Slashdot Mirror

← Back to Stories (view on slashdot.org)

Chrome OS Doesn't Trust Apps Or Users

Posted by kdawson on from the for-your-own-good dept.

holy_calamity writes "Google's Chrome OS chiefs explain in Technology Review how most of the web-only OS's features flow from changing one core assumption of previous operating system designs. 'Operating systems today are centered on the idea that applications can be trusted to modify the system, and that users can be trusted to install applications that are trustworthy,' says Google VP Sundar Pichai. Chrome doesn't trust applications, or users — and neither can modify the system. Once users are banned from installing applications, or modifying the system security, usability, and more are improved, the Googlers claim."

3 of 410 comments (clear)

  1. Wait, what? by Monkeedude1212 · · Score: 5, Interesting

    Doesn't that make it even more closed than an iProduct?

    1. Re:Wait, what? by phoenix321 · · Score: 5, Interesting

      I can already replace my Windows installation and when the OS is infected by a virus or something, it's very, very easy to restore. Just hit a BIOS switch, reinstall from a truly hidden (and BIOS-protected) partition - or recovery DVD - and reinstall without destroying user data. (All user data is on D:, while reinstall will bomb C:)

      It doesn't work that well, let me tell you. User data is there, but programs need to be reinstalled to access it. System comes back squeaky clean, but everything needs to be changed to my personal liking.

      What it boils down is that a computer will be either vulnerable to users, useless for them or anything in between these extremes. Can't install programs? Useless but secure. Can install any program? Useful, but vulnerable.

      Without settings and mail saved *somewhere*, a mail client is useless. With settings and mail saved *anywhere*, a mail client is potentially vulnerable.

      Replacing the OS with a known-good image only works if someone can truly produce an image that is more useful than say a Windows default installation and still known to be good. Which gets increasingly doubtful the older the OS image is, the more programs are installed and the more data/configuration/specifics are kept in program installations somewhere.

    2. Re:Wait, what? by GWBasic · · Score: 5, Interesting

      With this in mind, one thing that would be nice to have are offline apps. This way, a glitch in Internet connectivity would not mean a corrupted term paper.

      That's what local storage in HTML 5 is for. When I played with Google Gears in 2007, there was a complete Javascript API for an in-browser SQLite database; AND I could specify which files would be served locally. Thus, I could make a web application that would work without an internet connection.

      Google Gears is now depricated because a lot of the lessons are applied to the HTML 5 spec.

      --
      No, I will not work for your startup