How secure is a Chromebook vs. a PC and a MacBook? originally appeared on Quora: the place to gain and share knowledge, empowering people to learn from others and better understand the world.
Answer by Stan Hanks, CTO of Columbia Ventures Corp, on Quora:
How secure is a Chromebook vs. a PC and a MacBook?
ChromeOS is super-limited, designed primarily to just let you run Chrome.
It’s not general purpose. There’s no support for running other applications (apart from widgets that let you diddle OS parameters like joining WiFi networks etc). There’s no local file storage. There’s no way to hand off to other executions because there’s nothing else to execute.
Windows is… not that. It’s designed to allow any user to run any application that they want any time they want it, whether it’s good for them or not. You can write it yourself, you can download it from the Internet, you can buy it shrinkwrapped in a store, the OS doesn’t care. If it’s got the right bytecode, it’ll run.
And handoffs between applications is trivial. So I can have bad actor code in Javascript on a web page make a call to download then run bad actor code, with elevated privilege, so all bets on “secure” are off.
Thankfully, there are ways to tighten down the controls on that to prevent users from screwing themselves over too much, and in enterprise environments, there are ways to lock things down to “you can only run stuff that we say you can run”, but that’s not the default. The default is “here’s a gun, here’s some ammo, there’s your foot, good luck”.
macOS is wound a bit more tightly than that. Having roots in UNIX, the default security model is much less permissive and the OS defaults which have grown around that base over the years are pretty conservative. Yes, you can build or download and run code. But for it to do any of a wide variety of things that would compromise the security of the system, you have to give authorization - and in a very obvious “no, seriously, do you want this to happen, for reals?” kind of way.
(That’s actually how the OSX/Dok malware worked; it solicited your administrator password and exfiltrated it, showing that you can exploit that sort of thing, but differently than many had thought.)
So, if you want to browse the web and not worry about your system being infected by random malware, the safest thing to do is get a Chromebook. There's nearly zero chance of it getting infected because the attack surface is really, really small. There's a very low chance of targeted malware evolving because the OS design means there’s no native local data to exploit.
Your second choice: a macOS. It's much more secure from the start. The theory was that Mac users were safer because of sheer numbers: hundreds of millions of Windows systems make a more attractive target than a much smaller number of Mac users. However, since Apple owns the global market for laptops over $1000, those users are much, much more interesting from an exploit perspective, so we who use Macs have a giant, shiny target painted on us; expect exploits to arrive, in greater numbers, in the coming years.
Last choice: Windows. Way too easy to run code that you don’t really want to run, way too difficult to use if you crank it down all the way.
Final note: no matter how secure the platform is, nothing can protect you from falling for phishing attacks, choosing to enter your credentials on a bad actor operated web site, or infrastructure attacks like man-in-the-middle. You can minimize the collateral damage, but it’s still dangerous out there, people. Be careful.
This question originally appeared on Quora - the place to gain and share knowledge, empowering people to learn from others and better understand the world. You can follow Quora on Twitter, Facebook, and Google+. More questions:
Our 2024 Coverage Needs You
It's Another Trump-Biden Showdown — And We Need Your Help
The Future Of Democracy Is At Stake
Our 2024 Coverage Needs You
Your Loyalty Means The World To Us
As Americans head to the polls in 2024, the very future of our country is at stake. At HuffPost, we believe that a free press is critical to creating well-informed voters. That's why our journalism is free for everyone, even though other newsrooms retreat behind expensive paywalls.
Our journalists will continue to cover the twists and turns during this historic presidential election. With your help, we'll bring you hard-hitting investigations, well-researched analysis and timely takes you can't find elsewhere. Reporting in this current political climate is a responsibility we do not take lightly, and we thank you for your support.
Contribute as little as $2 to keep our news free for all.
Can't afford to donate? Support HuffPost by creating a free account and log in while you read.
The 2024 election is heating up, and women's rights, health care, voting rights, and the very future of democracy are all at stake. Donald Trump will face Joe Biden in the most consequential vote of our time. And HuffPost will be there, covering every twist and turn. America's future hangs in the balance. Would you consider contributing to support our journalism and keep it free for all during this critical season?
HuffPost believes news should be accessible to everyone, regardless of their ability to pay for it. We rely on readers like you to help fund our work. Any contribution you can make — even as little as $2 — goes directly toward supporting the impactful journalism that we will continue to produce this year. Thank you for being part of our story.
Can't afford to donate? Support HuffPost by creating a free account and log in while you read.
It's official: Donald Trump will face Joe Biden this fall in the presidential election. As we face the most consequential presidential election of our time, HuffPost is committed to bringing you up-to-date, accurate news about the 2024 race. While other outlets have retreated behind paywalls, you can trust our news will stay free.
But we can't do it without your help. Reader funding is one of the key ways we support our newsroom. Would you consider making a donation to help fund our news during this critical time? Your contributions are vital to supporting a free press.
Contribute as little as $2 to keep our journalism free and accessible to all.
Can't afford to donate? Support HuffPost by creating a free account and log in while you read.
As Americans head to the polls in 2024, the very future of our country is at stake. At HuffPost, we believe that a free press is critical to creating well-informed voters. That's why our journalism is free for everyone, even though other newsrooms retreat behind expensive paywalls.
Our journalists will continue to cover the twists and turns during this historic presidential election. With your help, we'll bring you hard-hitting investigations, well-researched analysis and timely takes you can't find elsewhere. Reporting in this current political climate is a responsibility we do not take lightly, and we thank you for your support.
Contribute as little as $2 to keep our news free for all.
Can't afford to donate? Support HuffPost by creating a free account and log in while you read.
Dear HuffPost Reader
Thank you for your past contribution to HuffPost. We are sincerely grateful for readers like you who help us ensure that we can keep our journalism free for everyone.
The stakes are high this year, and our 2024 coverage could use continued support. Would you consider becoming a regular HuffPost contributor?
Dear HuffPost Reader
Thank you for your past contribution to HuffPost. We are sincerely grateful for readers like you who help us ensure that we can keep our journalism free for everyone.
The stakes are high this year, and our 2024 coverage could use continued support. If circumstances have changed since you last contributed, we hope you'll consider contributing to HuffPost once more.
Support HuffPostAlready contributed? Log in to hide these messages.