Chrome OS Doesn't Trust Apps Or Users 410
holy_calamity writes "Google's Chrome OS chiefs explain in Technology Review how most of the web-only OS's features flow from changing one core assumption of previous operating system designs. 'Operating systems today are centered on the idea that applications can be trusted to modify the system, and that users can be trusted to install applications that are trustworthy,' says Google VP Sundar Pichai. Chrome doesn't trust applications, or users — and neither can modify the system. Once users are banned from installing applications, or modifying the system security, usability, and more are improved, the Googlers claim."
Wait, what? (Score:5, Interesting)
Doesn't that make it even more closed than an iProduct?
Big Brother Does No Evil (Score:3, Interesting)
Just a hop and a skip away from... (Score:4, Interesting)
Now we're just a hop and a skip away from "Once users are banned from browsing non-Google-approved websites or attempting to use non-Google services, security, usability and more are improved."
For those that always say "but you can modify it!" or "well you don't have to use it" (the latter of which is true even for Apple's iEcosphere), that doesn't address the problem. The problem is that a whole lot of people will see the convenience and the stability and they won't modify it and they will use it, making the whole concept of walled gardens and lockin more popular among consumers who want ease (as opposed to choice) and companies who want to make money. Large groups of people will forget that they ever had a choice to begin with. I'm not trying to evoke 1984 here or say that we're all going to be slaves to Google, but in the world of consumer technology right now, the leading idea that is getting the most users and making the most money is "step into the [Apple/Microsoft/Google/Facebook] world and bask in the luxury of having everything work together and not having to make choices."
Just like the old adage about privacy and security, is it worth trading choice for convenience?
Re:Wait, what? (Score:5, Interesting)
I can already replace my Windows installation and when the OS is infected by a virus or something, it's very, very easy to restore. Just hit a BIOS switch, reinstall from a truly hidden (and BIOS-protected) partition - or recovery DVD - and reinstall without destroying user data. (All user data is on D:, while reinstall will bomb C:)
It doesn't work that well, let me tell you. User data is there, but programs need to be reinstalled to access it. System comes back squeaky clean, but everything needs to be changed to my personal liking.
What it boils down is that a computer will be either vulnerable to users, useless for them or anything in between these extremes. Can't install programs? Useless but secure. Can install any program? Useful, but vulnerable.
Without settings and mail saved *somewhere*, a mail client is useless. With settings and mail saved *anywhere*, a mail client is potentially vulnerable.
Replacing the OS with a known-good image only works if someone can truly produce an image that is more useful than say a Windows default installation and still known to be good. Which gets increasingly doubtful the older the OS image is, the more programs are installed and the more data/configuration/specifics are kept in program installations somewhere.
Re:Wait, what? (Score:5, Interesting)
With this in mind, one thing that would be nice to have are offline apps. This way, a glitch in Internet connectivity would not mean a corrupted term paper.
That's what local storage in HTML 5 is for. When I played with Google Gears in 2007, there was a complete Javascript API for an in-browser SQLite database; AND I could specify which files would be served locally. Thus, I could make a web application that would work without an internet connection.
Google Gears is now depricated because a lot of the lessons are applied to the HTML 5 spec.
Re:Wait, what? (Score:5, Interesting)
Then why does Google look the other way as manufacturers engage in blatant lockdown of this supposedly free and open code?
Re:Wait, what? (Score:3, Interesting)
Because the manufactures are who the OS openess is aimed at. That get to choose how they want it on, and you get to choose which manufacturer you go to.
It's not looking the other way, it's the agreement.
Plus, you need a wedge to change entrenched practices. Apple want to change the way people use smart devices to access the web, and the way voice mails are done. AT&T agreed to make those changes with the agreement they will be the sole carriers for a certain number of years. Now everyone is changing, and many devices are doing similar things, only better.
Re:Can't install an ap? That'll slow adoption (Score:4, Interesting)
Really, not letting most users or applications modify the OS is a good thing. Microsoft (and others) have had a TERRIBLE model in permitting this. Third-party stuff has no business altering the foundation of the system's operation.
Now, not letting an application that doesn't want to monkey with the OS get installed is probably going too far. I mean, who's gonna run an OS they can't put an app on? That's broken.
Define "app".
ChromeOS allows the offline install of webapps like Google Docs, which allows you to use every regular function of google docs offline, with no web connection. You can create, save, and edit documents, including saving them to external media, without an internet connection. You can even print them if you have a network connection, even if there is no internet.
How is that not an app?
ChromeOS is not an operating system like you are used to. That doesn't automatically mean its a bad idea.
-Taylor
Re:Wait, what? (Score:4, Interesting)
It's not looking the other way, it's the agreement.
Are you suggesting it's Google's agreement to sell out the developers whose code they rely on? Because it is certainly not the intention of said developers to be locked out of their own code that way. At least, it was certainly not my intention and I believe my opinion is shared by a large segment of the Linux community.
Re:Google security... (Score:1, Interesting)
I'm not sure you can do anything damaging with a Google Accounts session cookie stolen by firesheep. You'll be "logged in" as the user you stole from, but you're not going to be able to touch any service that requires https without putting your password in again. That means no using gmail to takeover your other accounts, and no reading your Docs.