undefined | Better HN

0 pointskweingar3y ago0 comments

You can harden and configure a Linux system to have many of the ChromeOS security features, but ChromeOS has all of these enabled by default:

- All user data is encrypted at the login level. A guest user cannot access any other users’ data. Whereas in Ubuntu, for example, home directories have 755 permissions.

- The Linux userspace in ChromeOS is actually running on KVM, so ChromeOS itself is insulated from user-installed malware.

- Verified boot is huge. It is theoretically impossible for a modification to system-level software to survive a reboot. An attacker would have to modify the hardware too. And even if someone stole your Chromebook and modified the hardware to run malware, your data is still encrypted.

If you are interested, a more thorough explanation can be found here: https://chromium.googlesource.com/chromiumos/docs/+/HEAD/sec...

0 comments

3 comments · 1 top-level

cmatthias3y ago· 2 in thread

What if the attacker is the one who built and shipped the OS to begin with? Everything you say is true, but it doesn't matter as long as user data (history, location, etc) is being shipped off to Google.

Or, put another way: your threat model is a nefarious hacker or three-letter-agency who might secretly modify your hardware/software to get your data. Mine is surveillance capitalism. ChromeOS is secure under your threat model, but is _built by the attacker_ under mine.

Both of these threat models are important to consider, but one is much more relevant to a larger portion of the population than the other.

sulam3y ago

Relevant from your POV. A very large part of the planet clearly doesn't care.

cmatthias3y ago

I said it was more relevant than nefarious hackers or government agencies, not relevant in some subjective general sense. So whether or not they care is irrelevant to my point.

j / k navigate · click thread line to collapse