I've been home for some time but hadn't yet figured out my thoughts on the Acer C720 Chromebook that I was using as a less-than-insecure computing device.
31C3 was an absolute blast, but as my first CCC I had no real idea what to expect. In the end, I spent most of my time wandering around the Congress Center with my mouth agape at all the super cool things and absorbing the energy of the space. Didn't go to as many talks as I had thought, as I quickly decided to just watch the streams later at my leisure.
Today I'm writing this post from a fresh install. At some point something got broken with unclean shutdowns and the bootloader was trashed. I reinstalled chromeos and this time made boots a bit faster by setting SeaBIOS as the default bootloader instead of needing to hit ctrl+L
To disable the default chromeos bootloader, I had to flip a few bits inside the chromebook's firmware. First, there is a hardware write-protect screw that needs removed. Pop open your chromebook and look for the screw labeled "7" in this picture:
Next, close it up and you'll be starting from a vanilla OEM chromeos install:
$ sudo bash # flashrom --wp-disable # set_gbb_flags.sh 0x489 # flashrom --wp-enable
That turns off software write protect, sets the DEFAULT_DEV_BOOT_LEGACY, FORCE_DEV_BOOT_LEGACY, and SCREEN_SHORT_DELAY flags in the firmware, and sets the write protect back on. Afterwards, open up your chromebook again and reinstall the write-protect screw. It should now be impossible to boot into ChromeOS, though one can now easily boot a USB drive and install Fedora.
Since starting to use it, I noticed a few rough spots with my setup:
To solve these problems, I've started working towards an end goal of being able to install a pervasive tor fedora setup through a live USB installer. That is to say, that one should only need to enable developer mode on a chromebook, reboot from a USB drive, and be private on a nearly disposable device.
The first step is this repository, which contains an ansible playbook to configure a running fedora system to have pervasive tor:
It has a reasonably descriptive README that should get you started.
In the meantime, I'm trying to force myself to use my chromebook as an everyday computing device due to its lightness and portability. I'm curious to see if a habit develops out of it or if I'll want to go back to an overpowered thinkpad.