Pro tip: Don't buy a Chromebook on Black Friday or Cyber Monday without checking its expiration...

Ravalo

TS Booster
So that google isnt stuck supporting 10 bajillion devices like MS does. All that backwards compatibility costs $$$ and bloats the OS, and as Windows 10 has shown, once it adds up and something goes wrong it can take forever to fix.

After 5 years, batteries are starting to get worn out anyway, and considering how cheap chromeOS laptops are compared to even cheap windows laptops, the hardware difference after 5 years is usually worth the upgrade anyway.

Besides, its not like they completely stop working anyway. You can usually get another 2 years after the last update before things stop working. How many people do you know still using 8+ year old laptops.
I still used my old laptop from 2011 (intel atom n570, 2 gb ram, 320 gb hdd, intel gma 3150 graphics, etc) for quite some time until like 4 months ago when I left it on top of my brother’s xbox one (the laptop wouldn’t charge or turn on)

It still ran windows 10 just fine (w/updates) and could run it even better with some tweaks, so it would be a great affordable school laptop

Sadly it died so I couldn’t sell it for 100$
 

Squid Surprise

TS Evangelist
I don't understand what that comment is supposed to mean but I do fear I have been misjudged here. I use a windows computer for work. I'm not here blasting windows. If an average reader without any knowledge of these facts and reads an article that says 'don't get this because you will not be secure', they will say hey I don't want that because of viruses. And they believe it even more so because you say 'pro tip'. When all of that is untrue. Last time I trust myself, you will not be unsecure if your Chromebook does not have the latest update. The writer knows people will automatically assume it's dangerous if he says pro tip it's not secure. Either he has an agenda to persuade users to a specific device or he does not know these facts, and in that case should definitely not be saying 'pro tip'.
I think the problem here is your misunderstanding as to the meaning of the word "secure". "Security" doesn't just mean from viruses! In fact, viruses (as has been posted here already) are pretty rare on any OS nowadays. Malware is the biggy, but ransomware, 0-day exploits, etc are still out there - and get discovered fairly often - hence the necessity of SECURITY patches. Once an OS is no longer supported (see: not receiving SECURITY patches), it, by definition is not as secure as it once was.

There is NO SUCH THING as a 100% secure device. All we can do is strive to make them as secure as possible. Hopefully this helps you understand a bit more...
 
  • Like
Reactions: cliffordcooley

mbk34

TS Member
As you say, nothing is 100% safe but I tried to find an occurrence of a Chromebook being taken over by Malware, ransomware etc and couldn't find any. I believe Google has offered a substantial bounty to anyone who could hack into a Chromebook but I believe the $3m reward stands unclaimed. That all sounds pretty secure to me.

Out of mild interest, how many folk on here still run a laptop that's 6.5 years old? Technology moves so fast it would be a bit like running a Ford model T on the roads. Even the expected lifespan for laptop batteries is only 4 years or 300-500 charges if you don't use it that much. Perhaps a better, less biased, title for the article should be "Don't buy ancient laptops for Christmas".
 

Squid Surprise

TS Evangelist
As you say, nothing is 100% safe but I tried to find an occurrence of a Chromebook being taken over by Malware, ransomware etc and couldn't find any. I believe Google has offered a substantial bounty to anyone who could hack into a Chromebook but I believe the $3m reward stands unclaimed. That all sounds pretty secure to me.

Out of mild interest, how many folk on here still run a laptop that's 6.5 years old? Technology moves so fast it would be a bit like running a Ford model T on the roads. Even the expected lifespan for laptop batteries is only 4 years or 300-500 charges if you don't use it that much. Perhaps a better, less biased, title for the article should be "Don't buy ancient laptops for Christmas".
So here's the thing...

That's just one... and if your chromebook has "expired", you don't have access to the fixes to many of them....
 

Squid Surprise

TS Evangelist
That's an interesting vulnerability but I still don't see any instances of any actual Chromebooks being taken over by this or indeed any other form of malware.
It's great that you don't see them.... but that doesn't mean that they haven't...
________
"We don't expect the vulnerable signatures to have been exposed broadly as they will usually be passed across HTTPS connections," Google said, about the chances of attackers intercepting the data needed for attacks while in transit across the internet.

"However, since the signature is not considered sensitive in the U2F [Universal 2nd Factor] protocols, it would be inadequate to assume that no signatures have been observed or logged / stored in locations where they still may be retrieved from," Google also added.
________

So, you know when you hear about massive databases of ill-gotten user/passwords? It's vulnerabilities like this that often lead to people making them....

And very few vulnerabilities let someone "take over your computer"... what they do is let a hacker steal information most of the time - naturally, most of the victims never even know they've been hacked...
 

mbk34

TS Member
Massive databases of usernames and passwords are normally gathered by phishing attacks. It requires minimal effort as people simply type their data in without thinking. Occasionally hackers might be able to exploit system vulnerabilities with SQL injection attacks but this requires more effort. At the other end of the scale is trying to attack an operating system that is known to be secure just to grab one persons data - it just isn't worth it. The fact you couldn't find any instances of Chromebooks being compromised suggests it hasn't happened. Also, the fact that no-one's claimed the £3m prize from google for hacking a Chromebook also tells us they're still secure.
 

Squid Surprise

TS Evangelist
Massive databases of usernames and passwords are normally gathered by phishing attacks. It requires minimal effort as people simply type their data in without thinking. Occasionally hackers might be able to exploit system vulnerabilities with SQL injection attacks but this requires more effort. At the other end of the scale is trying to attack an operating system that is known to be secure just to grab one persons data - it just isn't worth it. The fact you couldn't find any instances of Chromebooks being compromised suggests it hasn't happened. Also, the fact that no-one's claimed the £3m prize from google for hacking a Chromebook also tells us they're still secure.
Yes... that's one way... the one I posted is another way... and "hacking a Chromebook" doesn't simply mean "taking over a chromebook".

No, no one has claimed the prize - because the prize is given to someone who can actually "take over" a chromebook. Just because that hasn't been done does NOT mean they are secure.

For instance... if your Chromebook had the vulnerability I posted above, would you feel comfortable doing your banking from it?

If your answer is "yes", then I'm done arguing with you... if the answer is "no", however, perhaps you might finally understand what I'm saying?
 

mbk34

TS Member
Have you found a single instance of a Chromebook being compromised by this? or any of the other ways you previously said that Chromebooks were vulnerable to (malware, ransomware, 0 day exploits, viruses ... )? I'm guessing not.
 

mbk34

TS Member
THOUSANDS were compromised by the exploit I linked already
The article didn't report that any accounts were compromised. It actually stated that "Google also adds that this is not a reason to panic. First, even if attackers obtain signatures and obtain the private key to create other signatures, they would have only broken the second factor in the classic two-factor authentication process. Attackers would still need to know or have a user's password to break into accounts."
 

Squid Surprise

TS Evangelist
The article didn't report that any accounts were compromised. It actually stated that "Google also adds that this is not a reason to panic. First, even if attackers obtain signatures and obtain the private key to create other signatures, they would have only broken the second factor in the classic two-factor authentication process. Attackers would still need to know or have a user's password to break into accounts."
Do you understand what the word "compromised" means?
If ANY portion of the security has been "broken", then a device is COMPROMISED.

Again, would you use one of those devices THAT IS KNOWN TO BE COMPROMISED to do your online banking?
 

mbk34

TS Member
So you're not talking about malware actually running on a Chromebook. Nor are you talking about hackers actively trying to break into Chromebooks. Instead the article was about Google themselves finding a weakness in a rather underused part of their OS. In short there has been no malware actually found on any Chromebook.

Contrast this with 4% detection rate on Windows. Microsoft says there are 400m computers running Win 10 so that would be 16m computers found with malware. Yet you and the author seem to be implying that Chromebooks are insecure. I think you're doing the public a disservice.
 

Squid Surprise

TS Evangelist
So you're not talking about malware actually running on a Chromebook. Nor are you talking about hackers actively trying to break into Chromebooks. Instead the article was about Google themselves finding a weakness in a rather underused part of their OS. In short there has been no malware actually found on any Chromebook.

Contrast this with 4% detection rate on Windows. Microsoft says there are 400m computers running Win 10 so that would be 16m computers found with malware. Yet you and the author seem to be implying that Chromebooks are insecure. I think you're doing the public a disservice.
OK, so now you're just going to change the topic... fair enough... No one is claiming that Windows is more secure... The ONLY point here is that NO device is 100% secure - and if a device is no longer able to receive security updates, it becomes even LESS secure. A Windows device that is no longer receiving security updates (like Windows XP) would be just as bad - but XP is almost 20 years old...

Perhaps you should go back and re-read the article - I suspect you might not have even done this the first time...
 

mbk34

TS Member
I obviously read the article, the author and yourself are implying that you're unsafe getting Chromebooks. The reality is that nearly all malware exists on Windows based devices. I tried to find a single example of a users with an "infected" Chromebook but couldn't.

The malware reported on 16m Windows devices was through Windows Defender. Defender detects malware on Windows 8 and 10. These OS are fully supported but sadly they still report that 4% of computers were infected.

I'm not a Windows hater, both my main laptops are fairly new and run Windows 10.
 

Squid Surprise

TS Evangelist
I obviously read the article, the author and yourself are implying that you're unsafe getting Chromebooks. The reality is that nearly all malware exists on Windows based devices. I tried to find a single example of a users with an "infected" Chromebook but couldn't.

The malware reported on 16m Windows devices was through Windows Defender. Defender detects malware on Windows 8 and 10. These OS are fully supported but sadly they still report that 4% of computers were infected.

I'm not a Windows hater, both my main laptops are fairly new and run Windows 10.
NO... the article implies that it is unsafe to be using an EXPIRED Chromebook. Big difference...
 

Latest posts