Working on a charter for the https://pkt.cash/ Network Steward (entity which gets 20% of each newly mined block)
Objectives so far:
* Financing the development of Open Source networking software
* Lobbying for improved regulatory environment for small network operators
and more generally, for internet freedom, privacy, and decentralization
* Purchasing property such as software or radio frequency spectrum rights
in order to put these things in the commons
Anything else come to mind?
@cjd You can't, because the image is encrypted using a key the TPM will only give you if the boot was consistent.
Yes, that means that you have to do what is called a “measured boot” every time you update the kernel, so that the TMP can record what the system looks like after the update.
@loke Oh excellent, keys protected by measured boot are really what I want anyway. Ideally I'd want the measured boot system to get to uboot and have uboot extract the encryption key from the tpm and use that to decrypt a table of keys so that the root encryption key is mapped to the kernel signing key. This way there can be multiple kernels on the machine but a home directory encrypted with a kernel signed with one key will not be accessible by a kernel signed with a different key.
Ridiculously simple idea:
Bootloader shows a colorful background which is derived from the hash of the kernel you're booting. If you get evil-maided, they would have to install a new custom firmware which fakes the same colors, and there are a number of ways to make this really difficult to reproduce...
5. Business class: cite for a specific idea that you actually need to build on, but in a sufficient way, not necessary. There are other competing sources to cite that would serve as well, so choosing one is some mix of buy-in to a subcultural game, voting, buying influence, and respect,
6. First class: cite for a specific and necessary idea that’s available nowhere else, or is so clearly best of breed it would be small-minded/ungracious to cite the competition. Taleb operates here.
The intellectual influence freemium hierarchy citation airline
1. Basic economy tier: tag on twitter
2. Economy: cite in general terms, mostly to CYA and insure against them sending their troll mobs after you or beefing with you
3. Premium economy: faithfully imitate their patterns, acknowledging influence
4. Mileage program early boarding: summarize their work for others, evangelize
If they provide assistance to an attacker to decrypt your data, that can go unnoticed, but if they actually provide chromebook malware, that means a piece of malware with google's signature on it goes out into the wild. The reputational risk of an actual confirmed "approved attack" is probably too much for them to accept.
tl;dr the security story is better than practically anything else, and if your adversary is not friendly with google, it's close to perfect.
BUT, if they are collaborating with google then things change. Since it auto-updates, google can always send it a "special update just for you", so they can always plug it into the internet and then make a phone call to google.
We must also assume that google can provide the plaintext of your login password, or otherwise provide what is needed for the newly updated chromebook to unlock it's harddrive.
But what's the risk to them ?
On the data integrity side, your home directory is encrypted using your encryption password which is hashed using the TPM chip as a "slow hash". So if someone dumps your harddrive, even if they then go ask google to hand over your login password, if they don't have the password AND the TPM which is soldered to your chromebook, they can't decrypt the harddrive. It's like a chip-and-pin credit card: no chip, no luck.
Ordinarily, a chromebook boot process starts with a read-only firmware which validates a read/write firmware and then boots it. It validates the kernel and boots that. The kernel itself transparently validates files as they are accessed and if anything goes wrong, you get thrown into the bootloader with an error screen.
So basically the old trick of pulling the harddrive and sticking malware on it then putting it back is not going to work.
Chromebook has a very good security story in the event that somebody takes it into a room, does some stuff, then gives it back to you.Ordinarily if this happens, you should:
1. Consider all keys on that machine compromised.
2. Consider the machine to have malware when you get it back.
With a chromebook, this is not entirely the case, UNLESS the people in the room are collaborating with google to undermine your security.
There is a very cool Mosh chrome app which does stay connected while the machine sleeps (good enough reason to install Mosh on all of my servers!) but it's based on hterm so the colors are not controllable the way they are with Terminus. See the two photos, the one with the more brilliant colors is Terminus with the pro theme, the other is Mosh/Hterm. I might try fooling around with the app but the verdict is: Chromebook needs an iTerm2.
Time for the first major Chromebook software complaint: Lack of a compelling terminal !
Chromebook has a few terminal options, the Linux environment and Secure Shell extension use hterm, but hterm is reasonably capable but has the look-and-feel of a yak shaving exercise where someone just needed a terminal. There is one nice terminal called Terminus (the chrome app, not the android). But Terminus only does ssh which disconnects every time the computer sleeps.
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!