Security Experts See Chromebooks as a Closed Ecosystem That Improves Security

The founder of Rendition Security believes his daughter "is more safe on a Chromebook than a Windows laptop," and he's not the only one. CNET's staff reporter argues that Google's push for simplicity, speed, and security "ended up playing off each other." mspohr shared this article: Heading to my first security conference last year, I expected to see a tricked-out laptop running on a virtual machine with a private network and security USB keys sticking out -- perhaps something out of a scene from "Mr. Robot." That's not what I got. Everywhere I went I'd see small groups of people carrying Chromebooks, and they'd tell me that when heading into unknown territory it was their travel device... "If you want prehardened security, then Chromebooks are it," said Kenneth White, director of the Open Crypto Audit Project. "Not because they're Google, but because Chrome OS was developed for years and it explicitly had web security as a core design principle...." Drewry and Liu focused on four key features for the Chromebook that have been available ever since the first iteration in 2010: sandboxing, verified boots, power washing and quick updates. These provided security features that made it much harder for malware to pass through, while providing a quick fix-it button if it ever did.

That's not to say Chrome OS is impervious to malware. Cybercriminals have figured out loopholes through Chrome's extensions, like when 37,000 devices were hit by the fake version of AdBlock Plus. Malicious Android apps have also been able to sneak through the Play Store. But Chrome OS users mostly avoided massive cyberattack campaigns like getting locked up with ransomware or hijacked to become part of a botnet. Major security flaws for Chrome OS, like ones that would give an attacker complete control, are so rare that Google offers rewards up to $200,000 to anyone who can hack the system.
The article argues that "Fewer software choices mean limited options for hackers. Those are some of the benefits that have led security researchers to warm up to the laptops...

"Chrome OS takes an approach to security that's similar to the one Apple takes with iOS and its closed ecosystem."

Year of the Chromebook.

Linux for the win!

Re:Year of the Chromebook.

[Junta]

Really, it's about how much it doesn't let you do.

If you are trying to be productive, chromebooks are exceedingly annoying because they are so limited.

This plays well with a lot of security researcher mindset, that would rather see useless computers than tolerate what they could imagine to be a security problem.

Sometimes they find legitimate problems (e.g. Heartbleed), but often the declare some severe CVE for "administrator can do administrator things" sorts of behaviors.

Then they wonder at why when they find a very severe issue and get a lot of credibility, why it goes away in a matter of weeks as they try to open/brand a wave of 'vulnerabilites' that are perfectly actually expected/intended behaviors by the developers and the users of that software.

Re:Year of the Chromebook.

[Junta]

The point was to reply to the person saying that this story about chromeos somehow relates to Linux security model. While it does avail itself of certain linux features (SELinux), it's mostly about implementing a very limited sandbox and they can/do pretty much implement that wherever their browser runs. You can pretty much also get the same security by never running anything outside a browser context.

In many cases, sure, you are dealing with a situation where the owner of the device is not the operator of the device, and it's nice to limit them. However for security researchers protecting themselves, they should be able to do it either way.

I don't mind chromebooks, but I am a bit put off by the security community in how they sometimes treat enduser empowerment and their endorsement of ChromeOS rather than a more empowering linux distro reminds me of some negative interactions is all.

Re:Year of the Chromebook.

[cayenne8]

Hmm...so, Google closed ecosystem good, but Apple closed ecosystem bad?

Even though you can do more with a mac (or even an iPad, especially the iPad pro)....chromebook is still better?

Re:Year of the Chromebook.

[Bert64]

Full blown laptops are geek toys, designed for geeks by geeks... The average reader of slashdot might be capable of operating such a tool, but most people are not and many people would never have bought such a machine at all if it wasn't the only available tool for doing some key activity (eg internet access)...
Now there are many new tools which are far more suitable for most people's needs (chromebooks, tablets, phones, games consoles etc), the niches that require a full blown laptop are shrinking.

Re: Year of the Chromebook.

[c6gunner]

If you talked to 10,000 consumers who own Chromebooks, I doubt even 1% of them would be able to tell you they own a device running Linux.

If you talked to 10,000 consumers using Bing, I doubt even 1% of them would be able to tell you they're accessing servers running on Linux. So fucking what?

FOSS got tossed out the fucking window.

In what universe is FOSS running on millions of devices equivalent to being "tossed out the window"?

The infamous Year of the Linux Desktop ended up being nothing more than a bastardized commercially-branded closed ecosystem running on a personal tracking device that the masses happily sold their digital soul to get.

Ah yes, zealous hyperbole FTW.

Re:Year of the Chromebook.

[swillden]

While it does avail itself of certain linux features (SELinux), it's mostly about implementing a very limited sandbox and they can/do pretty much implement that wherever their browser runs.

That's part of it, but only a part. Other crucial parts are the verified boot system, which ensures that even if the device does get compromised somehow it's essentially impossible for the compromise to be persistent, and the update system.

Also, saying "system X uses SELinux" doesn't really tell you anything. Whether or not and how much benefit you get from SELinux depends on the configuration, and how restrictive you can make the SELinux config depends heavily on how much you have to allow software to do. Similarly for verified boot, if you must allow arbitrary software to be installed, then by definition you can't fully validate all of the software on the system.

So these restrictive, less-flexible elements of ChromeOS are actually a big part of what enables it to be so secure.

However for security researchers protecting themselves, they should be able to do it either way.

Go talk to a bunch of security researchers. The first thing they'll tell you is that nobody can be trusted to make good security decisions, not even security researchers/experts. It takes a team of security experts, plus outside researchers and security audit firms working together to make a system secure -- and even then it's a matter of asymptotically approaching security; you never actually arrive. No one person can understand all of the pieces and all of the interactions deeply enough to make good decisions.

Malware

Everything from Google, a giant advertising company that wants to track your every move. Fools.

Soviet Union

[Templer421]

VERY secure.

Google security ...

[CaptainDork]

... an oxymoron.

i bet a reasonably secured Linux distro

[FudRucker]

would be just as good as long as it is in competent hands

Only one particular Linux distro

[raymorris]

First let me establish to what extent I am qualified or not to address this question:

I've been a security professional for 20 years. Most of that time I used Linux exclusively. Recently I've also started using Mac. You'll find my name in the kernel change log.

There are three main areas of security; confidentially, integrity, and availability. Most of the time when people say "security" they mean confidentially first, with some thought to integrity, and they rarely think of availability. For confidentiality and integrity, the top two things an OS can do to help is limit the attack surface (such as not running unnecessary daemons or other software) and provide quick, reliable updates. The only code that can't possibly be hacked is code that isn't there, so the most secure system is the most minimal system. Real-life attacks use known vulnerabilities 99.99% of the time, so quick, automatic updates to resolve known issues are very important.

There is one Linux distribution that stands out for avoiding any unnecessary code (and potential vulnerabilities) and providing quick, reliable updates. That distribution is ChromeOS. It's well ahead of the others. It would be rather difficult indeed to set up a general-purpose distribution such as Ubuntu, which is made to support servers of all kinds, all kinds of workstations, etc, to be as secure as Chrome OS.

The third leg of security is availability. If the features and functions you need aren't available on ChromeOS, it won't work for you. Normally we think of availability as "not subject to denial of service or random crashes", but if the service you need is denied by the creator of the OS, that has the same effect as a denial of service attack.

ChromeOS is therefore well ahead of any general-purpose OS in terms of security - for users who don't need anything ChromeOS doesn't provide. That's a LOT of people. It even suits my needs while traveling because my travel device only needs to SSH to my main machines, and provide a web browser.

Chromebooks crowded out netbooks

[tepples]

The Chromebook isn't a full blown laptop that can run all sorts of high end software.

True, but it did crowd more versatile compact laptops out of the market. To what extent did the introduction of the Chromebook in third quarter 2011 cause inexpensive compact laptops to cease being a market segment at the end of 2012?

Ads, paywalls, or what else?

[tepples]

The real version of AdBlock Plus has been malware since they started deciding some ads were acceptable for the end user.

If you oppose all web advertisements, would you prefer having to pay $5 for each distinct domain that you visit in a month? That'd make web search engines a lot less convenient. If you have a third option in mind other than ads or paywalls, I'd be interested to read it.

Re: Ads, paywalls, or what else?

[mSparks43]

i'd rather sites that offer nothing of value just died, then maybe we could find half decent sites back on the clearnet like the good old days.

Data leaked to Google ?

[Alain+Williams]

No mention of how much is leaked to google: copies of your files sent there or other metrics that google might sniff. But if you are happy with that then yes it is secure.

General Purpose Computing

[duke_cheetah2003]

Sure, I'll agree with summary. A closed system is inherently harder to hack. And harder to put malware onto if the model is excluding unsigned/unapproved code.

But is this something we really want? We've heard that 'they' would like general purpose computing to be revoked from the general population, or at least severely limited.

This is a step in that direction, under the guise of 'It's more secure!', yeah, it's also locked down and useless for any function other than it's designated function. I'm not really interested in this. I don't think it's a good idea to be pushing this kind of solution.

It's a nice looking 'gift', but it's trojan horse. A trojan to train the population that they don't need general purpose computing, and that general purpose open computing is dangerous and unsafe. Not good.

Re:FOSS needs managers

[Bert64]

Indeed, chromeos may be a closed system in its default configuration, but its still open source and its success actually provides significant benefits to those of us who want to use regular linux distros...
You used to get websites which check your user agent string and reject anything which is not windows or macos, such things are less common these days thanks to mobile and chromeos...
Manufacturers shipping devices with chromeos ensures that the hardware is compatible with chromeos, and thus also with linux. The same hardware can also usually be bought in other models of devices. Previously most non-server hardware was never tested with linux and could have all kinds of stupid compatibility problems.

Re:Year of the crapbook

[rudy_wayne]

Our school system loves the Chromebooks.

Your school system is habituating people to crippled, minimal devices - the very poster child for dumbing down the students.

Chromebooks are only a good answer to going backwards.

Unfortunately, going backwards is a trend that is taking over all of society.

Over the last 30 years, computers have become more and more powerful, hard drives and monitors have become bigger and cheaper, and yet today most people spend all their time staring at a phone with a 5 inch screen and the power and storage of an early 90s era PC.

What else: MIcropayments

[fyngyrz]

If you have a third option in mind other than ads or paywalls, I'd be interested to read it.

Micropayments.

I visit your web page and stay for more than ten seconds, you get a penny.

I'm be totally for this rather than ads or site-specific paywalls or being data-mined.