Chrome book my kid had was sending regular traffic out to some address that belonged to a scholastic vendor. Even when the device was idle. I blocked that site at the router. Thanks pfBlockerng. A few days later he had another chrome book needing our WiFI password. That is when the chrome book got its own VLAN and SSID. The SSID name was compromised. I also tightened the screws on google workspace. They tried one more time with a another chrome book before they gave up on whatever they were after. I have no doubt they wasted some time trying to overcome it. I still treated it like a wiretap. None of my precautions stopped me from putting tape over the mic and camera.
I was a little disappointed they never inquired about it. The fact they didn’t pretty much guarantees what ever they were doing wasn’t required.
I remember spending entire days trying to break the horrible ROM protect on those pieces of garbage when they first started popping up at every school district. Google got wise fast and separated write protect into its own software only flag inside the organizational stuff for any Chromebooks linked to a domain.
I did a nicer one recently which was a samsung chromebook which involved completely disassembling the entire thing and removing the heatsink just to be able to remove a tiny ass piece of conducting electric tape to disable write protect.
Even after that I had to very carefully rewrite the shitty google bootloader with libreboot if I wanted to run literally anything else without making a google approved kpart file which would only run on google’s compiled kernel.
Chrome book my kid had was sending regular traffic out to some address that belonged to a scholastic vendor. Even when the device was idle. I blocked that site at the router. Thanks pfBlockerng. A few days later he had another chrome book needing our WiFI password. That is when the chrome book got its own VLAN and SSID. The SSID name was compromised. I also tightened the screws on google workspace. They tried one more time with a another chrome book before they gave up on whatever they were after. I have no doubt they wasted some time trying to overcome it. I still treated it like a wiretap. None of my precautions stopped me from putting tape over the mic and camera.
I was a little disappointed they never inquired about it. The fact they didn’t pretty much guarantees what ever they were doing wasn’t required.
I remember spending entire days trying to break the horrible ROM protect on those pieces of garbage when they first started popping up at every school district. Google got wise fast and separated write protect into its own software only flag inside the organizational stuff for any Chromebooks linked to a domain.
I did a nicer one recently which was a samsung chromebook which involved completely disassembling the entire thing and removing the heatsink just to be able to remove a tiny ass piece of conducting electric tape to disable write protect.
Even after that I had to very carefully rewrite the shitty google bootloader with libreboot if I wanted to run literally anything else without making a google approved kpart file which would only run on google’s compiled kernel.