Another Look at Chrome OS

December 10, 2010

The Technology Review has an interesting article discussing Google’s recent announcements about its Chrome OS, and the prototype computer, the Cr-48, that runs it.   As I’ve discussed before, the basic idea underlying the platform is that much of the processing and data storage that has traditionally been done with desktop computers can be moved “into the cloud”.

Google is pitching Chrome OS as its vision for a new form of computing—one that shifts the data, functionality and almost everything else you would expect from your desktop computer into the cloud.

The article highlights one of the less obvious, but perhaps more important characteristics of this new approach: the user is no longer necessarily also the system administrator.  (Of course, some users in organizational contexts are not administrators of the machines they use — but someone in the organization is.)  The idea behind the Chrome OS approach differs from the traditional model in two important ways:  the user is not trusted to install applications, and applications are not trusted to modify the system.

“Operating systems today are centered on the idea that applications can be trusted to modify the system, and that users can be trusted to install applications that are trustworthy,” he [Sundar Pichai, VP of product management for Chrome OS] says, “it turns out those are bad assumptions.”

The idea that the system checks itself at boot time, and automatically retrieves and installs updates, follows naturally from this shift in perspective.  Google claims that this makes it much easier to protect the system from malware, which seems reasonable.

I have noted here before, in connection with reported security breaches and data loss, that it is not reasonable to design a system with the assumption that its users will be competent security and systems administrators.  They won’t be; and, in general, there is no realistic chance of changing that.   As I’ve also noted, I have been involved in building trading networks for financial institutions; there is no way in the world that we would have allowed users to install their own software.  So I think there is a respectable case to be made for Google’s approach, though only time will tell how it will fare in the market.

One market in which the idea might gain some acceptance is the corporate / organizational market for client devices, particularly mobile ones.  The article notes that Citrix, which provides software that enables clients to run Windows applications from a central server (rather than having them locally installed, sort of a virtual desktop), is developing a version of its software for Chrome OS.

…  Citrix has developed a Chrome OS version of its widely-used software that allows desktop applications to be hosted on a server for access through a Web browser.

It would not surprise me if some security-conscious organizations found this an attractive idea.

In any case, whether or not Google’s Chrome OS is a success commercially, I think that getting people to re-think some of their assumptions about how computing is “supposed” to work is very much a positive thing.

%d bloggers like this: