Posted Sep 22, 2011 19:10 UTC (Thu) by semenzato (guest, #80402)
In reply to: dm-verity by k3ninho
Parent article: dm-verity
There is a fundamental tension between security and the ability to install your own software. Making a device more secure against remote attacks also makes it harder for the owners themselves to make changes. But the key, of course, is "remote". As the article points out, Google-blessed Chrome OS devices are required to have a physical switch that makes the system bypass firmware, kernel, and read-only file system verification. So the owners get to choose.
Chromium OS is open source, so it is possible that hardware vendors will produce devices without that switch. It will be up to customers to make the right choice.