Insights For Success

Strategy, Innovation, Leadership and Security

Chromebook Plus

Best USB C Hub for your Pixelbook or PixelSlate

GeneralEdward Kiledjian

This is not a sponsored post. I was not provided with a sample product and the links are NOT affiliate links.

USB C is a thing of beauty. It means I can travel with one charging brick and charge all of my devices. It truly has been a liberating technology. The only additional accessory I truly need is a good USB C hub.

This is the on question I receive regularly “What is the best USBC hub?” I am not going to pretend this is the “best” for everyone but this is the best one (HooToo USB C Hub, 6-in-1 Premium USB C Adapter with Type C Charging Port, 4K HDMI, Card Reader, 3 x USB 3.0 Ports for MacBook/Pro/Air(2018), Chromebook, and More USB C Devices) I have found and this is the one I grab anytime I am leaving my house (even though I have over 20 available).

  • This Hub gives me 3 Type-A USB 3.0 ports. This is useful when connecting traditional USB devices like USB keys, external hard drives, etc.

  • It has an HDMI port (I’ve used it with an HDMI monitor at 30 fps).

  • It has a USBC cable you plug into your laptop and another one to receive power. It supports up to 100 watts so you can charge any device.

  • It has a full speed SD and micro-SD Card port.

It seems most other USBC hubs I have tried miss important ports, have slow ports or support low wattage charging. The only additional port I would like added would be a gigabit Ethernet port but I can live without that.

Chromebooks are great and here are some myths you might believe

GeneralEdward Kiledjian

Anytime I pull out a Chromebook in a professional setting, colleagues and friends are dumbfounded how a tech geek like me would "settle" for a browser only thin client. People are downright shocked when I pull out my $1200 Pixelbook. 

Why would I buy a "browser only" device when I could use a Windows or Mac device that can run the Chrome browser but do so much more?

Chromebooks can't run apps

If you are reading this article, there is a good chance you are not a millennial that grew up with iPads and smartphones. For you, a personal computing device (Windows, Mac or Linux) needs to run native apps. I'm here to shock you but Chromebooks (ChromeOS) devices do and do it without requiring dual-booting.

Chromebooks run Android apps. Most modern Chromebooks can easily install and run most Google Play store Android apps. The list of Android app capable devices is extensive and growing daily (list).

The most common Microsoft Office apps for Android (Word, Excel and Powerpoint) run surprisingly well on Chromebooks. 

Chromebooks will run Linux apps. VentureBeat first reported this and it was later confirmed during Google IO 2018. Goole's Chromebooks will be able to run native Linux applications using the built-in container technology (without dual-booting or emulation). 

Chromebooks will run Windows apps. CrossOver has a Chromebook app that will allow users to run Windows-only apps (like Quicken and Microsoft Office) on a Chromebook without needing to install Windows. 

Truth is that most users, will not need any of these functionalities most of the time. With a little updating of your work structures, you will likely be able to work on a Chromebook 98% of the time without needing to run Windows or Linux apps, but it's nice to know you can.

As an example, I switched to Polarr for my photo editing and it does everything I need. It is affordable, cross-platform and worth like a charm on Chromebooks. If you are looking for a very good password manager, you can use the Steve Gibson approved LastPass

Chromebooks are slow

You get what you pay for. When you compare dollar for dollar a Chromebook will always be fast, more reliable and more secure than Windows, Mac or Linux. The comparison most people late is a $1000 Macbook to a $250 Chromebook. That simply isn't a fair comparison. Chromebooks have become the defacto educational devices because they are very functional even at the low end of the scale. 

When comparing machines with comparable pricing, the Chromebook will always be faster.

I bought a $350 Acer C720P in 2013 (5+ years old) and it :

  • is still fast when running Chrome
  • receives regular updates from Google
  • is always kept secure by Google

I have 3+-year-old ($600-1000) Dell, HP and Lenovo Windows machines that have become slow and painful to use. 

My Pixelbook goes from powered off (not sleep but totally off) to ready to log in, in 5 seconds. 

Chromebooks are useless without an internet connection

I am convinced much of what you do (on your PC, smartphone or tablet) is internet based. As an experiment, try turning off WIFI (or cellular connectivity) for 1 day and see how dependent you really are. 

When the CR-48 came out (first Chromebook test unit from Google), it was nothing more than an internet connected thin client. This hasn't been true for a long time though. 

Google's most popular services (Gmail, Calendar, Google Drive, Google Docs, Google Sheets, etc) are all offline enabled. The Google Chrome Web Store even has a page dedicated to offline apps.

Add to these the millions of Android apps and you can do just about anything offline these days. The Chromebook actually has an advantage over competing platforms here (Windows or Mac). As an example, on a traditional laptop, I can't download Netflix content for offline consumption whereas I can with the Android Netflix app running on a Chromebook. Since Chromebooks are power efficient, this becomes an excellent offline and disconnected media consumption platform (aka planes).

Chromebooks barely run Android apps

For better or worse, Google makes many of its experiments public. It is true that Google has made multiple attempts to bring Android to Chromebooks (ChromeOS) and that most have failed. If you tried running Android apps on a Chromebook even a year ago, you may have thought it was a slow and painful experience but not anymore. It still isn't perfect but for those unique occasional needs, the current setup more than satisfies that functionality itch. 

I have tested Android apps on a Google Pixelbook, Acer Chromebook Flip C302 and a Samsung Chromebook Pro and the apps worked great on all of them. 

Chromebooks have no local storage

Not sure how this started but all Chromebooks have local storage. My Pixelbook comes with 250GB of lightning-fast SSD storage (similar storage capacity to my  MacBook Pro Retina). For content that is only occasionally accessed, you can store it in the Google Drive cloud and access it as you would a local file. The Chromebook "file explorer" integrated Google Drive for easy access. 

Chromebooks can't print

Chromebooks support both local and network-based printers. For most users, you will plug in your local printer via USB and it will automagically work (if it is a recent printer). When shopping for a new device, why not opt for one that is Google Cloud Print ready? All major manufacturers support Google Cloud Print, including but not limited to : Brother, Canon, Dell, Epson, HP, Kyocera, Lexmark, Sharp, Toshiba, Xerox and more.

Chromebooks don't have any antivirus protection

This comment comes from Windows users that have been trained to install antivirus products on all of their devices. 

Remember that ChromeOS (the operating system powering Chromebooks) was designed to be secure from the start. As an example, it uses techniques like process isolation to keep you safe. Most manufacturers say that Chromebooks do not need antivirus products because : 

  • ChromeOS is updated every 6 weeks
  • ChromeOS is designed with an application and process sandboxing framwork
  • All data on a Chromebook is encrypted by default

Sample support page from Toshiba

So let's extend the question and talk about Chromebook (ChromeOS) security. Why do most security professionals choose Chromebooks as their personal device of choice? Why do security professionals bring Chromebooks to the world's most tech hostile conferences (blackhat, defcon, shmoocon, etc)?

The answer is that Chromebooks are more secure than any other traditional computing platform (including MacOS). How?

  • Automatic updates - Google pushes a ChromeOS update every 6 weeks that all devices receive immediately (regardless of where you bought your Chromebook from and the manufacturer of the Chromebook). These updates add functionality but more importantly they fix security issues.
  • Sandboxing - Each web-page and application on a Chromebook is isolated from every other web-page and application using a technique called Sandboxing. If you visit a malicious web-page, the malware cannot infect other tabs or the computer itself. 
  • Verified Boot - If magically threat actors manage to exploit a vulnerability and "jump" out of the sandbox to infect the boot process (to ensure they infect the device every time it restarts, The verified boot process will detect this and it will automatically repair itself. Every time a Chromebook boots, it checks itself and if it detects that the boot process has been tampered with, it fixes itself without any user intervention. 
  • Data Encryption - Using tamper-resistant encryption (a local TPM chip), all local data is encrypted with a user key which means it cannot be accessed by other users or by threat actors if stolen.
  • Recovery Mode - If anything does go wrong with your Chromebook, you can use a special keyboard combination (differs by manufacturer to enter a special recovery mode that brings back a fresh, clean version of ChromeOS in minutes and with no user intervention. All your data and settings are stored in the cloud so as soon as you log in, your personalizations and settings will all automagically come back.

Conclusion


This article could have easily been 5 times longer, but I believe I captured the most important concepts. If you haven't tried a Chromebook in a while, I encourage you to take a look. Remember that no single device meets everyone's needs, and a Chromebook is no different. I believe Chromebooks are THE alternative for most general computing users and even some individual edge cases (like us crazy security people). 

Remeber that you get what you pay for. Don't expect a $200 Chromebook to perform like $1200 MacBook. Compare a $1200 Google Pixelbook to a $1200 MacBook, and now you have a fair comparison. 

Is your Chromebook vulnerable to Specter or Meltdown?

GeneralEdward Kiledjian

TL;DR: If you are using a Chromebook that is actively supported, you are probably fine.

Specter and Meltdown are two significant chip level vulnerabilities that kicked off the 2018 security scene with a bang. Affection millions of devices from almost every manufacturer, many consumers are panicking about what this means for them. 

Since I love Chromebooks, I wanted to write an article about how these two vulnerabilities affect them. 

This isn't a deep technical review about Meltdown or Specter. There are loads of well-written articles about them. Instead, I will just lightly explain it to the general public.

These 2 are bugs in the design of the processor (aka the brain) of your computing device (made by Intel & AMD). These "bugs" have existed for about 20 years and allow an attacker (capable of running code on your system) to break security controls implemented on systems and in apps to steal information. Specter does affect your smartphone (probably). 

Great detailed information about these can be found here for those who are interested: https://meltdownattack.com/

Google has a support article that clearly outlines its plan to ensure all Chromebooks are eventually patched. 

But how do I check my device?

First, check the version of ChromeOS you are running. Most should be at version 63 already and this partially fixes some of the issues. You can check if your product has an update available here.

The good news is that most mainstream devices are patched including:

  • Google Pixelbook 2017
  • Samsung Chromebook Pro
  • ASUS Chromebook Flip C302

Some even say "patch not required" like:

  • Samsung Chromebook Plus
  • Acer Chromebase

Systems with kernel 3.18 or 4.4 are already patched. you can also use the chrome://gpu flag and search for operating system to find your kernel level. 

Google's position is that ARM-powered Chromebooks and Chromeboxes are not vulnerable but will be patched anyway with future updates. 

How is Google fixing the issue? With something called Kernel Page Table Isolation (KPTI). Basically, they are separating the kernel memory from that of the user processes. 

The moral of the story? Security is a hard computer science problem but you should sleep much better tonight (compared to Windows or Mac users) knowing that Google is working feverishly to protect you from these types of attacks. Just make sure you are using a supported product and reboot when you see the little upward arrow indicating there is an update (in the lower right hand status bar). 

ChromeOS 62 rolling out now with Krack patch

GeneralEdward Kiledjian

Google started rolling out Chrome 62 to Windows and Mac clients about a week ago and now most Chromebook users should have received the update. For those that haven't realized it, Chromebook updates typically lag behind their Windows/Mac counterpart by about a week.

What does ChromeOS 62 bring?

ChromeOS 62 brings an improved file manager, improved OS notifications, and most importantly vulnerability fixes (including the famous KRACK vulnerability).

Pressing and holding a file in the file manager now allows you to select a file (or more) instead of bringing up the right-click menu.

Google updated the system notification to look more like Android notifications (they use to look more like Chrome for Windows notifications in the past). This more Androidesque style brings material design with large icons. 

If you take a screenshot, you are now presented with a thumbnail of the notification (similar to Android). 

You now have better captive portal detection  ( that interstitial webpage in a coffee shop that asks you for your email address before giving you web access).

The most important update for me (a security guy) is the remediation of the WPA2 KRACK vulnerability.