Re: [PLUG] Offline apps for Chromebook

[Rich Freeman <r-plug@thefreemanclan.net>]

On Thu, Oct 16, 2014 at 2:32 PM, Joe Rosato <rosatoj@gmail.com> wrote:
> Also - there is crouton but I think that is more for geeks like me. Allows
> you to install linux next to chrome os. ;-)
>

FYI - thanks for that.  I have at times installed Ubuntu/etc along the
side on my Chromebook but this seems like a much cleaner solution than
re-partitioning/etc.  Granted, doing it with a chroot does entail more
RAM use since you end up with 2 X11 servers, display managers, etc
running (and chrome will always be running in the one - not a
particularly lightweight application).

The Cruton docs make a big deal about developer mode disabling
encryption/etc, but as far as I can tell that shouldn't be the case.
Developer mode does disable secure boot, but I would think that user
profile directories will still be encrypted in flash using the TPM for
decryption protected by the device key and the user password.  That
should mean that even root cannot access a user's profile unless that
user is logged in (and thus the profile is mounted).

Of course, developer mode on ChromeOS does allow root to do things
like install keyloggers and all that stuff, so it is obviously less
secure than production mode ChromeOS.  I imagine that it is still a
fair bit more secure than a typical Linux distro especially if the
physical device has only a single owner who takes the time to
re-enable OS verification on boot and set a root password.

Anybody with a Chromebook should feel free to play around with
side-installs of other OSes (whether in chroots or otherwise).  Your
ChromeOS settings/files/etc should be backed up to the cloud in
general, and if you mess things up at most you should just have to hit
the recovery switch and insert a recovery USB drive to restore your OS
to factory condition.  The only way to brick a Chromebook is to enable
writes to the otherwise read-only firmware (usually involves taking
the thing apart and flipping an internal switch - and I'm not sure if
all Chromebooks even have one), and mess it up - most people hacking
Chromebooks generally don't mess with that.  Normally the read-only
portion of the firmware is capable of restoring the writable firmware
and OS from a signed recovery image on USB.

Honestly, it would be nice if Linux Distros enabled more of the
features found on ChromeOS.  Some good primers can be found at:
http://www.chromium.org/chromium-os/chromiumos-design-docs/security-overview
http://www.chromium.org/developers/design-documents/tpm-usage

I think they actually find a good balance between ensuring that the
Chromebook remains a general-purpose computing device where the owner
remains in charge, and having a secure mode where it is almost
impossible to tamper with the OS.  The only thing I don't like about
their design is that it allows for remote attestation - ideally it
should allow the true device owner to forge remote attestation
responses if they have appropriate credentials (such as the initial
TPM password obtainable after factory resetting the device).  That
ensures that remote attestation serves the device owner, and not other
parties, and it still allows for use cases like verification of
employer-provided hardware (but not BYOD devices - which should not be
verifiable since they aren't owned by the employer).

--
Rich
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug