Whatever happened to the Chromebook?

Discussion in 'General Smartphone/Handheld/Wearable Discussion' started by LandSurveyor, Feb 24, 2012.

  1. scjjtt

    scjjtt A Former Palm User

    Messages:
    2,885
    Likes Received:
    6,472
    Trophy Points:
    288
    Thanks Jig - that was interesting & articulated my speculations. After reading that does give me a more peace using my Chromebooks. My first one - I only use occasionally going to Google Calendar or using Google Docs, Sheets or Drive and visiting only a couple of sites that I trust & use.

    With my Toshiba it is basically the same - I just don't go to sites outside of the few that I normally use & even some of them have paid subscriptions to use (for church uses which the church pays for).

    Anyway - thanks for sharing that Jig!

    Sent from my moto g stylus using Tapatalk
     
    RickAgresta likes this.
  2. headcronie

    headcronie Greyscale. Nuff Said. Super Moderator

    Messages:
    14,612
    Likes Received:
    6,834
    Trophy Points:
    113
    This doesn't pass my sniff test. No offense meant to any of you who posted or replied to this news clip.

    This isn't the way that chromebooks work. They're not after trying to get your system into a botnet or to ransomware it. They're after your highly valuable credentials. All they need to do is compromise the browser, and that's not hard to do once it is EOL. If they can compromise your email account, that's enough to get them into most any other account you've got. A few "trusted sites?" I trusted the NY Times, until I was given reason not to. Remember the great ad-server compromise? Think that hasn't been a thing since then? Yeah... It's still happening, and it's not getting any better. It just isn't making a splash in the news. The only website you should be trusting is a website you host, internally, cut off from the internet. Anything else, and there is zero trust.

    Don't add new extensions? Woefully inadequate. I guarantee you don't know when your extensions are getting updated. I guarantee you don't know when they change ownership. I guarantee you don't know what that new owner just injected into your "trusted" extension you've had installed forever and never give second thought to. That's the way we've all been trained to think about extensions. They are installed, and that's it, right? They're living things, with access to your data. There's a reason that enterprises setup a white list of extensions and block all of them by default. The web browser is the biggest sieve ever imagined when it comes to keeping your data private and secure.

    You're free to do as you please with your EOL devices, but I wouldn't use one for anything outside of a doorstop. :)

     
  3. headcronie

    headcronie Greyscale. Nuff Said. Super Moderator

    Messages:
    14,612
    Likes Received:
    6,834
    Trophy Points:
    113
    Sorry, my frustrations appear to have come out a bit in that post. I don't be on the hating train toward any of you! *hugs*

    Work stress got me in the throws of despair.
     
    scjjtt, lelisa13p, jigwashere and 2 others like this.
  4. jigwashere

    jigwashere Mobile Deity

    Messages:
    18,069
    Likes Received:
    15,378
    Trophy Points:
    288
    ChromeOS is one of the most secure when it comes to viruses (only 55 exploits out there vs the hundreds for Windows), but you're right -- there are other exploits beyond viruses which the Chrome browser is vulnerable to, and the OS and browser are pretty intertwined. However, I did find that Google was working on a way to decouple the browser from the OS (LaCrOS), allowing the browser to continue getting security updates. It looks interesting on the surface, but I'm not terribly optimistic.

    By the way, it seems to me your concern about extensions is extremely valid (and scary). However, I'm not sure that our particular Chromebooks being EOL necessarily makes this horrible situation with extensions any worse. Or does it? It's so confusing. https://www.howtogeek.com/188346/wh...can-be-dangerous-and-how-to-protect-yourself/
     
    scjjtt, headcronie and RickAgresta like this.
  5. jigwashere

    jigwashere Mobile Deity

    Messages:
    18,069
    Likes Received:
    15,378
    Trophy Points:
    288
    I have decided to replace my EOL Toshiba Chromebook 2. While I really enjoyed using the Chromebook, I don't think I'll replace it with another one. I appreciated the simplicity, security, battery life, size and weight, not to mention the very low cost. But as I'm evaluating my needs going forward, Chromebooks are a bit too limited for me. For example, I use MS Office applications natively (mostly Word, Excel and OneNote). While I have used online versions and can also remote in to my PC, it's not the same -- not at all. Also, with the demise of Google Cloud Print last year, I can't print to my older printers from my Chromebook. I think a new Chromebook that allows Android apps might be a big improvement, I'm not convinced it's enough. (I am open to persuasion, though).

    I previously considered getting a large tablet and using a keyboard with it, but I haven't found anything compelling that isn't very, very expensive, and even those have some limitations.

    So, I'm looking for a Windows laptop, at this point -- probably an ultrabook like the Dell XPS 13 or ThinkPad X1 Carbon Gen 9. These are small, lightweight, and I like the 19:10 aspect ratio. Yes, I'm looking at price tags around $1,000, but going below that and I start to see significant compromises, again.
     
    scjjtt, headcronie and RickAgresta like this.
  6. headcronie

    headcronie Greyscale. Nuff Said. Super Moderator

    Messages:
    14,612
    Likes Received:
    6,834
    Trophy Points:
    113
    I agree that ChromeOS is quite secure. That is quite true. It is the browser that isn't. As soon as a new version of the browser is released, you're vulnerable. The fact that you can't do a single thing about that escalating vulnerability is the bad part. Bad actors can force your EOL browser to cough up all sorts of info without you knowing it. While you may be more adept at not saving sensitive info in your browsers, think about those that store credit card numbers, social security numbers, etc. They visit a "trusted site" that has been compromised and... you get the picture. Ugly things, terribly ugly things...

    While writing about extensions / addons, that gave me pause to review the very few I have installed. I realized I had one installed that I don't use anymore. But it was sitting there ready to go, constantly updating behind the scenes. Killed that one, and am down to 4 total that I use on a very regular basis.

    Web browsers are an interesting beast. They're no longer just software to display a static htm page. They're dynamic, they run software within software, are cross-platform, and can launch ruthless attacks without anyone knowing. The stuff that gets blocked on our enterprise firewall is just nuts. The logs I get on my own network? People are trying to attack my web server non-stop. I also had stuff flagged as compromised on a payment portal I went to to pay one of my monthly bills. That's "trusted" and over the course of a month, it was spewing crap. n

    The web is just an adult version of the wild west now. Gone are the old days of Geocities and all the goofy pages of questionable merit. Here to stay are advanced threat actors that are always working to try to get in.

    I feel like Streaky. *dons helmet and ducks* :D
     
    scjjtt, jigwashere and RickAgresta like this.
  7. jigwashere

    jigwashere Mobile Deity

    Messages:
    18,069
    Likes Received:
    15,378
    Trophy Points:
    288
    I have a total of 5 extensions: Adblock Plus, Chrome Remote, LastPass, Save to Pocket, and Mercury Reader.
     
    RickAgresta, headcronie and scjjtt like this.
  8. headcronie

    headcronie Greyscale. Nuff Said. Super Moderator

    Messages:
    14,612
    Likes Received:
    6,834
    Trophy Points:
    113
    I ditched Adblock+. They are running a racket. Pay to play. Extortion of the advertisers. If they pay, their ads are whitlisted.

    uBlock Origin is where it is at now.


    Sent from my Samsung Note 20 Ultra using Tapatalk
     
    RickAgresta, jigwashere and scjjtt like this.
  9. scjjtt

    scjjtt A Former Palm User

    Messages:
    2,885
    Likes Received:
    6,472
    Trophy Points:
    288
    HC - thanks for your input and insight. Your knowledge and experience with Chromebook are so valuable to this discussion.

    I have several extensions but most of them are not enabled. Is that an issue? The ones that I have installed and are enabled are:

    - Applicatioin Launcher For Drive (by Google)
    - Chrome Remote Desktop
    - Google Docs Offine
    - Docs
    - Slides
    - (Sheets is installed but not enabled - I'm not sure why it isn't since I have Docs and Slides on)
    - Zoom (do I have to have that extension to use Zoom?)

    Here are the ones installed but not enabled - which I guess I ought to remove - correct???????

    - AdBlock
    - Chrome Web Store Launcher (by Google)
    - Google Hangouts
    - Google Meet Grid View
    - Google Voice (by Google)
    - MightyText
    - Open with Google Drive Viewer

    Below are called Chrome Apps - some are listed above - all are installed
    - Chromebook Recovery Utility - not enabled
    - Docs - enabled
    - Google Hangouts - not enabled
    - RingCentral Meetings - not enabled (as of tonight - not sure what it does)
    - Sheets - not enabled
    - Slides - enabled
    - System - not enabled
    - Text - not enabled
    - Video Player - not enabled
    - Zoom - enabled

    Suggestions are welcome - even if they are negative and harsh.

    The other question I have is I have a few friends that have converted old laptops to some type of Chrome and they say those installations get updates. My one friend has done that to old Chromebooks too. Is that safe?

    Thanks again for warnings, input and suggestions!

    Sent from my Samsung Galaxy Tab A (10.1") /128GB using Tapatalk
     
  10. headcronie

    headcronie Greyscale. Nuff Said. Super Moderator

    Messages:
    14,612
    Likes Received:
    6,834
    Trophy Points:
    113
    Here's the info on Adblock Plus running an extortion racket - https://techcrunch.com/2016/05/09/i...-adblock-plus-is-an-extortion-based-business/

    Scott, as far as I recollect, you can use a limited version of Zoom with just a browser. Zoom has had its fair share of security gaffes and remains under scrutiny by many in the tech security field. That's all over my head type of stuff they're talking about. :eek:

    Looks like your addons / extensions / apps are pretty well known. I don't see anything I wouldn't use. If you lean on the cautious side, disable Zoom until you need it, enable it, then disable it after you're done.

    Funny you should mention using repurposed laptops as chromebooks. Jig and I were just talking about that within the past few days! IMHO - If you convert a laptop into a chromebook, you're using a product that is certified for inclusion into Google Enterprise / Education environments. It's as secure as you can get for a maintained product. Never perfect, but better than EOL. :)
     
    scjjtt, RickAgresta and jigwashere like this.
Loading...
Similar Threads - Whatever happened Chromebook
  1. scjjtt
    Replies:
    3
    Views:
    2,098

Share This Page