Developer Security

Chromebook is the daily driver for many of Google's own senior developers and security engineers. In short, the combination of the underlying Chromebook hardware with the OS architecture makes for a pretty compelling secure development environment. post

It's pretty neat to consider the possibility of pre-travel "power washing" (resetting everything clean to factory settings) on an inexpensive Chromebook and later securely restore over the air once at my destination.

Since there is a wide range in Chromebook prices, the engineering challenge here was to find something powerful enough to comfortably use exclusively for several days of coding, writing, and presenting, but also cheap enough that should it get lost/stolen/damaged, I wouldn't lose too much sleep.

The threat model here does not include recovery from physical tampering; if the machine were somehow confiscated or otherwise out of my custody, I could treat it as a burner and move on.

Termux is the killer app that makes flexible dev shell access possible as an unprivileged user. It runs in non-root userspace and provides a chroot-like option to present a conventional linux filesystem. In most respects it feels like a modern Debian-based distro, with the latest i686 stable versions of widely used development tools. github