London Council Dumping Windows For Chromebooks To Save £400,000

girlmad writes: "Google has scored a major win on the back of Microsoft's Windows XP support cut-off. The London Borough of Barking and Dagenham has begun moving all its employees over to Samsung Chromebooks and Chromeboxes ahead of the 8 April deadline. The council was previously running 3,500 Windows XP desktops and 800 XP laptops, and is currently in the process of retiring these in favour of around 2,000 Chromebooks and 300 Chromeboxes. It estimates the savings at around £400,000 compared to upgrading to newer Windows machines — no small change."

Translation

[MightyMartian]

Translation: London Council trying to extort cheaper licenses out of Microsoft.

Re:Translation

[Great+Big+Bird]

Makes sense. Chromebooks can be okay on the hardware, but I can't see them as very useful especially for real work.

Re:Translation

It's fine if they've moved all of their work to a web ap.

Re:Translation

[leathered]

Translation: Microsoft trying to extort expensive license fees from London Council.

FTFY

Re:Translation

[Anonymous+Brave+Guy]

It doesn't sound like they're using web apps, at least not yet. From TFA:

At this stage we're still going to be using Office, Outlook and Exchange, but we're planning to look at a move to a cloud-based productivity and email tool later in the year and that would clearly be an evaluation of Google Apps and Office 365

Re:Translation

[Shimbo]

It doesn't sound like they're using web apps, at least not yet

No, but they were (apparently) using mostly Citrix apart from the power users. A Chromebook seems a good fit as a remote desktop client; you don't have any more issues with requiring an always on network than you started with. For once, a fairly sensible strategy it seems.

Re:Translation

If using a Chromebook as a remote terminal, that makes sense, assuming a decent connection to Citrix. It means one less security issue (stolen/compromised laptops) to worry about. There is still security required when people have to log on, but that can be accomplished via SecurID or another 2FA system.

Re:Translation

Penny wise pound foolish...

Re:Translation

Makes sense. Chromebooks can be okay on the hardware, but I can't see them as very useful especially for real work.

It's Council... who said anything about doing any work.

Re:Translation

Translation: London Council trying to extort cheaper licenses out of Microsoft.

You keep telling yourself that. It'll make it easier for competitors to eat your lunch.

Just conveniently ignore the bit where they already have the Chromebooks...

Re:Translation

[wvmarle]

They're replacing a current stock of 4,300 of what used to be mid- to high-end hardware (when they were bought of course - after all they were designed to run Windows - replacement would mean current mid- to high-end stuff or Windows won't run well) with 2,300 low-end ones.

That cuts down the number of computers in half, and it cuts the per-unit hardware cost. I can't imagine them saving some 150 pounds per unit on license cost alone. Windows isn't that expensive in OEM licenses. The price difference between a typical Chromebook and a typical Windows laptop is more than the Windows license itself.

Re:Translation

[aliquis]

As long as all they need is a browser they will be fine. ... heck, even SteamOS would be a better choice.

Re:Translation

[amiga3D]

You mean spreadsheets and powerpoint and word processing? That takes very low hardware requirements. Gaming they suck at, work isn't a problem.

Re:Translation

[amiga3D]

In cases of Microsoft nastiness common sense says assume the worst and be grateful when it's not "quite" that bad.

Re:Translation

[amiga3D]

Does the London Council have any competition?

Re:Translation

This gem keeps coming up, every single time. What is it with you people? Can you not accept that Windows is expensive?

Re:Translation

My experience at least with RDP on chromebooks was not the best. Super choppy and pretty much unusable.

Not sure what special sauce Citrix might have though.

Re:Translation

[bloodhawk]

If they are used to citrix already then choppy cludgey connectivity will be something they are acustomed to so going to chromebooks won't be a noticible change.

Re:Translation

Microsoft usually charges ~$50 US for OEM licenses*, so GB150 seems odd.

* Source: http://www.theverge.com/2014/2/21/5435152/windows-8-1-license-fees-cut-by-70-percent-rumor

Re:Translation

Makes sense. Chromebooks can be okay on the hardware, but I can't see them as very useful especially for real work.
What a lie! Chromebooks are far more effective than the old cruft. Real work is done with these systems every day. Real work has been done with them for many years. Real savings can be had by switching. Real crazy are the microsludge marketing droids who try to mutter nonsense. You don't need a Ticonderoga #5 pencil to write numbers, and if you *dare* use any other type of writing instrument, its not a 'Real Number'. Yet when talking about computing, the microsludge marketing droids keep harping on it. Its stupid; as utterly stupid as insisting on the brand of pencil. Yet the parent tries. Its just dumb.

Re:Translation

[fremsley471]

It means one less security issue (stolen/compromised laptops) to worry about.

The AC has it. It's all about data security, or at least that's certainly the thing that would have prised Windows from the hands of the managers. The costs/hassle of not worrying about losing sensitive data knocks all the other savings into a cocked hat.

Re:Translation

[mpe]

If using a Chromebook as a remote terminal, that makes sense, assuming a decent connection to Citrix. It means one less security issue (stolen/compromised laptops) to worry about. There is still security required when people have to log on, but that can be accomplished via SecurID or another 2FA system.

However unless you can divorce the chromebook from Google you have the very big security issue that device you are using as a terminal comes compromised as standard. (This would be the case with "tablets" of all kinds.) Can these devices be "jailbroken" to ensure that they are secure? If this is possible are the sysadmins involved doing this?

Re:Translation

[TheRaven64]

The system requirements for Windows are higher. If the machine is basically an RDP client, then there isn't much benefit in running a thick-client OS on a higher-end machine. The savings are partly from the Windows license and partly from the cheaper machines. A minimal *NIX install with FreeRDP is probably what they actually want, but the ChromeBook lets you have something that's a bit like this, with frequent vendor-provided software updates and no need to have someone in house configuring it.

Re:Translation

[sa1lnr]

There is no single "London" council.

http://directory.londoncouncil... (33 in total)

Each area on the map has it's own separate council. I would imagine the
others will be keeping an eye on this and if successful they may adopt it.

Re:Translation

[gbjbaanb]

actually no. RTFM: London council dumping their old remote terminal and web browsing desktop machines with shiny new remote terminal and web browsing machines. Shiny new machines that are significantly cheaper.

They are also buying new Windows 7 PCs for specialist apps that don't run over RDP.

One thing to note: Windows 8 was not even considered (Mac and Linux considered but not chosen, due to the particular use-case they needed)

Re:Translation

I do not think Windows is expensive at all.

The main problem I have with Windows is it is so full of complexity which I do not understand, hence people which study the ins and outs of Microsoft code have a good one-up on me, and I cannot trust my own system.

To me, having a Microsoft product is like hiring a beautiful efficient secretary... only problem is her boyfriends are telling her to do things I do not want her to do. Can I trust her with anything important? Or should I just really watch what I let her handle so she can't spill anything critical?

So far, I have taken the latter route, as quite frankly, the antics of all the antivirus companies has me very convinced this beautiful thing is a whore and will sell me out to anyone who knows how to ask her nicely to get whatever of mine she can get her hands on.

Trust has to be earned--- and it is extremely difficult to prove yourself. It seems everyone who has landed a position of trust is surrounded by special interests, each with their hand out yearning for a business handshake.

The siren song.... been going on since Homer's day, whether it was beautiful women or suited smiling salesmen with extended hand.... What do I do? Tie my computer to the mast and try to sail by?

Re:Translation

[cmdr_tofu]

These devices are designed to be jailbroken. The root switch involved a special keystroke on boot. It is fairly easy to put whatever you want on the Samsung Chromebook (I know very little about the chromebox but i think it has a physical "developer" switch). My Samsung Chromebook runs Ubuntu like a champ, but the touchpad is quite wonky and the hardware is just not the level of quality I'm used to. I'm tempted to trade up for an ASUS chromebook. x86 compatibility would also open up the possibility of using binary only apps (like Skype) and running Windows VMs.

Re:Translation

Admittedly, my last interaction with Acer hardware was fifteen years ago and it was a fucking travesty, but the difference in build quality between the Samsung xe303 or whatever it is and the Acer c720 is night and day. The keyboard doesn't flex nearly as much if at all, the USB ports are on the sides instead of the back, and the screen looks slightly nicer. I don't want one for personal use because of the Google angle, but in certain work environments (I work in a public library; if you wanted to FOIA anything I've worked on you could, so who cares if Google already knows what I'm up to?) they are interesting devices. And if Citrix is part of your setup, you don't even need to install anything special on the Chromebook. The server side is a little more complicated, but so what?

My boss won't tell his boss he has to get a Chromebook because his boss is kind of a vindictive ass who likes his Macbook (doesn't know how to use it, but whatever...) but we could switch over 90% of our hardware *right now* to ChromeOS devices and we'd be better off for it.

Re:Translation

Really?

Intel® Celeronâ Processor 867 (1.3GHz, 2MB) & 4GB of RAM not enough to run Windows? Bullshit.

Re:Translation

[cusco]

I'll pretty much guarantee that managers will still have a full-blown laptop, no one wants to browse porn on a Chromebook, it's just powerless underlings that will have to learn a new OS and deal with cheap, shitty hardware. Their long-term cost savings will be negligible though. Place where I worked tried handing the field techs netbooks, within six months almost all of those that hadn't failed on their own were made to fail.

Re:Translation

[squiggleslash]

For Windows Home Premium?

Generally, Microsoft charges a premium of about $100 for the Windows Professional product, and likewise their other Enterprisy operating systems, in addition to things like Active Directory client licenses.

Factor in Office, and I'd assume the cost comparison is actually much more complex than the write up is suggesting. It's probably somewhere in the region of $500 per workstation (plus hardware for a "Microsoft solution", with zero subscription fees, or perhaps something lower with some subscription fees for Microsoft's SAAS services, vs $0 per workstation (plus hardware) plus a $10/month Google Apps subscription for each user (not workstation.)

Look at that, factor in the lifespan of each workstation, and a $150 saving doesn't look unreasonable.

Re:Translation

[cyber-vandal]

If they're using Citrix what new OS will they have to learn?

Re:Translation

[Tough+Love]

Translation: London Council trying to extort cheaper licenses out of Microsoft.

Cognitive dissonance alert. Cheaper licenses for XP?

Re:Translation

[jayp00001]

Sorry but no, I've tried one and it was frankly only useful at reading email. Everything else was a PITA. There is absolutely no value in switching unless you do next to no productive work.

Re:Translation

[buybuydandavis]

Which is largely Google's business model anyway - choke off the profits of it's competitors.

Re:Translation

[Lennie]

You folks keep forgetting: there are no desktop machines to manage. Which translates to savings.

Re:Translation

There is no single "London" council.

That's correct- the story's about *a* London council, specifically the one for the borough of Barking and Dagenham.

The capitalisation of all words in the Slashdot headline had the misleading effect (for those who don't know better) of making "London council dumping Windows" appear like "London Council Dumping Windows"; it's short for "a London council" dumping Windows.

Security improvement.

[bob_super]

Are they trying to go around the (few) GCHQ monitoring limits by going straight into NSA-friendly territory?

Re:Security improvement.

Microsoft is far friendlier to the NSA than Google. Haven't you been reading the news?

Re:Security improvement.

[wvmarle]

Microsoft vs Google.

If that's the choice I'd still go for the second. Gut feeling says Google cares more about preventing NSA snooping than MS. And now I don't exactly like Google's snooping to target their ads better (they do a pretty shitty job there anyway), at least it won't get you on secret no-fly lists.

Re:Security improvement.

Ha ha ha. Google's startup funding was from In-Q-Tel, which is a CIA front.

I guess CIA is not quite NSA. Not yet anyway.

Re:Security improvement.

[mpe]

Microsoft is far friendlier to the NSA than Google. Haven't you been reading the news?

More likely Google just has better PR than Microsoft in this respect. The only way in which Google could actually be unfriendly to the NSA would be to move to a country which the US Government couldn't argue with. The Russian Federation and PRC being about the only options here. (In which case Google would have no option but to be friendly with Russian or Chinese NSA equivalents.)

Re:Security improvement.

[Hentes]

At least due to its inability to run programs, ChromeOS is mostly free of viruses. It's definitely a security improvement, although at the cost of usability.

Re:Security improvement.

"Mostly free of viruses"? Is there an actual virus for ChromeOS, or were you just covering your bases because you weren't sure?

Yes, I know that even if it is completely free of viruses today it would be foolish to assume it will remain so in the future.

Mad

[bugs2squash]

They must be barking...

Re:Mad

[jambox]

The local expression for a crazy person (or "nutter") is "Upton Park", because "they're two stops short of Barking".

Re:Mad

I think you mean Dagenham East, since it's well past Barking...?

London Council Dumping Windows For Chromebooks To

Oh, one can just imagine Microsoft's' FUD, I will cost them zillions.

All that is left

[Johnny+Loves+Linux]

is for the diva to sing the operatic conclusion and for cats and dogs to get along. Microsoft is so doomed. Who really needs them? Not most people. Have you seen the latest Samsung tablets? Holy cow the better than Hi-def resolution, vivid colors, awesome performance, none of them running Windows, all of them running Android. I saw them recently and my first reaction was: Microsoft is so doomed.

Re:All that is left

[Dutch+Gun]

is for the diva to sing the operatic conclusion and for cats and dogs to get along.

Microsoft is so doomed. Who really needs them? Not most people.

Have you seen the latest Samsung tablets? Holy cow the better than Hi-def resolution, vivid colors, awesome performance, none of them running Windows, all of them running Android. I saw them recently and my first reaction was: Microsoft is so doomed.

Yeah, all except for that pesky near 90% desktop market share, and the millions of applications people rely on that use a Windows operating system to do their work. The market is significantly broadening, no doubt, to include non-desktop/laptop computing platforms, but make no mistake, Windows is still very firmly entrenched on the desktop. And regular old computers where people still need to get work done on a day to day basis is still a lucrative market, if not as sexy as phones and tablets. The fact that it makes Slashdot headlines when a company or government branch moves away from Windows tells you that it's not exactly happening all over the place either.

Not trying to sound like a shill here, but let's try to stay realistic. MS is going nowhere for the foreseeable future. Unless, of course, they keep pissing off their desktop customers with garbage like Windows 8.

Re:All that is left

I doubt many businesses are worried about vivid colors, high-def tablets. The company I work for has software that will only run on windows and integrates only with IE(Sendouts). Scoff as much as you want, its the way the business world runs. Payroll and accounting software, windows only. Show me a proficient non-cloud based software that can handle those two roles and maybe youd have a point.

Windows=not doomed, at least not for anywhere ive worked in the past 10 years.

Re:All that is left

Lol, says the neckbeard who knows _nothing_ about the real world.

Re:All that is left

Devil's advocate time:

Even if they pissed off the retail customers, MS has one spot that they are virtually impossible to dislodge from, and that is the enterprise. For example, Exchange. There are other solutions (Zimba or Google Apps), but for scalability and management, there is no other messaging system that can handle the sheer amount of users that Exchange handles on a daily basis.

Same with Active Directory. LDAP is used in some small firms, but AD has scalability on its side.

There are alternatives to MS, but there isn't anything that can do the group policies to desktops on the massive scales that what is done with Windows.

Plus, MS knowledge is easy to find. I can pay $16,000/year and get a H-1B with a MCSE who is extremely competant, far more than local talent on average. Good luck with trying to find that with Linux.

Re:All that is left

[David_Hart]

is for the diva to sing the operatic conclusion and for cats and dogs to get along.

Microsoft is so doomed. Who really needs them? Not most people.

Have you seen the latest Samsung tablets? Holy cow the better than Hi-def resolution, vivid colors, awesome performance, none of them running Windows, all of them running Android. I saw them recently and my first reaction was: Microsoft is so doomed.

Unless you actually do real work...

Re:All that is left

[Nefarious+Wheel]

Clearly you've never supported a group of salesmen...

Re:All that is left

[Dutch+Gun]

Devil's advocate time:

Even if they pissed off the retail customers, MS has one spot that they are virtually impossible to dislodge from, and that is the enterprise. For example, Exchange. There are other solutions (Zimba or Google Apps), but for scalability and management, there is no other messaging system that can handle the sheer amount of users that Exchange handles on a daily basis.

Same with Active Directory. LDAP is used in some small firms, but AD has scalability on its side.

There are alternatives to MS, but there isn't anything that can do the group policies to desktops on the massive scales that what is done with Windows.

Plus, MS knowledge is easy to find. I can pay $16,000/year and get a H-1B with a MCSE who is extremely competant, far more than local talent on average. Good luck with trying to find that with Linux.

Well, they were pissing off their corporate customers too, who are refusing to upgrade to Windows 8, even in the face of XP end of service looming. That being said, don't take my last comment for anything but tongue-in-cheek. MS is not stupid. Arrogant, yes, but smart enough to understand that they can't continue the "my way or the highway" act in perpetuity. In fact, they're already showing signs of relenting. In Windows 9 the start menu is coming back, metro apps can now be windowed, etc, etc.

As you indicated, I don't think the corporate users are really going anywhere else for the time being. I mean, it's hard enough to get them off of IE6. A full OS switch is simply not going to happen overnight. If it happens, it will be a decades-long transition.

I'll have to take your word on the infrastructure issues. I'm a application developer, not an IT guy, so I have no idea about that sort of stuff.

Re:All that is left

3 years ago my family would be using Windows XP on 2 Lenovo X series, possibly also a Dell D610.
Today the four of us are on Apples and we all have Android based phones.
Whats windows again ?

Re:All that is left

[RabidReindeer]

Once upon a time, payroll and accounting ran on a mainframe. On punched cards, no less.

OK, so your current system runs on Windows. And you've a captive audience that has no choice but to use IE. A browser whose world-wide usage rate has been dropping for years.

Some day, it's possible that the CIO is going to come in and say "We're switching all our financials to Oracle. They gave us a real good deal on an Exadata server. Running Oracle Linux. And apps written in Oracle Java.

Nothing is forever in computers. Not even Windows. Although the time spent waiting on virus scans can certainly make it seem like forever.

Re:All that is left

[RabidReindeer]

Once upon a time, buggy whips had a large market share, too.

Re:All that is left

[sjames]

I'm guessing gmail supports far more users than there are in an enterprise and that it's not secretly backed by exchange.

You cannot legally get an H1-B MCSE for $16,000 a year. Beyond that, pay peanuts, get monkeys.

Re:All that is left

[davydagger]

oh no, we know.

We call this "lock ins", because its impossible to use anything else, even if what you have is pretty shitty. Windows might suck, but its the only thing that works for your specific software.

This is the only thing keeping windows, and for that matter, microsoft going. People don't like microsoft, they have to use it.

No, there is no short term solution.

Long term, microsoft is fucked, because when it launches new products, no one gives a fuck.

Re:All that is left

[colinjl]

GroupWise? That can scale. eDirectory scales better than AD and Zenworks manages devices of many types Ooops. I got confused by daylight savings and had my watch set to 2004...

Re:All that is left

Once upon a time, buggy whips had a large market share, too.

A meaningless "chestnut" that has little or nothing to do with this "real world" situation. How old are you? Did you just learn that?

Re:All that is left

[amiga3D]

You left out the US government. I work for the DOD and I still remember when Vista was launched to overall hatred by enterprise customers. No one was buying it but Uncle Stupid did. We had an excellent system running on XP Pro that worked flawlessly backed up by a good IT contractor. Vista came out and we switched to it and overnight we lost about 60 percent of our computers. They worked at it for a while and we ended up with just over half of them up and running at any one time. The IT guys worked their asses off keeping it halfway functional until we finally switched to Win 7. Even then it's never been as good as it was when we had XP Pro. I've noticed they may actually have learned something, they aren't buying Win 8.

Re:All that is left

I don't think you have a good hold on reality. Microslush was a preditory monopoly on the desktop, that's true. And they should have been broken up because of it under the Sherman Act. It was a failure of the American Judicial system not to have done so. But the truth is that traditional desktop PC sales are somewhere between flat and falling. Businesses can run very well by putting Chromebooks on the employees desktop, and have them connect to a company server. All data is stored on the company server. No virus problems on the Chromebook. The hardware is fast enough, and since data is on the server, when the employee logs off, they aren't walking around with company data. No NSA spying, no expensive license fees padding Bill Gates bank account, no forced upgrades. Chromebooks have interoperable software where the one with the latest software upgrade won't insist that it can't read data from the computer with the oldest software (completely opposite to a trick microsludge has been using to extort money from businesses for decades), and you aren't stuck with something you don't like. Got a new phone? Got a new tablet? It works! The marketing and sales guys don't want to be chained to the desk, they want to be banging on the customers door and making sales. The portable tools work best for them, and microsludge isn't in that game. MicroSludge is/was a one-trick pony, and their monopoly is becoming a cliche'. Sure they own the desktop (still), but does anyone care? Where I live the electronics recycling places show PC's being diverted from the landfill to the special recycler. Thats a hint for you.

Re:All that is left

[fremsley471]

Although you'd think it was an everyday meme, a quick Google shows it's not used on Slashdot that often. I'm pretty sure it was in vogue at one point a decade or so ago, when every car/computer related story seemed to have it. But not now.

So be nice! Or are you a flummoxed MS employee in London who's watching his horses being taken to the knacker's yard?

Re:All that is left

When did windows stop running in HD, with vivid colours, and on a fast CPU?

I'm just wondering, because most (I dare say all) of what you listed are hardware benefits, and while my computer is old, it does have HD and vivid colours. I bet it can even use a brand spanking new top of the line CPU, too!

Re:All that is left

[BenjyD]

Isn't that what everyone said about Nokia back in 2007?

Re:All that is left

[narcc]

That thing that just about everyone else uses.

Isn't reality neat?

Re:All that is left

[Jack+Griffin]

Some day, it's possible that the CIO is going to come in and say "We're switching all our financials to Oracle. They gave us a real good deal on an Exadata server. Running Oracle Linux. And apps written in Oracle Java.

That's nice. But what about the Desktop? Messaging? Office? All those other kooky little apps, add-ins and plug-ins the world runs on that all run on MS? You know IT is more than just Financials (most of which is Oracle and SAP already (ie not MS)), and there's lot more to a CIO's than a relgious crusade?

Re:All that is left

[gbjbaanb]

This is insightful?!

Exchange is a horribly bloated and slow piece of work, in the days before super-fast supercomputer server clusters, Exchange would handle relatively few users compared to a mail system (that, admittedly didn't do calendar or tasks or other crap no-one uses).

Active Directory is LDAP, with a few extra bits Microsoft wanted to lock you into. To think that LDAP is not scalable but Active Directory is, is laughable.

MS knowledge is cheap- - you can pay $16k a year and get a MCSE who is really not as competent as you think, who can do the basics but will fall down totally when things go south. Why else do you think good admins are expensive?

So, sorry.. your post is entirely trolling bullshit.

Re:All that is left

[RabidReindeer]

Some day, it's possible that the CIO is going to come in and say "We're switching all our financials to Oracle. They gave us a real good deal on an Exadata server. Running Oracle Linux. And apps written in Oracle Java.

That's nice. But what about the Desktop? Messaging? Office? All those other kooky little apps, add-ins and plug-ins the world runs on that all run on MS? You know IT is more than just Financials (most of which is Oracle and SAP already (ie not MS)), and there's lot more to a CIO's than a relgious crusade?

Believe it or not, I manage to work an office quite well without using Microsoft products. Although technically, I suppose you could call Skype a Microsoft product, even though I don't run it on Windows. OpenOffice has never been a problem for me, no matter what some people claim.

A CIO doesn't have to go on a "religious crusade" to make a change like that. All it takes is falling into the clutches of a good salesman. This is especially true in larger companies, where less-competent managers have basically allowed their vendors to do their decision-making for them in exchange for the assurance that the vendor would take care of everything. It's where the phrase "Nobody got fired for buying IBM" came from. Back when IBM actually offered support instead of cheap offshore monkey-with-a-script and Bill Gates was still trying to get into Harvard.

Re:All that is left

Alas you had to be a dick and use micro-slur every time didn't you.

Re:All that is left

The only people who think there are no alternatives are those who've bought into Microsoft products. AD works well if everything is MS based. Once you go outside of that world (Andriod, iOS, anyone?) it's basically no better than any LDAP server. The only reason MS is working with the Samba project to make sure that non-MS platforms can take "advantage" of AD and keep it relative.

MS knowledge is easy to find because most Windows admins knowledge of their server, networks, etc are actually pretty shallow. I've never met an MCSE who could work with Linux nearly as well as a Linux admin who could work with Windows.

Right now it's the MSCEs who are keeping Windows in the enterprise. I don't blame them. I wouldn't want to become irrelevant overnight either.

Re:All that is left

[gothzilla]

That's mostly because kids today are too many generations away from buggy whips and don't know what they are. The analogies have moved on to things they can relate to, like cd players.

Re:All that is left

[Tough+Love]

...all except for that pesky near 90% desktop market share

The desktop market that declined 10% last year, a trend that is expected to continue?

Re:All that is left

[Dutch+Gun]

The market is significantly broadening, no doubt, to include non-desktop/laptop computing platforms

Read the next sentence please. I'm not disagreeing with you, but all these starry-eyed predictions I've heard from the media / tech bloggers that the desktop will practically disappear completely is nonsense. The reason the desktop market is declining is that many light computing tasks (essentially, simple communication or the consumption of content) can be accomplished much better by phones and tablets, which are obviously a lot cheaper and more convenient than computers. These are the computers of the masses for the future.

However, when you need to create content (i.e. get real work done), you use a netbook, a laptop, or a desktop. When you don't need mobility, such as at home or work, or need the most powerful CPU/GPU available, then the desktop still makes the most sense, both ergonomically and economically. I don't see any viable replacement for desktop computers on the horizon, so it will remain a decent market, albeit more specialized than before. And unless there's some sort of radical shakeup, we'll still be seeing Windows there as a major player for a long time.

The media keeps playing up the "death of the desktop", but what we're seeing is a simple market adjustment. It doesn't mean the desktop is going to disappear by any means. Microsoft can do quite well relying on nothing but their desktop / laptop sales if they so desired, but obviously they realize it's a declining market, so are (somewhat unsuccessfully so far) scrambling to stay relevant in the tablet/mobile space as well. Even if those efforts flop, they're going to remain a behemoth (like IBM), but will simply be far less relevant than they are today.

Re:All that is left

Exchange is a horribly bloated and slow piece of work

That's the sort of crap spewed by people who want to criticize but don't actually know how, just saying its "bloated" which is a meaningless term and usually is a PEBKAC due to mis-configuration. What competing solution offers all the features of Exchange?

Re:All that is left

Actually they predict a total < 7.5% decline worldwide over the next 4 years.

Re:All that is left

[Tough+Love]

-7.5% compound annual growth rate is massive, especially considering the growth rate of smartphones, tablets and chromeos. And that is not even taking into account the likelihood of productivity apps showing up on chromeos and android to further accelerate the trend. IDC's numbers are basically just talking about people who defect because they care more about media consumption than spreadsheets. That's a relatively small hole in the Windows bucket compared to having the whole bottom fall out when Android moves into the office.

Re:All that is left

[Dutch+Gun]

-7.5% compound annual growth rate is massive, especially considering the growth rate of smartphones, tablets and chromeos. And that is not even taking into account the likelihood of productivity apps showing up on chromeos and android to further accelerate the trend. IDC's numbers are basically just talking about people who defect because they care more about media consumption than spreadsheets. That's a relatively small hole in the Windows bucket compared to having the whole bottom fall out when Android moves into the office.

I don't really see how productivity apps on tablets can replace actual PCs running actual business software within a corporate environment. Productivity software on a tablet means that you can access/view/share corporate documents perhaps, but create them? I'm not sure what you use a computer for in your work day, but I certainly couldn't possibly use a tablet to do my work. There's a LOT of business software out there that will simply never be ported to another OS either, and until it's depreciated completely, Windows will be around in force.

It seems safer to bet on what's already proven and established, especially when you're talking about rather conservative customers like businesses. Like I mentioned earlier, you can barely wean those guys off XP or IE6, and you're talking about a pretty radical jump in technology. I'm afraid I just don't buy it. Of course, I'm just guessing about the future like everyone else is, and could be totally wrong, but people have been predicting the imminent death of MS for years, yet they're still a behemoth, and still very relevant.

Re:All that is left

[Tough+Love]

I don't really see how productivity apps on tablets can replace actual PCs running actual business software within a corporate environment...

What makes you think Android isn't going to spread to laptops and desktops? Or Chromeos isn't going to get proper application support?

Re:All that is left

[Lennie]

"Even if they pissed off the retail customers, MS has one spot that they are virtually impossible to dislodge from, and that is the enterprise. For example, Exchange. There are other solutions (Zimba or Google Apps), but for scalability and management, there is no other messaging system that can handle the sheer amount of users that Exchange handles on a daily basis.

Same with Active Directory. LDAP is used in some small firms, but AD has scalability on its side."

And non of these things need a Windows desktop machine.

The Windows desktop could very well be domed. The only Windows desktop you'll see in the future is through RDP or Citrix, whatever. where it can most easily be managed.

Re:All that is left

[Jack+Griffin]

Believe it or not, I manage to work an office quite well without using Microsoft products. Although technically, I suppose you could call Skype a Microsoft product, even though I don't run it on Windows. OpenOffice has never been a problem for me, no matter what some people claim.

I'm sure it works for some, but you're not looking at it from the eyes of an organisation that already has bolted on Office/IIS/SQL/.Net through the Enterprise. Removing for for something that does the same thing except without the MS logo makes no political sense.

Re:All that is left

[RabidReindeer]

"... where less-competent managers have basically allowed their vendors to do their decision-making for them in exchange for the assurance that the vendor would take care of everything" makes political sense. To them, anyway.

I know a shop that was solidly Solaris, but HP came in with Red Hat Linux and promised them significant savings. Solaris started evaporating in that shop. Because it made economic sense. To them, anyway.

Or they could just hire some kids to load Linux

[gewalker]

Or they could just hire some kids to load Linux -- I could load Linux on a lot of old computers with a locked down linux and browser. The Chromebooks will be $200 per.

Re:Or they could just hire some kids to load Linux

[Blaskowicz]

They save some physical space and importantly power. It depends on how much RAM the old PC have too.. A nice trick is to make the PCs diskless workstations, that makes them reliable (no hard drive) and replaceable on a whim. But if you're going to do everything on a browser having at least 2GB memory is nice, especially if you have no swap.

From insecure......

..... To no security! :)

And don't give me shit how it is safer then XP, cause in the end it is not, it is cheaper!

Looks like a small local experiment

[uCallHimDrJ0NES]

Not exactly earth-shattering in scope. Look: https://en.wikipedia.org/wiki/....

This is the year of Linux on the desktop! Finally!

[BumbaCLot]

Chrombook is Linux rite?

More Savings, More Doing

[Art3x]

From the article:

The council was previously running 3,500 Windows XP desktops and 800 XP laptops

and is much happier now.

Re:More Savings, More Doing

[BasilBrush]

Amazing how they've replaced all that with the 350 Chromebooks they've bought. Oh, that's right, they haven't. It's a pilot.

Going on the rate Munich switched to a Windows alternative, you've got 10 years to wait for those Windows machines to be replaced.

Biggest saving is...

[QuantumLeaper]

2300 Chrome machines vs. 4300 XP machines, I wonder what the true saving are. Since the totals doesn't add up, what did they do eliminate 2000 workers and 2000 machines, or are they going to make 2000 workers use pen and paper or am I missing some here?

Re:Biggest saving is...

[Rich0]

2300 Chrome machines vs. 4300 XP machines, I wonder what the true saving are. Since the totals doesn't add up, what did they do eliminate 2000 workers and 2000 machines, or are they going to make 2000 workers use pen and paper or am I missing some here?

No idea why the numbers changed (though it is pretty common in mass-update situations like this to audit workstation assignments and get rid of all the extra laptops that got requisitioned so that somebody could have two/etc).

However, I can easily see why a Chromebook is cheaper in a corporate environment, assuming it can run all your software. They're nearly zero-effort to deploy (just log in once using an admin account and it auto-provisions), self-update automatically, don't need antivirus, already have full-disk encryption and secure boot, and Google handles all the identity management. You only use them with remote applications (web or otherwise), so there is nothing to backup locally, and no retention issues with legal holds. Basically you can eliminate almost your entire workstation-management infrastructure, and the hardware isn't really any more expensive than what you'd otherwise purchase. If somebody breaks their laptop, they just go over to the supply closet and get a new one, log in, and in 30 seconds everything is auto-synced.

The catch is that you have to be able to run EVERYTHING in Chrome.

A chromebook gives any business a fairly complete enterprise-level workstation management service for free. To get to all the management functions you need a Google Apps account, but even Grandma gets a laptop that can't get viruses, backs up everything important offsite automatically, auto-updates, and which is fully encrypted. That is a whole bunch of software/configuration/caretaking if you want to do it on Windows.

Re:Biggest saving is...

[confused+one]

If you RTFA you would have seen that a sizeable fraction of their staff had both a desktop and a laptop, and will only be receiving a chromebook as a replacement. Some workers will be updated to Windows 7 machines where they have applications that are not available in web based or Citrix based environments.

Re:Biggest saving is...

I have 5000+ users at my work. With some uber-rare applications .. everything can run on Citrix that is not web based.
Pretty sure that will be the case if/when we go to ESX VDI .

Re:Biggest saving is...

Holy cow, it's like they put Windows RT on a laptop!

Re:Biggest saving is...

[matbury]

Beware of any statements like, "don't need antivirus" and "gets a laptop that can't get viruses"

Re:Biggest saving is...

Why? Never had an anti-virus on my non Windows systems. 30 years now. Never had a virus. It's about understanding your environment and limiting what the software should do.

Now I wouldn't recommend it for most. Some people turn off anti-virus software because they can't open the new email aunt Betty sent over. Some people just can't understand why auto-executing a USB key is such a bad idea. They are the same people who want the CD/DVD to start when they load it.

Userland software should not run as administrator/root/system period. NO exceptions. Email should never auto execute... and so on.

Re:Biggest saving is...

How do you know you don't have a virus if you never check for one? Personally I don't care if a virus gets admin access on my machine, all my important data is in userland and everything under admin is easily replaced. Gone are the days when viruses trash your hardware. Some viruses are even nice enough to take out other viruses.

Though I don't run anti-virus software too, so I should probably shut up.

Re:Biggest saving is...

[wvmarle]

The requirement of stuff like Google Apps account and having Google do your identity management, will be a huge turn-off for many corporations. Unless Google has an option to have these services all in-house.

Especially when it comes to sensitive data (and not just medical, my personal financial records for example I don't want out in the open either) I'd like to keep it at home. Not unencrypted on someone else's cloud. And definitely not in some foreign country, where organisations like an NSA are active.

Re:Biggest saving is...

Why can't a chromebook get a virus? have that made the disk read only or something? perhaps discovered some way to write a perfect OS with Zero vulnerabilities and no need to ever update it?

Re:Biggest saving is...

[mpe]

However, I can easily see why a Chromebook is cheaper in a corporate environment, assuming it can run all your software. They're nearly zero-effort to deploy (just log in once using an admin account and it auto-provisions), self-update automatically, don't need antivirus, already have full-disk encryption and secure boot, and Google handles all the identity management.

Having a third party manage things has it's own set of associated risks. Which may be poorly understood/managed if this is a radical change of paradigm. Also "full-disk encryption" is pointless on a device which isn't storing data.
A critical factor is how easy is corporate management with Chromebooks. Including can it be done using servers you control...

The catch is that you have to be able to run EVERYTHING in Chrome.

Other issues include do you want Google (and their "friends") looking over what you are doing? Can loss of Internet connectivity (or a server on the other side of the planet) inhibit you ability to do anything, even where your LAN/WAN/VPN may be perfectly functional? (Including in cases where you havn't outsourced your data.)

backs up everything important offsite automatically, auto-updates, and which is fully encrypted.

Unless you can be sure exactly where the data will be stored there can be both business and legal reasons why this is a very bad idea. Also without proper control of encryption keys (and possibly encryption methods) supposedly encrypted data may as well be in plaintext for all practical purposes.

Re:Biggest saving is...

[Phillip2]

2300 Chrome machines vs. 4300 XP machines, I wonder what the true saving are. Since the totals doesn't add up, what did they do eliminate 2000 workers and 2000 machines, or are they going to make 2000 workers use pen and paper or am I missing some here?

Probably the numbers are real. Since we spent lots of our money on bailing out banks and wars, and big business doesn't pay tax any more, many areas of the public sector have been cut. Most local councils have shed workers wholesale.

Re:Biggest saving is...

[Rich0]

Having a third party manage things has it's own set of associated risks. Which may be poorly understood/managed if this is a radical change of paradigm. Also "full-disk encryption" is pointless on a device which isn't storing data.
A critical factor is how easy is corporate management with Chromebooks. Including can it be done using servers you control...

It would actually be nice to be able to point Android/Chromebooks/etc at your own servers. There is nothing about the design that necessitates that they talk to Google. That's just how Google set them up.

Full-disk encryption still protects your cache/cookies, and any files you may have downloaded just to view, or to upload somewhere else. It also prevents somebody else from installing a software keylogger/etc (in conjunction with secure boot). I think it is relevant for any PC.

Other issues include do you want Google (and their "friends") looking over what you are doing?

Well, you can use Google for authentication-only. You don't HAVE to sync your settings, or use their other services. But, yes, it would be nice if you could run your own authentication/sync servers.

Can loss of Internet connectivity (or a server on the other side of the planet) inhibit you ability to do anything, even where your LAN/WAN/VPN may be perfectly functional? (Including in cases where you havn't outsourced your data.)

The devices are perfectly capable of running offline entirely - they cache credentials. Of course, they won't be syncing/etc if they can't reach Google.

Also without proper control of encryption keys (and possibly encryption methods) supposedly encrypted data may as well be in plaintext for all practical purposes.

The chrome sync code is all available in Chromium, so anybody can audit the algorithm. If you check the box your settings should be encrypted before they are uploaded to Google using your password. So, that side of things seems to be handled fairly well. Of course, you're already trusting Google to be able to deploy updates on your device, so if they want to give one of your Chromebooks a "special" update that captures your password or whatever they could conceivably do so. Also, it is difficult to validate that the pre-loaded software on a Chromebook is using the source code in Chromium.

Re:Biggest saving is...

[Rich0]

Beware of any statements like, "don't need antivirus" and "gets a laptop that can't get viruses"

The OS is read-only and uses secure-boot. If something does manage to install itself there, the device will refuse to boot and you need to do an OS reload from a thumb disk to restore it (which is fairly easy to do).

So, think of it like having the antivirus built-in. Otherwise everything happens in the Chrome browser where every tab runs in a jail. Sure, that can have bugs, but those get discovered and fixed by updates. So, again, think of it like having the anti-virus built-in.

What does an anti-virus do which a Chromebook isn't already doing?

Re:Biggest saving is...

[Rich0]

Well, you can keep it encrypted in someone else's cloud (assuming you trust them not to make that option not work in an update), but yes, it would be nice if Android/ChromeOS/etc could be pointed at your own authentication systems.

Re:Biggest saving is...

[Rich0]

Why can't a chromebook get a virus? have that made the disk read only or something? perhaps discovered some way to write a perfect OS with Zero vulnerabilities and no need to ever update it?

It uses secure boot. Look it up. :)

Sure, it might be possible to jailbreak it as is routinely done with iPhones, but it would require that kind of effort. Since every Chromebook has a little switch that lets you disable the secure boot feature after a self-imposed wipe nobody bothers to jailbreak them.

Basically it is like having tripwire on steroids. If the image isn't signed by Google and valid, then it won't run.

Re:Biggest saving is...

[gander666]

And, if you are an Oracle house, you sadly need IE, and some lame down rev, unsafe version of Java (lesson learnt - Never update Java on my work machine until they push if via config manager...)

Re:Biggest saving is...

[Ash-Fox]

Note: I am not the grand parent.

The OS is read-only and uses secure-boot. If something does manage to install itself there

There was a time I had imaged Windows XP systems that booted from a read only flash device, this didn't stop those Windows XP systems from getting infected with a worm that sat on top of the famous Blaster worm, it's payload was a key logger reporting back to it's controller (was a problematic situation as I had no control of the network these were connected to).

So, think of it like having the antivirus built-in.

My quick fix (outside of being unable to update the OS due to some software conflicts) was to install anti-virus software that automatically updated it self to combat such worms. I think your line of thinking is wrong.

What does an anti-virus do which a Chromebook isn't already doing?

Combat worms, viruses etc. in real time as opposed to just on boot.

Re:Biggest saving is...

[Rich0]

Note: I am not the grand parent.

The OS is read-only and uses secure-boot. If something does manage to install itself there

There was a time I had imaged Windows XP systems that booted from a read only flash device, this didn't stop those Windows XP systems from getting infected with a worm that sat on top of the famous Blaster worm, it's payload was a key logger reporting back to it's controller (was a problematic situation as I had no control of the network these were connected to).

If the device were using secure boot, the device would refuse to boot at next reboot.

What does an anti-virus do which a Chromebook isn't already doing?

Combat worms, viruses etc. in real time as opposed to just on boot.

The browser already does this. Anytime there is a known exploit it is patched to prevent the virus from being installed in the first place. An antivirus provides no protection against an unknown virus using a new infection mechanism. Both ChromeOS and an antivirus require regular updates to provide active protection.

At least with ChromeOS if a virus does get in it will be reliably detected at the next reboot. With an antivirus if you get a zero-day infection there is no reliable way of removing it.

Most of the traditional advantages of antivirus go away in an environment like ChromeOS. These include:
1. Antivirus vendor becomes aware of a threat and can deploy a solution faster than Microsoft. Google doesn't tend to sit on zero-days.
2. Since the OS is designed to execute arbitrary code without whitelisting, you need to enumerate all possible evil. ChromeOS isn't designed to let the user execute arbitrary code, and anytime a way to do this is detected it gets patched out as quickly as an antivirus update could be distributed anyway.

I do get the objection that secure boot only kicks in at boot, but I think when you consider how antivirus and ChromeOS updates work in practice, the latter actually provides more security.

But, if you have a specific threat model I haven't considered, I'm all ears. I don't get paid by anybody to like ChromeOS...

Re:Biggest saving is...

[Ash-Fox]

If the device were using secure boot, the device would refuse to boot at next reboot.

You misunderstand, it did not change the windows system on the flash device. The system when it booted was always clean and got infected after boot; rebooting it would restart with a clean windows install again.

An antivirus provides no protection against an unknown virus using a new infection mechanism.

Actually, it does. Modern anti-virus software still has heuristics that will kick in and many use 'community' based data to help determine the risk of a binary. This sort of filtering is available without the need to update software.

Anytime there is a known exploit it is patched to prevent the virus from being installed in the first place

Then you maybe surprised to learn that producing patches for software takes longer than simply adding a few heuristic patterns or scripted rules to block it. There have been a few instances where I have pushed rules through firewalls and various anti-virus blocklist schemas to block problematic issues while vendors were still trying to resolve them (the last one I dealt with involved Java vulnerabilities, where Oracle spent a lot of time making patches while I simply blocked it's use on untrusted sites with a few rules supplied to the URL filters in anti-virus control panels).

I do get the objection that secure boot only kicks in at boot, but I think when you consider how antivirus and ChromeOS updates work in practice, the latter actually provides more security.

No, you don't get my argument at all. I was booting systems that were 'fresh' installs every time the systems started and they would get infected practically immediately after boot. Secureboot doesn't help outside of exploits that would virtualize your entire operating system instance in order to hide itself. When you have an exploit that lets you run remote code on the system, you're running remote code. Maybe not on boot if there are code signing checks all the way, but that won't matter when it gets exploited on next boot.

In other words, you can still run malicious userland regardless if it got onto the system which is why a reactive Intrusion Detection System such as Anti-Virus software is extremely helpful.

Re:Biggest saving is...

[Rich0]

If the device were using secure boot, the device would refuse to boot at next reboot.

You misunderstand, it did not change the windows system on the flash device. The system when it booted was always clean and got infected after boot; rebooting it would restart with a clean windows install again.

Sure, but only until the underlying vulnerability gets patched. Your antivirus wouldn't do anything about it until it is updated either.

An antivirus provides no protection against an unknown virus using a new infection mechanism.

Actually, it does. Modern anti-virus software still has heuristics that will kick in and many use 'community' based data to help determine the risk of a binary.

How can a heuristic handle a virus using a new infection mechanism? They only protect against viruses using known mechanisms, but which have a signature not in the database.

Any virus with a known mechanism would also be blocked by fixing the underlying browser exploit.

Anytime there is a known exploit it is patched to prevent the virus from being installed in the first place

Then you maybe surprised to learn that producing patches for software takes longer than simply adding a few heuristic patterns or scripted rules to block it. There have been a few instances where I have pushed rules through firewalls and various anti-virus blocklist schemas to block problematic issues while vendors were still trying to resolve them (the last one I dealt with involved Java vulnerabilities, where Oracle spent a lot of time making patches while I simply blocked it's use on untrusted sites with a few rules supplied to the URL filters in anti-virus control panels).

I guess it is a good thing that ChromeOS doesn't support Java then. :)

There is no reason that it should take longer to update a browser/OS than to issue a new heuristic detection code. They both involve software development and are more complex than just adding a signature. How many Chrome exploits have you mitigated against using antivirus alone, and for how long?

When you have an exploit that lets you run remote code on the system, you're running remote code. Maybe not on boot if there are code signing checks all the way, but that won't matter when it gets exploited on next boot...In other words, you can still run malicious userland regardless if it got onto the system which is why a reactive Intrusion Detection System such as Anti-Virus software is extremely helpful.

Why would an antivirus software package be more likely to stop a new virus using a previously-unknown exploit than simply fixing the exploit in the first place? The only real argument I can see is that the one is faster to update than the other. In practice, I haven't really seen this as a problem for Chrome. They don't limit themselves to only issuing updates once a month, etc.

Patching exploits is what keeps new infections out. Secure boot is what ensures the system is clean after a known exploit has been patched.

I can see the argument that having both is better than one or the other. However, if I had to pick and choose I'd pick secure-boot and frequent updates over an antivirus. XP installations suffering from viruses are common despite the OS fully supporting antivirus software. ChromeOS installations suffering viruses are unheard of, despite not supporting antivirus.

Re:Biggest saving is...

[Ash-Fox]

Sure, but only until the underlying vulnerability gets patched. Your antivirus wouldn't do anything about it until it is updated either.

Anti-virus software does not usually require software updates to catch identified viruses, it's usually just updating a definition/heuristic file.

How can a heuristic handle a virus using a new infection mechanism?

I'll use a consumer product that you're likely more familiar with in my example rather than enterprise software I use.

Avast has a heuristic built in for files that have no reputation, it runs these files inside a sandbox and observes it's behaviour. If the program in question starts doing dodgy things like delivering typical infection payloads, avast will close the sandboxed and block the file from being ran on the actual system.

In the case of worms, Avast also passively monitors applications generally and when it detects a typical payload that worms use (such as trying to install a system root kit and a bunch of start up entries) will intercept the system API calls that being used to perform this and prevent that from happening.

They only protect against viruses using known mechanisms, but which have a signature not in the database.

Indeed.

How many Chrome exploits have you mitigated against using antivirus alone, and for how long?

Chrome being unauthorized software on some systems I manage is blocked on multiple levels. Chrome (and by extension, it's exploits too) have been blocked ever since it came into existence. Said management is done through system software policies that are reinforced by anti-virus solutions and passive proxy filters.

Avast Reputation services is an example, a low reputation will result in the code from being executed entirely.

Patching exploits is what keeps new infections out.

Sure, but until that happens, you're vulnerable, the time it takes to patch something verses adding a signature or a heuristic definition is significantly different.

However, if I had to pick and choose I'd pick secure-boot and frequent updates over an antivirus.

The original argument was that one replaces the other, which is what I disagree with. They both have different practical uses.

ChromeOS installations suffering viruses are unheard of

I don't deal in security around historical infections, I deal in the possibility of how a system can be compromised and then mitigating that risk as fast as possible and then through better means later if possible.

Re:Biggest saving is...

[Rich0]

Sure, but only until the underlying vulnerability gets patched. Your antivirus wouldn't do anything about it until it is updated either.

Anti-virus software does not usually require software updates to catch identified viruses, it's usually just updating a definition/heuristic file.

By update I was speaking of definition updates. Without them, the software can't detect a new form of virus.

How can a heuristic handle a virus using a new infection mechanism?

Avast has a heuristic built in for files that have no reputation, it runs these files inside a sandbox and observes it's behaviour. If the program in question starts doing dodgy things like delivering typical infection payloads, avast will close the sandboxed and block the file from being ran on the actual system.

In the case of worms, Avast also passively monitors applications generally and when it detects a typical payload that worms use (such as trying to install a system root kit and a bunch of start up entries) will intercept the system API calls that being used to perform this and prevent that from happening.

So, either the virus is using a known mechanism/payload/etc or not.

If it is, then the OS will be patched against it, and the virus won't be able to install a rootkit/etc.

If it is unknown, then Avast will carefully examine it and detect nothing suspicious going on, and allow it to proceed, and it will install a rootkit. That will happen under ChromeOS as well, but the system will catch it on the next boot if it is persistent. If it isn't persistent then it will be lost until the next boot, and after the next update it won't be able to be re-installed.

What makes you think that a heuristic scanner will be able to discover a virus, but the OS vendor won't be able to patch the vulnerability that allowed it in?

How many Chrome exploits have you mitigated against using antivirus alone, and for how long?

Chrome being unauthorized software on some systems I manage is blocked on multiple levels.

I didn't ask whether you blocked the installation of Chrome. I asked you if you had prevented anything from exploiting Chrome using antivirus software that otherwise could have actually exploited it. It sounds like the answer is nothing, but that doesn't really mean much since you choose not to use it, which is of course fine.

Patching exploits is what keeps new infections out.

Sure, but until that happens, you're vulnerable, the time it takes to patch something verses adding a signature or a heuristic definition is significantly different.

Do you have any examples pertaining to some component of ChromeOS where an antivirus software package could detect an exploit for a significant period of time before ChromeOS was patched?

You claim the time required to update a definition vs patch a vulnerability is significantly different, but I don't really see any evidence supporting this. At least, not as concerns ChromeOS. Sure, you can pick something like Java or Windows where they sit on vulnerabilities for ages, but the whole point of using ChromeOS is that you're avoiding those unmaintained platforms.

I don't deal in security around historical infections, I deal in the possibility of how a system can be compromised and then mitigating that risk as fast as possible and then through better means later if possible.

Sure, but you have to decide what risks are actually worth protecting against, and history can be helpful there. I'm sure your systems are completely vulnerable to a comet impact that destroys all life on earth, and that is because the risk of that happening is low compared to the effort required to mitigate it.

Besides, what is your alternative? I'm not aware of any

Re:Biggest saving is...

[Ash-Fox]

By update I was speaking of definition updates. Without them, the software can't detect a new form of virus.

I wasn't, because the difference between a software patch and a definition update is the time it takes to produce them.

So, either the virus is using a known mechanism/payload/etc or not.

True, focus on detecting has shifted to looking at payloads rather than mechanisms now, because payloads are harder to make a different.

If it is, then the OS will be patched against it, and the virus won't be able to install a rootkit/etc.

If it is, then it has a low reputation and will be blocked with the right security settings anyway (admittedly, I have that type of functionality turned off on my machines because I develop software too, anti-virus software putting my compiled applications into quarantine or deleting is annoying).

What makes you think that a heuristic scanner will be able to discover a virus, but the OS vendor won't be able to patch the vulnerability that allowed it in?

A recent example is Oracle's recent struggle with Java vulnerabilities: https://blogs.oracle.com/secur...

They were unable to patch their software fast enough to close all the zero days. I was able to define rules in anti-virus to block unauthorized issues in Java however.

You claim the time required to update a definition vs patch a vulnerability is significantly different, but I don't really see any evidence supporting this.

I just gave you some.

I'm sure your systems are completely vulnerable to a comet impact that destroys all life on earth, and that is because the risk of that happening is low compared to the effort required to mitigate it.

I generally work off using requirements, ie: Must be protected against cyber threats, physical access requirements against an armed person, isolated networks etc.

I also suggest new requirements to add to those and raise risks around certain implementations.

Besides, what is your alternative?

I would need a set of requirements to work with first and some time to research the options. Something that I don't really want to do for this conversation.

I'm not aware of any other OS that provides the same kind of security/etc for anywhere near the same cost as ChromeOS.

I don't really deal with things on a consumer level, but, it wouldn't be unlikely to get a good deal with certain PC vendors for getting X amount of units for a fairly cheap price. So, money is not exactly a thing I worry too much about in my current line of work.

The last virus-related issue we had at work was a few years ago when McAfee deployed a definition update that quarantined a critical system file - half the company was down for a few days while everybody brought their PCs in for servicing.

McAfee isn't that great of a piece of anti-virus software. If you visit http://www.av-comparatives.org... you will find that it's often near the bottom when it comes to comparisons (even a few years ago). So, it doesn't surprise me you ran into problems with a piece of software that does not really excel in good quality.

It does have one of the better enterprise management control panels however, but I don't think this makes up for it's poor (or lack of) heuristic scanner and depends almost entirely on cloud connection for doing that sort of analysis.

Something like that would be virtually impossible on ChromeOS since the whole OS image is device-specific and updated as a unit, so if one doesn't boot none of them will (so only an idiot would miss it in testing).

Re:Biggest saving is...

[Rich0]

You claim the time required to update a definition vs patch a vulnerability is significantly different, but I don't really see any evidence supporting this.

I just gave you some.

You keep coming back to Java, but Java is not a component of ChromeOS. I'm sure there are incompetent antivirus vendors who release new signatures 18 months after a threat is detected, but that really has no bearing on the usefulness of antivirus software. In the same way, the fact that Oracle can't figure out how to do security updates is just one of the reasons why ChromeOS doesn't support Java at all.

I'm looking for evidence that an actual component of ChromeOS can't be updated as quickly as a virus definition.

Re:Biggest saving is...

[Ash-Fox]

You keep coming back to Java, but Java is not a component of ChromeOS.

I didn't say it was.

In the same way, the fact that Oracle can't figure out how to do security updates

I see no evidence of that being the case. Oracle use automatic updates, sane patching policies (breaking changes go into the next 'major' version of Java etc).

is just one of the reasons why ChromeOS doesn't support Java at all.

That's quite the assumption there, the goals I have heard with Chromebooks involves promoting cloud, HTML5 local applications. I don't see how Java fits into that vision on a Chromebook to begin with.

I'm looking for evidence that an actual component of ChromeOS can't be updated as quickly as a virus definition.

Eh, I'm not that knowledgeable on ChromeOS it self, but there is one component it uses that I am fairly familiar with... I can deploy a heuristic filter for CVE-2013-1860 in roughly 15 minutes with some fairly simple pattern matching through a text file and my software/security management console. It doesn't require a reboot or interaction from users, nor does it interrupt the user.

Compare this to the time it takes to figure out the code changes for CVE-2013-1860, compile a debug build of the kernel, pass it to the build server for a non-debug build, sign it and patch systems, the vulnerability only fixed after a reboot. Pretty certain that the minimum there is at least a few hours.

The evidence here is the fact that I can write a text file with a few lines to prevent the attack from working as opposed to changing code (possibly even doing major re-factoring) that requires recompilation of kernel.

This is going to be the case for the majority of exploits out there where existing adequate support for 'definitions' that could counter this can be used.

Re:Biggest saving is...

[Rich0]

Eh, I'm not that knowledgeable on ChromeOS it self, but there is one component it uses that I am fairly familiar with... I can deploy a heuristic filter for CVE-2013-1860 in roughly 15 minutes with some fairly simple pattern matching through a text file and my software/security management console. It doesn't require a reboot or interaction from users, nor does it interrupt the user.

Your antivirus software is capable of intercepting and preventing buffer overflow attacks coming in via the USB port?

Re:Biggest saving is...

[Ash-Fox]

Your antivirus software is capable of intercepting and preventing buffer overflow attacks coming in via the USB port?

Yes. In this specific scenario, if this would have been a Windows issue, I would have managed through my software/security management panel and Lumension; while on Linux it's through my software/security management panel and system black and white lists (ie: udev rules).

Re:Biggest saving is...

[Rich0]

I'm not saying it isn't possible, but depending where on the protocol stack the USB port is intercepted, it might still be vulnerable. You also introduce the risk of vulnerabilities in your antivirus software (which is probably closed-source), and the risk of breaking things if you deploy a bad update (why would an OS update require testing, but an antivirus update not?).

Antivirus really seems like a technical solution to a non-technical problem: unresponsive software vendors. It lets you pick MS for their UI, but somebody else for their support.

Re:Biggest saving is...

[Ash-Fox]

I'm not saying it isn't possible, but depending where on the protocol stack the USB port is intercepted, it might still be vulnerable.

Possible, yes.

You also introduce the risk of vulnerabilities in your antivirus software (which is probably closed-source)

Yes, there is a risk when you run any software.

and the risk of breaking things if you deploy a bad update

As with any software, you risk breakages when you deploy an update. Of course, in the case of anti-virus software, you're at risk of downtime if it's a bad update, much like OS updates. However, in some cases, the risk maybe reduced, when the software does not require refactoring of major code on short notice.

(why would an OS update require testing, but an antivirus update not?).

I never said don't do testing (unless there is some massive risk that would qualify downtime being acceptable over vulnerability). I noted repeatedly that the time it takes to produce a software change would take more time than updating definitions in general circumstances.

Antivirus really seems like a technical solution to a non-technical problem: unresponsive software vendors.

It doesn't seem that Google is better at it, considering the speed (the time that passed after the exploit was known) of when an update was made available for CVE-2014-1705, CVE-2014-1706, CVE-2014-1707, CVE-2014-1708, CVE-2014-1710 and CVE-2014-1711 (which were exploited on ChromeOS).

Something's fishy...

[MikeRT]

1. They're replacing 4,300 Windows machines with 2,300 Chrome machines. Why is the number of boxes cut nearly in half?
2. Did they factor in the cost of Google Apps?
3. Did they factor in the issue of retraining and other migration costs?

Bet they didn't. Bet they just said they can stop buying Windows boxes and that's all there is to the cost.

Re:Something's fishy...

If you need to re-train to use a chromebox, something is wrong.

Re:Something's fishy...

You didn't read the article.

What they are actually doing is using Windows 7, and Office on virtual desktops and connecting using Citrix from Chomebooks.

The reduction in machines comes from employees only having a chrome books rather than a laptop and a desktop.

I highly doubt this will save any money the headline figure is probably due to different pots of money being used for different infrastructure.

Re:Something's fishy...

there is no learning cycle.
they can reduce the numbers because they no longer need dumb client servers.

Dumb clients are actually extremely costly to run and extremely inefficient and costly to run, they can cut out 2000 servers just for running the web storage of files and administration...

Re:Something's fishy...

4. Did they factor in the issue of privacy?

Re:Something's fishy...

[confused+one]

They probably didn't factor in the cost of Google Apps; however, one has to ask, how does that compare to Enterprise licensing for Microsoft Office and the server licenses to support Exchange, Active Directory and file server(s)?

Re:Something's fishy...

If you've ever sacrificed enough goats to divine the proper licensing you need to purchase from microsoft, you'll know the money they save /on software liscence cost alone/ will cover the hardware cost of even premium chromebooks 2 or 3 times over.

By the time you get done with Windows, Windows server, device/user CALS, Desktop services CALS, Systems management, etc hardware costs seem trivial.

Re:Something's fishy...

[Pumpkin+Tuna]

You don't do training with end-users much, do ya? ;-)

Re:Something's fishy...

[sjames]

Since the other option was moving from XP to Windows 8, retraining was going to happen either way.

The count was reduced because some employees who had a laptop and a desktop will have just the laptop now. Probably because modern laptops are just as good as a desktop for many applications.

Re:Something's fishy...

1. Chrome is more efficient than windows: use 1 Chrome laptop to replace 2 windows PC's and you still end up with better performance.
2. Google apps are free. Windows users forget that. They are used to paying through the nose for every last damn thing.
3. Retraining costs are marginal to non-existant. You are trying to argue that you need to learn to train on a pen after using a pencil. Dumb.

Bet you didn't think about that. Bet you said they are chained to Windows boxes and are now trying to inflate the cost.

Re:Something's fishy...

If your staff need retraining to use a Chromebook, then they'd need retraining to use Window 8, too...

Re:Something's fishy...

[PrimaryConsult]

Retraining would be required for Windows 8, so no cost difference in that area.
The cost of google apps can be compared against buying new office licenses for 2300 new PCs.

Nothing fishy at all, this actually looks like a good idea.

Re: Something's fishy...

"They're replacing 4,300 Windows machines with 2,300 Chrome machines. Why is the number of boxes cut nearly in half?"

Because a Chromebook can do nearly twice as much work as a Windows machine!

Because Google never just abandoned a project

It saves them the money now but what about when Google can't chase that squirrel anymore? I'm sure just like Microsoft they will extend the deadline like they have in the past...

Thanks Google, I just had to defend Microsoft. Thats just, well, evil. Boo.

This can work, if you don't mind change

I won't be so negative on Chromebook's. Having owned a couple myself and have seen them do OK in educational settings. I think everyone today is weighing costs vs longevity and usability. My only question to London Council is don't expect Chromebooks to outlast those XP PC's you claim are so expensive. I think they are thinking short term gains without looking at long term costs. I know after 6 months my Samsung Chromebook died, then I bought a Acer Chromebook and it was awful for WiFi range and dropped signal a lot. Like I said, I am not going to totally bash Chromebook's and Chromebox's. Its a viable alternative if the hardware lasts as long as PC's. I am concerned that many of the Chromebook's I have worked with. Do not appear to be sturdy enough for the kind of use in business, government or classroom's.

Re:This can work, if you don't mind change

[Pumpkin+Tuna]

I work in K12 schools. We've moved from the smaller Samsungs to the 14-inch HP Chromebook. It feels like a much more substantial machine and it's a hell of a lot faster. We've just started with them so I can't vouch for how they are going to do once we let the kids get ahold of them for a while. Of course at no more than $327 a pop, we can afford to replace them a lot easier than a Windows laptop.

This is nuts

[sgage]

Insanity. Putting government business in a Googly cloud (or any other corporate cloud) is Barking mad. Hopefully it is as a previous poster has suggested - trying to extort a cheaper license deal out of MS. The notion of govenment workers on Chromebooks is insanity.

Re:This is nuts

American Revolution - 1775...

Re:This is nuts

Insanity. Putting government business in a Googly cloud (or any other corporate cloud) is Barking mad. Hopefully it is as a previous poster has suggested - trying to extort a cheaper license deal out of MS. The notion of govenment workers on Chromebooks is insanity.

You didn't read the article :)

Re:This is the year of Linux on the desktop! Final

[Rich0]

Chrombook is Linux rite?

It is Gentoo. :) Well, in the same sense that Ubuntu is Debian...

The really amazing thing...

[JustNiz]

The really amazing thing is that one small Borough of London apparently employs over 2300 admin workers.
No wonder our taxes are so high.

Re:The really amazing thing...

Population 187k. About the size of Salt Lake City, whose city government employs more than 3,000. So pretty typical.

Re:The really amazing thing...

[turp182]

It does seem like a lot of people, one has to assume that there is only one system per person (there could be overlap with the Chromebooks for people that require portability). In 2011 the borough had a population of 187,000. 2,300 admin positions would be 1.23% of the population..

The unreasonable thing is being able to go from 3,500 XP desktops to a number closer to 2,000. I'd like to know how the number of total system can be reduced by 35% or more??? Maybe they are counting a warehouse of retired systems (which would be an unfair comparison)?

The reduction does not compute...

Re:The really amazing thing...

[JustNiz]

Just a guess but I'm wondering if they're also cutting back on some community/social program that includes provision of PCs and/or internet access as a public service.

Re:The really amazing thing...

[WillAffleckUW]

The really amazing thing is that one small Borough of London apparently employs over 2300 admin workers.
No wonder our taxes are so high.

Your taxes are high because the Square Mile in London pays no (as in Zero) taxes.

There's your problem.

Go after the giant gaping hole in your budget, not the smaller one that is admin.

Re:The really amazing thing...

[TheMathemagician]

"Tax paid by the UK financial services industry rose from £63bn to £65bn last year, equivalent to 11.7 per cent of total tax receipts to the Exchequer" --- Financial Times, December 2013. Also the top 1% of earners paid 30% of all income tax. Banking is a regulated industry. The sort of dodges which sports stars and actors use to avoid paying millions in tax just aren't allowed. So the Square Mile isn't in fact the problem at all.

Re:The really amazing thing...

Well, it does seem like 1 admin worker for every 100 people in their area - which does seem a bit high?

Re:The really amazing thing...

[WillAffleckUW]

You didn't disagree with my statement, you obscured it with off topic discussion of other taxes that some rich people pay.

I stand by my statement.

Don't get too excited

[cyberspittle]

Microsoft makes money on Android and probably ChromeOS

Re:Don't get too excited

[Lennie]

No, just Android devices sold by most vendors.

Microsoft does not have a deal with Google.

This will not end well

[enigmatic]

I actually think that replacing them with WindowsRT surface units would be better,
if they must go that way. There are some from other manufacturers that are laptops
running WindowsRT.

Putting Linux on the existing hardware would also make more sense, at least
its well established and can run full versions of available software in addition to
running Chrome apps. that would save them even more money.

But throwing out machines that could run a free operating system and replacing
them with brand new Chromebooks, that are very limited in processor capacity
and memory. Figuring that every document will be stored in the cloud somewhere
so that is not a concern.

What are the enterprise tools available for Chromebooks? Can you remotely
push configurations to the machines, make a change and push out new ones?

Are they going with Office 365 then? To use from their Chromebooks?

Re:This will not end well

[David_Hart]

I actually think that replacing them with WindowsRT surface units would be better,
if they must go that way. There are some from other manufacturers that are laptops
running WindowsRT.

Windows RT is basically a bad hobbled version of Windows. Now Windows Pro tablets, on the other hand...

Re:This will not end well

the "configurations to the machines" are the result of the Citrix connections.
On MY chrome book I have this big ICON on the desktop. Click it and off to a Citrix 6.x farm
Or I can goto chrome.

It really needs little remote admin - kind of like an electrical outlet - it just works.

Re:This will not end well

[im_thatoneguy]

Personally in our organization we like to save money but we also view buying a laptop as a very low cost expense. When an employee costs $100-$200k to employ (overhead, office space, janitorial, taxes, healthcare etc) a $1,000 system every 2 years or so is a tiny drop in the bucket.

At $150k / 40 hour weeks * 48 weeks = $79 per hour.

At that rate it only takes 10 hours of time savings before the computer (or $1,000 software) is "free". 10 hours sounds like a lot but if your employee has to wait 2 minutes a day for 2 years for a slow process you're looking at over $1,000 in wasted time. 2 minutes a day is a very very low bar for achievement.

Instead of trumpeting how much they saved on licensing fees, I would ask how much time they are saving--or are they? Is this just the IT department triumphantly cutting their budget or HR picking up the expense of extra employees to do the same work. That's the headline I would be interested in. If this saved them having 2 employees then they would save 400,000 pounds. If it meant they needed 3 more employees then they not only replaced the upgrade fees but actually increased their net budget.

I would suspect that WindowsRT like you say would probably be the easiest transition. I would argue that more than 2 minutes per day would be lost to Linux "hiccups" and confusion.

Re:This will not end well

[Blaskowicz]

Windows RT is a locked down version of the real Windows 8 (fine) but it comes with a consumer version of Office without Access and other stuff, and can't join a domain (and can't share files like Windows home editions are able to) and can't get GPOs applied.

They're using the Chromebooks as thin clients anyway. Windows runs on the server farm. If web browsing is allowed on the Chrome boxen, using the Chrome browser for your errands and looking up stuff etc. is pretty elegant, as the big strain on CPU and RAM resources that can entail is on the local machine and not the server that streams desktop to dozens users.

Re:This will not end well

[wvmarle]

If you're worried about gaining two minutes a day by getting faster computer hardware, maybe you should first have a look at the coffee machine. I bet there's much more of a time saving to be found there.

Re:This will not end well

> I would argue that more than 2 minutes per day would be lost to Linux "hiccups" and confusion.

Your argument would hold more water if they were actually talking about Linux laptops, rather than Chrome laptops that happen to use Linux under the hood.

To see the problem with your argument, try applying it to any Android device. They're Linux under the hood, too.

Re:This will not end well

As a corporate slob, I wonder just how much time and management savings there really is. Part of the appeal of a Windows domain is the Active Directory architecture, which allows for remote consolidation of user management and computer configuration. Of course, there is also a downside in that Active Directory isn't a panacea in and of itself, so typically a corporate machine runs a lot of bloatware (i.e. emergency messaging systems, smart card middleware, USB monitoring software, among others). My workstation is so bogged down with crap, some days I'm lucky if I get any bandwidth for myself to check work email.

Not sure how much a chromebook would actually fix some of the perceived necessities in user/workstation management, but I am sure they saved a bundle on up-front costs.

Re:This will not end well

[Dr_Barnowl]

Our new whitelisting software slows down one of our export processes from 2 minutes to around 14, because it hashes all the files it reads and outputs and eats CPU doing it.

So it goes from something people will run multiple times an hour, to something that people will seriously think twice about doing. All the productivity gains of rewriting the software and taking some pains to make it multithreaded erased because it has got to the point where the IT department won't trust your computer to do anything other than what they sign off on. A guaranteed job for them maintaining the whitelist, everyone else's job slowed down.

Got me a Chromebook

Using it right now, and this is about the extent of using it. It's like 1/2 step up from the netbook, or maybe it's 1/2 a step down

Re:Got me a Chromebook

[Pumpkin+Tuna]

Which one are you using. Some of the smaller Samsungs are weak sauce. The 4GB HP Chromebook 14s we are using at my school district are pretty smoking machines.

Why?!

At least go with a linux distro! Not that awful chrome "OS".

Real Work

[ArchieBunker]

What resource taxing applications do you think politicians use? Probably 90% of the time is documents and spreadsheets and the rest playing on the internet or solitaire.

Re:Real Work

[nyctopterus]

These are nearly all civil servants, not politicians. Since the boroughs do sanitation, roads, parks, etc., I'm sure there's a lot of systems to interface with.

Re:Real Work

[cusco]

British politicians? They need control of their own machine so that no one sees the kiddie porn they're sharing.

R.E. your sig - I take it you've never been late on a loan payment

Chromebooks for Business ..

[DTentilhao]

22% of U.S. School Districts using Chromebooks

Why Half of Our Company is Using Chromebooks

Chromebooks capture 20% of commercial notebooks

Re:Chromebooks for Business ..

[AGVirt]

Chromebooks make sense for certain business and organization use cases. Not all businesses can give up on Windows applications, however. While Google does have alternatives to Microsoft Office, many companies have legacy Windows-based applications that are not easily converted to cloud or web-based. However, there are solutions, based on HTML5 technology, that allow browser-based access to such applications. For example, Ericom's AccessNow HTML5 RDP solution enables Chromebook users to securely connect to Terminal Server or VDI virtual destops (or almost any RDP host) and run their applications and desktops in a browser. AccessNow does not require any installation on the Chromebook, so it's easy to deploy and manage. For an online demo open your Chrome browser and visit: http://www.ericom.com/demo_Acc... Please note that I work for Ericom.

Chromebooks are decent Linux laptops ...

[perpenso]

Or they could just hire some kids to load Linux -- I could load Linux on a lot of old computers with a locked down linux and browser. The Chromebooks will be $200 per.

A year ago I bought an Acer C7 Chromebook and installed Linux on it. Its my first Linux laptop that has a complete and working set of drivers. Of all the previous PC laptops that I have had and converted to Linux upon their retirement, they were always glitchy in one way or another, or lacked drivers.

I have had much better luck with desktops but I tended to build my own and tended to go with well regarded parts.

That said, for US$200 the Acer C7 is a pretty good Linux laptop for the money. The screen and trackpad may be nothing special but thats acceptable given the price IMHO.

Re:This is the year of Linux on the desktop! Final

[perpenso]

Chrombook is Linux rite?

Yes and no. All you see is the chrome browser, however there is Linux underneath.

If you disable OS verification you can install a full Linux on it, ChrUbuntu.

Can always install Linux on the chromebooks ...

[perpenso]

Putting Linux on the existing hardware would also make more sense ...

Perhaps for PC desktops but for PC laptops you are much more likely to have glitchy or unsupported hardware of some sort, ex. wifi.

And if Chrome doesn't work out you can install a full Linux on the chromebooks and you will have a complete and working set of drivers, there is a Linux under that Chrome.

No Clippy for you, London!

[WillAffleckUW]

Oh, wait, that's a feature.

Never mind.

GREAT MOVE !

Whilst I would have preferred MAC or Linux I have to congratulate them. This is a fantastic move. However, I bet they get SAM audited - Microsoft does that to everyone who tries to defy them.

Re:GREAT MOVE !

Chromebooks are an ideal solution for the majority of office workers especially if they already primarily access productivity applications via Citrix or an equivalent remote desktop application. Even if they move to application suites in the cloud the use of Chromebooks makes even more sense from a support perspective.

Except that....

London is also one of the worlds financial/trade capitols. I'm no expert but wouldn't that have something to do with it? I bet they employ less people than NYC even under Republican mayor Bloomburg.

Why from one pit of snakes to another?

[Virtucon]

Moving from MSFT is a great move but jumping into Google's camp is a bad move. It's trading one set of evils/problems with another. A few years ago I would have said great move but Google lately has started to become a more smiling version of Apple and Microsoft and frankly is pushing their commercial interests above that of open computing. London Council can be proud of saving money but in a few years I think we'll be hearing another headline that they're switching to something else.

Re:Why from one pit of snakes to another?

[wvmarle]

What are the alternatives, really?

Re:Why from one pit of snakes to another?

[TheMathemagician]

Linux of course.

Re:Why from one pit of snakes to another?

[wvmarle]

Which is exactly what Google is using already...

Re:Why from one pit of snakes to another?

[Virtucon]

Based on Linux, yes the rest is just Google invading your privacy and directing you to their view of the world.

Re:Why from one pit of snakes to another?

Thing is, even though Google are Evil As Hell right now, they are still far far better than Microsoft. They are the lesser of two evils.
Both have good-ish services. Both are terrible things now. But I'd sooner choose Google over Microsoft.

After all, Google made advertising decent. (after fixing a few gaping problems)
That is good for everyone else because it makes services cheaper at the expense of seeing some text and having some ghost profile created of you. Spooky.

Re:Why from one pit of snakes to another?

[Lennie]

They are using Citrix.

Re:Why from one pit of snakes to another?

[Virtucon]

ChromeOS is Linux based.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Once upon a few months back

more than likely some one from London Council didnt get an all expense paid trip to warmer climes paid for by Microsoft and Google kindly saved the day for that person.

Does the saving include retraining all the IT support staff and users who dont know chrome?

About Time

MSFT time has come. For not inovating. For producing an inferior product. Capitalism at its best.

Buggy whips

OK, substitute fax machines.

MULTISEAT IS COMPuING FOR IDIOTS

IT department IDIOTS everywhere shoudl take a serious look at multiseat

take a uATX sli mobo. 2 gigabyte geforce GT640OC 2GB cards (4 outputs each)

slap in an i3 and 8GB of ram. (or an i7 if you're feeling generous, might as well put in anohter 8GB of ram)

ad a 64GB ssd , a 500W PSU and a copy of microsoft multipoint server 2012 and you have a cheap 8-10 person computer that reuses all the monitors, mice and keyboards that you already have.

now you will need 8 or 10 usb hubs and maybe some extra cables here and there.

maybe the license fees may be similar.

BUT THE HARDWARE IS A LOT FUCKING CHEAPer PER SEAT THAT THESE STUPID LAPTOP WANNABES

less than $100 per seat is great value, i don't care who you are.