By Joe Wilcox, Betanews
Chrome OS demands computing differently, but not as radically as some people think, or so I have concluded six days into using Google's unbranded Cr-48 laptop. Persistent Net connection is required and storage is generally on the InterWeb rather than on the computer; these changes take some adjustment.
I'm accustomed to running applications locally. I can't on Chrome OS.
I'm used to having offline access to applications. I can't with Chrome OS.
I'm used to managing files stored locally. I can't easily with Chrome OS.
Google's cloud-connected philosophy and approach to Chrome OS security necessitate these usability compromises. The promise is something better. But it requires adopting a different computing lifestyle some consumers or businesses won't want to.
Security built like a Tank
Chrome OS security reminds me of Windows NT 4: Hardened, in some ways to a fault. NT 4 remains my favorite operating system of its era. Running NT 4 is how I imagine driving a tank should feel like. Microsoft's circa 1996 OS felt solid and unapproachable, so much so many applications and peripherals wouldn't work. NT's security model restricted access to key parts of the operating system, including the kernel. But Microsoft also made compromises, such as moving graphics inside the kernel, which was good for developers but not as good for security. It was a usability tradeoff. Then Microsoft made the disastrous mistake of incorporating Internet Explorer (packing the ActiveX plug-in architecture) into future Windows versions. The company sought to make Windows more usable for the Internet age, but at great security cost to the company, its customers and developers.
Google stands where Microsoft did in the late 1990s, trying to bring a robust and secure new operating system to market. Google's challenges are greater. For starters, the OS isn't that new. Chrome OS is open-source Linux running Google's browser. But Google made changes, such as read-only root partition, restrictions against running executables and plugins running as separate processes, among others. Chrome OS also sandboxes applications, limiting their interaction with one another and the operating system. Considering the ongoing security problems with Adobe Flash, which Google has committed to supporting, sandboxing is helluva good idea for this software, if no other.
The security approach meets specific design goals: Google sees the first commercially-available Chrome OS devices being used in public places, such as libraries and coffee shops, or shared at work and home. The security model must protect two intertwined points of public access: The Internet and other users. In the Chrome OS build shipped on the Cr-48 laptop I'm using, Google provides a guest account that meets the sharing design goal while better protecting the default user from information or identity theft.
The security approach limits local usability while in concept enhancing it from the server-side -- the cloud. Google doesn't want executables running locally, nor let Web applications, extensions or plugins have too much interaction with the operating system or one another. It's important for anyone evaluating Chrome OS for business or personal use to fundamentally understand that Google isn't just building an operating system designed to be persistently connected, it's enforcing this behavior with the security model. Cloud philosophy and security approach are inseparable.
Balancing Security and Usability
Operating system security is difficult because of usability; balancing the two is challenging. Microsoft takes some mighty big lumps for Windows security. But the company could solve the problems tomorrow by simply locking out access to third-party everything -- applications, data, dlls, software drivers, etc. Lockdown wouldn't make Windows very usable, but it would be more secure. Take as analogy the shopkeeper who's store window of display goods is smashed and robbed. He responds by putting up bars over the windows, which makes it harder for people to see what he is selling. Maybe he is robbed again, responding by locking the door and opening it when customers buzz. Each security measure makes it harder for the storekeeper to sell his stuff. It's a usability problem that can be tough to balance.
Philosophically, I like Google's approach to Chrome OS security. It's like the shopkeeper moving his sales online -- asking shoppers to change their buying behavior -- while keeping the store open for customer service. In the interest of security and operating his business, the shopkeeper changes the usability model. Google is making a similar demand with Chrome OS -- that users change their habits, adopt new behavior.
However, critics -- and some of them are Betanews commenters -- scoff at the idea of keeping data in the cloud and needing to keep a persistant Net connection. They assert that Google asks too much -- and it's unnecesary. Betanews reader Chad Keith in comments:
For the consummate computer user who computes in a variety of places, scenarios and both online/offline (whether for work or for leisure) I hold reservations about Chrome OS's ability to serve. My opinion, Chrome OS will be another hobbyist operating system like Linux. It will be tough to get the casual computer user to switch from Windows (and even from Apple) because of the fear of uncertainty about a strange operating system.
Remember, that Chrome OS is still testing and will be until summer 2011, if the schedule doesn't change. I expect that, as long as the security model can be maintained, Google will eventually provide some offline access to its own services, like Docs and Gmail, and perhaps others. Offline mode would mean even less disturbing computing lifestyle change. Google's challenge will be balancing security against usability and long-time PC user/administrator expectations.
How Google defines, or redefines, usability will be interesting to observe during the testing process. Will Google stick to its cloud usability model, which gives up usability computer users are accustomed to now and trades it for presumably as good or better usability in the cloud? Or will Google compromise, providing users and Web applications more offline access? And if the latter, can Google do so while keeping the security model intact (or even improved)?
Personally, after several days disorientation, I'm adapting comfortably to this new usability model and feeling good about Google's security approach -- granted, which must still prove its wherewithal. I can live in the cloud, and I'm convinced that many business users and consumers can do so, too. Remember that cloud doesn't have to mean Web service run by a third party on the Internet. It can be a corporate hosted service that users access across their network or Intranet. Chrome OS promises to meet the demands of both.
Before concluding, links to the first five parts of this series:
For the Day 7 installment I will discuss Web applications/services I use in the browser and how they are beneficial. It's the "how I live in the cloud" post.
Copyright Betanews, Inc. 2010