Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Google Portables Security Hardware

Security Experts See Chromebooks as a Closed Ecosystem That Improves Security (cnet.com) 192

The founder of Rendition Security believes his daughter "is more safe on a Chromebook than a Windows laptop," and he's not the only one. CNET's staff reporter argues that Google's push for simplicity, speed, and security "ended up playing off each other." mspohr shared this article: Heading to my first security conference last year, I expected to see a tricked-out laptop running on a virtual machine with a private network and security USB keys sticking out -- perhaps something out of a scene from "Mr. Robot." That's not what I got. Everywhere I went I'd see small groups of people carrying Chromebooks, and they'd tell me that when heading into unknown territory it was their travel device... "If you want prehardened security, then Chromebooks are it," said Kenneth White, director of the Open Crypto Audit Project. "Not because they're Google, but because Chrome OS was developed for years and it explicitly had web security as a core design principle...." Drewry and Liu focused on four key features for the Chromebook that have been available ever since the first iteration in 2010: sandboxing, verified boots, power washing and quick updates. These provided security features that made it much harder for malware to pass through, while providing a quick fix-it button if it ever did.

That's not to say Chrome OS is impervious to malware. Cybercriminals have figured out loopholes through Chrome's extensions, like when 37,000 devices were hit by the fake version of AdBlock Plus. Malicious Android apps have also been able to sneak through the Play Store. But Chrome OS users mostly avoided massive cyberattack campaigns like getting locked up with ransomware or hijacked to become part of a botnet. Major security flaws for Chrome OS, like ones that would give an attacker complete control, are so rare that Google offers rewards up to $200,000 to anyone who can hack the system.

The article argues that "Fewer software choices mean limited options for hackers. Those are some of the benefits that have led security researchers to warm up to the laptops...

"Chrome OS takes an approach to security that's similar to the one Apple takes with iOS and its closed ecosystem."
This discussion has been archived. No new comments can be posted.

Security Experts See Chromebooks as a Closed Ecosystem That Improves Security

Comments Filter:
  • by Anonymous Coward on Saturday March 31, 2018 @12:36PM (#56359123)
    Linux for the win!
    • by Junta ( 36770 ) on Saturday March 31, 2018 @12:48PM (#56359169)

      Really, it's about how much it doesn't let you do.

      If you are trying to be productive, chromebooks are exceedingly annoying because they are so limited.

      This plays well with a lot of security researcher mindset, that would rather see useless computers than tolerate what they could imagine to be a security problem.

      Sometimes they find legitimate problems (e.g. Heartbleed), but often the declare some severe CVE for "administrator can do administrator things" sorts of behaviors.

      Then they wonder at why when they find a very severe issue and get a lot of credibility, why it goes away in a matter of weeks as they try to open/brand a wave of 'vulnerabilites' that are perfectly actually expected/intended behaviors by the developers and the users of that software.

  • Malware (Score:4, Insightful)

    by Anonymous Coward on Saturday March 31, 2018 @12:43PM (#56359153)

    Everything from Google, a giant advertising company that wants to track your every move. Fools.

    • Depends what your threat model is. If you're worried about leaking data to corporate entities, then Apple / Google / MS based devices are always going to be a potential problem. If you're worried about organised crime or hackers then you're probably better off on a Chromebook as it's pretty locked down from those threats, and a Linux distro is quite easy to make insecure if you install the wrong service and/or don't keep it updated.

      But please don't give me "but Apple are secure because they tells me so!" -

    • by AmiMoJo ( 196126 )

      Being security experts they are probably more interested in what they can measure, rather than paranoid forum posts. So they likely use some of their most basic tools, like Wireshark, to verify that their Chromebooks were not spying on them.

  • by Templer421 ( 4988421 ) on Saturday March 31, 2018 @12:46PM (#56359161)

    VERY secure.

  • by CaptainDork ( 3678879 ) on Saturday March 31, 2018 @12:50PM (#56359175)

    ... an oxymoron.

  • by FudRucker ( 866063 ) on Saturday March 31, 2018 @12:52PM (#56359181)
    would be just as good as long as it is in competent hands
    • In case people don't see exactly how clever your comment is, ChromeOS is a Gentoo-based Linux distro with a prebuilt frozen userland and Google administration. It really does come down to trust of Google, once that information isn't being obscured.

      • by Bert64 ( 520050 )

        Although since it's open source, could someone not create a fork that was linked to someone else's service instead of google's?

        Not trusting google is fine, but people without the technical knowledge to operate a full blown laptop could hire someone they trust to manage a forked chromebook for them.

    • by raymorris ( 2726007 ) on Saturday March 31, 2018 @01:12PM (#56359257) Journal

      First let me establish to what extent I am qualified or not to address this question:

      I've been a security professional for 20 years. Most of that time I used Linux exclusively. Recently I've also started using Mac. You'll find my name in the kernel change log.

      There are three main areas of security; confidentially, integrity, and availability. Most of the time when people say "security" they mean confidentially first, with some thought to integrity, and they rarely think of availability. For confidentiality and integrity, the top two things an OS can do to help is limit the attack surface (such as not running unnecessary daemons or other software) and provide quick, reliable updates. The only code that can't possibly be hacked is code that isn't there, so the most secure system is the most minimal system. Real-life attacks use known vulnerabilities 99.99% of the time, so quick, automatic updates to resolve known issues are very important.

      There is one Linux distribution that stands out for avoiding any unnecessary code (and potential vulnerabilities) and providing quick, reliable updates. That distribution is ChromeOS. It's well ahead of the others. It would be rather difficult indeed to set up a general-purpose distribution such as Ubuntu, which is made to support servers of all kinds, all kinds of workstations, etc, to be as secure as Chrome OS.

      The third leg of security is availability. If the features and functions you need aren't available on ChromeOS, it won't work for you. Normally we think of availability as "not subject to denial of service or random crashes", but if the service you need is denied by the creator of the OS, that has the same effect as a denial of service attack.

      ChromeOS is therefore well ahead of any general-purpose OS in terms of security - for users who don't need anything ChromeOS doesn't provide. That's a LOT of people. It even suits my needs while traveling because my travel device only needs to SSH to my main machines, and provide a web browser.

      • > If the features and functions you need aren't available on ChromeOS, it won't work for you.

        I'm afraid that this includes over 90% of all laptop users. Without support for robust, fully Microsoft compatible document or spreadsheet handling for business professionals, without robust gaming support for even those few Steam games that have been converted, and without the developer support to handle virtual environments for other development, they remain useful only as web browser tools.

      • It even suits my needs while traveling because my travel device only needs to SSH to my main machines, and provide a web browser.

        Good luck SSHing from a moving city bus. It won't stay near one Wi-Fi access point long enough for your Chromebook to associate. If you're buying cellular Internet service just to use SSH from your Chromebook, you end up needing to include the price of a cellular subscription over the course of your Chromebook's useful life in its effective price.

        And where are your "main machines"? If at home, many home ISPs use NAT that blocks incoming connections [slashdot.org].

        • Couldn't you use your mobile phone as a Wi-Fi access point? I've done so in the past (on a moving train).

          (It was a company mobile, and I was doing company business. Data plan not a problem!)
          • Couldn't you use your mobile phone as a Wi-Fi access point?

            Not in my case. I have programming jobs for two different companies, one in an office and one from home. I work on projects for the latter to pass the time while riding the city bus to and from the former. Neither provides me "a company mobile". And with many of these being graphical and interactive (yet lightweight in CPU use), I would need to tunnel X11 or VNC over SSH, which would run up the latency and data usage even if I do manage to install some sort of X server or VNC viewer.

      • For confidentiality and integrity, the top two things an OS can do to help is limit the attack surface (such as not running unnecessary daemons or other software) and provide quick, reliable updates.

        Confidentiality is having everything you do uploaded to the worlds most prolific data collection and advertising agency?

        Talking confidentiality and integrity on a system that clearly isn't trustworthy in the first place is a waste of time.

        The only code that can't possibly be hacked is code that isn't there, so the most secure system is the most minimal system.

        Fundamentally misguided. Amount of code is not as important as organization of code.

        Real-life attacks use known vulnerabilities 99.99% of the time, so quick, automatic updates to resolve known issues are very important.

        Well over 90% of attacks exploit users not systems.

        There is one Linux distribution that stands out for avoiding any unnecessary code (and potential vulnerabilities) and providing quick, reliable updates. That distribution is ChromeOS.

        Only realistic hope in the near term is better hardware and isolation at hypervisor level.

        • He says his only needs are to SSH to his main machine, and use a web browser. Of these, I would imagine SSH to be the main business critical app. I'm willing to be corrected, but I doubt Google will trawl or upload anything that he uses SSH for.
        • > Confidentiality is having everything you do uploaded to the worlds most prolific data collection and advertising agency?

          That's something you have to consider. Whether you choose ChromeOS, ChromiumOS, Windows, Ubuntu or something else, and whether you use Google docs or not. You can use Windows and trust Microsoft with all your data of you want to. Personally my "consoles", the machines I touch daily, are just SSH consoles, so Google isn't getting anything from me other than browsing history.

          You're righ

          • by shilly ( 142940 )

            I don't get this at all. Google is very impressive at collecting, organising and searching data. They monetise data. That creates a conflict of interest with acting as a custodian of your data.

            • It's an interesting thing. As you said, Google analyzes the data in order to serve relevant ads, and also uses it to provide better services, which they use for more ads. So there is an inherent conflict of interest there. Many people don't use Google services for that reason, and that makes sense.

              ALSO like Coca-Cola has their secret formula, and KFC has it's "eleven herbs and spices", every company has their crown jewels. Google is not Microsoft - they don't survive by selling Office 365. Their most valua

              • by shilly ( 142940 )

                I hear your take, and your examples are illuminating:
                1. Top-secret research (fighter jet development)
                2. Credit card info
                3. On-boarding checklist for new developers

                Three different levels of security required for three different levels of sensitivity of data. Thing is, while everyone would agree that example 1 requires specially hardened systems, surely you'd agree that almost everyone requires secure computing that protects information like example 2? And not by creating an air-gapped local secured system, e

                • When I mentioned credit card information, I was talking about a database full of other people's cards, knowing that some of those people have only one account, with a low balance. A stray $100 charge will have them overdrawn and they'll start getting overdraft fees. Then they won't be able to buy gas or food until pay day. A high level of confidentiality is required.

                  For MY OWN credit card that I use to buy stuff online every day, I recognize that is sent to a lot of different companies who have widely varyi

        • by AmiMoJo ( 196126 )

          Do you have any evidence that everything you do on a Chromebook is being uploaded to Google? Do you think that no one in the security community has bothered to check, say with a packet sniffer or MITM attack?

          Chrome OS has a lot of other stuff that no other Linux distro replicates, at least not without extensive hacking. Secure boot, for example. Do you know what is involved in setting that up on a random laptop with random Linux distro? Or sandboxing apps to the degree that Chrome OS does by default?

      • You may need to clarify whether you're talking about the user's security, or the security of the corporation.

    • would be just as good as long as it is in competent hands

      Exactly the problem. Vast majority of users, including most IT professionals, are not security competent. Expecting people to know the ins-and-outs of computer security before they can be secure is a non-starter.

      • would be just as good as long as it is in competent hands

        Exactly the problem. Vast majority of users, including most IT professionals, are not security competent. Expecting people to know the ins-and-outs of computer security before they can be secure is a non-starter.

        More than that, security researchers will tell you that they, themselves, aren't competent to make good security decisions. It's why they use Chromebooks.

        Systems are too big and complex for one person, however expert, to fully understand. Building a secure system requires teams of specialists, not just specialists in security but specialists in the security of particular parts of the system. Plus pen testers, security auditors, etc., who take a more holistic view, but with access to all of the specialists

    • True, but honestly, what good is that?

      For more than a decade, we've been beyond the point where competent folks can secure their machines. The challenge now is to make it the default behavior so that anyone can run a secure user machine without effort.

      Besides being excellent for the incompetent, accomplishing this challenge also frees up the competent to apply their competence to other tasks. That is, it's a benefit for everyone the intellectual effort required to accomplish a task is reduced.

      Someone said t

    • If you're worried about security, OpenBSD would probably be better. Theo's pretty fanatical about it.

      • The “problem” (from the typical user’s point of view) is that BSD folks have no problem with hearing “no, we don’t allow that because it could lead to potential security concerns”. Most users don’t want to hear about what they aren’t allowed to do - when forced to choose they will pick convenience over security, every time.

        • they will pick convenience over security
          And what would be an example for that? Why should convenience be automatically insecure?

      • If you're worried about security, OpenBSD would probably be better. Theo's pretty fanatical about it.

        Theo isn't remotely as fanatical about security as the ChromeOS team. He also doesn't have the same control over the hardware that runs the systems, nor the software that runs on the systems, as the ChromeOS team does. OpenBSD doesn't even have a Mandatory Access Control system like SELinux, and if it did it couldn't lock it down as hard as ChromeOS can... precisely because OpenBSD has to be allowed to run arbitrary software, while ChromeOS does not.

        I'm not saying OpenBSD isn't a nice system, nor that The

  • Chrome OS (Score:2, Funny)

    by Anonymous Coward

    I can see why one would purchase a cheap laptop with Chrome OS for their children in middle school or high school but once they are college bound only a quality laptop that is neither repairable nor upgradable running macOS with 10 dongles will do.

    - Tim in Cupertino

  • by Alain Williams ( 2972 ) <addw@phcomp.co.uk> on Saturday March 31, 2018 @01:44PM (#56359367) Homepage

    No mention of how much is leaked to google: copies of your files sent there or other metrics that google might sniff. But if you are happy with that then yes it is secure.

  • title should add "Self-proclaimed" to the "security expert" part.

  • by duke_cheetah2003 ( 862933 ) on Saturday March 31, 2018 @02:12PM (#56359501) Homepage

    Sure, I'll agree with summary. A closed system is inherently harder to hack. And harder to put malware onto if the model is excluding unsigned/unapproved code.

    But is this something we really want? We've heard that 'they' would like general purpose computing to be revoked from the general population, or at least severely limited.

    This is a step in that direction, under the guise of 'It's more secure!', yeah, it's also locked down and useless for any function other than it's designated function. I'm not really interested in this. I don't think it's a good idea to be pushing this kind of solution.

    It's a nice looking 'gift', but it's trojan horse. A trojan to train the population that they don't need general purpose computing, and that general purpose open computing is dangerous and unsafe. Not good.

    • by Bert64 ( 520050 )

      General purpose open computing *is* unsafe for most people, and people with zero technical knowledge using complex general purpose systems has resulted in epidemics of compromised machines, identity theft and all manner of other problems.

      Many people are better off with a hardened device managed by someone else, wether its a chromebook, tablet or games console (a console is fundamentally no different, its just designed to play games instead of browse websites).

      Were it not for a need to access the internet, m

  • Most people I wouldn't trust to maintain mission critical security on a productive workstation. They click on FunnyCatsVideo.exe and could tell a client from a server if their life depended on it. For these such a thing as a chromebook truely *is* the more secure solution.

    Google watches over you.

    That's not just a disadvantage. Which is why I recommend it to all ordinaries with no money and no grasp of computers. The ones with money I tell to get the apple stuff.

"I shall expect a chemical cure for psychopathic behavior by 10 A.M. tomorrow, or I'll have your guts for spaghetti." -- a comic panel by Cotham

Working...