Search Mailing List Archives
[liberationtech] Chromebooks for Risky Situations?
micah at riseup.net
Wed Feb 6 19:05:30 PST 2013
T N <trrevv at gmail.com> writes:
> The word "Linux" doesn't refer to anything, other than maybe the kernel.
> Chrome OS is linux. But it's a massively stripped down "distribution" that
> has a radical design, including the fact that it will ONLY run if all of
> the cryptographic checks are verified from the root of trust. That root of
> trust is Google's massively large PKI public key that is burned into the
> For a journalist in the field, that's a great reassurance. Take your
> Chromebook to China. The Chinese government can not alter what you are
> running without either (a) modifying your hardware, which means they take
> possession of it for a period of time and manage to do something that is
> tricky to do (i.e. circumstances under which you'd no longer trust your
> computer anyways) or (b) you will know they tried to hack it and your
> Chromebook will refuse to boot, and will instead wipe away the hacks and
> update itself and won't boot unless the update is a legitimate one signed
> by Google.
> Yes, you can't compare Chrome OS's attack surface to a typical linux
> distribution, or even a highly customized linux install which doesn't have
> the hardware root of trust.
...but you can compare it to a Windows tablet, which doesn't let you
modify the boot sector either, but I wouldn't want to be caught
recommending Windows anymore than I would want to recommend Google.
More information about the liberationtech