Re: [liberationtech] Chromebooks for Risky Situations?
The word "Linux" doesn't refer to anything, other than maybe the kernel. Chrome OS is linux. But it's a massively stripped down "distribution" that has a radical design, including the fact that it will ONLY run if all of the cryptographic checks are verified from the root of trust. That root of trust is Google's massively large PKI public key that is burned into the firmware. For a journalist in the field, that's a great reassurance. Take your Chromebook to China. The Chinese government can not alter what you are running without either (a) modifying your hardware, which means they take possession of it for a period of time and manage to do something that is tricky to do (i.e. circumstances under which you'd no longer trust your computer anyways) or (b) you will know they tried to hack it and your Chromebook will refuse to boot, and will instead wipe away the hacks and update itself and won't boot unless the update is a legitimate one signed by Google. Yes, you can't compare Chrome OS's attack surface to a typical linux distribution, or even a highly customized linux install which doesn't have the hardware root of trust. On Wed, Feb 6, 2013 at 12:15 PM, Nadim Kobeissi <nadim@nadim.cc> wrote:
-- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
participants (1)
-
T N