Desktop OS - ChromeOS instead of Mac?

throwaway22884

Have been using graphene for a while and I know the topic of a secure os for desktop has been frequently mentioned.
I have however read through previous posts from multiple communities extensively and still struggle to choose the right OS for a daily driver.

I know mobile operating system security model is favoured so an iOS or Pixel Graphene Tab is the way to go, but I require tools for virtualisation for my job.

So I think MacOS Fits the bill with little snitch, sandboxed App Store apps and reducing the attack surface by using fewer apps. But I don’t wanna drop a couple hundred right now so I wonder if an alternative .

I frequently see ChromeOS recommended in these threads, including madaidans insecurities, developer of whonix.

I wanted to see what others view is on using a Chromebook with crostini, signed out of Google, veracrypt on external usb for persistent storage and perhaps further crostini containers for segregation.
I have done intensive research but I’m no expert, for example I know there is no granular app level firewall which is a bummer.

Just wanted to see others views on the topic/ what you use.

DeletedUser87

throwaway22884 First things first. What is your threat model? Are you at risk of targeted attacks? Either by organized black hats or nation state actors? If the answer is no, you will probably be fine on either one, but you'll probably be a lot happier on macOS due to the freedom you get compared to the locked down ChromeOS. If non-targeted attacks are your concern (regular viruses, trojans, RATs, etc.) then rest assured, macOS is locked down enough to prevent this as long as you use your brain. First hand experience of doing 4 years of tech support, I've seen less cases of infected Macs than I can count on my fingers. And those were non tech-savvy people who would click every pop-up almost on purpose. Regarding zero days, there might be an equal amount on both ChromeOS and macOS. The source code for both is not openly available, so we can only speculate how many vulnerabilities are lingering in the depths. We can only provide you with accurate recommendations if we know your threat model. For the average Joe, both are more than sufficient.

goskm75f

I've been using ChromeOS for some time know since it is often recomended here. I also use GPlay on GOS so i think it is better to stick with Google so one party has my data. ChromeOS is pretty cool for personal use and offers many toggles for privacy settings. It is very fast, neat and just works. However, android and linux support is a joke. They are not well implemented and just feel off. It is a very locked down OS and it gets boring as time passes, since you cannot change anything. Also, you cannot log out of your Google account on ChromeOS. So, if I had the money for MacOS and it is possible to use it without an account and it is possible to create VM's in an easy way on MacOS, I would go with it.

goskm75f

goskm75f The only thing that Linux is good on ChrOS is watching movies