blame MS.
"I honor the place where your inability to manage your computer and my desire to control your entire life become one." - Eric Schmidt
"Operating systems today are centered on the idea that applications can be trusted to modify the system, and that users can be trusted to install applications that are trustworthy," says Google VP Sundar Pichai.
Well, that's a pretty fundamental misstatement. In fact most operating systems today - and for the past 30 or 40 years or more - do not allow any entity without elevated privilege to modify the system or install applications.
The glaring exception is Microsoft Windows, and I agree with you that it uses a terrible security model. It violates software engineering principles that go back to the early days of timeshared systems. Back in the days when Bill Gates was answering his own emails, I asked him about this very issue. He told me "customers aren't asking for it". I said, "I'm a customer, and I'm asking." He did not reply.
Most operating systems today are derived from Unix, if not literally then philosophically, which in turn uses a simplified implementation of Multics security rings. Unless a particular derivative has been deliberately engineered to make system files world-writeable, an ordinary user is not going to be able to touch them.
I'm not debating whether such derivatives are a good idea. I'm saying that Sundar Pichai is talking nonsense to suggest that this is some kind of universal problem from which Google has to save us.
So let's talk sense instead. Ignore the red flags being waved about the innate danger of applications. There is innate danger in all kinds of things. In Unix, for example, there's nothing to prevent me from typing a single shell command that accidentally deletes all my files. That's bad luck for me, but unless I want to be denied access to the most basic kind of expressive power, it can happen. I can shoot myself in the foot.
Put that shell command in a script and call it an application. I give you the application, and now you can shoot yourself in the foot with it. Is this the least bit surprising? It's not architecturally different than if you wrote it yourself and then forgot what it did. Who ever said that you should trust a mysterious black box to fulfil any claimed behavior?
So sandbox it, if you can't trust it. We've been heading in that direction for some considerable time. The fact that Microsoft is late to the party is not, in my view, grounds for cancelling the party. Even if Google says that it's hosting an even better party down the street. Maybe it is, maybe it isn't. To me, that's just another empty claim.
Parity: What to do when the weekend comes.
Yes, exactly!
With rare exceptions, there's no reason why a Unix application cannot be installed just fine in userspace. Install it in your home directory. Done. Problem solved.
If a particular application doesn't install properly where you tell it to, that's the fault of the application, not the operating system. And it can be fixed.
Parity: What to do when the weekend comes.
Chrome doesn't trust applications, or users — and neither can modify the system.
That's okay, because this user doesn't trust Google or Chrome OS, and they will not be permitted to install an OS on my computer. I'll stick to linux, which I know I can sort of trust most of the time, and my own judgment, which is well known to be predictably untrustworthy.
This is a hacked account, for which the owner can not be held responsible.
I'll put my zorkmids on human fallability, tyvm.
``Tension, apprehension & dissension have begun!'' - Duffy Wyg&, in Alfred Bester's _The Demolished Man_
Comment removed based on user account deletion
While you are mostly correct, there will be modifications in /etc which a user will value. Especially since most *nix systems are used by one or two people, tops.
Security comes from local physical control over your resources.
- If your resource isn't in your own local, physical possession, it is not secure (for you).
- When your resource is in someone else's physical possession, only that party has secure control over it. You don't.
- When your resource is remote, it's even less than insecure --- it may not even be accessible to you at all.
- Denying you access to "your" resource becomes trivial when it is remote ... an unavoidable consequence which will be much loved by tyrannical governments, and which turns you into a totally controlled puppet.
In respect of security and freedom, this has to be one of the worst ideas ever conceived in the history of personal computing.
If this guarantees me a stable browser experience, I'll get one just for that. There isn't any browser on my OS/X and Linux machines that doesn't crash after a few days of heavy usage. (Which may or may not be due the the poisonous flash plugin, but i need to use it.)
I find it funny that people buy these lousy devices at all. What's even more funny is the war between them trying to get bigger and bigger screens. Bigger and bigger phones, iPads, Chrome based pads, etc. Oh and now you can add a keyboard and a mouse and peripherals and...
All of these people are reinventing the PC and laptop and the stupid masses that buy them are the suckers. People don't realize they are buying a computer with the power of a Pentium III or K6-2. OOOOOOOHHHHHH! They just spent $1000 on a computer whose technology is 10 years old, and probably on credit.
Portability? Please. Admit it, you are a lemming, you will do what you are told.
Nexus S will be ~$200 w/ subsidy.
iPod touch needs no subsidy to reach a sub-$250 price point. Where is the Android device that's affordable without a $1,679.76 commitment to cell phone service, for people who will be using the device only with Wi-Fi and not as a phone on a 3G network? Google has resisted one becoming available because it's so strict on what devices it allows onto the Market. Archos 43? Not in my home town, and the selection in AppsLib is negligible compared to Android Market.
The question is whether everyone pays more for those features, or just the people that actually actively desire the feature.
Application development benefits everyone, and why shouldn't everyone pay for everyone's benefit? Another tack: If there are no mass-market devices that allow software development, then what will members of the mass market use when they decide to take up software development as a hobby?
I'd rather consider something more relevant, like the cost of Google's Android dev phones vs. the cost of similar smartphones before any contracting-incentive subsidies provided by carriers.
True, the Nexus One and the unlocked Galaxy S are comparable in price. But is there anything that's not a phone on which one can get his feet wet developing Android apps? Something in the price range of, say, an iPod touch? I have a cousin who wants to know this because he wants to get his feet wet developing Android apps but can't afford smartphone service. Right now he's stuck on an emulator.
Why? If you want to, Google provides the tools to root it and you can easily install your personal choice of freedoms.
This is aimed at the type of person who wants to put a piece of bread in a slot, push down on the lever, watch the wires get hot, and have TOAST, YEAH TOAST!
Not the kind of person who wants to go out and start a fire in their backyard so they can hold bread on a handcarved stick to make their toast.
Computers are, for a decent percentage of the population, an appliance. An appliance that takes too much time to maintain and worry about and protect just to get on a web browser and surf them thar interwebz.
Nothing at all is stopping you from expressing your own personal freedoms on this device. It's just that with freedom comes responsibility, and a lot of people either can't or don't want that responsibility for a computer they don't really need it on.
The rest of us will carry on, free from the "hey, I saw an odd popup and clicked on it and now I've got this odd message every time I start up" multi-hour debugging extravaganza.
I don't want this for me. I want this for my 70-year-old aunt who is intimidated by the term "Web Browser" ("but I don't want to browse, I know where I want to go!") and email client ("I'm not a lawyer! I want it for me!") and program ("I'm not watching TV!").
Here, push the power button, three seconds later click on "The Facebook", hey, you're online! No caps lock key so you can't shout.
"This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
How do I do it, for customizing it? Simple - but you have to have access to & use the SDK/developer kit tools they give you:
In the case I did this in, I used ADB!
With ADB, you can mount the mountpoint area you want to alter (say for the system - which is what I was up to in fortifying the HOSTS file on ANDROID) & I mounted system in Read + Write mode, first.
Secondly, I then pull in what you want using the PULL command, and then the PUSH command to do it an alteration of the HOSTS file on ANDROID, for overwriting it with a custom HOSTS file.
In the example I am speaking of now, I did that to use a large custom HOSTS file on my nephew's (RIT 3rd yr. CIS student) ANDROID phone, and it worked.
ANDROID wouldn't allow it otherwise, complaining "modification now allowed on production OS model" or something VERY along those lines...
Well, I beat it, but I had to use developer tools to do so.
APK
..is what this is when one looks at it objectively. As such, it will have its niche in business and education where user "interference" is less desireable.
For every present, there is a past
trains found to hardly be involved in crashes
seeing as how genode recently introduced linux as a browser plugin I see a bright future ^^
The extent that it benefits everyone, everyone does pay -- by whatever mechanism that pays for the apps they use (whether direct payments, ads, or whatevers).
Then why not spread the cost among everyone in a more direct way rather than price-discriminating against developers? Making it expensive to develop software will only discourage hobby development, which in turn discourages hobbyist developers from becoming professional developers.
Software development would be far from the only hobby to have a buy in cost
The question is why it has to have a buy-in cost in the first place.
is there any locked-down consumer computing gear that hasn't been jailbroken, thus making it usable by hobbyists without the restrictions intended by the supplier?
There isn't a useful jailbreak for the Nintendo DSi yet. The current jailbreaks allow only the use of DS compatible software, not software that uses the camera, SD card slot, or expanded RAM.
I don't want a phone. Google hasn't made much of a push to get Android Market onto not-phones, leaving the not-phone market to Apple.
I mount the system mount point as both READ & WRITE priveleged, first.
Then I did the ADB PUSH/PULL work to overwrite the stock ANDROID hosts file.
Otherwise, it gave me the hassles you spoke of!
(E.G.-> Without using the mount command & ADB alone, yes, I could not overwrite the original-oem stock HOSTS file in ANDROID - this is why I stressed mounting system in ANDROID as READ + WRITE using the mount command (that command is what gives you the privilege to do the WRITE, not what's in ADB)).
APK
"I'm very familiar with ADB. Problem is a lot of handsets default ROMs will NOT let you mount system r/w. HTC Sense ROMs don't, for example, and it's only in the last few months that it's been acheived by the hacking community via a number of exploits. That's the thing with Android - it's open and anyone can customise it, including handset manufacturers who want to restrict access!" - by RMH101 (636144) on Monday December 13, @09:17AM (#34533728)
That's a USEFUL reply on your part, so thanks for the feedback/input. Now, I do have a question:
QUESTION: WHAT OTHER PHONES ALLOW FOR THIS TYPE OF ACCESS (even if it's via dev. tools like ADB, which I used on ANDROID to replace the "stock-oem" HOSTS file with one that blocks ad banners &/or KNOWN BAD SITES/SERVERS (along with a write enabled mount command for the system mountpoint on ANDROID))?
APK
P.S.=> Specifically, IF you know? Does RIM Blackberry allow for it, and does it have a BSD based IP stack?? Once more/Again: Thanks for the replies, you've got a lot to say I think on phones here, & I can gain by it (and you're certainly no troll either, thank goodness)... apk
But when they were teenagers, we played PC games (all three of us were big Quake fans). We had 2 or 3 PCs networked together for local multiplayer.
But not all parents are willing to buy multiple gaming PCs and multiple copies of each game for the household. The cost of PC LAN gaming pushes parents to consoles, where adding one player to the whole library of games that the family owns costs as much as one Wii Remote and one Nunchuk. And not all genres are well suited to LAN play. Look at fighting games, which put both players in the same view; there aren't nearly as many fighting games on PC as on consoles because there aren't a lot of PCs with a big enough monitor.