Of course there is. Where would that virus live on a Chromebook? It's as unlikely to be impacted by a virus as your Mac and much easier to get rid of it it ever did happen. AFAIK the OS downloads fresh at every boot, washing away device system changes that didn't come directly from Google. Not even your Mac or iOS device does that.
Not really sure I want that though. Pretty sure I don't, actually. Then again, I'm more the kind of people to run a Linux or Mac box than a Chrome box ^^
No, there isn't. What you're probably referring to is Chrome's included *optional* ability to use Google's servers for advanced spell checking, the same kind they use in Google searches. It is off by default, even if you previously set it on another machine, which means you have to explicitly enable the feature to use it.
You sure don't use Google+ often, at least in public
Since the apps are all using webcode and the UI is based on Google's Chrome OS which is spends a lot of money and time securing I'd say that Chrome OS is probably one of the, if not most, secure OSes on the market today… at least when you subtract what Google could be doing with your personal data, which I know that many here will see as worse than having malware from Eastern Europe or China running around on your system, but I think that's very extreme.
I would argue the opposite.
Much of the security scheme relies upon frequent rebooting but pattern of user behavior suggest this is a poor idea.
What prevents code execution at the kernel?
What prevents the presentation of an alternate operating system in developer mode?
Is the verified boot encrypted during transport?
Since the cryptographic key is changed every four years but resides in the EEPROM then how is the key changed or does the user recycle the system? If the EEPROM can be changed then this isn't as secure as suggested.
Why isn't all user data encrypted?
If the web apps are Flash-based or Java based then there may be significant vulnerabilities in a system that relies completely on web apps.
The operating system uses web apps implying that a persistent Internet connection is required which offers serious threats that aren't otherwise present necessarily.
Overall, the operating system is well protected but user data is quite vulnerable compared to competing systems. There is no protection for the Master Boot Record and thus no prevention of user data corruption, no prevention of data execution on the kernel, no default encryption of user data.
Sure but there are a lot of limits like no USB printing or importing photos from a camera over USB. While some limits apply to the iPad again, this is a $1300 machine.
I actually think this would be fine if it came with Android and cost $500. I don't get why Google insists on bothering with Chrome OS. Is it the malware thing maybe or the update thing?
If you're sticking on about price, Apple sells a 128gb Wifi+LTE model iPad for $929, which isn't too far away from $1299. Just like the iPad, the Chromebook has a range of prices, albeit much more extreme.
To your other points, printing on a Chromebook is solved using Google Cloud Print, which enables you to use a shared printer from another device, like your home desktop computer, or by using a network connected printer that supports Cloud Print natively. Many newer printers from HP and others support this technology, which is similar to Apple's Air Print. Regarding photos, you can import photos via USB or SD Card if your device supports mounting as an external storage device. It's true that you can't import photos directly from an iPhone or Android 4.x phone, but with services like Google+ and Dropbox automatic photo importing, you almost don't need to in most cases. Apple's own Photo Stream solution is an example of no longer needing to import your stuff with a cable. Plus, that feature could be added to the Chromebook sometime in the future.
As to your last point, Google *does* sell a Nexus 7 and Nexus 10 tablet, ranging from $199-399, which runs Android, and the Nexus 10 has the same Retina-quality screen found in higher end tablets. I don't know the reason why Google has two operating systems, but after using a Nexus 7 and a Samsung Chromebook, I completely understand why they are engineered the way they are. Android is optimized for touch, while Chrome is optimized for a keyboard and mouse. I don't think running Android on this laptop would be a great experience, since that OS and its apps were designed with touch in mind. Chrome on Android lacks parity with the Desktop version, missing a lot of essential features like extensions and performance. Besides, by adding the complexity of Android, you lose what is the essential benefit of Chrome OS - it is a stateless operating system. My Chromebook can be nuked and reinstalled with a fresh OS, or I could sign in for the first time on a friend's Chromebook, and I'd be back up and running with all of my apps, extensions, settings and data within minutes of logging in. You can't say that about almost every consumer OS out there.
If you want a perfect example of why I don't think Chrome OS and Android should ever mix, look no further than Windows 8.
Much of the security scheme relies upon frequent rebooting but pattern of user behavior suggest this is a poor idea.
What prevents code execution at the kernel?
What prevents the presentation of an alternate operating system in developer mode?
Is the verified boot encrypted during transport?
Since the cryptographic key is changed every four years but resides in the EEPROM then how is the key changed or does the user recycle the system? If the EEPROM can be changed then this isn't as secure as suggested.
Why isn't all user data encrypted?
If the web apps are Flash-based or Java based then there may be significant vulnerabilities in a system that relies completely on web apps.
The operating system uses web apps implying that a persistent Internet connection is required which offers serious threats that aren't otherwise present necessarily.
Overall, the operating system is well protected but user data is quite vulnerable compared to competing systems. There is no protection for the Master Boot Record and thus no prevention of user data corruption, no prevention of data execution on the kernel, no default encryption of user dat
Trying to dissect your points here.
Not sure I understand what you're suggesting. I only have to reboot my Chromebook if it gets an update or I want to start over with a fresh session.
I'm no crypto wizard, but I believe the Kernel only runs signed code from Google. The Chromebook uses a verified boot which makes sure every link in the chain is genuine and hasn't been tampered with. Unless we get to your next point...
Developer mode essentially means turning off the verified boot protections. You're now on part with most, if not all, Windows 7 and earlier PCs. Microsoft did not support verified boot until Windows 8, and like Chromebooks, gives the user the ability to turn it off in order to install alternative operating systems. If you turn off the security, the ownness is on YOU to keep your machine safe.
Certificates are renewed every few years largely in policy, not because they technically or physically stop working. An expired SSL certificate, for example, is as strong as it was the day it was issued, and still provides security and authentication. So, presumably, this is a non-issue. Chromebooks will continue to be supported for as long as Google wants supports them.
All users data *IS* encrypted. By default, each user has their local data encrypted with the help of a TPM module installed in every device. Any data being sent to a web service, like Facebook or Twitter, is on the responsibility of those services, which is true for any service on any platform. Feel free to read up on Chromium OS's security overview here: http://www.chromium.org/chromium-os/chromiumos-design-docs/security-overview
Chrome OS ships with a sandboxed version of Flash, which is automatically updated to the latest version as it's made available. This is a more favorable scenario than most PCs or Macs with Flash installed, where the plugin may not be sandboxed or always up to date. Google has worked closely with Adobe over the last few years to make sandboxing of flash within Chrome possible. Java is not available for Chrome OS. Besides, most web applications are moving away from Flash and Java towards HTML5 apps.
Chrome OS works offline, but is best when you are always online. That's true of nearly every PC and Mac out there. How useful is a computer without an internet connection to most people? Probably not very. Again, there are PCs out there with persistent internet connections that have malware running on them unbeknownst to the user, while Chrome OS has all the security checks in place to help ensure the system is clean. Worst case, the Chromebook will simply refuse to boot until you download a new image directly from Google and reinstall from scratch.
You're concern at the end is largely FUD. Again, read up on the security that Chrome OS has built into place. Regarding user data, most of your data is going to live on a cloud service anyway. Google integrates Google Drive into the OS, which works like a remote network drive for your Chromebook. Thus, if your Chromebook was damaged or stolen, no data stored on Drive would be affected. You can also use other cloud storage systems, like Dropbox, Bitcasa, and Box to store and access your data through their web apps as well. The only data at risk would be local downloads that haven't been transferred or backed up somewhere else, but isn't that true of every other computer out there?
...and back to that too. I always consider it evidence I've won the debate when the dishonest name-calling starts. I sometimes think you've forgotten how to construct a proper argument and how to recognize when what you do have to say is fallacious. Here's an easy-read reminder:
It should be noted that the Pixel includes three years of 1TB of Google Drive storage, which actually costs less than if you just bought that amount of storage over the same period of time. If all you want is the storage, you can buy it at a $300-500 discount and essentially get a free laptop, which isn't too bad of a deal.
Except when that 3 years runs out, they charge $50/month so you'll have 1TB of stuff on the Cloud and have to pay to keep it there vs having a 1TB USB 3 HDD for $80.
If you're sticking on about price, Apple sells a 128gb Wifi+LTE model iPad for $929, which isn't too far away from $1299. Just like the iPad, the Chromebook has a range of prices, albeit much more extreme.
The LTE Chromebook starts at $1449 and only has 64GB of storage. So really, it's $829 (64GB LTE iPad) vs $1449 - iPad is $620 cheaper and more functional.
It's odd how price doesn't seem to be a big issue and yet Android phones are usually promoted as being a fraction of the price of iPhones. Seems to be selective.
Besides, by adding the complexity of Android, you lose what is the essential benefit of Chrome OS - it is a stateless operating system. My Chromebook can be nuked and reinstalled with a fresh OS, or I could sign in for the first time on a friend's Chromebook, and I'd be back up and running with all of my apps, extensions, settings and data within minutes of logging in. You can't say that about almost every consumer OS out there.
I'm pretty sure I can import all my browser settings into another machine pretty quickly and double-click install a bunch of extensions as well as login to say a Dropbox file store. The problem is, that's a tiny fraction of what a computer with a proper OS can be used for and this machine switching scenario really isn't that common. Why even buy a $1300 laptop if you plan to be jumping to other computers?
If you want a perfect example of why I don't think Chrome OS and Android should ever mix, look no further than Windows 8.
Windows 8 is a mashup of a desktop OS and a mobile OS. Android Chrome would be a mashup of a mobile OS and a browser, which it already has. It would effectively be Android with just webapps. iOS was originally designed to only run webapps and wasn't a popular idea for the same reasons.
The video above ran Android on the Chromebook via USB and it looked fine, which is a good demo of its scalability even if some things weren't quite right. If Android has issues with security, automatic updates and syncing then the solution is not to build a separate OS that fixes those problems by effectively being just a browser but instead to actually just fix those problems with Android and manage a single OS that scales and syncs across multiple devices and platforms while maintaining security.
Not sure I understand what you're suggesting. I only have to reboot my Chromebook if it gets an update or I want to start over with a fresh session.
I'm no crypto wizard, but I believe the Kernel only runs signed code from Google. The Chromebook uses a verified boot which makes sure every link in the chain is genuine and hasn't been tampered with. Unless we get to your next point...
Developer mode essentially means turning off the verified boot protections. You're now on part with most, if not all, Windows 7 and earlier PCs. Microsoft did not support verified boot until Windows 8, and like Chromebooks, gives the user the ability to turn it off in order to install alternative operating systems. If you turn off the security, the ownness is on YOU to keep your machine safe.
Certificates are renewed every few years largely in policy, not because they technically or physically stop working. An expired SSL certificate, for example, is as strong as it was the day it was issued, and still provides security and authentication. So, presumably, this is a non-issue. Chromebooks will continue to be supported for as long as Google wants supports them.
All users data *IS* encrypted. By default, each user has their local data encrypted with the help of a TPM module installed in every device. Any data being sent to a web service, like Facebook or Twitter, is on the responsibility of those services, which is true for any service on any platform. Feel free to read up on Chromium OS's security overview here: http://www.chromium.org/chromium-os/chromiumos-design-docs/security-overview
Chrome OS ships with a sandboxed version of Flash, which is automatically updated to the latest version as it's made available. This is a more favorable scenario than most PCs or Macs with Flash installed, where the plugin may not be sandboxed or always up to date. Google has worked closely with Adobe over the last few years to make sandboxing of flash within Chrome possible. Java is not available for Chrome OS. Besides, most web applications are moving away from Flash and Java towards HTML5 apps.
Chrome OS works offline, but is best when you are always online. That's true of nearly every PC and Mac out there. How useful is a computer without an internet connection to most people? Probably not very. Again, there are PCs out there with persistent internet connections that have malware running on them unbeknownst to the user, while Chrome OS has all the security checks in place to help ensure the system is clean. Worst case, the Chromebook will simply refuse to boot until you download a new image directly from Google and reinstall from scratch.
You're concern at the end is largely FUD. Again, read up on the security that Chrome OS has built into place. Regarding user data, most of your data is going to live on a cloud service anyway. Google integrates Google Drive into the OS, which works like a remote network drive for your Chromebook. Thus, if your Chromebook was damaged or stolen, no data stored on Drive would be affected. You can also use other cloud storage systems, like Dropbox, Bitcasa, and Box to store and access your data through their web apps as well. The only data at risk would be local downloads that haven't been transferred or backed up somewhere else, but isn't that true of every other computer out there?
I already knew the answers. Since some posters do not seem to understand the inherent flaws of Google Chrome OS I will explicitly state them, not in my words but in the words of Google employees and several MIT computer science students.
"Chrome has an Auto-login option that allows the user to stay logged on constantly, even over multiple boots." (2)
"If the Chromebook gets misplaced or stolen, all of that users data on the cloud will be accessible to whoever holds the Chromebook" (2)
"Chrome OS claims that it does not need any anti-malware software; however, this claim is not necessarily
true." (2)
"It may also be possible to modify the user data." (2)
"... an attacker might be able to secretly install a malicious plug-in without the users knowledge." (2)
"... change the users setting to go to “attacker.com as its homepage" (2)
"the default is only to encrypt the password and not necessarily the synced user data." (2)
"It's important to note that at no point is the system restricted to code from the Chromium project..." (1)
"... because the web is more open and connected, one may argue that is is less secure than physical computers." (2)
"... stealing passwords through phishing attacks, etc. is currently easier than stealing physical hard drives or breaking the cryptography" (2)
"If an attacker manages to obtain a users password, the attacker can easily access all the data without even needing to have the physical computer." (2)
"By design, verified boot only runs on boot. However, it is possible to always avoid rebooting the computer." (2)
"... It's important to note that at no point is the system restricted to code from the Chromium project." (2)
"... Chrome OS does not try to address phishing or other online attacks, which means that it does not provide any stronger guarantees about the data online." (2)
" ... driver sandboxing" not currently implemented (1)
"All plugins..." don't currently "... run as independent processes.... ... with OS-level sandboxing ... or Mandatory Access Control (MAC) policies" (1)
"access to local storage services..." is not isolated "... at a process level" (1)
"Full-screen mode in some plugins could allow an attacker to mock out the entire user experience of a Chromium OS device." (1)
"... JavaScript APIs used in web applications on Chromium OS devices will be the same HTML5 and Open Web Platform APIs that are being deployed in Chromium browsers everywhere." (1)
"adversary could attempt to subvert the update process" (1)
As any reasonable person can see there are several aspects of Google Chrome OS to admire, in particular verified boot and automatic updates. Unfortunately, Google Chrome OS has their own share of vulnerabilities even vulnerabilities related to verified boot and automatic updates.
Sometimes, Torvalds just as cocky as SJ, isn't he?
I wouldn't say Torvalds is necessarily cocky, just very opinionated... And doesn't have to tone down his rhetoric for anyone. And he has strong opinions. At least he's not as crazy as Richard Stallman...
And yes, we all wonder what the hell Gnome was thinking (I don't think Gnome Shell is bad per se, but they've made some bad decisions for their ecosystem)...
Third party developers should not be allowed to create native iPhone applications. Nobody needs native iPhone applications. Web apps are "really sweet".
When iPhone was first sold, there was no SDK and Apple told developers they could write web apps that ran in Safari. This did not please developers. Since then, the success of the App Store, the unpopularity of web-based iPhone apps, and the failure of webOS to create excitement around web apps is a clear indication that your optimism in web apps is not shared by the market at large.
When iPhone was first sold, there was no SDK and Apple told developers they could write web apps that ran in Safari. This did not please developers. Since then, the success of the App Store, the unpopularity of web-based iPhone apps, and the failure of webOS to create excitement around web apps is a clear indication that your optimism in web apps is not shared by the market at large.
His comment is implying this is what everyone was saying before the inevitable release of Xcode for iOS months after the iPhone launched. He's saying that because the App Store wasn't ready until the 2nd gen iPhone in 2008 that no one wanted a native solution for apps that were actually against it simply because it was not yet an option.
His comment is implying this is what everyone was saying before the inevitable release of Xcode for iOS months after the iPhone launched. He's saying that because the App Store wasn't ready until the 2nd gen iPhone in 2008 that no one wanted a native solution for apps that were actually against it simply because it was not yet an option.
Were Apple users actually against native apps? I don't recall that I was against native apps although some of the web apps were impressive at the time. Regardless, native apps were introduced soon enough that I suspect native apps were always part of the plan.
Were Apple users actually against native apps? I don't recall that I was against native apps although some of the web apps were impressive at the time. Regardless, native apps were introduced soon enough that I suspect native apps were always part of the plan.
Nobody was, but he constantly posts that crap because most accepted what was offered and simply dealt with web apps for the very short time frame before Xcode for iOS arrived. The App Store didn't come for a full year but even that's a short time frame.
The issue probably arose with WinMo, BB OS, and Symbian users came to pooh-poh the iPhone because it didn't have a native SDK and the more sensible posters said to give it time and that webapps were fine for an interim solution. Same thing for cut/copy/paste which i don't think arrived until iOS 3.0 in 2009. Apple took their sweet time to bring it but they did it right and not in the disjointed way that Android has implemented it. Of course, Haggar has also made the same claims that people said "No one needs copy/paste" or something to that effect.
Except when that 3 years runs out, they charge $50/month so you'll have 1TB of stuff on the Cloud and have to pay to keep it there vs having a 1TB USB 3 HDD for $80.
The LTE Chromebook starts at $1449 and only has 64GB of storage. So really, it's $829 (64GB LTE iPad) vs $1449 - iPad is $620 cheaper and more functional.
It's odd how price doesn't seem to be a big issue and yet Android phones are usually promoted as being a fraction of the price of iPhones. Seems to be selective.
So you're saying the touch features on the Chromebook are not an optimal implementation.
I'm pretty sure I can import all my browser settings into another machine pretty quickly and double-click install a bunch of extensions as well as login to say a Dropbox file store. The problem is, that's a tiny fraction of what a computer with a proper OS can be used for and this machine switching scenario really isn't that common. Why even buy a $1300 laptop if you plan to be jumping to other computers?
Windows 8 is a mashup of a desktop OS and a mobile OS. Android Chrome would be a mashup of a mobile OS and a browser, which it already has. It would effectively be Android with just webapps. iOS was originally designed to only run webapps and wasn't a popular idea for the same reasons.
The video above ran Android on the Chromebook via USB and it looked fine, which is a good demo of its scalability even if some things weren't quite right. If Android has issues with security, automatic updates and syncing then the solution is not to build a separate OS that fixes those problems by effectively being just a browser but instead to actually just fix those problems with Android and manage a single OS that scales and syncs across multiple devices and platforms while maintaining security.
The first paragraph is false: when three years run out, you can keep and access all the data for free, you just can't add to it. The price comments are specious, since for those of us who can use 1TB of cloud storage (or have ten friends, or ten employees who can each use 100GB) the machine is just a freebie you get with the storage (you also get free LTE and 12 free GoGo flights -- the latter is worth around $250, the former, at amazon Kindle pricing for a similar service, around $200), so this is a phenomenally good deal. Oh, and it takes about thirty seconds to use full ubuntu via crouton.
Nobody was, but he constantly posts that crap because most accepted what was offered and simply dealt with web apps for the very short time frame before Xcode for iOS arrived. The App Store didn't come for a full year but even that's a short time frame.
The issue probably arose with WinMo, BB OS, and Symbian users came to pooh-poh the iPhone because it didn't have a native SDK and the more sensible posters said to give it time and that webapps were fine for an interim solution. Same thing for cut/copy/paste which i don't think arrived until iOS 3.0 in 2009. Apple took their sweet time to bring it but they did it right and not in the disjointed way that Android has implemented it. Of course, Haggar has also made the same claims that people said "No one needs copy/paste" or something to that effect.
Bullshit. I was at the 2007 WWDC, where Jobs was trying to distort reality and claim that WebApps was all anyone needed (to much disgust from the geeky audience). Of course, he was obviously lying, and doing this to buy time, but he did say those things.
When iPhone was first sold, there was no SDK and Apple told developers they could write web apps that ran in Safari. This did not please developers. Since then, the success of the App Store, the unpopularity of web-based iPhone apps, and the failure of webOS to create excitement around web apps is a clear indication that your optimism in web apps is not shared by the market at large.
Comments
Quote:
Originally Posted by Gatorguy
Of course there is. Where would that virus live on a Chromebook? It's as unlikely to be impacted by a virus as your Mac and much easier to get rid of it it ever did happen. AFAIK the OS downloads fresh at every boot, washing away device system changes that didn't come directly from Google. Not even your Mac or iOS device does that.
Not really sure I want that though. Pretty sure I don't, actually. Then again, I'm more the kind of people to run a Linux or Mac box than a Chrome box ^^
Quote:
Originally Posted by Mikeb85
KDE has UI scaling.... Gnome doesn't however (what the reviewer was using).
Of course they don't, they're nazis, I read.
http://www.itwire.com/opinion-and-analysis/open-sauce/9680-interface-nazis-in-torvalds-line-of-fire
Sometimes, Torvalds just as cocky as SJ, isn't he?
Quote:
Originally Posted by yuusharo
No, there isn't. What you're probably referring to is Chrome's included *optional* ability to use Google's servers for advanced spell checking, the same kind they use in Google searches. It is off by default, even if you previously set it on another machine, which means you have to explicitly enable the feature to use it.
You sure don't use Google+ often, at least in public
I would argue the opposite.
Overall, the operating system is well protected but user data is quite vulnerable compared to competing systems. There is no protection for the Master Boot Record and thus no prevention of user data corruption, no prevention of data execution on the kernel, no default encryption of user data.
Sure but there are a lot of limits like no USB printing or importing photos from a camera over USB. While some limits apply to the iPad again, this is a $1300 machine.
I actually think this would be fine if it came with Android and cost $500. I don't get why Google insists on bothering with Chrome OS. Is it the malware thing maybe or the update thing?
If you're sticking on about price, Apple sells a 128gb Wifi+LTE model iPad for $929, which isn't too far away from $1299. Just like the iPad, the Chromebook has a range of prices, albeit much more extreme.
To your other points, printing on a Chromebook is solved using Google Cloud Print, which enables you to use a shared printer from another device, like your home desktop computer, or by using a network connected printer that supports Cloud Print natively. Many newer printers from HP and others support this technology, which is similar to Apple's Air Print. Regarding photos, you can import photos via USB or SD Card if your device supports mounting as an external storage device. It's true that you can't import photos directly from an iPhone or Android 4.x phone, but with services like Google+ and Dropbox automatic photo importing, you almost don't need to in most cases. Apple's own Photo Stream solution is an example of no longer needing to import your stuff with a cable. Plus, that feature could be added to the Chromebook sometime in the future.
As to your last point, Google *does* sell a Nexus 7 and Nexus 10 tablet, ranging from $199-399, which runs Android, and the Nexus 10 has the same Retina-quality screen found in higher end tablets. I don't know the reason why Google has two operating systems, but after using a Nexus 7 and a Samsung Chromebook, I completely understand why they are engineered the way they are. Android is optimized for touch, while Chrome is optimized for a keyboard and mouse. I don't think running Android on this laptop would be a great experience, since that OS and its apps were designed with touch in mind. Chrome on Android lacks parity with the Desktop version, missing a lot of essential features like extensions and performance. Besides, by adding the complexity of Android, you lose what is the essential benefit of Chrome OS - it is a stateless operating system. My Chromebook can be nuked and reinstalled with a fresh OS, or I could sign in for the first time on a friend's Chromebook, and I'd be back up and running with all of my apps, extensions, settings and data within minutes of logging in. You can't say that about almost every consumer OS out there.
If you want a perfect example of why I don't think Chrome OS and Android should ever mix, look no further than Windows 8.
Quote:
Originally Posted by MacBook Pro
I would argue the opposite.
Much of the security scheme relies upon frequent rebooting but pattern of user behavior suggest this is a poor idea.
What prevents code execution at the kernel?
What prevents the presentation of an alternate operating system in developer mode?
Is the verified boot encrypted during transport?
Since the cryptographic key is changed every four years but resides in the EEPROM then how is the key changed or does the user recycle the system? If the EEPROM can be changed then this isn't as secure as suggested.
Why isn't all user data encrypted?
If the web apps are Flash-based or Java based then there may be significant vulnerabilities in a system that relies completely on web apps.
The operating system uses web apps implying that a persistent Internet connection is required which offers serious threats that aren't otherwise present necessarily.
Overall, the operating system is well protected but user data is quite vulnerable compared to competing systems. There is no protection for the Master Boot Record and thus no prevention of user data corruption, no prevention of data execution on the kernel, no default encryption of user dat
Trying to dissect your points here.
Not sure I understand what you're suggesting. I only have to reboot my Chromebook if it gets an update or I want to start over with a fresh session.
I'm no crypto wizard, but I believe the Kernel only runs signed code from Google. The Chromebook uses a verified boot which makes sure every link in the chain is genuine and hasn't been tampered with. Unless we get to your next point...
Developer mode essentially means turning off the verified boot protections. You're now on part with most, if not all, Windows 7 and earlier PCs. Microsoft did not support verified boot until Windows 8, and like Chromebooks, gives the user the ability to turn it off in order to install alternative operating systems. If you turn off the security, the ownness is on YOU to keep your machine safe.
Dunno the specifics of verified boot, but feel free to read all about it on the Chromium OS site: http://www.chromium.org/chromium-os/chromiumos-design-docs/verified-boot
Certificates are renewed every few years largely in policy, not because they technically or physically stop working. An expired SSL certificate, for example, is as strong as it was the day it was issued, and still provides security and authentication. So, presumably, this is a non-issue. Chromebooks will continue to be supported for as long as Google wants supports them.
All users data *IS* encrypted. By default, each user has their local data encrypted with the help of a TPM module installed in every device. Any data being sent to a web service, like Facebook or Twitter, is on the responsibility of those services, which is true for any service on any platform. Feel free to read up on Chromium OS's security overview here: http://www.chromium.org/chromium-os/chromiumos-design-docs/security-overview
Chrome OS ships with a sandboxed version of Flash, which is automatically updated to the latest version as it's made available. This is a more favorable scenario than most PCs or Macs with Flash installed, where the plugin may not be sandboxed or always up to date. Google has worked closely with Adobe over the last few years to make sandboxing of flash within Chrome possible. Java is not available for Chrome OS. Besides, most web applications are moving away from Flash and Java towards HTML5 apps.
Chrome OS works offline, but is best when you are always online. That's true of nearly every PC and Mac out there. How useful is a computer without an internet connection to most people? Probably not very. Again, there are PCs out there with persistent internet connections that have malware running on them unbeknownst to the user, while Chrome OS has all the security checks in place to help ensure the system is clean. Worst case, the Chromebook will simply refuse to boot until you download a new image directly from Google and reinstall from scratch.
You're concern at the end is largely FUD. Again, read up on the security that Chrome OS has built into place. Regarding user data, most of your data is going to live on a cloud service anyway. Google integrates Google Drive into the OS, which works like a remote network drive for your Chromebook. Thus, if your Chromebook was damaged or stolen, no data stored on Drive would be affected. You can also use other cloud storage systems, like Dropbox, Bitcasa, and Box to store and access your data through their web apps as well. The only data at risk would be local downloads that haven't been transferred or backed up somewhere else, but isn't that true of every other computer out there?
No, it's simply not worth arguing with you because you simply change the argument and then run and hide after you lose.
Quote:
Originally Posted by jragosta
...with your Google shill posts.
http://forums.appleinsider.com/t/156483/samsung-challenges-apples-iphone-with-new-galaxy-s4/240#post_2294617
Except when that 3 years runs out, they charge $50/month so you'll have 1TB of stuff on the Cloud and have to pay to keep it there vs having a 1TB USB 3 HDD for $80.
The LTE Chromebook starts at $1449 and only has 64GB of storage. So really, it's $829 (64GB LTE iPad) vs $1449 - iPad is $620 cheaper and more functional.
It's odd how price doesn't seem to be a big issue and yet Android phones are usually promoted as being a fraction of the price of iPhones. Seems to be selective.
So you're saying the touch features on the Chromebook are not an optimal implementation.
I'm pretty sure I can import all my browser settings into another machine pretty quickly and double-click install a bunch of extensions as well as login to say a Dropbox file store. The problem is, that's a tiny fraction of what a computer with a proper OS can be used for and this machine switching scenario really isn't that common. Why even buy a $1300 laptop if you plan to be jumping to other computers?
Windows 8 is a mashup of a desktop OS and a mobile OS. Android Chrome would be a mashup of a mobile OS and a browser, which it already has. It would effectively be Android with just webapps. iOS was originally designed to only run webapps and wasn't a popular idea for the same reasons.
The video above ran Android on the Chromebook via USB and it looked fine, which is a good demo of its scalability even if some things weren't quite right. If Android has issues with security, automatic updates and syncing then the solution is not to build a separate OS that fixes those problems by effectively being just a browser but instead to actually just fix those problems with Android and manage a single OS that scales and syncs across multiple devices and platforms while maintaining security.
Quote:
Originally Posted by igriv
I am a bit confused: what does this actually mean, since the device doesn't have 3840x2400 pixels???
It does what it says on the tin. You get 3840x2400 pixels on a screen that has 2880x1800.
Originally Posted by brisance
http://imgur.com/QsQF3yb
I will never understand people who fullscreen the Internet.
I already knew the answers. Since some posters do not seem to understand the inherent flaws of Google Chrome OS I will explicitly state them, not in my words but in the words of Google employees and several MIT computer science students.
"Chrome has an Auto-login option that allows the user to stay logged on constantly, even over multiple boots." (2)
"If the Chromebook gets misplaced or stolen, all of that users data on the cloud will be accessible to whoever holds the Chromebook" (2)
"Chrome OS claims that it does not need any anti-malware software; however, this claim is not necessarily
true." (2)
"It may also be possible to modify the user data." (2)
"... an attacker might be able to secretly install a malicious plug-in without the users knowledge." (2)
"... change the users setting to go to “attacker.com as its homepage" (2)
"the default is only to encrypt the password and not necessarily the synced user data." (2)
"It's important to note that at no point is the system restricted to code from the Chromium project..." (1)
"... because the web is more open and connected, one may argue that is is less secure than physical computers." (2)
"... stealing passwords through phishing attacks, etc. is currently easier than stealing physical hard drives or breaking the cryptography" (2)
"If an attacker manages to obtain a users password, the attacker can easily access all the data without even needing to have the physical computer." (2)
"By design, verified boot only runs on boot. However, it is possible to always avoid rebooting the computer." (2)
"... It's important to note that at no point is the system restricted to code from the Chromium project." (2)
"... Chrome OS does not try to address phishing or other online attacks, which means that it does not provide any stronger guarantees about the data online." (2)
" ... driver sandboxing" not currently implemented (1)
"All plugins..." don't currently "... run as independent processes.... ... with OS-level sandboxing ... or Mandatory Access Control (MAC) policies" (1)
"access to local storage services..." is not isolated "... at a process level" (1)
"Full-screen mode in some plugins could allow an attacker to mock out the entire user experience of a Chromium OS device." (1)
"... JavaScript APIs used in web applications on Chromium OS devices will be the same HTML5 and Open Web Platform APIs that are being deployed in Chromium browsers everywhere." (1)
"adversary could attempt to subvert the update process" (1)
1. Anonymous. Security Overview.
2. Katherine Fang, Deborah Hanus, Yuzhi Zheng. Security of Google Chromebook.
As any reasonable person can see there are several aspects of Google Chrome OS to admire, in particular verified boot and automatic updates. Unfortunately, Google Chrome OS has their own share of vulnerabilities even vulnerabilities related to verified boot and automatic updates.
Quote:
Originally Posted by lightknight
Of course they don't, they're nazis, I read.
http://www.itwire.com/opinion-and-analysis/open-sauce/9680-interface-nazis-in-torvalds-line-of-fire
Sometimes, Torvalds just as cocky as SJ, isn't he?
I wouldn't say Torvalds is necessarily cocky, just very opinionated... And doesn't have to tone down his rhetoric for anyone. And he has strong opinions. At least he's not as crazy as Richard Stallman...
And yes, we all wonder what the hell Gnome was thinking (I don't think Gnome Shell is bad per se, but they've made some bad decisions for their ecosystem)...
Quote:
Originally Posted by Haggar
Third party developers should not be allowed to create native iPhone applications. Nobody needs native iPhone applications. Web apps are "really sweet".
When iPhone was first sold, there was no SDK and Apple told developers they could write web apps that ran in Safari. This did not please developers. Since then, the success of the App Store, the unpopularity of web-based iPhone apps, and the failure of webOS to create excitement around web apps is a clear indication that your optimism in web apps is not shared by the market at large.
His comment is implying this is what everyone was saying before the inevitable release of Xcode for iOS months after the iPhone launched. He's saying that because the App Store wasn't ready until the 2nd gen iPhone in 2008 that no one wanted a native solution for apps that were actually against it simply because it was not yet an option.
Were Apple users actually against native apps? I don't recall that I was against native apps although some of the web apps were impressive at the time. Regardless, native apps were introduced soon enough that I suspect native apps were always part of the plan.
Nobody was, but he constantly posts that crap because most accepted what was offered and simply dealt with web apps for the very short time frame before Xcode for iOS arrived. The App Store didn't come for a full year but even that's a short time frame.
The issue probably arose with WinMo, BB OS, and Symbian users came to pooh-poh the iPhone because it didn't have a native SDK and the more sensible posters said to give it time and that webapps were fine for an interim solution. Same thing for cut/copy/paste which i don't think arrived until iOS 3.0 in 2009. Apple took their sweet time to bring it but they did it right and not in the disjointed way that Android has implemented it. Of course, Haggar has also made the same claims that people said "No one needs copy/paste" or something to that effect.
Quote:
Originally Posted by Marvin
Except when that 3 years runs out, they charge $50/month so you'll have 1TB of stuff on the Cloud and have to pay to keep it there vs having a 1TB USB 3 HDD for $80.
The LTE Chromebook starts at $1449 and only has 64GB of storage. So really, it's $829 (64GB LTE iPad) vs $1449 - iPad is $620 cheaper and more functional.
It's odd how price doesn't seem to be a big issue and yet Android phones are usually promoted as being a fraction of the price of iPhones. Seems to be selective.
So you're saying the touch features on the Chromebook are not an optimal implementation.
I'm pretty sure I can import all my browser settings into another machine pretty quickly and double-click install a bunch of extensions as well as login to say a Dropbox file store. The problem is, that's a tiny fraction of what a computer with a proper OS can be used for and this machine switching scenario really isn't that common. Why even buy a $1300 laptop if you plan to be jumping to other computers?
Windows 8 is a mashup of a desktop OS and a mobile OS. Android Chrome would be a mashup of a mobile OS and a browser, which it already has. It would effectively be Android with just webapps. iOS was originally designed to only run webapps and wasn't a popular idea for the same reasons.
The video above ran Android on the Chromebook via USB and it looked fine, which is a good demo of its scalability even if some things weren't quite right. If Android has issues with security, automatic updates and syncing then the solution is not to build a separate OS that fixes those problems by effectively being just a browser but instead to actually just fix those problems with Android and manage a single OS that scales and syncs across multiple devices and platforms while maintaining security.
The first paragraph is false: when three years run out, you can keep and access all the data for free, you just can't add to it. The price comments are specious, since for those of us who can use 1TB of cloud storage (or have ten friends, or ten employees who can each use 100GB) the machine is just a freebie you get with the storage (you also get free LTE and 12 free GoGo flights -- the latter is worth around $250, the former, at amazon Kindle pricing for a similar service, around $200), so this is a phenomenally good deal. Oh, and it takes about thirty seconds to use full ubuntu via crouton.
Quote:
Originally Posted by SolipsismX
Nobody was, but he constantly posts that crap because most accepted what was offered and simply dealt with web apps for the very short time frame before Xcode for iOS arrived. The App Store didn't come for a full year but even that's a short time frame.
The issue probably arose with WinMo, BB OS, and Symbian users came to pooh-poh the iPhone because it didn't have a native SDK and the more sensible posters said to give it time and that webapps were fine for an interim solution. Same thing for cut/copy/paste which i don't think arrived until iOS 3.0 in 2009. Apple took their sweet time to bring it but they did it right and not in the disjointed way that Android has implemented it. Of course, Haggar has also made the same claims that people said "No one needs copy/paste" or something to that effect.
Bullshit. I was at the 2007 WWDC, where Jobs was trying to distort reality and claim that WebApps was all anyone needed (to much disgust from the geeky audience). Of course, he was obviously lying, and doing this to buy time, but he did say those things.
Quote:
Originally Posted by Suddenly Newton
When iPhone was first sold, there was no SDK and Apple told developers they could write web apps that ran in Safari. This did not please developers. Since then, the success of the App Store, the unpopularity of web-based iPhone apps, and the failure of webOS to create excitement around web apps is a clear indication that your optimism in web apps is not shared by the market at large.
He is just being sarcastic and quoting Jobs.