ChromeOS security vs default Pixel OS

Which is more secure ?
I think that both have secure enclaves and verified boot but what about the rest ?

And which is more secure, macOS with M1 or ChromeBook ?

Google Pixel Stock OS is more secure than ChromeOS

Can we get any arguments for this claim? I have no idea myself, I have never looked into ChromeOS as I think it’s useless if you do not use Google Drive etc. But no idea about its security, so perhaps you could explain?

I am wondering too.

I’m in the same boat as well and currently trying to decide.

Chromebooks are awfully cheap compared to similar specced Windows/Mac laptops, but I’d love to know what user privacy and user security experts think of Chromebook hardware in general and even perhaps, if Chromebook hardware has some advantages over Windows/Mac laptops?

EDIT:
I was going to make a thread asking about Chromebooks specifically but I didn’t want to take up forum space!

These should be addressed separately.

I have limited knowledge about Chromebooks (because I’ve never been even remotely attracted to them for many reasons), but I think there is a case to be made for Chromebook security (for users who don’t care about, or don’t prioritize privacy)

I don’t imagine anyone who prioritizes privacy highly would be attracted to or advocate for the use of ChromeOS (in contexts where privacy matters). I am curious about ChromiumOS though. Beyond knowing it exists, and an unverified assumption that the relationship between ChromiumOS and ChromeOS, is similar to Chromium and Chrome Browsers, I know nothing about it.

From what I’ve seen, it seems that a lot of people agree that mobile (smartphone/tablet) devices tend to have been built to be more secure than desktop/laptop devices. In my experience, I often will hear cybersecurity experts echo this sentiment. There are far too many instances of experts making such claims that I can’t remember off the top of my head, but I could at least cite one example of this. Both the Google Pixel and iPhone/iPad devices are often revered for their top-notch hardware security. The same could be said for their respective operating systems, Android and iOS.

It’d be cool if someone could do a deep-dive into everything that makes them stand out in contrast to other devices, but unfortunately I’m not aware of any one article which does so. Instead, I only know of bits of information which are scattered in different places.

When it comes to security features, Chromebooks running ChromeOS could be considered a decent option by some. Even one of the previous articles I linked to recommended Chromebooks (along with MacBooks and Secured-Core PCs) if you’re looking for a desktop/laptop device. Privacy Guides also has information on the “Choosing Your Hardware” page. However, having modern security features ≠ totally private and secure. For starters, it shouldn’t come to anyone’s surprise that Google has a terrible track record of various abuses, including a disregard for privacy. The same could be said for the jurisdiction(s) they are subservient to, which seems to be especially bad for ChromeOS. Needless to say, Chromebooks/ChromeOS probably isn’t a great option for journalists, activists, or really anyone who cares about mass surveillance or freedom.

Ultimately it depends on your threat model and what you value. If you have a great amount of trust and confidence in Google and the various governments it may be forced to work with (including the U.S.) and they do not pose any meaningful threat to you, Chromebooks could be a decent cheap option for a more secure desktop/laptop device compared to any random cheap PC. If that is not the case, you’re kind of limited in options. You could use some cheap PC (like an old ThinkPad) to run something like Fedora Workstation, but if you’re concerned about hardware/firmware security, I’m not sure of how well they’d compare to Chromebooks or the more expensive MacBooks and Secured-Core PCs.

TL;DR there aren’t great options that check off every box. You’ll have to compromise somwhere. Whether it be in price, privacy, freedom, or something else.

I appreciate your replies!

It’d just be nice if there were more hardware options than the limited 3 choices we currently have…

I’ve been trying to look up Chromebooks on PrivacyGuides but they seem to be barely even brought up anywhere…

I’m looking at the most expensive Chromebooks and the prices are really good:

EDIT:
This link you posted is from 2022. Can an article this old still be trusted or have times changed where information from 2022 is now outdated?
recommended Chromebooks

EDIT2:
Okay I did a lot of searching and I found this very recent August 2024 list of the most powerfully specced Chromebooks. It just seems like with Chromebooks you’re 100% reliant on being connected to the Internet? Or are Chromebooks no longer 100% reliant on a constant internet connection?

I just came across something I’ve never seen before: “ChromeOS Flex” and my searches indicate it’s never been mentioned on PrivacyGuides.

ChromeOS Flex is completely separate to ChromeOS. It seems great because it offers up to date security for old hardware that don’t support the most recent WindowsOS or MacOS:
Differences between ChromeOS Flex and ChromeOS - ChromeOS Flex Help

EDIT:
I thought ChromeOS Flex deserved a new thread, but I didn’t want to waste space on the forum!

Totally agree. I’m of the opinion that until we can get devices which are truly open source and secure-by-design from the ground up, there will always be non-ideal devices that people are forced to choose from. To my knowledge, the only organization building the foundation for open source and secure hardware is lowRISC. With the growth of RISC-V, hopefully such devices could become practical in the not-too-distant future?

I appreciate your reply!

It just seems like a bad idea to lock yourself into only one company’s products doesn’t it?

I say this because I keep reading about users here sticking to one company for their hardware and software…??

Android is more secure because of the hardware security features that are available to it and utilised by it on the Pixel. Chromebooks do have decent hardware security and chromeOS does have some additional hardening over other Linux distributions (a recent example being chromeOS having patched a security issue in the bluez bluetooth stack while other distributions didn’t), but as far as I know, they don’t beat Pixel security.

There is something to be said about keeping all your eggs in one basket, but I think whether that is entirely a bad thing depends on a lot of technical details. However, what I would say is that users should avoid proprietary software or software that attempts to force vendor lock-in since it restricts your ability to switch to an alternative should you wish to do so in the future. Even if you decide that proprietary product X is suitable for you today, it may not be suitable for you in the future.