[liberationtech] Chromebooks for Risky Situations?

Tue Feb 5 19:29:49 PST 2013

Dear LibTech,
I'm frankly not sure about this idea, it may certainly be a bad one, but
I've been using a Chromebook for almost a week now, and I've had some
observations regarding this device. I'd like to discuss whether it's a good
idea to hypothetically have Chromebooks used by activists, journalists,
human rights workers and so on, as opposed to laptops with either Windows
or Mac OS X running on top.

First, the security and operational models are very interesting. In fact, I
think this is probably the most secure end-user laptop OS currently on the
mainstream market. Namely, Chromebooks use verified boot, disk encryption
(with hardware-level tamper-resistance,) and sandboxing. This compounds
with a transparent automatic update schedule from Google's Chrome team,
which already has (from my experience) a truly superb reputation for
security management. I'm looking at you, Adam Langley!

The operating system itself is minimal. There is *much* less room for
malware to be executed or for spyware to embed itself on the OS level. The
difference in attack vector size between Chromebooks and Mac OS/Windows
appears phenomenal to me. Of course, Chromebooks still have a filesystem
and users are allowed to plug in USB drives, but due to the minimal nature
of the operating system, its highly unusual strength of focus on security,
and its relatively new nature, even malware delivered from these mediums
may end up being much less common than in other platforms (Windows/Mac).

I also feel that the minimal nature of Chromebooks leaves security
considerations out of the way while offering an interface that is
accessible to activists and journalists around the world. This
accessibility is also a security feature! (I've long argued that
accessibility should be considered a security feature.)

Now, for the obvious (and unfortunate!) downsides: Chromebooks natively
encourage users to store all of their data on Google, leaving the company
with an unbalanced amount of control over these machines, and attracting
itself as a compromise target relevant to Chromebook users. Another
downside: No Tor. No PGP. No encryption software. Cryptocat is available
for Chrome OS, but I can hardly say that's enough at all!

The restricted, minimal nature of the operating system and the
security-focused design of both the hardware and boot process are really
appealing to me, and are the brunt of what makes me write this email.
Should Chromebooks be recommended for activists and journalists in
dangerous situations?

As I've disclaimed above, this is only a theoretical discussion, please
feel free to disagree and don't take me seriously just yet. :-)

NK

--
Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE