In the past, we’ve written a good deal about the Chrome sandbox and other security features that we built into the Chrome browser. These features demonstrate the Chrome team’s overall focus on providing usable security even as we continue our rapid development work on the project.
Chromebooks take Chrome and its core values (simplicity, speed and security) and apply them to our own operating system infrastructure. The result is a multi-layered set of defenses which boosts the security of Chromebooks against malicious software that could compromise and linger on the system. While no software is perfect or completely secure, we believe we’re taking an important step forward.
Let’s take a quick look at some of the Chromebook security features that, when paired with good web hygiene, make it easier to browse the web safely. (We’re already handling updates and malware resistance on the Chromebook automatically!)
Baked in, seriously
Our security model is rooted in two pieces of hardware that ship with every Chromebook: a custom firmware chip and a Trusted Platform Module (TPM). The custom firmware chip consists of two parts: a read-only firmware and a read-write firmware that can be updated. When you press the power button, our read-only firmware starts a process we call Verified Boot. It uses an embedded 8192-bit RSA public key to verify the cryptographic signature on the read-write firmware.
After the read-only firmware verifies and runs the read-write firmware, the latter performs a similar verification operation on the operating system kernel before running it. The operating system kernel will then continue the verification process as it loads all of the system software, like Chrome.
The goal of Verified Boot is to provide cryptographic assurances that the system code hasn’t been modified by an attacker on the Chromebook. Additionally, we use lockable, non-volatile memory (NVRAM) in the TPM to ensure that outdated signatures won’t be accepted. To put this into perspective, the system does all this in about 8 seconds.
If you don't want to boot Google-verified software — let's say you built your own version of Chromium OS — no problem. You can flip the developer switch on your device and use the Chromebook however you'd like. It’s yours, after all!
Up-to-date, automatically
Since no software offers perfect security (and we all want new features too), Chromebooks include an automated update system that is modeled on Chrome’s popular auto-updater. The updater checks with the server securely and downloads updates when they become available. It keeps the system updated against emerging threats and allows for new features to be rolled out seamlessly. Since every Chromebook keeps two copies of the operating system, it's easy to update and then switch to the new version without interrupting your normal flow. In addition, it allows for the Chromebook to revert to the known working version if there are any problems during the update.
Signing in, with confidence
Signing in to the Chromebook is as simple as using your Google Account. The first user of a Chromebook can determine who else is allowed to sign in or choose to keep her machine open for anyone to sign in. In addition, every user has a private, encrypted store which means that, if you share your Chromebook, other users won’t be given access to your data. The encrypted store is implemented using the Linux kernel's eCryptfs with keys that are protected by the TPM.
Or don't sign in at all
Chromebooks also offer the ability to browse without signing in. We call this function Guest Mode. When Guest Mode is used, Chrome runs with the usual privacy measures of incognito mode, but none of the browsing data, including downloads, will stick around. When you exit Guest Mode or reboot your Chromebook, the browsing data is deleted.
A helping hand, even when things go wrong
While we're dedicated to pushing the envelope with Chromebook security, we want to also be prepared in case something unexpected happens. That's why the read-only firmware included in every Chromebook also provides a recovery mode. Recovery mode lets you install a fresh, up-to-date version of the operating system from a recovery device plugged into the USB port. That means that if an attacker manages to install malicious software, you can use recovery mode to help remove it and return your Chromebook back to the way it was.
Getting better over time
Experiencing the web securely, on any platform and with any browser, is a combined matter of the underlying infrastructure, browser design, and user action. How is data stored? Who and what can access that data? How does the user participate in these decisions?
With Chromebooks and Chrome, we’ve made advances in the security infrastructure of the operating system and the browser that should allow you to browse the web more comfortably. Beyond what we’ve discussed here so far, we continue to improve features like our Safe Browsing API and our extensions model that help protect users from malicious web content.
As a savvy web user, you’ll still want to think carefully before you enter your username and password into a suspicious website, or before you grant broad data access to an unfamiliar extension. Remember, it never hurts to follow these tips for staying safe on the web.
Security is an ongoing effort, and we aren’t stopping here! Keep your eyes open for more usability and security advances from Chrome and Chromebooks.
Friday, 29 July 2011
Wednesday, 27 July 2011
OK Go play with Chrome
(Cross-posted on the Official Google Blog)
We all have a song or a personal soundtrack that speaks to us. But it doesn’t always say exactly what we want it to say.
In All is Not Lost — an HTML5 music collaboration between the band OK Go, the dance troupe and choreographers Pilobolus, and Google—you can embed your message in a music video and have the band dance it out. The band and Pilobolus dancers are filmed through a clear floor, making increasingly complex shapes and eventually words—and messages you can write yourself.
All is Not Lost is built in HTML5 with the browser Google Chrome in mind. Different shots are rendered in different browser windows that move, re-size and re-align throughout the piece. With HTML5’s canvas technology, these videos are drawn in perfect timing with the music.
OK Go are well-known for their delightfully creative music videos, including Here It Goes Again, their first work featuring half a dozen treadmills, and This Too Shall Pass, based around an extraordinary Rube Goldberg machine—both of which have become extraordinarily popular on YouTube. We’re excited to collaborate with them on another project that finds its natural home on the web.
This project also has a special significance for the team here at Google Japan, who worked on this collaboration alongside OK Go. In the wake of the devastating TÅhoku earthquake, the band suggested using All is Not Lost as a message of support to the Japanese people during this difficult time.
All is Not Lost is best experienced in Chrome at allisnotlo.st. For web developers curious about how the experience was created, you can read more on the Google Code Blog.
We all have a song or a personal soundtrack that speaks to us. But it doesn’t always say exactly what we want it to say.
In All is Not Lost — an HTML5 music collaboration between the band OK Go, the dance troupe and choreographers Pilobolus, and Google—you can embed your message in a music video and have the band dance it out. The band and Pilobolus dancers are filmed through a clear floor, making increasingly complex shapes and eventually words—and messages you can write yourself.
All is Not Lost is built in HTML5 with the browser Google Chrome in mind. Different shots are rendered in different browser windows that move, re-size and re-align throughout the piece. With HTML5’s canvas technology, these videos are drawn in perfect timing with the music.
OK Go are well-known for their delightfully creative music videos, including Here It Goes Again, their first work featuring half a dozen treadmills, and This Too Shall Pass, based around an extraordinary Rube Goldberg machine—both of which have become extraordinarily popular on YouTube. We’re excited to collaborate with them on another project that finds its natural home on the web.
This project also has a special significance for the team here at Google Japan, who worked on this collaboration alongside OK Go. In the wake of the devastating TÅhoku earthquake, the band suggested using All is Not Lost as a message of support to the Japanese people during this difficult time.
All is Not Lost is best experienced in Chrome at allisnotlo.st. For web developers curious about how the experience was created, you can read more on the Google Code Blog.
Thursday, 30 June 2011
Summer travel with a Chromebook
A Chromebook makes a great travel companion, with its 8-hour battery life, light weight, built-in Wi-Fi and available 3G. So we’ve teamed up with Virgin America and Ace Hotel to give you the chance to experience a Chromebook on your summer travels.
When you fly Virgin America from San Francisco, Chicago O’Hare, Dallas/Fort Worth or Boston, look for the Chrome Zone near your departure gate. Check out a Chromebook for free and browse away with complimentary Wi-Fi in the terminal and on your flight.
If your travel plans include a stay in the Big Apple, check into Ace Hotel New York and you’ll find a Chromebook waiting in your room. Use it anywhere, in or out of the hotel, with free Wi-Fi and 3G connectivity.
To make your trip even more enjoyable, we’ve also developed two new web apps: The Ace New York Field Guide tips you off on the hottest spots in town, from cool clubs to unique boutiques, and the Beat the Boot game which challenges you to get the highest score possible in the 8 seconds it takes to boot a Chromebook. Plus you can choose from thousands of other web apps in the Chrome Web Store.
Chromebooks arrive this Friday, July 1st at Virgin America and Ace Hotel New York, and are available for the rest of the summer. Get all the details here, and happy travels!
When you fly Virgin America from San Francisco, Chicago O’Hare, Dallas/Fort Worth or Boston, look for the Chrome Zone near your departure gate. Check out a Chromebook for free and browse away with complimentary Wi-Fi in the terminal and on your flight.
If your travel plans include a stay in the Big Apple, check into Ace Hotel New York and you’ll find a Chromebook waiting in your room. Use it anywhere, in or out of the hotel, with free Wi-Fi and 3G connectivity.
To make your trip even more enjoyable, we’ve also developed two new web apps: The Ace New York Field Guide tips you off on the hottest spots in town, from cool clubs to unique boutiques, and the Beat the Boot game which challenges you to get the highest score possible in the 8 seconds it takes to boot a Chromebook. Plus you can choose from thousands of other web apps in the Chrome Web Store.
Chromebooks arrive this Friday, July 1st at Virgin America and Ace Hotel New York, and are available for the rest of the summer. Get all the details here, and happy travels!
Thursday, 16 June 2011
Faster than fast
What if a waiter handed you your meal, hot and fresh, the instant you ordered it? What if the elevator doors opened onto the eighth floor the instant you pressed the eighth floor button in the lobby? What if a web page appeared in your browser, loaded in its entirety, the instant you clicked on a search result?
Well, you might have to wait for Instant Restaurants and Instant Elevators, but Instant Pages is available today in the latest beta release of Chrome. Thanks to Chrome’s new prerendering technology, some Google.com search results will appear to load almost instantly after you click on them. You can see this feature in action in the following video:
Although Google.com is the most high-profile site to use this new prerendering technology, it can be used by other sites since it’s been designed as a web standard. Web developers interested in learning more can see our post in the Chromium blog.
We’ve added a few more features in this release that users have been eagerly awaiting for some time. First, we’ve added some awesome to the omnibox by suggesting partial matches for URLs and page titles from your browsing history. For example, say you’ve listened to the song “Zorbing” by Stornoway a few times on YouTube, but you can’t remember the full song title or band name. Now, when you type just part of one of the words, like “orb,” you should get a suggestion due to the partial match: “YouTube.com - Stornoway - ‘Zorbing’ Official Video.”
Second, we’re happy to announce that issue number 173 in our public bug database, which has collected more than 900 “stars” from users around the world since it was filed in 2008, has been implemented on Windows and Linux (the Mac version is coming soon). That’s right--we’ve finally added Print Preview! Print Preview uses Chrome’s built-in PDF viewer to display the page you want to print, and it updates automatically as you adjust your print settings. You can also choose to save any web page as a PDF file, using the “Print to PDF” option that’s automatically included in the printer list. Thanks for being patient with us on this one!
Well, you might have to wait for Instant Restaurants and Instant Elevators, but Instant Pages is available today in the latest beta release of Chrome. Thanks to Chrome’s new prerendering technology, some Google.com search results will appear to load almost instantly after you click on them. You can see this feature in action in the following video:
Although Google.com is the most high-profile site to use this new prerendering technology, it can be used by other sites since it’s been designed as a web standard. Web developers interested in learning more can see our post in the Chromium blog.
We’ve added a few more features in this release that users have been eagerly awaiting for some time. First, we’ve added some awesome to the omnibox by suggesting partial matches for URLs and page titles from your browsing history. For example, say you’ve listened to the song “Zorbing” by Stornoway a few times on YouTube, but you can’t remember the full song title or band name. Now, when you type just part of one of the words, like “orb,” you should get a suggestion due to the partial match: “YouTube.com - Stornoway - ‘Zorbing’ Official Video.”
Second, we’re happy to announce that issue number 173 in our public bug database, which has collected more than 900 “stars” from users around the world since it was filed in 2008, has been implemented on Windows and Linux (the Mac version is coming soon). That’s right--we’ve finally added Print Preview! Print Preview uses Chrome’s built-in PDF viewer to display the page you want to print, and it updates automatically as you adjust your print settings. You can also choose to save any web page as a PDF file, using the “Print to PDF” option that’s automatically included in the printer list. Thanks for being patient with us on this one!
Wednesday, 15 June 2011
FORE! Golf comes to the Chrome Web Store
This Thursday, the productivity of tens of millions of golf fans around the world will hit new lows as the U.S. Open, the second of the four major golf championships, kicks off at the Congressional Country Club. For those of you who are determined to keep up with what promises to be an exciting tournament, there are plenty of apps in the Chrome Web Store that can keep you from missing a single shot.
The USGA has just launched the U.S. Open Today app that provides you with the latest news, video highlights and photos from the tournament. For additional coverage, you can try the Eurosport app or catch the latest photos at Sports Illustrated.
If all this tournament coverage gets you excited to play, you can add the WGT Golf Challenge app to Chrome. This is the most realistic golf game on the web, allowing you to play a closest-to-the-hole challenge at Congressional Country Club, or a new championship course every month.
If you get inspired playing the U.S. Open in the virtual world and you want to plan your next golf expedition, the Fairways360 app will come in handy. With Fairways360, you can explore new courses as if you were standing on the tee. You can also use the app to book tee times at over 1,700 golf courses across the United States, as well as get the current weather conditions and directions to the golf course of your choice.
Finally, to take care of scheduling tee times with your friends, you can try ClubDivot. With ClubDivot, you can create leagues with your friends and instantly notify them via email when you book a tee time to let them know to sign up. You can also organize your favorite golf courses and view your monthly calendar of tee times. This way you can get back to the things that matter most, like working on your swing.
There are thousands of more apps in the Chrome Web Store. Discover them at chrome.google.com/webstore.
The USGA has just launched the U.S. Open Today app that provides you with the latest news, video highlights and photos from the tournament. For additional coverage, you can try the Eurosport app or catch the latest photos at Sports Illustrated.
If all this tournament coverage gets you excited to play, you can add the WGT Golf Challenge app to Chrome. This is the most realistic golf game on the web, allowing you to play a closest-to-the-hole challenge at Congressional Country Club, or a new championship course every month.
If you get inspired playing the U.S. Open in the virtual world and you want to plan your next golf expedition, the Fairways360 app will come in handy. With Fairways360, you can explore new courses as if you were standing on the tee. You can also use the app to book tee times at over 1,700 golf courses across the United States, as well as get the current weather conditions and directions to the golf course of your choice.
Finally, to take care of scheduling tee times with your friends, you can try ClubDivot. With ClubDivot, you can create leagues with your friends and instantly notify them via email when you book a tee time to let them know to sign up. You can also organize your favorite golf courses and view your monthly calendar of tee times. This way you can get back to the things that matter most, like working on your swing.
There are thousands of more apps in the Chrome Web Store. Discover them at chrome.google.com/webstore.
Chromebooks now available for sale
Last month we unveiled the first Chromebooks from our partners, Samsung and Acer. Chromebooks were built and optimized for the web to give you a faster, simpler and more secure experience without the headaches of traditional computers. In the U.S., you can now order a Chromebook from Amazon and BestBuy.com. In other launch countries, visit google.com/chromebook to find a local retailer.
If you’re interested in purchasing Chromebooks for a school or business, please contact our sales team.
If you’re interested in purchasing Chromebooks for a school or business, please contact our sales team.
Wednesday, 8 June 2011
Live updates on the first Chromebook preview
Welcome to live updates on the first Chromebook preview, a 2-day exploration of the web that also gives you a way to get your Chromebook early. We will continue to live update this blog post with subsequent preview locations.
Live Updates (latest at the top)
That’s it for the Chromebook preview! You can see a recap of all the preview sites in our slideshow below. Thanks for exploring the web with us and stay tuned for more details on Chromebook availability.
6:03pm PT - Last but not least, continue your exploration of the web and its possibilities at the Chrome Web Store. This is your last chance to access a Chromebook preview!
5:16pm PT - Clue: Web is all you need, especially once you see everything we've got in store for you. This is the last Chromebook Preview!
3:25pm PT - Surface is a mesmerizing HTML5 experiment where you can interact with a water-like surface, adding your own photos, raindrops, and more. It’s a beautiful experience that demonstrates the visual fluidity possible using WebGL technology.
3:01pm PT - Clue: Want more Chromebook Preview? There's more to this surface than meets the eye. Just add water. And WebGL.
1:47pm PT - We're excited by the many possibilities in 3D online gaming with HTML5. The simple yet captivating FastKat by omiod is just the tip of the iceberg, but we are definitely addicted.
---
That’s it for the Chromebook preview! You can see a recap of all the preview sites in our slideshow below. Thanks for exploring the web with us and stay tuned for more details on Chromebook availability.
6:03pm PT - Last but not least, continue your exploration of the web and its possibilities at the Chrome Web Store. This is your last chance to access a Chromebook preview!
5:16pm PT - Clue: Web is all you need, especially once you see everything we've got in store for you. This is the last Chromebook Preview!
3:25pm PT - Surface is a mesmerizing HTML5 experiment where you can interact with a water-like surface, adding your own photos, raindrops, and more. It’s a beautiful experience that demonstrates the visual fluidity possible using WebGL technology.
3:01pm PT - Clue: Want more Chromebook Preview? There's more to this surface than meets the eye. Just add water. And WebGL.
1:47pm PT - We're excited by the many possibilities in 3D online gaming with HTML5. The simple yet captivating FastKat by omiod is just the tip of the iceberg, but we are definitely addicted.
1:14pm PT - Clue: The fast cat gets the Chromebook at this next Chromebook Preview location...
12:21pm PT - Explore the body with Google Body, a 3D model of the human body built for the browser using WebGL. You can peel back anatomical layers, zoom in, and navigate the body to identify anatomy, or search for muscles, organs, bones and more -- like the next location of the Chromebook preview.
12:21pm PT - Explore the body with Google Body, a 3D model of the human body built for the browser using WebGL. You can peel back anatomical layers, zoom in, and navigate the body to identify anatomy, or search for muscles, organs, bones and more -- like the next location of the Chromebook preview.
12:09pm PT - Clue: Peel back the layers and take a journey within. You might find the next Chromebook Preview there.
10:55am PT: Denver punk rock band the Gamits literally had their video for their song "Pieces" smashed into pieces to create "This Shell", a music video puzzle built in HTML5 that rewards fans with a free download of the song at the end -- if you can put the puzzle together before the song ends.
10:33am PT: Clue: Put the pieces of this shell together & we think you'll like the sound of it…if you can do it before the song ends.
9:26am PT - The first Chromebook preview location of the day is at Wantist, a fun place to shop for gifts designed with a clever "one-sentence interface": I'm looking for [something] for [someone] -- all built in HTML5, of course.
9:06am PT - Clue: For the artist, romanticist, whatever-ist in your life, get them what they WANT...
9:03am PT - Welcome to day 2 of the Chromebook Preview, where you can get your hands on a Chromebook early. With limited quantities of Chromebooks left, we're going to up the ante today and make it a bit more challenging to find the preview. Are you ready?
7:45pm PT - That’s all for today! Check out the slideshow below for a preview recap. We’ll be back tomorrow so stay tuned.
6:04pm PT - Addictive, challenging yet soothing are a few words we'd use to describe Sinuous, an online game built with HTML5 canvas. Avoid the red dots, and keep an eye out for the next Chromebook preview here.
5:05pm PT - The next Chromebook preview location is an HTML5 Experiment from 9 Elements which started as a performance study on how many particles a browser can calculate and display with a decent frame rate. Add in music and select quotes that contain the words "love" and "HTML5" and the end result is this beautiful, mesmerizing visualization. We love HTML5, too!
3:24pm PT - HTML5 meets the personalized music video in the Chris Milk-directed Chrome Experiment "The Wilderness Downtown". This project excited us because it showcased how the modern browser can change the way we experience music in a highly interactive, personalized way, and also frankly, because we love Arcarde Fire.
.
10:33am PT: Clue: Put the pieces of this shell together & we think you'll like the sound of it…if you can do it before the song ends.
9:26am PT - The first Chromebook preview location of the day is at Wantist, a fun place to shop for gifts designed with a clever "one-sentence interface": I'm looking for [something] for [someone] -- all built in HTML5, of course.
9:06am PT - Clue: For the artist, romanticist, whatever-ist in your life, get them what they WANT...
9:03am PT - Welcome to day 2 of the Chromebook Preview, where you can get your hands on a Chromebook early. With limited quantities of Chromebooks left, we're going to up the ante today and make it a bit more challenging to find the preview. Are you ready?
---
Tuesday, June 7
7:45pm PT - That’s all for today! Check out the slideshow below for a preview recap. We’ll be back tomorrow so stay tuned.
6:04pm PT - Addictive, challenging yet soothing are a few words we'd use to describe Sinuous, an online game built with HTML5 canvas. Avoid the red dots, and keep an eye out for the next Chromebook preview here.
5:05pm PT - The next Chromebook preview location is an HTML5 Experiment from 9 Elements which started as a performance study on how many particles a browser can calculate and display with a decent frame rate. Add in music and select quotes that contain the words "love" and "HTML5" and the end result is this beautiful, mesmerizing visualization. We love HTML5, too!
3:24pm PT - HTML5 meets the personalized music video in the Chris Milk-directed Chrome Experiment "The Wilderness Downtown". This project excited us because it showcased how the modern browser can change the way we experience music in a highly interactive, personalized way, and also frankly, because we love Arcarde Fire.
.
2:03pm PT - HTML5 is becoming the leading standard for the future of the web, and the HTML5 Readiness project compares the progress of the top 8 browsers in HTML5 support. See how far the browsers have come since 2008, and you'll also find the next Chromebook preview.
12:18pm PT - YouTube changed the way billions of people watched, shared and discovered videos, but what was the first video uploaded to the site? It's also the location of the next Chromebook preview, now live here.
9:28am PT - The first Chromebook preview is now open here. For the first stop, we’re taking you back to where it all began: Tim Berners-Lee’s original memo calling for people to help with his CERN-funded WorldWideWeb project. Look for a familiar icon which will serve as your entryway to the Chromebook preview. Each preview will only be open for a limited time before moving to a new location.
12:18pm PT - YouTube changed the way billions of people watched, shared and discovered videos, but what was the first video uploaded to the site? It's also the location of the next Chromebook preview, now live here.
9:28am PT - The first Chromebook preview is now open here. For the first stop, we’re taking you back to where it all began: Tim Berners-Lee’s original memo calling for people to help with his CERN-funded WorldWideWeb project. Look for a familiar icon which will serve as your entryway to the Chromebook preview. Each preview will only be open for a limited time before moving to a new location.
Subscribe to:
Posts (Atom)