"project "Crostini" – or fancy crouton"
Safe for who?
Not the users I bet.
Re: Safe for who?
Can one of my downvoters explain how placing Linux, which collects no personal information inside a closed box designed by the poster-child for guzzling such information makes the users safer?
I regard such hoarding as a very real security risk.
Re: Safe for who?
Russian bots did it?
Re: "does this read more like an ad-icle"
@Will Godfrey "Can one of my downvoters explain how placing Linux"
I never down-voted you, but your looking at this from the wrong perspective, this adds flexibility to what is quite a rigid eco system. As long as there is privilege management of this function, i.e.
1) How/When this features is available can be locked down
2) What can run can be restricted
Then this opens up a whole world of possibilities. For example, about 4 years ago I ran the IT for a small consumer financial services company, we considered Chromebooks for our call centre staff as they were cheap and fairly secure.. aside from lacking proper AD integration, they had absolutely no viable softphone solution!
If we had the ability to run Linux apps, then there are a dozen different options we could have used to overcome the softphone issue.. Which would have been a game changer.
Re: "does this read more like an ad-icle"
Couldn't you buy some cheap laptops and put Linux on them? Some of the chromebooks have the ability to boot externally (I think by people finding BIOS access somewhere, but I try to avoid those), and there are a lot of windows laptops with similar components and prices. Although you might not want to buy them to run windows on given the problems shoving windows and running programs into 2gb or less of memory, most Linux distros should work OK for that. Then you could have them use firefox or chrome, whichever you or they prefer, and use any Linux applications you want. Administration would be basically the same, and if the network dies the machines can still be used for a few things.
Surely just wiping out the Google crap and replacing it with linux would be better for security, performance, usability, etc.
Chrome OS is having a certain success in schools, where students receive a ChromeBook managed by the school. Would you be willing to manage a fleet of Linux laptops for a hundred teenagers, fix their issues, be responsible for them being secure, etc...?
ChromeOS is most secure OS you can get.
Erm no,. Chrome OS is as secure as it gets, way more secure than any other OS. Even Linux doesn't run a fully signed, read-only totally unmodifiable sandbox OS...
As secure as it gets? So ChromeOS doesn't send any data back to Google?
You are confusing security and privacy. And with regards to privacy, it depends on the type of account you are signed into, business pay account, school, personal "free" account, it depends on the app, in exactly the same way a Firefox browser would send day back to Mozilla on Linux, or IE would on Windows..
Chrome OS is very secure, as it unlike any other OS, it's runtime is a complete chain of trust, each component during load checking the next. There is no way anything can slip between those cracks, and it's security is proven in real real world. You simply don't get Chrome OS malware, you might get rouge add-ons within their own sandbox, but the host OS can't be modified.
The other side effect of all this, is s Chromebook will not slow down over time like windows, Mac and Linux PC's. The OS never bloats, as it never changes. My 3yr old Chromebook bis as fast today as it was the day I bought it, and still delivers 12hr use from a charge, which is unheard of with traditional laptops.
Secure ≠ Privacy
You are confusing security with privacy. They are not the same. You need security to have privacy, but you can, as in the case of most current OS's, have security without privacy.
Re: Secure ≠ Privacy
You want both. Anything that impinges on privacy is a security risk.
I am not aware of Linux slowing down over time.
Windows, most definitely.
Linux based distribution slows down over time, as do Mac, as does any traditional read/write operating system, where maintenance occurs by changing files. Files get fragmented, old packages get left lying around, backup versions of old scripts are left lying around and so on.
Chrome OS is serviced as a complete read-only, fully signed runtime image patch. Totally different to all other operating systems. (I can't think of anything else that works this way)
Go educate yourself as to how conventional operating systems work (win, Mac Linux all fundamentally work and are serviced in a very similar manner), Chrome OS is entirely different.
The other side effect of all this, is s Chromebook will not slow down over time like windows, Mac and Linux PC's.
Windows is known for that, though I must say that in more than a quarter of a century using Windows, I've never experienced it myself. When I retired Windows XP on my laptop a couple of years ago, it was the initial installation I'd performed in 2008, and it was still fast and responsive. If you don't load the thing up with malware and 200 programs that start at boot time and infect your system tray forevermore, it tends to keep working well.
Also, your battery isn't magical. If you deep cycle it a number of times, its life span will follow a predictable curve. I have a Chromebook-spec low end PC that came with Windows 10 (which I promptly disinfected and replaced with Linux Mint and Powertop), and it lasts about that long too (I didn't time it the last time I had it out, but it seemed to go all day).
As long as I treat the battery gently, it will keep doing that for a while, but if I use it, it's going to lose life like every other battery. Fortunately, the unit is easily disassembled; I can have the bottom case off in about one minute (nine screws) and the battery out in another (two more screws and not glued to anything)... unlike some of those glued or welded together "high end" models from MS and Apple that are meant to be replaced.
My $180 pseudo-Chromebook is repairable, but the ones that cost more than five times that are disposable. Go figure.
If you want to have an unmodifiable OS image, you could take any Linux or other OS that can be booted as a live environment, set it up in the way you like, and make a live CD style image of it. Then drop that as the boot image to a read-only partition. If necessary, lock down the BIOS as well so I can't possibly change it without your code. You could technically execute malicious software on it, but the software cannot persist across boots. You could also restrict which binaries can run so nobody can download code or bring it on a USB disk and run it. Just make sure the home directories are stored on a separate read/write partition so you can keep documents, browser cookies, and the like across boots. That shouldn't take that long to assemble--I have a similar setup on my fix-a-system USB disk so I neither have to re-download tools from the repositories nor find an alternate place to store notes I want to remain available after shutdown.
Chromebooks seem to exist because Google wants to train users to use only google apps, as not many others will work at all, and google's are the only ones with support baked directly into the OS. I always get nervous when I see these used for schools, because I know google wants people to use systems for data storage and word processing that only google controls, so they can later count on a stream of users of the "free" products.
"You are confusing security and privacy."
I'm not, really. Privacy is a subset of security. Once my data has been transmitted to another entity, that's a security issue. Whether or not you consider it an unacceptable security risk depends on (in this case) how much you trust Google. I do not trust Google.
"And with regards to privacy, it depends on the type of account you are signed into"
Really? So there's a way to use Chrome OS that does not involve sending data to Google at all?
"There is no way anything can slip between those cracks"
Be careful with those sorts of sweeping statements. There is always a way, no matter what. The only question is how much effort is required.
Re: Secure ≠ Privacy
"but you can, as in the case of most current OS's, have security without privacy."
I disagree entirely with this. The very best you could possibly do (in an ideal world) is reduce the number of attackers to 1 -- the entity that you're sharing data with.
"Linux based distribution slows down over time"
I've been running various flavors of Linux since the very beginning, and haven't noticed this yet.
@iron - Good luck with that!
Chromebooks are choked full with DRM.
Penguins in a sandbox...
It'll certainly be useful for those who want access to full software as opposed to web apps.
This is just huge. Able to use GNU/Linux applications securely and out of the box makes ChromeOS so much more attractive.
Hope we also get instant applications with a download of a container, runs and disappears and no install required.
Have a PixelBook and stream and wine also working.
I actually already run Steam on my Pixelbook, but I reboot into Kubuntu to do so; this definitely opens such things to people less willing to invasively tinker with a $1000+ computer like I am ;)
(P.S. Slay The Spire is great on a touchscreen!)
Not sure why that would be any good. You can already use Crouton if you want to run Linux in 'user space'. What would be of interest is running Linux on the metal. Natch they won't allow their lockdowns to do that
Crouton suffers from the requirement to be in "developer mode" disabling Verified Boot. Crostini doesn't have this requirement.
Crostini used the KVM of the Chrome OS kernel to run a second copy of the Linux kernel which has containers enabled. The Linux applications run in/on this second kernel. No hardware is emulated.
Linux on ChromeOS on Linux
So now we can run Linux software on ChromeOS, which is Linux. Got it. I'm sure there's plenty of "value added" data slurping and snooping, but it's still better than having Richard Stallman screaming at us that he thinks we should call it "GNU/ChromeOS"
It's not about just Linux apps...
It is how it is already done with Android apps. All (or most) of 3,7M apps:
As R. Payne said @Chromeunboxed:
"whatever the delivery method ends up being (Chrome extensions, Play Store, Web Store, or something new), once I install an app on my Chromebook, I expect to be able to find it in my app launcher, see it on the shelf when open, and pin it to the shelf if I choose."
> "One OS to bring them all and in the container bind them, In the Land of Chrome where the apps lie." :D
Think about it as it's done with user friendly MacOS/iOS GUI & powerful *nix below. But with much more choice & user control.
@DrBed - Re: It's not about just Linux apps...
I agree with you on all but the last sentence. Especially using the words control and user together. To me it's about controlling the user and here I'm with Stallman. I want a computer that trusts me not Google or Microsoft or anybody else.
Make no mistake! Linux is free while running Linux applications on Google Chrome or Microsoft Windows is not.
If I remember correctly someone was saying something about giving up privacy in exchange for security but I can't remember the rest.
Re: @DrBed - It's not about just Linux apps...
> "I agree with you on all but the last sentence"
It was TWO sentences interrelated, so I will adapt it just for you:
"But with much more choice & user control THEN MacOS/iOS (not GNU/Linux)."
> "Linux is free while running Linux applications on Google Chrome"
You really can't think out-of-the-box?
How about running Linux apps on (top of) Chromium OS / Gallium OS - at Chromebook? Or, flatpacked and Crostini-containered e.g. Inkscape is not free/open source anymore, just because of - hardware?
...as IGnatius T Foobar said:
I'm sure there's plenty of "value added" data slurping and snooping, but it's still better than having Richard Stallman screaming at us that he thinks we should call it "GNU/ChromeOS"
Re: Re: @DrBed - It's not about just Linux apps...
First of all, if you use the word THEN this means you're starting a new statement and yours is lacking the verb.
Second, I like your marketing/management speak "think out-of-the-box" but we're talking different points here. I'm speaking from end-user point of view so when I say running Linux applications on top of a closed proprietary system is not the same thing as running Linux, unless you tell me I can load those applications without passing through Google/Microsoft app store with all their restrictions.
What RMS calls it is not my concern. It's what RMS tried to teach us about end-user digital freedoms that was my point. Looking at your post, he largely failed since you don't see the difference between what Google allows you to do on its platform and what Linux would have offered. Your opinion that slurping and snooping is OK proves that. Typical Stockholm syndrome.
You say costini and I say crostini?
Slightly worrying where the code comments use two different but very similar spellings.
The only "Linux" application I really need on a Chromebook is an X-server. Then I could remote into my desktop/mid-tower machine and just call up applications from there. Then again, id Google really wanted they could make an X-server as a Regressive Web App.
Google Just Forked a Popular GTK Theme
"Google is working on its ‘own’ GTK theme for Linux apps to use in Chrome OS.
Not just any GTK theme but one forked from the Material Design inspired Adapta GTK theme."
"Google Wouldn’t Need a GTK Theme for CLI Tools, Would It?"
"Would Google need a fancy theme if Crostini wasn’t aimed at regular users?"