Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Chromebooks for Risky Situations?

Nadim Kobeissi nadim at nadim.cc
Tue Feb 5 19:29:49 PST 2013


Dear LibTech,
I'm frankly not sure about this idea, it may certainly be a bad one, but
I've been using a Chromebook for almost a week now, and I've had some
observations regarding this device. I'd like to discuss whether it's a good
idea to hypothetically have Chromebooks used by activists, journalists,
human rights workers and so on, as opposed to laptops with either Windows
or Mac OS X running on top.

First, the security and operational models are very interesting. In fact, I
think this is probably the most secure end-user laptop OS currently on the
mainstream market. Namely, Chromebooks use verified boot, disk encryption
(with hardware-level tamper-resistance,) and sandboxing. This compounds
with a transparent automatic update schedule from Google's Chrome team,
which already has (from my experience) a truly superb reputation for
security management. I'm looking at you, Adam Langley!

The operating system itself is minimal. There is *much* less room for
malware to be executed or for spyware to embed itself on the OS level. The
difference in attack vector size between Chromebooks and Mac OS/Windows
appears phenomenal to me. Of course, Chromebooks still have a filesystem
and users are allowed to plug in USB drives, but due to the minimal nature
of the operating system, its highly unusual strength of focus on security,
and its relatively new nature, even malware delivered from these mediums
may end up being much less common than in other platforms (Windows/Mac).

I also feel that the minimal nature of Chromebooks leaves security
considerations out of the way while offering an interface that is
accessible to activists and journalists around the world. This
accessibility is also a security feature! (I've long argued that
accessibility should be considered a security feature.)

Now, for the obvious (and unfortunate!) downsides: Chromebooks natively
encourage users to store all of their data on Google, leaving the company
with an unbalanced amount of control over these machines, and attracting
itself as a compromise target relevant to Chromebook users. Another
downside: No Tor. No PGP. No encryption software. Cryptocat is available
for Chrome OS, but I can hardly say that's enough at all!

The restricted, minimal nature of the operating system and the
security-focused design of both the hardware and boot process are really
appealing to me, and are the brunt of what makes me write this email.
Should Chromebooks be recommended for activists and journalists in
dangerous situations?

As I've disclaimed above, this is only a theoretical discussion, please
feel free to disagree and don't take me seriously just yet. :-)

NK
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130205/31475f70/attachment.html>


More information about the liberationtech mailing list