T N <[email protected]> writes: > The word "Linux" doesn't refer to anything, other than maybe the kernel. > > Chrome OS is linux. But it's a massively stripped down "distribution" that > has a radical design, including the fact that it will ONLY run if all of > the cryptographic checks are verified from the root of trust. That root of > trust is Google's massively large PKI public key that is burned into the > firmware. > > For a journalist in the field, that's a great reassurance. Take your > Chromebook to China. The Chinese government can not alter what you are > running without either (a) modifying your hardware, which means they take > possession of it for a period of time and manage to do something that is > tricky to do (i.e. circumstances under which you'd no longer trust your > computer anyways) or (b) you will know they tried to hack it and your > Chromebook will refuse to boot, and will instead wipe away the hacks and > update itself and won't boot unless the update is a legitimate one signed > by Google. > > Yes, you can't compare Chrome OS's attack surface to a typical linux > distribution, or even a highly customized linux install which doesn't have > the hardware root of trust.
...but you can compare it to a Windows tablet, which doesn't let you modify the boot sector either, but I wouldn't want to be caught recommending Windows anymore than I would want to recommend Google. -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
