Hi, I was considering getting a chromebook and had some questions about user accounts privacy & security. If the main account is set up in your real name and then with that you use it for gmail, online banking, shopping etc and install or use no apps other than Google's. Then another user account not in your real name but on the same device where you install apps which I understand could be at least potentially compromised, then even if it were could those apps or anything about the separate accounts be tied together? So if the 2nd account had malware from say an app or extention would it be possible to get personal information from the other "real" account? Or is that not possible and the accounts are totally protected from each other even if on same device? Thanks.
When adding another account, you have to enter an e-mail address and password. You have to log out of one account and log into another account - again with an e-mail address and password. You can also use the guest account where no login is required, and it is completely separate from your other accounts. Never heard of anyone getting malware on a Chrome OS.
Nah, you can use whatever apps you want on your first account and even if you do get Malware on it which you are not going to unless you are being specifically targeted and even then it is highly unlikely it would take at least 2 months for them to write a working exploit if not longer, all your accounts are separated from each other and encrypted you can not even access another users data, all you can access on your Chromebook on any account is the downloads folder and google drive and again it is separated from other accounts so if you have certain files in the download folder on one account you can not access or see the files in the other account it is like a different computer. But I use one account for all my apps and everything and a guest session for banking on my Chromebook.
Thanks for the replies but maybe malware was the wrong word. I guess what I really mean are privacy invaders and when you say you can use any apps that is what I am not sure about. Because almost all the apps and extensions seem to require tons of permissions that you have to agree to which is similar to Android apps. Now I am not saying they are malicious or even gathering private information or any information at all but how would you even know if they were? So if they did I am hesitant to have my real name associated as to even install most apps seems to require you agree to all sorts of permissions that could at least in theory be abused? I really wish Google would change that permission policy/method and have it explicit what information and data an app gathers instead of the overly broad way they do it. And that does not even count Google itself which I am concerned about but figure there is no way to use a chromebook without trusting Google. But is there? I mean any options to give them as little information as possible? For example when you both say that accounts are completely separate isn't that just on the device itself as is it possible Google could be cross referencing all accounts from a specific CB or device and that may even include using guest mode? Again I am not saying they are and hope they are not but how can you know? As I have tried to read their privacy policies but find it very confusing and unclear. Now I am not that concerned about this as I figure Google knows everything about me anyway plus I generally trust them more than alternatives and I figure I have to trust someone or not go online. But I just wish it were much clearer what they were logging and how to stop it if that is even an option. Thanks.
I meant if you are worried about malware getting in your banking sessions you can use any apps you want on your first account and do banking in guest mode. Yes most apps and extensions require ridiculous permissions, but apps and extensions are like double sandboxed( http://www.insanitybit.com/2013/10/16/native-client-sandbox-sandbox-right/ (and also hungry man explains why he ordered and why/how it is secure http://www.insanitybit.com/2013/10/17/preordered-acer-c720-chromebook/ ) so if it does break out of the plugin sandbox it will have to break out of Chrome's normal sandbox also. Chrome on Linux is super secure, Chrome OS with Chrome and by default a grsec kernel is the most secure operating system for a home user I would not worry about malware in apps that much Google as tightened their plugin/app/extension security way more since this ( http://www.cnet.com/news/chrome-os-has-security-flaws-claims-researcher/ ) and also Chrome OS has verified boot and all files are encrypted and the accounts are completely separated and encrypted, even if you gained root I still do not think you would be able to read another users files and the accounts are not tied to each other. But I try to stay with apps and extensions that are known and have a good reputation and look at the comments also, but that is like saying I try to stay only visiting reputable sites which is stupid since they are more likely to be targeted then sites only a small number of users visit. Also Chrome OS auto-updates and it has a built in firewall blocking all in-bound access and I think all out-bound except what is necessary. If you want to use chrome while having privacy read this ( https://www.wilderssecurity.com/thre...secure-web-browser.372272/page-2#post-2446402 ) and ( https://www.wilderssecurity.com/thre...secure-web-browser.372272/page-2#post-2446420 )
Thanks for the reply as this was very helpful and you have convinced me of the security advantage/strengths of chromebooks. But what about the 2nd part of my questions concerning privacy? Both with apps/extensions and then with Google itself. Are there steps to achieve privacy including Google itself when using chrome os? Do the browser privacy settings you recommend for chrome in the thread you attached also apply when using chrome os? Thanks again.
With the apps and extensions I have already explained partially with the double sandboxing and if say you want an extension to save bookmarks better or something well it does not need access to your webcam and Google already checks extensions when they get uploaded, I would just say look at the review make sure they have good ratings and do not use an app that requires something it does not need that is what I do. Also if an extension is later found to be malicious it will get automatically blocked. Also this is how you can check and see what the extensions are doing < http://googleonlinesecurity.blogspot.com/2014/06/see-what-your-apps-extensions-have-been.html > and this is how some of the sandboxing of extensions work < https://developer.chrome.com/extensions/sandboxingEval >. For your second question about Google yes the browser settings apply to Chrome OS. Your welcome!
