Announcement

Collapse
No announcement yet.

Google "Slippy" Chromebook Supported By Coreboot

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #11
    This warning screen exists to alert you that a Chromebook is in developer mode and the normal security precautions donít apply. For example, if you were using someone elseís Chromebook, you could normally log in with your Google account without fear. If it was in developer mode, itís possible that software running in the background could be recording your keystrokes and monitoring your usage. Thatís why Google makes it easy to tell if a Chromebook is in Developer Mode and doesnít allow you to permanently disable this warning screen.
    Oh my goggles, that's the most ridiculous bullshit I've ever read.

    Comment


    • #12
      Originally posted by 89c51 View Post
      Does the pixel have a write protect screw??
      There's a picture on http://www.chromium.org/chromium-os/...romebook-pixel (https://a77db9aa-a-7b23c8ea-s-sites....ottom-guts.jpg)

      The golden screw on the right. I once asked one of the ChromeOS-coreboot devs - I guess they forgot to add the information.

      Comment


      • #13
        Originally posted by dee. View Post
        Oh my goggles, that's the most ridiculous bullshit I've ever read.
        Why? They sell the systems with a claim of security. Once you can run whatever you want, they can, by definition, not vouch for what's going on.
        Both the regular and dev-mode are appliance stuff (as is the Chromebook project in general), not general computing.

        If you want to truly own the box (and not just modify it a little), and treat it as a real computer, there's the jumper or screw, while dev mode is not for you.

        Comment


        • #14
          Originally posted by pgeorgi View Post
          Why? They sell the systems with a claim of security. Once you can run whatever you want, they can, by definition, not vouch for what's going on.
          Both the regular and dev-mode are appliance stuff (as is the Chromebook project in general), not general computing.

          If you want to truly own the box (and not just modify it a little), and treat it as a real computer, there's the jumper or screw, while dev mode is not for you.
          Bullshit. They're selling a false sense of security, just like "secure boot".

          If you use someone else's computer, you can't EVER be sure you can trust it, no matter whose logo is on the side. It just comes as a matter of trust, do you trust the owner of the computer? Trust isn't something that should be based on some corporation's goodwill, the whole idea of a single source of trust is flawed. The only way to really be sure you can trust the computer you use is if the only source of trust is you, the user.

          For a very simple example: say you use your friend's chromebook, but it's already open and running. Are you meant to boot your friend's computer just to see that it's trustworthy? And since even this can be circumvented by doing that whole screw thing, how do you know your friend hasn't done this whole screw thing beforehand? This is just a paper wall of mock security...

          And for that matter, you shouldn't hold anything of importance on any google accounts in the first place, because those things are not secure. The NSA has full access to all google services, as they have on any services that are based in the US. The fact that google pretends like their machines are "secure" just makes it worse.

          Comment


          • #15
            Originally posted by dee. View Post
            Bullshit. They're selling a false sense of security, just like "secure boot".
            It's about Google being able to vouch for the system. It might be a selling point to customers, or it might not.
            Is it absolutely secure? No. If you're aiming for absolute security, build your own fab.
            Hint: x86 based Chromebook come with Intel chips. Intel chips come with the Management Engine: full access to video, input devices, network and RAM, controlled by 1.5MB firmware (what is all that code doing? that's the _light_ version!) that can't be replaced by anyone but Intel (since it's signed by them).
            I'm not all too interested in buying Google devices, but I certainly won't buy Intel.

            Originally posted by dee. View Post
            And for that matter, you shouldn't hold anything of importance on any google accounts in the first place, because those things are not secure. The NSA has full access to all google services, as they have on any services that are based in the US. The fact that google pretends like their machines are "secure" just makes it worse.
            In which case you probably shouldn't buy Google...

            Comment


            • #16
              Originally posted by pgeorgi View Post
              It's about Google being able to vouch for the system. It might be a selling point to customers, or it might not.
              Is it absolutely secure? No. If you're aiming for absolute security, build your own fab.
              Hint: x86 based Chromebook come with Intel chips. Intel chips come with the Management Engine: full access to video, input devices, network and RAM, controlled by 1.5MB firmware (what is all that code doing? that's the _light_ version!) that can't be replaced by anyone but Intel (since it's signed by them).
              I'm not all too interested in buying Google devices, but I certainly won't buy Intel.


              In which case you probably shouldn't buy Google...
              Don't be ridiculous. There's no such thing as "absolute security". Every security measure can be broken, if by nothing else then by human error. But that doesn't mean that it's all the same to have no security at all. Just because we can't attain perfection doesn't mean that we should settle for any shit available. Having really good security is still better than having total shit security, even if it isn't perfect.

              And I don't buy Google. Well, Android phone, but that's because there weren't any better alternatives at the time, and I never do anything important with my phone anyway. I don't even log on any websites with my phone. It's ok to use insecure devices, as long as you recognize they're insecure and treat them as such.

              That's beside the point though, because this entire conversation had nothing to do with my buying habits.

              Comment


              • #17
                Originally posted by pgeorgi View Post
                There's a picture on http://www.chromium.org/chromium-os/...romebook-pixel (https://a77db9aa-a-7b23c8ea-s-sites....ottom-guts.jpg)

                The golden screw on the right. I once asked one of the ChromeOS-coreboot devs - I guess they forgot to add the information.
                The point is not having to go through all this trouble to boot the damn thing. A simple solution would be to give you a firmware choice/switch.Boot in what google wants or boot ie. GRUB2. Point where the kernel is and not have to touch the thing in a lifetime. I would also be OK with proper UEFI.

                Comment


                • #18
                  The 2 problems with the Chromebooks are the slow-as-molasses ARM processors that the cheaper models run on, or the limited storage space provided (which happens to be also conveniently soldered directly into the mainboard).

                  Dev-mode / 30 second warning screen / etc are just inconveniences that can be endured.

                  Anyway, only paranoid people with digital dirt on them will worry about being snopped on.

                  Comment


                  • #19
                    Any affordable full-HD, 14" maximum, linux compatible laptop out there?

                    Comment


                    • #20
                      Originally posted by Sonadow View Post
                      The 2 problems with the Chromebooks are the slow-as-molasses ARM processors that the cheaper models run on,
                      Actually, the cheaper models run Intel processors. Only the Samsung Series3 ($249) and HP Chromebook 11 ($279) use ARM processors, and both are more expensive than the Intel based Chromebooks from Acer (starting at $199).

                      Comment

                      Working...
                      X