There are few things quite as emblematic of late stage capitalism than the concept of “planned obsolescence”.
This sounds like there’s a market for a Linux distro that behaves like ChromeOS and can be centrally managed.
The problem comes down to education institutions. I remember when we got Chromebooks in my highschool (8 years ago) admins forgot to turn of developer mode and half the school unenrolled the Chromebook managing to bypass all restrictions. This went on for half a year until one day our school needed to run a state exam (more for measure of schools performance not as a college entrance exam or anything).
The computerized testing program required deploying a specific chrome app accessible when chrome book is logged out (can’t just download from chrome web store). When they tried to push the client since half of Chromebooks were unenrolled it failed. This required the school it to recall pretty much all chrome books to manually re enroll all of them and disable developer mode (prevents unenrolling and prevents sideloading Linux).
Problem is if older Chromebooks are used for Linux in an educational environment there would be nothing stopping a student from whipping up a bootable USB and dumping another distro (bypassing restrictions). I’m also not sure if there is a enrollment mode equivalent Linux (there may be but not sure).
At least that’s my two cents (not a school it admin just a memory from the past 😉).
Problem is if older Chromebooks are used for Linux in an educational environment there would be nothing stopping a student from whipping up a bootable USB and dumping another distro (bypassing restrictions). I’m also not sure if there is a enrollment mode equivalent Linux (there may be but not sure).
They could just disable booting from USB drives in the bios and password protect it. They could install something like Fedora Silverblue, or even customize the image used to include whatever modifications they want. Any changes they made to the image would be propagated through autoupdates. Kids wouldn’t have root, so they couldn’t forcibly install a different OS. Of course they could install flatpaks to their home directory, which is probably something administrators would want to prevent, but a knowledgeable student can always find ways to do what they want.
This of course requires schools/districts to hire people to manage that stuff, which could be a problem.
I never really understood the need for that strickt controll of the hardware… Who cares if Linux is sideloaded or if students unenroll. Imho I think if you need that strickt controll you are bound to get so many unnesseary issues down the line. Instead let student 6se what ever the fuck they want and for security just make sure they WiFi/ethernet is secure and locked down and any services the students need are behind a secure 2fa login. Treat any device as untrusted is more healthy for your security in the long run imo. If students need special software that they can’t run on their own machines you can lend them a machine for that specific task for a specific time. Problem solved.
It’s because the school district is responsible for how the devices are used. If your kid gets around the content block and you, an ultraconservative, finds your kid watching porn, you are definitely going to do something about it.
Actually in your case our school has a BYOD program (bring your own device) in which you can bring your own laptop with whatever flavor of OS. Firewall would restrict you, your device would be considered untrusted, and in testing a loaner locked down chromebook would be provided. The issue comes with non BYOD devices.
Now lets assume a school has 1k students. If they allowed os unlocking and allowed students to tinker with the os. Then they would need 2k chromebooks 1k unlockable 1k locked down for exam administration (assume the whole school needs to take it at the same time). From a admin/IT perspective why should the school need to pay double the number of chrome books just for a few students to install their favorite brand of linux.
Even under the best circumstances where support queries aren’t increased (from students softbricking/ not knowing how to use linux) and say they are able to preserve 1k unlockable chromebooks, admins would still need to replace the other 1k locked down chrome books at end of software to stay in compliance with testing software (negating any financial benefit).
I never really understood the need for that strickt controll of the hardware
Federal laws and rules for educational technology:
CIPPA - https://www.fcc.gov/consumers/guides/childrens-internet-protection-act
COPPA - https://www.ftc.gov/legal-library/browse/rules/childrens-online-privacy-protection-rule-coppa
and to an extent
FERPA - https://www2.ed.gov/policy/gen/guid/fpco/ferpa/index.html
I manage my schools IT - and when we started out a few years ago my board were pushing aggressively for Chromebooks. The service provider were talking about how they could roll out hundreds of Chromebooks at the touch of a button. When I asked about the lifespan of a Chromebook I got vague answers. I knew we would get a couple of years max out of each one so I instead pushed for much more expensive MacBooks. 5 years on and we are still using our original MacBook we got back then, with photoshop and other software.
Not ideal that we had a percentage of our MacBooks on x86 cpus when the M1’s came out. But I will say they are still running strong. Others have pointed out that newer OS updates won’t work on the older MacBooks. But that’s not a deal breaker for us as we don’t run anything that’s OS specific enough to make the older models obsolete. We have factored in 5 - 7 years of use out of the laptops and we’re on course for that. I myself and using a 10 year old MacBook at home, and although I can’t fire up the latest Adobe Premiere on it, I can certainly get 99% of my work done on it.
Ironically the only way to use some old Macbooks these days is to put Chrome OS Flex on them. Apple is far more aggressive about killing off old hardware when it feels like it. You can still use them as-is of course but over time the browser and other web based apps degrade and refuse to work because of issues with TLS, CA certs (expired), discontinued backend APIs and unsupported web content APIs.
I have a 2015 fully specced 15" MacBook Pro that I’m trying to sell at the minute, which is proving more difficult than I thought it might, partly because the M-series Airs are so compelling, but also because it’s an incredibly powerful machine that’s officially locked to Monterey, which is now two years old.
Beyond Apple’s need for financial gains, I don’t think there was a compelling reason to leave that model out of the Ventura upgrades.
I had it running Ventura via OCLP, which it had absolutely no trouble with at all. But I can’t sell it in that state because while it’s pretty stable, there is still some extra fiddling needed with running an unsupported OS.
I’m curious how something like Framework laptops would pan out for this use case. New they are currently priced similarly to a macbook, but in theory they are indefinitely serviceable.
This is true! And you also don’t have to worry about the proprietary-ness of MacOS, and there are also (certain ways)[https://github.com/Gictorbit/photoshopCClinux] to get photoshop on Linux too.
Framework laptops are the exact opposite of what you’d want in a school environment. This is how you blow your schools IT budget out the window. Cheap, disposable, consistent configuration and manufacturer supported are the key concerns.
These are kids with various standards of computer literacy throwing them in their bags which they also kick around and treat pretty harshly all day long. A $4k Framework-style laptop is just silly.
Anyone got a non-paywalled version of the article?
Sorry! I didn’t realize it was paywalled because I could see the whole thing. Hopefully this should work:
I’m currently in the market for something like a Chromebook but I’m not buying one because of stuff like this.
Comments upon comments ignorant of the realities of the privacy laws governing this domain and the implications on firmware, driver and OS security support. “Just install Linux on it” is a completely unworkable solution. As some have pointed out, the places where this is done have a much thicker IT departments staffed with higher grade professionals to make it work. The thing to be mad here about is the shit support from vendors across the stack. If I had to guess, the worst offenders are probably the SoC vendors who typically ship firmware and driver updates as is the tradition.
I am actually curious as to how you would make a locked down managed linux OS akin to ChromeOS.
Because Linus Torvalds stupidly refused to change the Linux license to GPL3.
That’s exactly the problem. The standard GNU/Linux distro isn’t suitable to allow carrying the responsibility that an innumerable number of users with physical access won’t be able to pwn those machines. Machines that are used by others too. You absolutely can make an OS like that out of Debian or Ubuntu, or what have you. Google has - Chrome OS - but it’ll take a significant development effort. You’d have to basically redo at least some of the work they’ve done. And let’s say you did all of that. Then you end up deploying it on an ARM-based fleet. And there’s a wild vulnerability in the WiFi firmware blob, and the SoC vendor no longer supports it. Every student has root and we’re back to the original problem. 👨🚀🔫
And that’s why instead of getting hardware from a vendor and hoping for the best, you might want to get it in writing that they’ll support their crap till a date. Then you stamp that as the EOL date for that laptop and you present it as part of the spec to whoever might want to buy this laptop. There’s no escaping this problem unless there are no proprietary blobs on the system, which is unlikely for ARM, or you have a solid development team and you’re large enough to have a source sharing contract with the vendor that lets your team fix the vulnerabilities and support the hardware for as long as you like. It’s probably much easier to achieve on x86, which costs more per unit up front.
Yeah, bulk imaging computers is really only limited to how many you can hook up to the network. I used to have to image hundreds of computers a day at times, and really the longest part was walking around and restarting them all so they’d PXE boot. The actual process maybe took 2 hours since all the computers were on 100Mb/s connections.
I converted one of these Chromebooks to Linux as a test project and the results were, not good.
To start, they have a bootloader lock screw under the motherboard, so you have to take the entire laptop apart to load anything but unsupported ChromeOS.
Then you have to use a Google tool, can’t remember the specific one, to swap the bootloader. That might be possible to automate but I didn’t look into it because…
… The hardware sucks. We’re talking like 4GB of storage on a lot of these Chromebooks. The driver support is all over the place, and there are issues everywhere even on “supported” distros.
With the vast amount of junk Chromebooks out there, I’m sure community hospice support will get better, but it’s never going to be an easy bulk conversion because of how common the bootloader locks are.
