Thursday, May 30, 2013

ChromeBook: a Commodity Endpoint for Commoditized IT

I've recently acquired a cheap, no frills Samsung ChromeBook (first gen).
Key observations:
  • The CPU is weak. Fine.
  • Boot time is awesome.
  • Battery life is awesome.
  • The charger is a toy and I wish it was a micro USB instead.
  • Very light and portable (I wanted this to do what people do with Mac Air: carry it in my bag to do non-job-related work which includes email, coding, and blogging.)
  • I'm not left wanting much more for what I was after.
For those unfamiliar with this new OS, I recommend researching how they built it from the ground up. From the way it boots to the way it handles disk is very different.

The attention to security is impressive. It updates itself. It verifies boots (if someone compromises my session and corrupts the OS, a new one will be fetched, essentially self-healing). Writes to disk use my authentication to encrypt per user. Writing to disk is not taken for granted making that attack surface much less. It has ASLR and DEP.

For more:

So I have to put up with less power and heft? Well, there is the new Pixel which is a serious machine. But even if you want to go cheap, like I did, think about what you're not wasting your resources on: bloatware, stuff you never use built into the OS, antivirus, updates, patches, etc.

The ChromeBook appeals to me for its utilitarian foundations. It's like the original Mac, in some regard. It aims to serve you and what you want to do with a computer. It's elegant, but doesn't steal the show. Nothing is wasted on the OS insisting on being noticed (as an example, the Mac OS X fisheye dock irked me so much that I never bought into the OS and moved away from Macs altogether). It's predictable; you know where everything is (true with old Macs, not true with new... also true with FreeBSD, which I love).

The best part is because it has a solid foundation of simplicity and utility, you don't need all the extra crap that modern OSes tend to have. I've started thinking of Windows and OS X as washed up celebrities who need constant care and attention; agents, handlers, therapy, medicine, press. For them, it's not about the art, it's about bloated ego and self-delusion. The hollowed out principles have turned the audience motivation to morbid curiosity more than respect and admiration. They were once beautiful and elegant. Now they are just a burden to everyone and their missteps are mostly amusing.

I find myself asking why ChromeBook isn't the future of workstations. (Yes, I know that this is like a NetBook or even a dumb terminal. Everything that's old is new again eventually.) In most companies you could put a good number of employees on one of these and get all of the work done.

In large, security sensitive companies, you could combine this with Citrix Receiver or other similar virtualization solutions and handle even protected data and highly sensitive admin processes. In fact, it might be a very sound approach to have privileged users carry a ChromeBook around to log into their jump hosts. It's harder to attack ring 0 on one of these after all (the attack that brings all BYOD into question..TMP to the rescue?). Best of all, weaning people off of their wayward beast OSes will dramatically reduce total cost of ownership.

A ChromeBook strategy could be thought of as a gray area between BYOD and traditional "controlled" workstations. It moves the enterprise in the direction of BYOD, while practicing caution for highly sensitive business functions. It's safer than allowing your firewall admins to use BYOD to get to their consoles. It's cheaper than insisting on the traditional workstation.

Until Microsoft realizes that the OS is a commodity and that a bare bones OS is all that is needed to get to Office 365 and until Citrix embraces a commodity device with Chromium-like principles (CitrixBook); ChromeBooks (and workstation versions) are very appealing.

-written on a ChromeBook

1 comment:

pak gendoet said...