|
|
Log in / Subscribe / Register

Chromium OS source released

Chromium OS source released

Posted Nov 19, 2009 23:21 UTC (Thu) by kunitz (subscriber, #3965)
Parent article: Chromium OS source released

Does an operating system using a kernel with a free software license really need a feature called "verified boot"? Why do I need to have special firmware to install my own kernel? Why must all data on the device stored in the Google cloud?

It appears that user freedom has not been a design goal.

to post comments

Chromium OS source released

Posted Nov 19, 2009 23:43 UTC (Thu) by kragil (guest, #34373) [Link]

Not sure, but people that install their own kernel are definitely not the target audience.

I think maximum simplicity was the design goal. Don't worry about updates, backups, security, breakage, malware etc.

Big brother Google takes care of all of it.

Chromium OS source released

Posted Nov 19, 2009 23:50 UTC (Thu) by Simetrical (guest, #53439) [Link]

If boot verification fails, it gives you the option of reimaging the OS with an approved version, or continuing anyway. You're explicitly allowed to use an unsigned OS, the only price seems to be that you'll get a warning screen on every boot that you have to click through. This seems like an excellent tradeoff: you know there are no viruses because the *entire* *root* *filesystem* is signed by Google, literally (AFAICT).

And the chain of trust is built up from read-only firmware, so it can't be wrong unless someone has physically tampered with the device in a quite sophisticated way. Attackers could still try to get stuff installed as an unprivileged user, but only until it downloads the next OS update that wipes it out . . . it's impossible to root the device across boots. You can't get that without a chain of trust.

Of course, if you don't like it, don't use the device. Or use it but change the OS and navigate through the warning screen every time. Google isn't planning to replace normal PCs in the near future. This is meant to be a special-purpose device, not a general-purpose computer in the conventional sense.

Chromium OS source released

Posted Nov 20, 2009 0:03 UTC (Fri) by drag (guest, #31333) [Link]

'Verified Boot' can be a valuable tool. It's a way for the user to know instantly if the kernel has been tampered with or modified.

It's the same thing with 'trusted computing module'. This is a valuable tool that can be used to verify the security of your system simply by rebooting. If properly setup then the module verifies your bootloader... your bootloader verifies your kernel.. your kernel verifies the initrd... the initrd environment verifies drivers and important system files... and then as your system boots it verifies binaries and scripts as it goes.

This way you can detect and fight kernel-level rootkits. If somebody installs a kernel module for your system they can use the kernel against you. This is a effective combat technique. Otherwise the only other reliable way is to use something like tripwire and boot up from read-only media and use a read-only database for verifying the contents of your filesystem. (or removable drive to off-network computer or something like that). Trusted Computing can dramatically lower the costs of keeping very secure OS and verifiable file system contents.

Whether this functionality is good or bad depends entirely on who holds the keys. If you, the owner of the computer and the OS, are in control of it then it's a fantastic thing. If the keys are held by somebody else then it can be used as a weapon or system of control against you and it is a bad thing.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds