Chrome OS

Chrome OS

Updated at the bottom

While it won’t be available as a finished product on devices for at least a year from now, we have plenty of information on the design and goals of the new systems. Of particular interest to geeks are some of the defining features of Google’s new OS, which are radical shifts away from the classic local operating system model. I will highlight some of the key points, and then go in-depth in future articles.

It will be open source like the Chrome browser, and Google has already posted the source code to a “Chromium OS” over at the Chromium site. While the source is available, Google says they will not be offering the officially branded Chrome operating system for installation on existing devices, you will need to buy a new one. Some of the features of the new OS depend on hardware, so this is not entirely unreasonable. If you wish to tinker around, the source is there.

All shipping Chrome OS devices will use solid state storage, not spinning hard drives.

All applications, including the ones Google will be providing, are web applications using HTML5, Javascript, CSS, and potentially technologies such as Native Client. Applications are never given any higher privilege than the browser, instead they are sandboxed away from each other and the rest of the system. It remains to be seen whether or not Google will officially allow plugins such as Adobe Flash or Microsoft Silverlight on Chrome OS devices. They were asked about this today but did not give a clear answer.

All data should be in the cloud. If your device breaks or is stolen, or you need to use another system temporarily, you can simply pick up a new device and keep working without regard for restoring backups or transferring user data from one machine to another.

It will be a completely managed platform, in normal operation users will not be required to manage system updates or security patches. While Google points out that they are not implementing “Trusted Computing”, in order to secure the system there will be a trusted boot path from the firmware to the kernel, to individual system files. This may potentially involve a TPM at some point, but Google points out that the TPM only offers benefit in certain situations and is not strictly necessary to ensure a secure system.

There will be an official method for individual users (or more accurately, developers) to install their own kernel or software, so we are not being locked out of our own systems. If you were worried about Flash or Silverlight a moment ago, rest assured there will probably be detailed methods to get those things onto a users device should they choose to do so.

The “root” system partition is read only, while user data will be kept encrypted in a separate area of the disk. The OS is designed to compartmentalize data for specific users, so that a compromise of one users account on a machine, does not lead to the theft or leakage of anothers personal information. If a system is stolen, it should be difficult to impossible for an attacker to retrieve personal information, bank account numbers, browser history or passwords for web sites from the machine.

If the operating system needs to be reinstalled, it will be possible for users to initiate the process themselves with a minimum of effort. Individual devices may be shipped with a read-only protected copy of the recovery system to streamline the process, or users may be able to download a recovery image to restore a device to a known-good state.

If a system is compromised, it will be possible to clean any unauthorized changes without requiring the classic “wipe and reinstalled” process so many geeks are by now familiar with.

Updates are transferred over SSL, are cryptographically signed and verified on the next reboot. The update process is designed to be resistant to “man in the middle” attacks much like other operating system update methods.

The official announcement is here, Googles Chromium OS information site is here. In the near future we will cover individual features of the new OS.

Update: One of Google’s architecture documents specifically lists Flash as being part of the software stack.