Slashdot Mirror
Security Experts See Chromebooks as a Closed Ecosystem That Improves Security (cnet.com)
The founder of Rendition Security believes his daughter "is more safe on a Chromebook than a Windows laptop," and he's not the only one. CNET's staff reporter argues that Google's push for simplicity, speed, and security "ended up playing off each other." mspohr shared this article:
Heading to my first security conference last year, I expected to see a tricked-out laptop running on a virtual machine with a private network and security USB keys sticking out -- perhaps something out of a scene from "Mr. Robot." That's not what I got. Everywhere I went I'd see small groups of people carrying Chromebooks, and they'd tell me that when heading into unknown territory it was their travel device... "If you want prehardened security, then Chromebooks are it," said Kenneth White, director of the Open Crypto Audit Project. "Not because they're Google, but because Chrome OS was developed for years and it explicitly had web security as a core design principle...." Drewry and Liu focused on four key features for the Chromebook that have been available ever since the first iteration in 2010: sandboxing, verified boots, power washing and quick updates. These provided security features that made it much harder for malware to pass through, while providing a quick fix-it button if it ever did.
That's not to say Chrome OS is impervious to malware. Cybercriminals have figured out loopholes through Chrome's extensions, like when 37,000 devices were hit by the fake version of AdBlock Plus. Malicious Android apps have also been able to sneak through the Play Store. But Chrome OS users mostly avoided massive cyberattack campaigns like getting locked up with ransomware or hijacked to become part of a botnet. Major security flaws for Chrome OS, like ones that would give an attacker complete control, are so rare that Google offers rewards up to $200,000 to anyone who can hack the system.
The article argues that "Fewer software choices mean limited options for hackers. Those are some of the benefits that have led security researchers to warm up to the laptops...
"Chrome OS takes an approach to security that's similar to the one Apple takes with iOS and its closed ecosystem."
That's not to say Chrome OS is impervious to malware. Cybercriminals have figured out loopholes through Chrome's extensions, like when 37,000 devices were hit by the fake version of AdBlock Plus. Malicious Android apps have also been able to sneak through the Play Store. But Chrome OS users mostly avoided massive cyberattack campaigns like getting locked up with ransomware or hijacked to become part of a botnet. Major security flaws for Chrome OS, like ones that would give an attacker complete control, are so rare that Google offers rewards up to $200,000 to anyone who can hack the system.
The article argues that "Fewer software choices mean limited options for hackers. Those are some of the benefits that have led security researchers to warm up to the laptops...
"Chrome OS takes an approach to security that's similar to the one Apple takes with iOS and its closed ecosystem."
Linux for the win!
Everything from Google, a giant advertising company that wants to track your every move. Fools.
VERY secure.
... an oxymoron.
It little behooves the best of us to comment on the rest of us.
would be just as good as long as it is in competent hands
Politics is Treachery, Religion is Brainwashing
I have used ABP for the last few years, but i recently(2 weeks ago) switched to safescript because i was sick of websites abusing my eyes. Much better! May have to configure for $favoritesites but other than that, i see what i want and nothing more.
So to secure your data you have to give it all to google. No other options. Right. Cutting edge technology, eh.
Also: "hackers" means diddly squat except "bogeyman in your interwebz". But then, "security expert" really means "s'kiddie", and that has been the case since the misappropriation and divorce of "hacker" from its original meaning a honorific indicating great technological skill and creativity. No surprise, then, that both are sorely lacking among "security professionals".
I can see why one would purchase a cheap laptop with Chrome OS for their children in middle school or high school but once they are college bound only a quality laptop that is neither repairable nor upgradable running macOS with 10 dongles will do.
- Tim in Cupertino
First let me establish to what extent I am qualified or not to address this question:
I've been a security professional for 20 years. Most of that time I used Linux exclusively. Recently I've also started using Mac. You'll find my name in the kernel change log.
There are three main areas of security; confidentially, integrity, and availability. Most of the time when people say "security" they mean confidentially first, with some thought to integrity, and they rarely think of availability. For confidentiality and integrity, the top two things an OS can do to help is limit the attack surface (such as not running unnecessary daemons or other software) and provide quick, reliable updates. The only code that can't possibly be hacked is code that isn't there, so the most secure system is the most minimal system. Real-life attacks use known vulnerabilities 99.99% of the time, so quick, automatic updates to resolve known issues are very important.
There is one Linux distribution that stands out for avoiding any unnecessary code (and potential vulnerabilities) and providing quick, reliable updates. That distribution is ChromeOS. It's well ahead of the others. It would be rather difficult indeed to set up a general-purpose distribution such as Ubuntu, which is made to support servers of all kinds, all kinds of workstations, etc, to be as secure as Chrome OS.
The third leg of security is availability. If the features and functions you need aren't available on ChromeOS, it won't work for you. Normally we think of availability as "not subject to denial of service or random crashes", but if the service you need is denied by the creator of the OS, that has the same effect as a denial of service attack.
ChromeOS is therefore well ahead of any general-purpose OS in terms of security - for users who don't need anything ChromeOS doesn't provide. That's a LOT of people. It even suits my needs while traveling because my travel device only needs to SSH to my main machines, and provide a web browser.
The Chromebook isn't a full blown laptop that can run all sorts of high end software.
True, but it did crowd more versatile compact laptops out of the market. To what extent did the introduction of the Chromebook in third quarter 2011 cause inexpensive compact laptops to cease being a market segment at the end of 2012?
The real version of AdBlock Plus has been malware since they started deciding some ads were acceptable for the end user.
If you oppose all web advertisements, would you prefer having to pay $5 for each distinct domain that you visit in a month? That'd make web search engines a lot less convenient. If you have a third option in mind other than ads or paywalls, I'd be interested to read it.
It even suits my needs while traveling because my travel device only needs to SSH to my main machines, and provide a web browser.
Good luck SSHing from a moving city bus. It won't stay near one Wi-Fi access point long enough for your Chromebook to associate. If you're buying cellular Internet service just to use SSH from your Chromebook, you end up needing to include the price of a cellular subscription over the course of your Chromebook's useful life in its effective price.
And where are your "main machines"? If at home, many home ISPs use NAT that blocks incoming connections.
I can see why one would purchase a cheap laptop with Chrome OS for their children in middle school or high school
Middle school maybe. But how would a high school student taking AP Computer Science complete his homework using Chrome OS?
Your school system is habituating people to crippled, minimal devices - the very poster child for dumbing down the students.
Chromebooks are only a good answer to going backwards.
I've fallen off your lawn, and I can't get up.
No mention of how much is leaked to google: copies of your files sent there or other metrics that google might sniff. But if you are happy with that then yes it is secure.
title should add "Self-proclaimed" to the "security expert" part.
What percentage of the high-school students in the US are in this group [of students taking programming]?
100 percent, if the College Board gets its way. The College Board administers SAT and AP tests that high school students take to determine their eligibility to attend university.
Check out Pi Hole to deep six ads.
I don't read your sig. Why are you reading mine?
An Atom CPU is no worse in performance than a similarly clocked Pentium 4 CPU.* Thus an Atom laptop can still hold its own running Xubuntu, especially for things like lightweight hobby or contract programming work to pass the time on the bus commute to and from one's day job.
* Yes, this is telling about how inefficient NetBurst was, but bear with me.
Sure, I'll agree with summary. A closed system is inherently harder to hack. And harder to put malware onto if the model is excluding unsigned/unapproved code.
But is this something we really want? We've heard that 'they' would like general purpose computing to be revoked from the general population, or at least severely limited.
This is a step in that direction, under the guise of 'It's more secure!', yeah, it's also locked down and useless for any function other than it's designated function. I'm not really interested in this. I don't think it's a good idea to be pushing this kind of solution.
It's a nice looking 'gift', but it's trojan horse. A trojan to train the population that they don't need general purpose computing, and that general purpose open computing is dangerous and unsafe. Not good.
It's their livelihood.
Indeed, chromeos may be a closed system in its default configuration, but its still open source and its success actually provides significant benefits to those of us who want to use regular linux distros...
You used to get websites which check your user agent string and reject anything which is not windows or macos, such things are less common these days thanks to mobile and chromeos...
Manufacturers shipping devices with chromeos ensures that the hardware is compatible with chromeos, and thus also with linux. The same hardware can also usually be bought in other models of devices. Previously most non-server hardware was never tested with linux and could have all kinds of stupid compatibility problems.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
not sure i'd call chromeos a closed ecosystem. Everything you do on the device is being sold to the highest bidder, its about as wide open as an ecosystem can get. Sure, you can't do anything useful on the device itself, but there is absoluely nothing 'secure' or 'closed' about all the data sucked back to the mothership.
Couldn't you use your mobile phone as a Wi-Fi access point?
Not in my case. I have programming jobs for two different companies, one in an office and one from home. I work on projects for the latter to pass the time while riding the city bus to and from the former. Neither provides me "a company mobile". And with many of these being graphical and interactive (yet lightweight in CPU use), I would need to tunnel X11 or VNC over SSH, which would run up the latency and data usage even if I do manage to install some sort of X server or VNC viewer.
Other than your $5 figure vastly inflating the value of ad impressions these days
The $5 figure is based on the minimum buy-in for a subscription to ad-free use of a website, which in turn is based on fees per transaction charged by payment processors as well as the opportunity cost of serving a paywall notice without ads to visitors instead of an article with ads. Some sites will offer access for, say, $5 per month or $20 per year (buy 4 months up front and get 8 free).
I would be perfectly fine with the option paying money to not be bombarded with ads and tracking scripts. It’s why I’m a subscriber at sites like Ars Technica.
You mentioned "sites", plural. To how many such sites do you subscribe? This becomes important if an article on a site to which you subscribe cites an article on a different site to which you do not, and you want to follow the citation. It also becomes important when searching the web, as Google Search ended its First Click Free policy six months ago, and it would become frustrating when most of the results are from sites other than those to which you subscribe.
If your website can’t survive without treating your visitors as a product then the website doesn’t deserve to exist.
By this measure, would you conclude that Slashdot "doesn't deserve to exist"? If so, why do you continue to use such a site? (You didn't post with Karma Bonus, so it's hard for me to tell whether you're offered the Disable Advertising checkbox.)
Most (all?) chromebooks can be repurposed to run a full blown linux if you want to, or you can run chromeos in developer mode which is basically linux anyway.
As I wrote in this journal entry, a Chromebook in developer mode will wipe its storage if someone else turns it on and looks at it funny. This loses all installed software and all commits that have not yet been pushed to a remote repository. How would one go about repurposing a Chromebook to run GNU/Linux without running the risk of it being wiped?
* a nice Unix, including command line
* excellent hardware
* a good office suite
* good security (sandboxing for all apps)
otherwise Apple is complete and utter shit. People should buy Windows and not forget to buy an expensive firewall plus Kaspersky virus scanner, too.
Let Google-NSA safeguard all your data, all your ideas, all your intellectual property. They promise to never abuse this power. Really.
That's all that needs to be said about this.
> Confidentiality is having everything you do uploaded to the worlds most prolific data collection and advertising agency?
That's something you have to consider. Whether you choose ChromeOS, ChromiumOS, Windows, Ubuntu or something else, and whether you use Google docs or not. You can use Windows and trust Microsoft with all your data of you want to. Personally my "consoles", the machines I touch daily, are just SSH consoles, so Google isn't getting anything from me other than browsing history.
You're right, Google is the world's most prolific data company. Their mission is to organize the world's data, and they are good at it. Their crown jewels, the company's primary asset, is the data, and so far they've done a pretty good job protecting it, so if you're going to use any type of cloud storage and applications Google is certainly a reasonable choice, a choice to consider. If you're working on top secret plans for the next fighter jet (as I may be doing soon), that data shouldn't be in any cloud, or accessible via the internet at all. You shouldn't be using public wi-fi to work on that in the first place.
Most people are going to trust SOMEONE with their data. The world's best data company, Google, is a reasonable option.
What about privacy?
Nope. Your ASR-33s were just somewhat clumsy interfaces, not computer systems. And other than wasting paper and being slow, they could do a lot of what those early glass CRTs could do. The important parts, in terms of letting you stretch your computing chops.
I've fallen off your lawn, and I can't get up.
Micropayments.
I visit your web page and stay for more than ten seconds, you get a penny.
I'm be totally for this rather than ads or site-specific paywalls or being data-mined.
I've fallen off your lawn, and I can't get up.
This year I think it's up to 99.9%, or maybe another nine.
OTOH, last time I used Gnumeric it seemed to have disimproved over the earlier versions. And AbiWord was pretty basic, at the time I tried it I don't think it would have server more than 80% of the users. Of course, in both cases that was nearly a decade ago now (not quite). But judging by the way Gnome3 GUI has changed I don't expect things to have improved.
OTOH, you didn't mention LibreOffice, which is the one I prefer.
I think we've pushed this "anyone can grow up to be president" thing too far.
It's an interesting thing. As you said, Google analyzes the data in order to serve relevant ads, and also uses it to provide better services, which they use for more ads. So there is an inherent conflict of interest there. Many people don't use Google services for that reason, and that makes sense.
ALSO like Coca-Cola has their secret formula, and KFC has it's "eleven herbs and spices", every company has their crown jewels. Google is not Microsoft - they don't survive by selling Office 365. Their most valuable asset isn't their source code - they open source much of it. They aren't Apple, selling hardware. The key to their success and survival isn't patents, or market research. The most valuable thing Google has is that data. Their interest, their survival instinct even, is to analyze that data while making sure nobody else gets ahold of it.
Google's self-centered interest is to make sure that only you and them can access that data. Their track record has been much better than Amazon, Microsoft, or other peers. Therefore reasonable people may decide keep their general office documents on a local hard drive, or in Google docs. Both are reasonable options.
Again, for top-secret research and development of the latest fighter jet, different rules apply. We're not talking about top secret information here. I'm talking about things like our onboarding checklist for new developers - install Git and VMware, set up a Linux development VM, etc. The planning sheet for our office party is on Google Docs. I built a system to store credit card numbers and it doesn't use the cloud. Those are stored encrypted on an isolated system with a minimal OS that's only accessible from the local keyboard (after getting past Glock-carrying employees) and from the local secured network using a passphrase-protected ssh key. Even with physical access to the box, one doesn't have access to the CC numbers because they are encrypted. Different levels of security are appropriate for different assets.
Micropayments.
I visit your web page and stay for more than ten seconds, you get a penny.
How would the website know whether I viewed it for more than ten seconds if I've turned off JS?
I'm be totally for this rather than ads or site-specific paywalls or being data-mined.
And how would the micropayment processor assure readers of their privacy? Because the main problem I have with Google's "Contributor" micropayment system is that it shares a parent company with AdWords and DoubleClick and therefore likely shares Contributor users' browsing history as well.
Someone accidentally wiping your developer-mode Chromebook is a valid concern. But you can reflash the firmware with something like MrChromebox's Firmware Utility Script to prevent that. I did that on the Acer 15" Chromebook I am using to write this post. It now runs GalliumOS (based on Xubuntu) and applications like Visual Studio Code and Minecraft. See: https://wiki.galliumos.org/Ins...
I did replace the flash memory with a 128GB module -- but that isn't strictly necessary. More details on all that in my comments here: https://news.ycombinator.com/i...
For under $400 total with the new drive plus some of my time, I am happy with it as my main personal machine these days for web browsing and some FOSS development. A centered trackpad with a 15" screen is otherwise a hard combination to find at the low end since so many companies add a numeric pad and offset the trackpad for terrible in-lap ergonomics. It's obviously not a MacBook Pro (which I use in my day job), and I do miss a backlit keyboard and a retina display, but it is a heck of a lot cheaper.
Probably the biggest limitation is you can't run Windows-only games or anything requiring intensive graphics processing. Steam's remote streaming from a desktop does work but is laggy.
It is also true that if you update the firmware you are out of the Google security ecosystem -- with both good and bad implications. So for the casual user, plain ChromeOS is probably a better choice (ignoring Google privacy issues). And web services like Cloud9 IDE can do a lot. And many of the latest Chrombooks can run Android apps.
And I can see why security professionals going to conferences would prefer the stock ChromeOS firmware and being able to powerwash back to a known good install -- with their data is stored elsewhere on the network.
A 21st century issue: the irony of technologies of abundance in the hands of those still thinking in terms of scarcity.
I like https://addons.mozilla.org/en-.... I am some what fair and just (some might say a fair bastard and just a cunt but that's another story, service in the military the things they teach), I let some run and block others. Scripts on bad sites get blocked, scripts advertising bad products get blocked, over the top ads or ads in front of content get blocked, the rest run, even pop ups well more accurately open up in a new tab are allowed.
Chaos - everything, everywhere, everywhen
Actually, I'm pretty sure my broadband is subsidised by stolen american tv shows.
Most people I wouldn't trust to maintain mission critical security on a productive workstation. They click on FunnyCatsVideo.exe and could tell a client from a server if their life depended on it. For these such a thing as a chromebook truely *is* the more secure solution.
Google watches over you.
That's not just a disadvantage. Which is why I recommend it to all ordinaries with no money and no grasp of computers. The ones with money I tell to get the apple stuff.
We suffer more in our imagination than in reality. - Seneca
If JS is the means to implement this, then the website would know not to serve you a page if it couldn't work with your browser. This is easily done. If JS is off, you're already not seeing a good deal of content on the web; this would just be more of what you're already experiencing. A web site could refuse to serve you anything, or it might serve you a watered-down or "teaser" version of the available content.
OTOH, it might be a new technology (or several) that doesn't use scripting, but instead utilizes a new handshaking capability built into browsers that doesn't do anything but handle that particular payment task.
Or you might see both.
Privacy, or lack thereof, is a feature/malfeature between you and the services you choose to use — it's a technology-enabled policy issue, by which I mean that a company could choose to be entirely on the "we don't use your personal information" side, or entirely on the "we make Facebook look private" side, or anywhere in between. I imagine no likely scenario where you release micropayments without having to authorize same at some point along the line. If the terms and conditions aren't acceptable to you, don't engage. Quite literally, vote with your wallet.
For instance, when considering Facebook, one of the things I did was read the terms and conditions. I found them unacceptable, so I never joined. I eventually found alternative services where the terms were acceptable to me, and that's where my social presence is, such as it is.
I would imagine that a useful component of something like this might be a dialog that offers something like:
o Don't pay out
o Authorize pay out for this visit only
o Authorize pay out for visits in the next N days
o Pay out every visit
o Increase pay out above minimum by X for N visits
o Plus the ability to easily alter the settings at any time thereafter by entering the website into a revision dialog, or re-setting them for all websites.
That, or equivalent functionality. These are just technical implementation details.
That is in the nature of suspicion. I expect that reading terms of service would go a long way to letting you know if your "likely" is "actual." My suggestion is that when a website — any website — offers terms of service you have to agree to, you actually read them and make a conscious decision based on what you read as to whether you actually proceed, or not.
I've fallen off your lawn, and I can't get up.
My phone has a 2960x1440 display; that's higher resolution than my desktop monitors are. It is small, but that's a feature, not a bug. It also can do displayport-out to a 4K display and connect to a bluetooth keyboard, should I desire that.
It also has a 64-bit, 8-core, 2.8 GHz CPU; 6 GB of ram; 64 GB of storage (plus an additional storage card slot capable of swapping up to 400 GB removable storage in and out); three cameras; quite a few sensors; cellular, bluetooth, multi-band wifi, near-field, FM, and GPS(+) radio services; and very nice audio capabilities to top it all off.
So you can have considerably more than "the power and storage of an early 90s era PC", although as with all reasonably capable computing hardware, you have to know enough to identify what you want and you have to be able to afford it.
I've fallen off your lawn, and I can't get up.
When I mentioned credit card information, I was talking about a database full of other people's cards, knowing that some of those people have only one account, with a low balance. A stray $100 charge will have them overdrawn and they'll start getting overdraft fees. Then they won't be able to buy gas or food until pay day. A high level of confidentiality is required.
For MY OWN credit card that I use to buy stuff online every day, I recognize that is sent to a lot of different companies who have widely varying security practices, and it will probably be leaked. Too many of them store it, and store it poorly. Probably already has been leaked. The thing is, when you have a "secret" that you tell hundreds of random people, different people every day, it's no longer really a secret. If you're sending every online merchant full access to all of your funds, you're doing it wrong.
It's COMMON to have all your money in one bank account and use the one debit card on that account to buy everything, but it's very silly. Much more secure is to have a savings or money market account where you save a little money for when your car breaks down or whatever, because shit happens. Then you have your monthly checking account you use to pay the mortgage and such. Lastly, you have a credit card with a $100-$300 limit and that's what you use to buy random crap on the internet. Somebody is probably going to leak your card number eventually; the secure thing is to do is make it so that card number doesn't wreck your life.
So I don't think most people should try to secure their phone and their laptop in such a way that they can store all their card numbers in browser plugin or similar. In fact, the standalone password manager programs have a terrible track record. I trust Google's password manager more than I trust LastPass, but I don't trust every merchant in the world that much, so I shouldn't be exposing all my money via a super-sensitive debit card number that's going to cause me a lot of pain when it leaks.
> keeps that view secret from the world, but:
> a. That's kinda creepy
Yes, it is kinda creepy. Agreed.
> b. There are solutions that don't require allowing a company to do that
I'm curious what you have in mind. To replace all Google services with services of similar quality would cost a decent amount of money, I'd they'd STILL have a profile of you based on web surfing and such.
> c. They use that view of you to make money out of you, and the temptation must be strong to do that by understanding aspects of your behaviour you don't understand about yourself
They don't *understand* anything. They have a bunch of numeric identifiers and a math formula that highlights correlations. User #846204628273 is correlated with website #736304638462, which is correlated with web site # 6306384739. They often don't even know that the correlation between the two sites is that they both sell RC plane parts. They don't need to know. They only need to know that people who visit site #74620463027 often also visit site #846934739, so they can advertise the second site to people who visit the first.
I just returned a PixelBook to Amazon for a refund. The new feature of running Android apps is unreliable: sometimes I had to wait hours or days for files on GoogleDrive to become available to Android apps on ChromeOS; this also afflicted my Samsung Chromebook Pro. Google support claimed never to have heard of this bug, so I don't expect it to be fixed any time soon.
Merging two OS's seems like such a stupid idea.
`Perche non reggi tu, o sacra fame de l'oro,l'appetito de' mortali?'
I would be happy with Xubuntu, as it's the same OS that I used on my last netbook from fourth quarter 2011 to mid-2017. But does "reflash[ing] the firmware with something like MrChromebox's Firmware Utility Script" cause me to lose eligibility for warranty repairs on the hinge or power jack? I had to have my last netbook's power jack repaired under warranty once.
I consider myself reasonable. I always read them from start to finish. Mind you, it's a very rare website/service that I actually venture into that has that kind of required agreement, so this is a pretty minor issue for me. Also, it doesn't take long to figure out if a site is mining, and if that's a reasonable trade for whatever they are offering. (usually, no.)
Otherwise, if you agree to the terms without reading the terms, you have no idea what you're agreeing to. That strikes me as entirely unreasonable. And stupid.
I've fallen off your lawn, and I can't get up.
What, Google payments? No. Google's evil. No point in going there. I'm suggesting something reasonable. Google would not be on my list of "reasonable" corporations. They data mine, they censor, they invade privacy, they do a terrible job of providing relevant search results above the mediocre level, they constantly offer services and then yank them once people have invested time into them.
Someone else - someone with a social conscience - needs to create a reasonable version of such services.
It's not here yet. I just want it to be here.
I've fallen off your lawn, and I can't get up.