ChromeOS Coreboot Good enough?

I read that all ChomeOS devices are coreboot, does that improve security enough for the average user?
I want to have a secure laptop, but it looks like even if I format the hard drive and install a brand new Linux system, that may still not be good enough if there’s something in the firmware?
Would flashing a new bios and installing a new OS be a fairly complete way to ensure the computer is safe?
Purism sounds great, but I need a 15" screen…

You’ll get some code that you can inspect instead of the poprietary pieces, but I don’t know what the status is on disabling Intel ME on chromeboks. To the best of my knowledge, blobs remain in anything Intel-based that is not Libreboot, so it depends on what “safe” means to you.

All ChromeOS devices since 2013 have shipped with coreboot-based firmware, yes. Having coreboot firmware doesn’t in and of itself make the system secure or not.

meaning what? what exactly is your threat model?

there’s nothing “insecure” in the firmware on Chromebooks. Your biggest issue with running Linux on a ChromeOS device will be hardware support in the mainline kernel, not security.

depends on your threat model. For most users, using the stock firmware w/ChromeOS is much, much, much more secure than flashing custom firmware and running Linux.

there are used Librem 15s available on the secondary market. And it’s certainly possible you’ll see a replacement for the L15 late this year.

Thanks for the reply!

Secure would mean that if somebody had access to the LAN I’m on. they wouldn’t be able to get into my machine… I’d make sure I have a firewall and VPN configured properly… and hopefully that’s good enough. I’m not sure how Intel ME could be used to gain access in case it has a vulnerability though, if LAN access is enough.

Also I’m a developer so I need to browse the web for sample code… In case one of those sites exploits a vulnerability in the browser, I’d need to know about that somehow.

With Linux there’s no antivirus,… I know there’s Aide and Tripwire, would those be the best options?

I’ve considered buying used, but If I buy a used L15, how can I be sure nothing has been done to it? I’d need a new SSD at minimum I think.

I was hoping ChromeOS would be secure enough for my needs…
I read that ChromeOS blocks communication with ME… Would that mean it can’t be exploited on Chromebooks, or could there be another way to get to it without going through the OS?..

You should consider using Qubes OS, which provides security through hardware isolation. If your LAN is hacked, it will not affect anything except one VM on Qubes. Same with VPN, firewall and other things.

On Qubes, you can use a disposable virtual machine for that, which is destroyed after use.

There is no evidence that antivirus provides a better security than compartmentalization. See also:

With L15 you can reflash Coreboot and check that the Intel ME is disabled and neutralized:

An OS cannot block ME, because ME runs on a lower level than the OS. ME has simply more privileges by design. See also: and

AV serves a different purpose than containerization. Their security effects are just different.

Also malware that is blocked by AV but escapes containers would really like it if you didn’t run AV.

Qubes is a fairly unique solution and the advice for Qubes generally does not translate well for any other distro.

That is just factually incorrect. There are many AV solutions for Linux based operating systems with varying efficacy.

Last time the hardware virtualization (which Qubes uses) was broken in 2006, and it was done by the Qubes founder: Also, do you have any real-world examples of such malware?

Not all containers are created equal, and I’m not going to play the “well what about this possible exception” whack-a-mole game. I already acknowledged advice for qubes is different tha advice for most other Linux distros.

I stand by this generalized recommendation that acknowledges exceptions may exist.

Also even if there were no exploits to escape any container that were known, is it better to assume there will never be any discovered in the future and rely on that status quo to contain malware to the container and let it do whatever damage it will do while in that container or would it be better to secure the container against current malware and limit the risk of having malware do damage to begin with and also limit the risk of some malware escaping the container in some yet undisclosed way.

Generally I’d rather recommend people prevent problems as opposed to containing or reacting to them.

the coreboot firmware used on ChromeOS devices has historically disabled the ME, or at the least disabled the PCI interface to it (HECI), so it cannot be used or re-enabled by the OS or an application running on it. Newer devices use a “lite” version of the ME firmware and leave it running in order to enable DRM / 4K video playback etc.

1 Like

The Qubes site goes as far as saying if AEM detects the bios has been changed there is no solution and to buy a new computer… I just found that document

Is an L15 any different than a normal laptop that would guarantee you can flash it without the firmware someone flashed previously interfering with the flash process?
I am guessing the Qubes site recommends that because they don’t believe a clean copy can be re-flashed with 100% certainty… Although I’m not sure, and they don’t explain it.

This is a good question and the answer is “it depends”. Of course a compromised coreboot can interfere with the flashing process, but it would be a totally different level of malware. Perhaps it has to be adjusted for your hardware then. If you believe that you are targeted so heavily and that your security is actually worth so much, then throwing away a laptop is the only option. 100% security is extremely expensive and most of the time even impossible.

So depending on your own threat model, you may still be comfortable with simple reflashing of the coreboot. Ideally, you flash it from a fresh, trusted USB stick after verifying all its signatures of course.

Note that Intel ME in Librem 15 is not just disabled, it’s also neutralized, which greatly decreases the attack surface, too.

AEM isn’t compatible with devices which have a cleaned/neutralized ME, so that’s a non-issue here.

If one is really concerned about the firmware integrity of a Librem device, you can always re-flash using a hardware programmer to be sure that a known good firmware is being run


I don’t see how it matters in the context. You just replace “AEM” with “Librem Key” and everything is the same: If it says you’re compromised, you have no good way to restore integrity.

This is a good point, except the Intel ME bits which are not neutralized. They are very few but still non-zero.

I’m not sure what this has to do with re-flashing to a known state? I mean those bits were few and non-zero before the theoretical compromise.

Also with regards to aem and qubes on anything like the ThinkPad that originally came with proprietary bios couldn’t the same argument be used that there’s no good way to have had integrity to begin with since you don’t know what was there before and in turn what it might do to protect itself?

They were presumably in a non-compromised state. After a compromise you can’t be sure anymore.

Yes, it’s a problem too. In principle, it’s a problem with any proprietary software which you don’t trust. But even if you trust the manufacturer (and you probably have no other choice), after a compromise all bets are off, as explained in the link above.

I don’t see how that relevant. If you re-flash the chip with an external programmer, the entire ME firmware is re-written as well. You can verify this by reading back with the external programmer. The ME cannot prevent or interfere with you re-flashing the chip with a hardware programmer.