Hacker News new | past | comments | ask | show | jobs | submit login
Google Pixelbook – A High Performance Chromebook (store.google.com)
221 points by vyrotek on Oct 4, 2017 | hide | past | web | favorite | 326 comments

I think a major issue is what happens if Google locks your account for some reason. There have been instances in the past where Google has locked the account of a user for some TOS violations.




Given that Google has a propensity to lock you out of your account completely if they suspect you violating TOS on any of their services, I would be very wary of this device. Do you want this computer and anything you created with it inaccessible because Google didn't like a video or blog post you made?

I uploaded full seasons of a very old 90s cartoon and my account is disabled. I cannot even purchase YouTube TV to try it out.

Of course, reaching out to support is moot - their RoboSupport sucks. I will never purchase a Google product if I can help it and will steer clear of them in any team setting where I can affect the decision.

Um, you realise you uploaded a bunch of (presumedly) copyrighted material to a public video sharing site?

That would normally raise a bunch of red flags.

If you're stuck, there are dedicated support channels to actually talk to people - or feel free to reach out to me (my non-work email is in my profile.)

Um, you realise you uploaded a bunch of (presumedly) copyrighted material to a public video sharing site?

I think he realizes that (although I wonder given that he tries to minimize it by saying that it was an 'old 90's cartoon').

I think this is really scary though - did he lose access to YouTube? Or all of gmail? That would really be scary. I'm guessing that he just lost access to YouTube, but if he lost access to his gmail or google docs, then that's an awfully severe penalty for violating someone's copyright. I'm sure the RIAA/MPAA/etc would be pleased... but is that just?

Maybe he just lost access to his YouTube channel?

> That would normally raise a bunch of red flags.

This comment is a lot more funny now that I'm finally reading "Little Brother" by Cory Doctorow:


Maybe he just uploaded it unlisted, for personal consumption? That’s completely legal.

Uhm, you realize they created a completely open bucket for public to upload videos into and then put all the onus on the uploaders regardless? And they are one of the richest companies on the planet, and they just shit on the users, but allow freaking child porn and other disgusting content and then also delete anything politically relevant if it invades a safe space....

Yeah - screw youtube and google. The onus is on their resources vs the individual.

> Uhm, you realize they created a completely open bucket for public to upload videos into and then put all the onus on the uploaders regardless?

As opposed to what? If the city creates a public park and you decide to commit a crime there, are you somehow no longer responsible?

This guy's onus is out of control.

IMO it should be illegal to bundle TOS contracts to a single login like this.

There is an economic incentive in terms of saved resources to bundle multiple services in a single account like this but it harms consumers to get cutoff from your entire digital life because of some minor infraction.

> my account

You use the singular form of "account", which is interesting to me. Are they preventing you in some way (IP address tracking, device tracking, etc) from creating a new account? Why would you not do so?

I wholeheartedly agree that a Youtube violation should not affect your other Google products, like a laptop or email account. Similarly, an Amazon problem should not affect an AWS account. But I will concede that they're within their rights to disable your Youtube account for uploading copyrighted material.

Their TOS prohibits making new accounts to bypass the ban. I don't know if they have automated checks to enforce this but based on the behaviour of spammers and scammers using google products, I suspect they do.

> I uploaded full seasons of a very old 90s cartoon and my account is disabled. I cannot even purchase YouTube TV to try it out.

You violated the law and their (rather reasonable in this case) terms of service and are shocked to find they'd rather not do business with you?

I think the problem is where accounts control a large part of someone's digital life.

so for example here, it appears that someone breached Youtube ToS and lost their whole Google account.

Now imagine you've got all your e-mail/photos/contacts etc in that account and you've just permanently lost them due to that ToS breach.

Of course as technical people we can say "ahh you should have had off-cloud backups", but realistically most non-technical people won't do that and likely won't realise the consequences of their actions.

"I think the problem is where accounts control a large part of someone's digital life.

so for example here, it appears that someone breached Youtube ToS and lost their whole Google account."

Exactly. I recall the incident[1] where some Google Pixel phone customers were reselling their phones and making a tiny profit. Google permanently deleted hundreds of accounts and never restored them, for violating a mobile phone TOS. Ban them from the Fi mobile service, sure, but don't delete their entire digital lives! That's like getting a life sentence for shoplifting in the physical world.

All your eggs in one basket is never a good strategy, and though I wasn't personally affected by it, the Pixel Phone fiasco opened my eyes to just how much Google and Facebook controlled my own digital persona. I now use neither of their services.

[1] https://www.theguardian.com/technology/2016/nov/17/google-su...

> You violated the law and their (rather reasonable in this case) terms of service and are shocked to find they'd rather not do business with you?

When I worked in the Intelligence Community I had to go through multiple FBI investigations and polygraphs. Every single one of them asked me about laws I may have violated in the past. One of the agents even said (paraphrased, of course) "Maybe you downloaded some movies? It's illegal but many don't realize it and probably most people do it".

Pirating is one of those crimes that has become normalized. The parent may have realized it was illegal but didn't think much of it and probably didn't realize it would lead to his account being completely disabled.

The trouble with Google accounts and becoming disabled is it can very likely ruin a good part of your life because of how much of your data they hold and there are zero ways to redeem yourself if you did do something wrong and there are zero ways to resolve the problem if it was due to something inaccurate or false (which has happened especially if someone else gets into your account).

> One of the agents even said (paraphrased, of course) "Maybe you downloaded some movies?

What's the correct answer?

The correct answer is to tell the truth. The point of the security clearance process is to determine what somebody might be able to hold against you (i.e. to blackmail you into giving up confidential information)

If you told your interviewer that yes, you have downloaded some pirated movies, then if somebody calls you up saying "hey, i'll tell your boss you're a movie pirate if you don't tell me X" you'll feel confident shutting them down.

You should tell the interviewer the truth, but you'll feel confident denying due to lack of proof when a random person makes the claim.

If anything, it makes an asset vulnerable to extortion _from_ the FBI.

See also "The FBI Is Struggling to Hire Hackers Who Don't Smoke Weed". [1]

[1] https://www.reddit.com/r/news/comments/262dde/the_fbi_is_str...

The truth.

Is downloading movies illegal?

Sharing copyrighted content is

Not just sharing - even loading a program to RAM to run it is considered a copy and needs a license, as per MAI v. Peak.

They can sue for copyright infringement, but since the damages are tiny, they generally don't bother. What's different since the DMCA is that "commercial scale" infringement is now a criminal offense even if you're not making any money. And if you're uploading, say by using a bittorrent client which uploads while you're "downloading", then they could make a criminal case.

Well, given the question asked, we need to be clear that the legality of downloading copyrighted content varies by country. Also, the DMCA[0] has been around for 21 years, so it's not exactly a recent change. The last time the industry went after a torrenter, it was Hunger Games (2010), IIRC; I always attributed to the Streisand affect[1].

[0] https://en.wikipedia.org/wiki/Digital_Millennium_Copyright_A...


Draconian punishment without warning and without recourse in response to a single misstep would indeed be very surprising.

If that is what actually happened then it invites regulatory action considering Google's unparalleled market share and reach.

It happens frequently from Google.

You bought a Pixel phone, and Google thinks you might be a reseller? Then your account will be terminated, too.

And yes, there should be massive regulatory action, Google is doing so much stuff that should be fixed, it’s impossible to even list it all.

The problem is when a company which has such huge monopolies decides they won't do business with you.

This guy has a for-life veto on a lot of the leading technologies, and cannot use a lot of product (in an every increasing list).

>support is moot

that is how I feel about most of their hardware products. I had a nexus 5 and when ever there was an android release, there were all sorts of problems that filled up the message boards.

I miss the days of the "Don't be Evil" Google.

Previously everything of mine went through Google. Email, phone, phone number, search, etc. I've migrated everything away (except Google Voice) for this very reason.

My life would have came to a grinding halt if they banned me, and I couldn't even email them about it.

What was your gmail alternative?

I tried to switch everything to Lavabit, but then a month later the Snowden thing happened...that didn't last (and I'm still out all that money)

I use Fastmail and absolutely love it. The interface is so much better than Gmail or anything else out there, and the additional services are awesome without being cumbersome. Their file storage isn't as easy to use as Google Drive, but it's fine for long-term storage of rarely accessed files, and you can even host simple web pages from your account.

The only downside I've found is you have to pay the full fee for each @fastmail.com account, though I get around that by hosting my other email addresses on my own VPS and using Fastmail as my IMAP client for them.

I switched to Fastmail. Note that my main concern was being banned by Google, so security/privacy wasn't my focus. I say that because I believe Fastmail is still in the US[1], which brings up privacy concerns imo.

Recently on HN I saw another email provider that offered fully encrypted email, perhaps end to end, but I've already committed to Fastmail so I didn't follow up with them too much.

I'm happy with Fastmail fwiw, and happily support them.

[1]: https://blog.fastmail.com/2013/10/07/fastmails-servers-are-i...

Fastmail is based in Australia.


Hmm, I'll have to do more research, but I thought they used some American hosting. Perhaps I'm mistaken! I'll make a note in the comment, ty!

edit: I take that back, I'm not wrong, yay \o/.


They are in the US, it's just that the company itself isn't. So depending on your level of distrust of the US, that may or may not be an issue for you.

If you think you are safer from the NSA because a server is located outside the US, I've got some bad news for you: outside of the US, the NSA can do whatever they want as the US Constitution has no jurisdiction. Whether or not they are abusing the law within the US is up for debate, but outside the US there is nothing to stop them except technology.

That's fair - I wasn't raising it as a personal concern however, I was raising it because I've seen many other concerned about US involvements.

With that said, do you feel there's no difference in security when having servers in, or outside of the US?

A lot of people seem to distrust US involvement, and prefer out of US as much as possible. Do you think this is completely bunk, because the NSA is so unstoppable?

To me it just seems like being in the US just adds to possible problems. Thoughts?

I'm going through the same process, and am currently enjoying ProtonMail.

Ah yes, this is the encrypted email provider I saw on HN a while back (I mentioned in another comment of mine, but at the time forgot the name of ProtonMail).

When it's time for email renewal, 1 or 2 yrs down the line, I'll be looking at ProtonMail :)

If most people you email with use Gmail, what's the point of an "encrypted email" provider? Why not just use PGP and stay with your current provider? Thunderbird+enigmail is the way to do meaningful encryption and it is provider agnostic.

I have no idea, I'm not the one advertising the feature lol. I literally said that I've not even researched them, and that it is "perhaps end to 2 end". Beyond that, I know nothing about them.

I bought my own domain and have Zoho host my email. I have not had any hiccups at all. They support exchange, so I get push on my phone, which is nice. I set up my gmail to fwd any straggling emails to my new email.

outlook.com is excellent. I used the free version for years, now I have bought premium.

Their spam filter has been horrible lately. I've been on outlook.com ever since it was rebranded away from hotmail, and it was OK until recently. But the spam has gotten so horrible in the last few months, I'm trying to decide what to use next (given that I don't live in china anymore, I have choices).

It is also missing a lot of features compared to gmail, while the web UI is a bit clunky. These aren't real breakers for me (spam is); but it is hard to recommend. Is premium much better?

Owning the domain makes for great email address portability. If I hadn't read so many of your comments here over the years, I probably wouldn't suggest this, but I think a good strategy is to buy 2 domains, one for trusted entities (i.e.people you know or your bank/ credit union) and one for non-trusted entities (i.e. Amazon or commercial entities in general). Use your domain registrar's email hosting for trusted entities (add PGP for extra goodness), and use a commercial provider (e.g Google, Fastmail,etc.) for the non-trusted entities domain.

Strange, my spam filter is fine. Premium is just no ads + some extra space. I pay premium because I want microsoft to keep providing this excellent service without compromising my personal data

Fastmail is stupendous. The UI is great, and real humans reply pretty fast when you need support (and this hasn't been often, fortunately).

Plus, they work with SMTP/IMAP/CalDav/CardDav, so if you like the tools you're using, you can keep using them. Personally, I use third party tools on my phone, but their web UI on PC.

If you are using a your own domain, if you use gandi.net or transfer there you get pretty decent basic email for free with the ability to add to it for reasonable prices. If I were to ever tire of self-hosting my email, I'd probably switch to them.

Fastmail has been wonderful for me.

I use Zoho Mail without any issues.

I use Fastmail, personally.

Could you share your email transition strategy? Any tips? Do you still end up checking the account?

I forwarded email in Gmail, and move over forwarded emails as I can. Note that it's not been an easy process, it's still a massive undertaking changing all those emails.

I did think about switching to my own domain for emails though. I have previously avoided it because it adds a new vector of attack - i.e. if an attacker gets my domain, they have my email. With that said however, I can still keep a handful of important sites hooked up to my real email. Eg, my bank can go directly to fastmail, but randomsite.com would send emails to me@mydomain.com.

That would give me freedom to move my email where ever I see fit, with minimal changes. It seems tempting.

Thanks for your detailed response. You mentioned:

>"I forwarded email in Gmail, and move over forwarded emails as I can."

I didn't understand what you meant by moving over forwarded emails. Once you forwarded them aren't they available on Fastmail's IMPAP server? Or is there some other cleaning process you go through? Thanks.

(Not OP) OP probably means as emails are forwarded and appear in Fastmail, OP goes to the sender of the email and lets them know about the new email address (so they aren't sent to gmail in the future).

You can easily set up email forwarding in Gmail to forward all messages to your new address. After that it's just a matter of switching everything over to email your new address directly.

Generally it’s better to fetch email as not to trip additional spam filters. Many email providers support this, ex https://www.fastmail.com/help/receive/fetchotheremail.html. If moving from gmail you may need to adjust security settings, which is probably another indication that Google isn’t a great teammate in this.

fastmail.fm is what I went to, years ago, for e-mail redundancy.

Fortunately I have two major, long-standing e-mail addresses, so I put one of them on fastmail.

Thanks for bringing that up. However, te truth is often a bit more nuanced (although it doesn't make for as good headlines).

Dissecting your three examples.

In the first case, (and based on their own statements) those people were buying up phones by the hundreds, shipping them to a single physical address and then scalping over the internet.

It's basically fraud. So yes, they probably got picked up by an automated algorithm that looks for hijacking/CC fraud or bot-nets.

From public statements though, I believe most of them got their accounts back when they reached out to confirm they were real people and not some fraud bot-net. It's still technically violation of their ToS, but I won't comment on that part.

The second case I'm not directly familiar with, and there's no public statements so I won't say anything further.

In the third case, the affected customer made a public statement afterwards:


I can't comment any further than what's been said publicly except on general principles 1. Google does a lot of things to protect users from external attacks, everything I've seen seems to indicate they really do care about users, and 2. There are pretty clear ways to get back into your account should anything happen (https://accounts.google.com/signin/recovery is your one-stop shop), and 3. The user doesn't carry any ill-will towards Google once he realised what actually happened.

(Disclaimer: I work for Google, but the above statements are my own and do not reflect those of my employees).

Perhaps there was something specific about that specific instance that made it fraud, but reselling a phone isn't fraud by default.

Not interested in needing to beg a horrible algorithm or become internet famous just to get ahold of a human that might turn my digital life back on.

I'm only speaking in general terms here, not specifics.

However, reselling phones is usually against the ToS of pretty much every retailer. This isn't unique to Google. Here are our ToS - https://store.google.com/intl/en-US_us/about/device-terms.ht....

> You may only purchase Devices for your personal use. You may not commercially resell any Device, but you may give the Device as a gift. Recipients of gifts may need to open and maintain a Google Payments account in order to receive any support offered by Google. These Terms apply to any gift recipient.

I'd like to see you walk into an Apple store, and buy 10 iPhones. Or say, 100?

In fact - Apple even introduced controls to stop scalping of Genius Bar appointments:


Or say you create 100 email accounts - john001@gmail.com, john002@gmail.com, john003@gmail.com etc. - and have them each buy a phone, and ship them to a single physical address.

It's certainly possible to see how this would come across as hijacking or botnet fraud.

You're saying that like it's a reasonable condition. Other sellers of things don't have such conditions like, having it be against ToS to resell your car or your forks.

Agreed - I am arguing with them as if it's reasonable but it's entirely not.

> In fact - Apple even introduced controls to stop scalping of Genius Bar appointments

Yeah, they prevent the purchase. That sounds reasonable. They decidedly DO NOT brick the buyer's phone, or their entire digital life, if they suspect someone bought more than the limit.

Also, even if they did, which would be just as horrible and outrageous as when Google does it, at least they have reasonable phone support and retail stores. It's not just about Google's indefensible behavior in terminating Google accounts, it's about how the company wants to be relied on for everything digital without providing even a bare minimum level of support.

The issue isn't buying over the limit.

The issue is making it seem like your account is hijacked, or part of a bot-net, or committing payment fraud (e.g. stolen credit cards).

Say you create 100 email accounts - john001@gmail.com, john002@gmail.com, john003@gmail.com etc. - and have them each buy a phone, and ship them to a single physical address. Most people would see that as a major red flag for something fishing going on.

Or say suddenly all of these otherwise unrelated accounts suddenly started ordering goods online, and shipping to a PO Box in the Ukraine.

As a consumer, I most definitely want all of this stopped.

In fact, my bank will regularly call me up and ask me to confirm transactions that seem suspicious (or send me an SMS) - if I don't respond in time (e.g. I'm travelling), they will lock out my credit card.

That is exactly what you want as a customer.

So in this case - it seems these people knew they were engaging in something shady - but perhaps they didn't put two and two together and think, gee, if I let somebody order something on my credit card, yet addressed to him, I wonder if it will look like my account was hijacked?

A bank freezing your account to protect you, because they think someone hijacked your account, is different than a bank that thinks you're a bad person and the bank wants to find out every single account you have and punish you.

Many people have experienced financial protections, but few have experienced an adversarial bank, and I imagine that would scare a lot of people.

It sounds like to me Google does both things. Google does things which are comparable to customer fraud protection, and Google also does things which maximally asserts its positions in a punitive manner, at which point, is it time for lawyers and media PR battles?

"In the first case, (and based on their own statements) those people were buying up phones by the hundreds, shipping them to a single physical address and then scalping over the internet.

It's basically fraud. So yes, they probably got picked up by an automated algorithm that looks for hijacking/CC fraud or bot-nets."

No, it's not "basically fraud". Yes, it violates Google's terms, and banning the customers from using Fi would have been a reasonable response, but Google's TOS is not enshrined in criminal law. Unless your position at Google is on the legal team, you might want to be careful about throwing around phrases like that with nothing to back it up. By admitting you work there, you are officially speaking for the company with such statements.

Thanks for bringing that up.

I suspect you and I are talking about two different things however.

I'm using fraud as an ordinary layman would use it - that is - deliberate deception to secure unfair or unlawful gain.

In this case, I think most people would agree that spawning up multiple dummy accounts (e.g. john001@gmail.com, john002@gmail.com, john003@gmail.com) and then using them to get around ordering restrictions is definitely deceptive. (These account names are obviously illustrative).

And in terms of what's a "reasonable" response, that's above my paygrade. All I can comment on is the public statements that those people made around the time, and around their interactions with Google and their interpretation of them.

However, are you a legal practitioner? If so, then perhaps you are using the term in the other sense? Also, if you're willing to comment IAAL, that would be very interesting.

"I'm using fraud as an ordinary layman would use it"

Fair enough, my point was more that I was so surprised you were willing to stick your neck out by officially speaking for Google here, especially regarding legal matters.

No, I'm not a lawyer, but I do have nearly 20 years in law enforcement and LE-related work, enough to have a bit of an informed take on things like this.

I do feel that Google was wrong to permanently and irrevocably delete their entire Google account rather than simply banning their account from using Fi. It's Google's prerogative, but it told me everything I needed to know about them as a company. Suddenly I was acutely aware that if I were to violate, say, YouTube's TOS by uploading something that I thought was fair use when it wasn't, I could permanently lose my entire online life. That's quite simply unacceptable.

AFAIK, nothing was permanently or irrevocably deleted. From all the public statements at the time, all that happened were the accounts were suspended.They would then need to reach out via the recovery link to prove they were really a person (and not say, a bot). (I'm just going off public statements here).

In terms of handling and deleting user data, I do know we have some pretty clear guidelines around this - user data is sacrosanct. You can read up in the ToS, or if you need specific guidance around your personal circumstances, I would always encourage you to consult a legal professional.

> by officially speaking for Google here,

The very disclaimer he added saying he was a Googler also said he wasn't speaking for the company.

His comment was edited, it originally said (Disclaimer: I work for Google) and was changed after my comment was posted. I think that action speaks for itself.

Those don't sound very convincing. Firstly, any time these things get enough press to become well known cases, it's natural that the "appeal to PR" vector gets them sorted out.

Secondly, the per case details don't look good for Google - in the first case, buying and reselling phones for a profit sounds perfectly above the board. Even something a "don't be evil" company might do... In the third case, the statement reads exactly like legalese that would be grudgingly put out by someone who's had a tussle with lawyers.

To your first point - The natural counterpoint is - there are billions of Google account there. Yet, the number of cases you hear about this is in the handful.

To your second point - scalping phones is most definitely against ToS. This is true for Google, Apple, Smsung anybody.

Here are our ToS - https://store.google.com/intl/en-US_us/about/device-terms.ht...

> You may only purchase Devices for your personal use. You may not commercially resell any Device, but you may give the Device as a gift. Recipients of gifts may need to open and maintain a Google Payments account in order to receive any support offered by Google. These Terms apply to any gift recipient.

This isn't unique to Google. I'd like to see you walk into an Apple store, and buy 10 iPhones. Or say, 100?

In fact - Apple even introduced controls to stop scalping of Genius Bar appointments:


Or say you create 100 email accounts - john001@gmail.com, john002@gmail.com, john003@gmail.com etc. - and have them each buy a phone, and ship them to a single physical address.

You can see why this would come across as hijacking/botnet fraud, right? (That's separate to the ToS violations).

But from public statements - the scalping itself wasn't what got them, it was probably the bot-net like account creation, and indications of payment fraud.

Thirdly point - it doesn't sound remotely like legalese, and there's no indication lawyers were even involved. In fact, why would they be? I would have preferred him to post some more technical details, as that would have cleared things up, but he posted a nice message of his own volition, which I suppose is fine.

It reads more like the message of somebody who's relieved, and glad he got an explanation of what actually happened behind the scenes.

Exactly the type of Google apologist FUD I would expect from a Google employee.

Google is not at all transparent about how or why accounts get closed, and their support when it happens is utterly terrible. The fact that the links in the parent posts had to resort to PR shaming is proof of that. Most people don't have the online following to pull that off.

In reality, an average person who loses access to their Google account is screwed, and that should be an important consideration when looking at Google products.

To speak about that third case the very real concern I would have there is that it appears he got access to his account back by being able to attract enough attention from Google management, as he was well connected and had a relatively high profile twitter account (> 100k followers)

That kind of solution is unlikely to be of use to customers who don't have the ability to bypass the common process...

It wasn't necessarily the publicity. He reached out through normal channels, but these things normally take some time to process, since they normally have to be reviewed by humans.

It's one of those things where you want to tread carefully.

I mean, say my account got hijacked.

I want to get back in. So does the hijacker. I would much rather prefer waiting an extra day or so, than risk having the hijacker purporting to be me getting back in.

I've actually had to deal with the exact above scenario for a friend before - they had a Gmail email account, and another (unnamed) email provider. The hijacker did try to get back in, and it's a pretty scary proposition. So having a bit of peace of mind that the bar is suitably high is good.

(Disclaimer: I work for Google, but any statements above are my own, and do not reflect those of my employer).

> I want to get back in. So does the hijacker. I would much rather prefer waiting an extra day or so, than risk having the hijacker purporting to be me getting back in.

Except, that’s not what happens.

Google lets the hijacker in, and locks you out. I live in Germany, and yet, as detailed in https://news.ycombinator.com/item?id=15404541, Google let a hijacker from Russia with knowledge over nothing except my password in, and I had no way to reset it despite access to all reset questions and reset email (but no access to the reset phone number).

Not even a Google employee friend was able to help me, as their internal escalation team for this... contacted my hijacked account via Gmail.

Google’s system is useless, and if you honestly rely on it, you should stop right now.

Go into Gmail, IMAP settings, and write down the "POP3 activated since" date, that’s the only place you find your account creation date, it’s required for account recovery. Update your phone number, and choose an ISP that NEVER deactivates unused phone numbers.

erm from https://pbs.twimg.com/media/DHz1WNEXcAEVEHr.jpg "I spoke to the leadership there and they restored accounts"

doesn't sound a lot like the standard support process to me.

AFAIK, the two things are orthogonal.

My understanding was he'd already kickstarted a normal recovery process https://accounts.google.com/signin/recovery

And he wanted more details, so I assume he spoke to somebody up the escalation chain in our support org, who gave him more details.

that's not what https://www.inc.com/sonya-mann/salil-mehta-free-speech.html says about it.

"Mehta was lucky. The public outcry and press attention prompted Google to manually review his case."

"It could have turned out differently. Without his impressive credentials and far-reaching network, Mehta never would have found out why his Google account was shut down. He wouldn't have been able to access his correspondence or restore his blog, which he says has been read by the likes of Elon Musk and Warren Buffett."

That website (Inc.) doesn't cite any sources for your quotation at all. It simply appears to be their personal speculation. To me that's rather disingenuous.

I actually work in a support org at Google (on the Enterprise side, admittedly).

That account recovery link I provided (https://accounts.google.com/signin/recovery) is available to anybody (This is for consumer - i.e. GMail. If you have an enterprise - i.e. GSuite account, it's slightly different in that your domain administrator can also restore you as well).

You don't need to be anybody special - you just go to that URL, fill in your details, and somebody will review it for you.

Yes, it will take time. If you make noise, it's possibly it will get escalated and you will get assurances from somebody that it's being looked into. But in general, it will take some time to process it, simply to ensure that we're giving you (and not somebody else) access to your account.

I know it sucks, but account security is tough, and I have nothing but respect for the hardworking people that handle that. In my second week at Google, I accidentally typed my password into a non-secure (but still legitimate) web-form. Within minutes, I got an alert asking me to change my password immediately. They take security very seriously.

Disclaimer: I work for Google, but any opinions above are my own.

They have direct quotes from Google's press office, so perhaps not just personal speculation...?

" A Google spokesperson told Inc. that Mehta mistakenly marked some of his own email as spam, which confused the algorithm and triggered the shutdown. By August 21, the account had been fully restored."

Given that you think that a person without that reach would have had a similar experience....

that's your perogative of course, but you should forgive a little doubt from outsiders that things would've been so smooth for those without recourse to similar avenues.

> I mean, say my account got hijacked.

That's a straw man argument because, as far as anybody can tell, the account in question wasn't hijacked.

In reality, this person had a big, multi-day inconvenience foisted onto them out of nowhere, for reasons they apparently can't even talk about. And that's assuming Google even told them what the violation was.

If Google wants people to buy in to their platform then they need something better than an across the board zero tolerance policy.

That may or may not be true, but it's by definition hard to tell because the cases that don't get attention, you don't hear about. So it's hard for us to tell for sure. But in general, considering that billions of people have Google accounts, the fact that you can count these cases on your fingers and that you don't see articles about it every week means that it's probably safer than flying by plane.

Let's be honest, nothing is 100% safe. If you decide to keep everything off of the cloud also has its own risks.

that's an interesting assumption, an alternative interpretation would be that as they're so common they're no longer news-worthy.

Either could be true...

If you purchased the device from Google, and they locked you out, couldn't you sue them in small claims court? That would at least force them to respond, and if they don't they would get a default judgement against them.

If it is possible / likely that a court would hear the case, would your only option then be to sue for monetary damages, or could you sue for them to perform an action (such as reinstating your account)?

The consumer likely "agreed" to this treatment in the TOS/EULA.

Yeah, but EULAs don't supersede actual laws. You can't sign over your firstborn child in a EULA, yet.

Whether or not you agreed to a TOS/EULA is irrelevant. It's for a judge to decide whether or not locking you out of your account (rendering a piece of hardware you purchased nigh worthless) is legal.

By using chromebook, you are almost giving away your entire digital life. Such data will be abused by Google to sell ads, as it has happened many times before.

What a horrible piece of privacy abusing junk this Chromebook is.

A lot of these will be used by businesses on paid GSuite accounts where the monetization of user data doesn't happen:


I think $5/mo per person in exchange for some degree of privacy and being the customer instead of the product is a reasonable deal. $10 for unlimited storage.

In addition that price gets you 24/7 live support from a real person.

I'm not suggesting this answers the general privacy concerns and other issues presented here.

> A lot of these will be used by businesses on paid GSuite accounts where the monetization of user data doesn't happen:


GMail also launched without ads and datamining.

Google retroactively added it, without opt-in, and mined all your data later anyway.

If Google can physically access something, you have to assume they will data mine and publish it at some point.

The laptop wouldn't become inaccessible, the account would. You could log in with a different account.

But all of your data would be inaccessible, as it's associated with the (banned) account...

That's a good point it's also a risk if you use googles phone service although I haven't run into problems if I did I could only communicate via my thinkpad Linux system, Ubuntu won't lock you out of your machine they don't control your login.

> There have been instances in the past where Google has locked the account of a user

This happened to me recently (though I think for security concerns, not TOS violations), and was quite distressing. What steps can be taken to avoid this?

Yes, this is usually the more common story - Google does a lot of things to protect users (from themselves, and from external attack). I suspect a lot of people who get locked out are for fairly pedestrian reasons like password reuse across sites, and they got hijacked. It sucks, but it's better than the alternative (e.g. somebody pilfers all your email and commits identity theft).

Trust me, there are a lot of bad actors out there,

The other poster had it right - 2FA is really the way to go, ideally with something like Google Authenticator or Yubikeys.

If you ever get locked out (e.g. account is suspected as compromised/hijacked), then:


is your one-stop shop to prove you're really you.

> It sucks, but it's better than the alternative (e.g. somebody pilfers all your email and commits identity theft).

That’s what happened to me.

I had a Google account, abandoned since 2012, disabled. A few weeks ago I got an email telling me someone from russia was trying to log in, and this was prevented. The next day, another email – telling me that I successfully logged in from Russia, and had successfully changed the password.

Google offered no way to get the account back.

I had the creation date, a list of every email in the account, the used phone number (although it had since been shut down and recycled), the old password, and control over backup email.

This was not enough, Google left the account in control of the attacker.

I requested through a Google employee friend their internal form to handle this. Also, no success. Instead, they talked with the hijacker.

In the end, I managed to contact the new owner of the recycled phone number, and together with him, I managed to run the account reset procedure, and regain control.

Conclusion: Google’s account "security" is useless against hijackers, prevents you from getting your account back, and is just a fucking pain in the ass.

I had 2FA via a yubikey, though.

phone-based 2FA, physical security tokens, strong passwords, equally secured recovery email address, nontrivial recovery questions.

Google accounts have far more security options than most online banking platforms. There's no reason you should lose your google account as long as you listen to the notifications that tell you to review your account security and go through the steps.

The real utility in this device is to flash with coreboot and install Linux, not to run client endpoints of Google's horrible services.

I'd consider buying one, but first thing I'd do is wipe it and install a regular Linux.

What’s the solution?

1. Spread all activity on multiple mail accounts?

2. Get a G-Suite account + own domain, so in a case of a lock out you just change the MX records?

Option 2 is expensive for a lifelong private account and 1 is cumbersome.

Any other ideas?

Replace ChromeOS with a free Linux distro!

Not a concern for 99.999% of people, developer or not.

So, with 1b monthly active Gmail users as of 2016, that's just a million users should be concerned?

Do you mean that people aren't concerned, or shouldn't be concerned?


I don't think anyone (reasonable) should be concerned and I think most people, developer or not, are not concerned.

This is just yet another example of this vocal minority on HN that regularly talks shit about every Google hardware product, where the argument against this specific product actually comes down to a larger argument against Google and how much access and gatekeeping they have with regards to your computer use.

What irritates me is that this is Google's core business and if you're not interested in Google products because of that, then who the hell cares what you have to say about this product? It's like if Google launched a volleyball net and the top comment was something like, "Well, I don't have a house or a backyard and so I won't buy this because I won't have space for it!"

Well then clearly you weren't going to buy this product in the first place, so what use is your opinion here? Why would Google make a laptop that has nothing to do with the rest of their business? Is the parent comment suggesting that Google should make a general purpose laptop that doesn't integrate with Google accounts?

On top of all of this, it's not like the laptop becomes a brick in the event that your account would get locked. You can still use it in incognito mode, albeit without Android apps and such.

Furthermore, doesn't this exact same argument apply to Windows 10 with a live.com account login, and Apple with iCloud account logins? Seems to me like the privacy zealots seem to come out stronger against Google.

I don't think you fully understand the risk model the "vocal minority" is talking about. It's not so much that Google might know about our searches for horse porn, it's that we could lose access to our entire digital life at the whim of an algorithm or a politically motivated employee.

As others have pointed out, Google has capriciously cut off account access to numerous people. When they do that, you lose your email account, which is the de-facto access key to a very large number of other accounts. This is to say nothing of the documents, spreadsheets, photos, PURCHASED movies and music associated with that account.

Bear in mind the Jordan Peterson case, on which Google has yet to answer, is only one we know about due to its high profile nature. How many other users without access to the ears of the media get rolled over in similar manner?

When any other entity chooses not to do business with you, they don't show up to your house and make off with your DVD and CD collection, the home movies of your kids, as well as contents of your filing cabinet and a good number of the backup keys you have for other accounts.

The parent is not worried about PRIVACY, they are worried, rightly so, of LOSING THEIR DIGITAL LIFE on a whim of a third party.

The probability is low, sure, but the impact is very high. Evaluating risk is not just about likelihood, but also impact.

The obvious objection, that one should use G Suite from a domain name they control, and do hour-by-hour snapshot backups of every document and photo they host with Google, is a fair one, but it puts the user in a position in which the very value Google services offers -- convenience -- is no longer there. So what's the point?

> This is to say nothing of the documents, spreadsheets, photos, PURCHASED movies and music associated with that account.

It would seriously surprise me to learn that this exact scenario does not apply to iTunes with iCloud and Microsoft with live.com accounts, azure, onedrive, and whatever xbox music store they have now. What sets Google apart here? I'd argue that the only thing that sets them apart is that they give users more opportunities to expose themselves to ToS violations via the fact that they own YouTube and other popular content sharing platforms (eg: gdrive), and also that many more people have Google accounts than have iCloud or Microsoft accounts.

> Bear in mind the Jordan Peterson case, on which Google has yet to answer, is only one we know about due to its high profile nature. How many other users without access to the ears of the media get rolled over in similar manner?

He's a YouTuber with nearly half a million subscribers and a ton of videos. The reason his account was likely flagged in the first place was due to his high profile nature, probably some kind of conflict with copyrighted content and/or adsense. I don't think Jordan Peterson's account lock should be taken as evidence that this is randomly happening to a lot of other ordinary Google users.

(... and why is he uploading on YouTube with a personal Google account in the first place?)

> The probability is low, sure, but the impact is very high. Evaluating risk is not just about likelihood, but also impact.

I don't think that's right. The probability is low, and the impact is only as much as you allow it to be. I don't understand why it's all or nothing. You don't trust yourself to have a Google account and not overexpose yourself?

> The obvious objection, that one should use G Suite from a domain name they control, and do hour-by-hour snapshot backups of every document and photo they host with Google, is a fair one, but it puts the user in a position in which the very value Google services offers -- convenience -- is no longer there. So what's the point?

It doesn't have to be that dramatic, you download the really important stuff off of Google and save it on a USB stick or something. They make it absurdly easy to download all of your data with their exporter tool.

> You can still use it in incognito mode, albeit without Android apps and such.

Actually, under "tech specs" on the product page, it says a Google account is required.

Is picking a few cases then concluding it's Google's propensity perhaps a bit hyperbolic?

I think it's worth illustrating the concept. A device that's heavily reliant on a cloud service (in this case Google's) means you have to worry about the risk of being locked out of that account especially if getting access after that lockout is difficult.

These devices are very different to traditional computing devices (e.g. Windows/Linux PCs) which mostly store content locally as there lockout from a single cloud is unlikely to be catastropic.

As the major consumer OS makers (Apple/Google/Microsoft) go more in the direction of an integrated experience where cloud storage is key, how they handle possible ToS violation and account lockout/closure will become increasingly important.

I actually dissected the authors example above - and they actually don't really help prove his/her point.

The first example - was basically fraud, that probably got picked up in hijacking/bot-net detection (based on public statements).

The second - I can't comment, as there are no public statements.

The third - the author made a public statement, and seems to harbour no ill-will to Google after it was explained to him what actually happened. I can't comment on that conversation, but I will say that in general, Google does a lot to protect its users from all kinds of security issues and attacks.

As responded on the third, a process that relies on the subject being well enough known or connected enough to bypass common process isn't a scalable solution.

If someone has to know to e-mail you personally to help fix an issue, that concept doesn't scale to x million accounts.

I'm not trying to get at Google specifically here, I'm suggesting that as all the tech. companies move more of people's digital lives to the cloud, these accounts become more important and how they deal with ToS violations, reactivations and the like will require a lot of thought.

The third - the author had already kickstarted a normal recovery process by https://accounts.google.com/signin/recovery.

However, these things take a while to process.

As I commented elsewhere - if your account got hijacked - the last thing you want is for the hijacked to get back in, via some automated form.

I had to deal with exactly this nightmare scenario for a friend a few months back. Two email accounts, one from Gmail, one from another (unnamed) provider. The hijacker tried to get back in, several times (and did on the other one).

Knowing that the bar is reasonably high that only you yourself can get back in (even if it may take a few days) is very reassuring.

Trust me - if it's between waiting 2-3 days, versus having somebody get back in, pilfer all your email and commit identity fraud, I would pick the former more secure any day of the year.

I hate this trend of dumbing down product specifications. I don't know who started it (probably Apple?), but everyone does it now. Like what fucking i5 or i7 processor ? Is the storage soldered even for the nvme option ? It doesn't help that Intel keeps playing tricks with their naming either. i7 used to be quad core, then it became dual core for thin laptops. Now they are back to low freq quad core in some SKUs. For a $1k-$2k device which is supposed to be the pinnacle of science with billions of transistors, they spend all of the 20 minutes they have on stage showing puppy and kid pictures.

I think the reason why things like this piss people like us off is because this product isn't targeted at us.

"Normal" people don't care what is in a device as long as they can justify the cost with the perceived value they see in the device.

For them the sticker saying "i7" on the laptop makes it a "top-of-the-line" laptop and justifies the cost as they expect to pay more for "top-of-the-line".

I don't think this product is targeted at anyone. Their commercial during the keynote showed a skateboarding teenager using the pen, a couple watching a movie on the couch with the laptop propped up on the coffee table, someone editing video, children playing with it... Google doesn't even know who to market this thing at.

This product does not convey thought or design. It screams "hey we built another expensive chromebook because I guess we have to."

Yes, but that's the definition of "false and deceptive advertisement", isn't it?

I'd wish for someone to sue a giant corp. so that a law can stop other mega corporations from doing deceptive advertisements. Just like factualized "health-benefits" on supplements were prohibited unless proven right via 'a study (?)' as a gateway.

$999 for a much underpowered Sony Vaio like Subnotebook is too much! You also BUY the strongest VENDOR-LOCKIN made into a product ever, the "Google-Ecosystem". Allow installation of any OS, then we're good, but until then, don't say it's a notebook or laptop. It is not!

As a sidenote, using "false" as a strawman as in "fake-news", thus allowing government to "silence false voices" should be stopped. Censorship, illegalization, demonization are the enforcment of rules made for a minority onto the majority and we know why this is bad for a healthy 'governence of a country'.

Also, numbers often don't mean much, or at least not what most consumer think they do. I've seen so many people choosing product A over product B because the "ram" number was bigger and the price was lower.

The situation is that as hardware levels off more and more, with Moore's Law slowly dying, the onus falls much more on software to make up for it. That's why a phone like the Pixel feels much smoother and responsive than other Android phones, which run on the exact same hardware.

And some of us here would much rather have benchmarks for software we use rather than # of cores or clock speed. I'd like to know how long it takes for my IDE to spin up, important websites to render.

And whether it will cook my lap and get as loud as a jet engine if I push it a little.

Not to mention that most so called "Reviews" these days are just a rote listing of the products features from company press releases.

I can't count the number of laptop / smartphone reviews I've seen the last couple of years that don't even contain a single benchmark. The extent of the actual "reviewing" that takes place is some glib anecdote about how "there didn't seem to be much noticeable lag" or some other contrite BS.

I hate this race to the bottom of the customers presumed intelligence.

The specifications will be released in full eventually, right now the buy link is just a waiting list. No money is exchanging hands so why does it matter if it's a Intel Core i7-7660U or a Intel Core i7-7560U Processor?

What really bothers me is I can't find the timings for the memory. I need to know that my CAS settings aren't going to hamper the performance of my cutting edge app transitions.

Kidding, we don't even know if this is using DDR3 or DDR4.

It turns out the processors are i5-7Y57 and i7-7Y75 (source B&H). Super low power year old chips. Not too optimistic about the performance as a general linux laptop.

I saw those 4.5 watt chips on Intel Ark, but I thought that maybe you could fit the 15 W models in the enclosure.

At least this probably means no fans! Oh and that it uses DDR3. :)

Get used to it. No one cares about which i5 or i7 beyond a small niche (which is likely concentrated on HN). There are probably technical specs someone, or you can wait for a teardown, to get the hard core specifications but the target market for those is so tiny no one is catering to them anymore.

There is some confusion over what the target market for chromebooks is. There is a big rumored push towards enterprise with support for virtualization etc. So the cores, RAM, storage etc. all matter for that use case, which is within their ecosystem. Outside that ecosystem, as an end user, I care about specs to know if it's a good linux laptop.

AMD's new lineup makes some sense at least, but who knows, next year's laptops might be Powered by AMD® 5th Gen Processors.

I think the extremely vague branding must be at least partly from Intel's cues. Intel advertises their own NUCs in the same way, and perhaps wants customers to think in terms of generations and ignore the specs. After all, if consumers mistakenly assume a 7th gen i5 is a meaningful improvement over a 6th gen i5 and make a purchasing decision based on that, Intel aren't going to complain…

I agree, I love that they don't even mention what the GPU is, It is now assumed that you don't really ever need any dedicated graphics.

All this despite integrated graphics still sucking with all of its dedicated memory and such. Just look at a desktop GPU and then a processor and tell me you can cram all of that into one chip.

What do you think majority of the users will do with those $1k-$2k devices—desoldering storage or looking at the pictures of cats and kids? The CPU or RAM specs alone don't tell much how well the device will perform.

But who are the majority of users here?

If all the developers betrayed by latest Apple's MBP lineup migrate to a new platform, suddenly 'majority' starts to care about number of cores and upgradable memory. But that is not likely to happen, given the dumbed-down specs and OS.

If I need to know the exact specs of the processor in the new Pixel laptop, my method of retrieving that information isn't going to be to pull up the 90-minute keynote presentation and skip around to the part where someone on a stage dictates it (or hope that I memorized it when I watched the keynote the first time).

I will just look up that information directly (from the product site's Tech Specs section, or Wikipedia, or one of several other sources).

Faulting a company for not making time during the keynote to include unnecessary, largely irrelevant data is silly. This isn't Intel or NVIDIA unveiling a new microprocessor architecture, it's a consumer product made for browsing the web (which happens to need a CPU/GPU as an implementation detail).

Didn't the latest MBP line have the best sales in MBP history? I get many people were upset by some of the changes (including myself) but that doesn't mean people are migrating in mass.

Also, a chromebook? No developers are migrating to a chromebook. This is targeting the normal user who wants a nice laptop to do normal web surfing and text work.

Well, there's certainly a segment of the developer market who are always on the lookout for a laptop with good hardware which is also well-supported in Linux. Given that ChromeOS is running on the same kernel, I would expect that to be true here, though some Chromebooks are easier than others to directly install Linux onto.

Last I heard new MBS were doing just fine. Do not confuse very local minority with all. And "betrayed"? Apple did not promise anything to anybody.

... but... four mics!

> Is the storage soldered even for the nvme option?

Leaving that out isn't "dumbing down of product specs".

Interesting that there is no reference to targeting developers/coding at all for this device. Seems targeted at creatives with the Pen and Lightroom/etc on it. Other than that, none of the example apps it can support seem to me to really require "high performance" at all.

Which is too bad, because it's a pretty device. Just seems like it's in a weird uncanny valley where it's probably way too much horsepower for most of those apps (documents, instagram, etc) and way too inflexible for true high performance stuff (coding, 3d modeling, video/photoshop stuff, etc) because you can't install anything.

I really agree with the "uncanny valley" judgement. I would absolutely love to ditch my Windows 10 laptop for a smooth, efficient, and secure ChromeOS device. However, it simply doesn't have the software support, unfortunately.

What I see a lot of "power users" doing is simply using their Chromebook to remote into their desktop for their application work. However, what then is the point of putting such powerful hardware in the Chromebook? Either you make a "thin" portable client that is used to remote into your "real" PC, or you make a powerful portable device that is self sufficient.

An overwhelmingly powerful device that can only be used to remote into another system to do the "real" work is simply a waste.

Most of the time if I'm using a chromebook for anything other than web browsing, it's in a chroot environment--so I have all of the same functionality as my desktop at home.

Then again, my workflows are pretty all light weight, so I probably wouldn't notice the extra horsepower anyway.

> What I see a lot of "power users" doing is simply using their Chromebook to remote into their desktop for their application work.

Naive question - how would one set up a desktop at home to make it securely remotely accessible?

I just tunnel VNC over SSH. SSH is locked to a GPG key stored on a Yubikey, and I use gpg-agent as my SSH agent. VNC only listens to localhost.

Wow, that's really neat. Surprised I've never heard of it.

Most folks I know use Windows Pro and Remote Desktop. VNC and the like are options as well. Then there are the closed source paid commercial options.

Can confirm, am using Remote Desktop with Windows 10 Pro. Very happy so far.

My cursory search indicates that Android Studio doesn't run natively on Chromebooks yet (well, not without faffing around with crouton, anyway).

Seems like a huge missed opportunity for Google. They could pitch these as the standard Android/ChromeOS development platforms. Heck, they even run Android apps themselves, so you already get "emulation" for free.

I believe that lots of people would pay not to have to faff around with drivers on Windows, or udev on Linux, or the maintenance overhead of either to be able to develop apps. That is a lot of devices sold right there.

Same. I tried doing development on the Chromebook I'd bought for my wife because a client needed a ChromeOS-specific extension. The process was painful; you had to boot into a separate mode to use things like a text editor to write js and it booted out of that mode every time it woke back up (or maybe my wife just kept resetting it so she could actually get her work done). I'd be happy to have one for development, but based on the apps listed under Productivity, it feels like it's still the same set up.

I've done a lot of development on my Chromebook and I absolutely loved it, but it was with a ssh connection to a machine in the cloud and a browser based editor. But yeah for that, you don't need insane specs like the Pixelbook.

Personally I'd love to have a dev Chromebook.

The software stack running on it is second to none.

Even the BIOS is light-years ahead any Windows/Linux box. As for OSX I'm not familiar with the boot process.

> The software stack running on it is second to none.

Can you elaborate on that? I thought ChromeOS was just a stripped down Linux with just enough to run Chrome and whatever other Google stuff they have on it.

There's the dm-verify path. In a locked down configuration, the os is updated as binary deltas. Your system partition is read only. You lose the flexibility of a general os though.

The BIOS of a system has not once ever factored into my decision making about a tech purchase. Please elaborate...?

1) If you can't disable Secure Boot you might not be able to boot an alternative non-Windows operating system.

2) Some tablets use a 32-bit UEFI while supporting a 64-bit operating system. Nobody supports that. You're stuck with Windows again.

3) Can you turn on Wake On Lan features on the desktop? I played with geoproximity on my phone to send wake up packets when I got within 200m of home.

4) Can you disable Intel's Trusted Platform on your computer? Many people don't trust having an undocumented system in total control of their computer.

Look up coreboot and libreboot.

> As for OSX I'm not familiar with the boot process.

Basically a mix of UEFI and their proprietary SMC controller on the system board.

The SMC is actually kind of nice to have since it means that the actual boot sector is more sandboxed.

>"The SMC is actually kind of nice to have since it means that the actual boot sector is more sandboxed."

Can you elaborate on this? How does the boot sector sandboxing work exactly?


It's primary purpose is largely DRM, but I'm guessing it has to store a large portion of boot information on the chip as to prevent a Mac drive from booting in a standard x86 tower.

Thanks, yeah I'm familiar with the SMC but this is the first I've heard of it in the context of boot sectors.

There wasn't much in the wikipedia link about that.

Also the primary purpose of an SMC is not DRM, but battery, fans, power management etc.

I'm willing to bet crouton runs on it out of the box so you can get a dev environment up fast.

But the developer mode notification on bootup kills the laptop :(

It warns you that you're in developer mode, makes a beep, and prompts you to push spacebar if you want to turn off dev mode, deleting everything on your computer.

Maybe you know to never make this mistake. Maybe you almost never turn off your computer. All that needs to happen is for you to reboot the computer once (say, it ran out of batteries while you were gone on vacation). Maybe it's you pressing spacebar on autopilot or a family member who mis-read the warning. The spacebar is pushed and now all your data is deleted.

I love crouton, but the dev mode warning is the most unfortunate user interaction design I've experienced in a product :(

Totally agree. I had this thing's immediate predecessor, the second-gen Pixel. I used crouton and the integration was fantastic. Alt-tab between ChromeOS and a real Linux desktop. Clipboard integration. ChromeOS driver stability plus all of my familiar Linux tools. Fantastic battery life too.

However, that developer-mode "hit Crtl-D or lose everything" misfeature always made me super-nervous too. Whoever implemented that must have never read any one security-UX book, because they all mention the evils of taking irrevocable action in response to a password failure. Or maybe they were just brain damaged. Either way, what a horrible mistake.

Agreed, I bought a used $100 chromebook and installed linux to set up some emulators for my ~6 year old at the time son..

I explained to him how to get around it, but forgot to give his mom the same instructions

It is funny how the "press spacebar" part jumps out at you, but the "to wipe this machine" isn't as obvious to the novice user.

>But the developer mode notification on bootup kills the laptop :(

Yeah, you can turn this off via boot flags, and even replace the bitmaps for the warning so its a little less garish. Requires removing the write protect screw, though. See: https://mrchromebox.tech/#fwscript

I don't understand why it's not possible to run a Docker image that has the whole development environment, without turning on developer mode.

ChromeOS doesn't want to expose these syscalls to ChromeOS apps? I can understand wanting to sandbox the actual OS environment, but a Docker container should be totally isolated from that?

Docker is not designed for security, and shouldn't be mistaken for a secure border. It can, with painstaking effort, be made semi-secure for particular audited recipes, but this isn't a FreeBSD jail we're talking about.

If believe if you run GalliumOS vs Crouton it doesnt do that.

This may have changed, but when I used GalliumOS a year ago I still dealt with the white screen

What version? Ive been using 2.1 it for about a year on my Acer C910 (i5) and has been flawless. It maxes at 4GB of ram which is the only bummer, but that makes the pixelbook appealing.

I was still on 1.0 I believe I loved the OS, it was as good as you can get on a chromebook, I was just commenting about the white dev-mode screen at bootup. Did they get around that now?

No, Ive never gotten that. After the firmware flash and OS install, it boots right up, sleeps and resumes perfectly, just like a normal OS. Ive actually never seen the white dev-mode screen on this on, but I started with 2.0

Crouton experience is very bad. so many bugs.

I've been running the Android App called "Termux," which lets me do C++, Python, Node.JS, git, Subversion, Emacs, Vi... Quite happy with it. I mean, it's not AWESOME, but for tinkering it works very well.

As a Chromebook user for almost a year now (since December 2016, using a pixel 2 LS) I can't be more excited about a computer like this. My only regret on my current computer has been not been able to use containers properly (i used rkt and not docker) because of kernel restrictions but now this should be solved with ChromeOS kvm support.

Imagine the performance of being able to run Android apps thought for much less powerful processors(Mediatek ARMs) in an i7 chip. While on the Mac you are using chromified version of the webapps (electron) which eat all the RAM.

Also a lot of android apps are very innovative versions of desktop computer ones ( for example adobe ideas, now Illustrator) That you are not able to run on a Mac.

The filesystem perfectly integrated with the cloud is another advantage.

In addition, Chrome OS is as simplified as a phone, which removes much of the legacy complexity in current OS.

And in case you are missing anything, the project crouton allows you to run a fully functional linux system. (Now probably even better thanks to the KVM+ wayland integration support https://chromium.googlesource.com/chromiumos/platform/crosvm...)

I total win for me

As a Pixel 2 LS owner, crouton user and fan of ChromeOS: I'm not as hyped about this laptop as I thought I'd be... The high end model costs more than the LS did, but still sports 16GB Ram, and a slightly newer i7 processor. The SSD upgrade to 512 is awesome (the 64 on the LS can be a struggle), but you lose a bunch of battery life too.

The pen doesn't do much for me, neither does the google assistant button. Although the tablet mode is a nice option, I just don't see it being worth the upgrade.

Most importantly, they killed the light-bar. Those monsters.

> Most importantly, they killed the light-bar. Those monsters.

I do love the light bar. Is the kind of details mac used to have (breathing led, magsafe, battery level indicator,...) that make some models special

For me the reasons to switch would be:

- Containers (and a lot of storage to use containers) - Wayland integration (xiwi is terribly slow, and while now I'm kind of happy witching between gnome/chromeos it would be handy to have everything in the same desktop) - Pen / tablet mode. coool!

The assistant button I don't care either.

> My only regret on my current computer has been not been able to use containers properly (i used rkt and not docker) because of kernel restrictions but now this should be solved with ChromeOS kvm support.

If it does end up resolved, I'll definitely pick one of these up.

Here's a youtube promo video for those of us in Europe: https://www.youtube.com/watch?v=umhPrOo47-A

The link in the post redirects to the Google store that only shows a Chromecast. Oh well.

I'm curious why Google doesn't sell its Chromebooks in Europe? Is it because of some EU regulations or it's just Google that's not willing to expand its Chromebook territory here? I can definitely see the market here.

Perhaps some current or upcoming EU regulation (GDPR anyone?) will stop them from milking their users.

Is it the whole Europe though, or just the smaller countries?

I bought an ASUS c302 Chromebook for $500 earlier this year, and somehow this doesn't seem that different. More CPU/RAM (does this matter on a chromebook), and maybe a pen. The c302 has a pretty high res display, does the flip thing and is a touch screen, runs all day, and boots in a couple seconds. The case feels a bit flimsy, but withstood the rigors of my 6yo twins wrestling over it on a road trip to play the next netflix show...

..which btw is a great consumer feature. Being able to run Android Netflix on a laptop and download shows in offline mode.

I really suspect they partnered with Asus for this one, yeah.

Which should be a good thing. I love my C302CA.

I'm not sure why Google tries to make a really expensive version of their Chromebooks . If this came out before the new iPad Pro's and Surface laptops it might be compelling to buy. But, if I want a walled garden experience I would choose an iPad Pro. And if I want a real keyboard with a stylus there is the Surface Book and many others. It is even competing with the lower end Chromebooks due to the price.

It would be a great laptop for someone that likes Linux but then you are probably going to overwrite ChromeOS with whatever you want.

EDIT: Meant to say Surface laptop not surface book.

The Surface Book is a good $500 more expensive, significantly thicker, and significantly heavier. It's also prone to hinge flakiness with the overly clever electronic release mechanism. You get the nvidia GPU option if you want it, though.

ipad pro is an interesting comparison but it's not just "walled or not" it's also "windowed vs. fullscreen" as the chromebook is a full windowed systems, for better or worse. A fixed hinged keyboard is a substantial difference in terms of usage capabilities as well, so I don't think these are really in that much direct competition.

A more apt comparison would probably be something more like the Lenovo Yoga.

They need hardware to give to google interns.

Do they actually make interns use chromebooks?

yep. However you cannot code locally on your laptop at google. So you end up either using a web based IDE or just using the desktop workstation they give you (locally, ssh, or VNC).

You're free to do work over ssh+tmux+vim. That's what I do.

Like, no one can? That seems weirdly restrictive. Is it for security reasons?

Code on laptops is a major security concern for any company if the laptop is stolen. While the improvements in disk encryption has helped curb this problem, it is definitely a risk larger companies don't always want to take.

yeah. but you can fill out a form and get a mac.

> I'm not sure why Google tries to make a really expensive version of their Chromebooks.

I'm guessing they're going after the "idiot boss" market who will eat this up if given the chance.

Also media attention. Places like toms hardware seem to drool over 'flagship' phones such as the Fire Phone, Essential Phone, etc.

Google Home and Nest devices are also over expensive and over designed. I mean, Johnson Controls has been making smart thermostats for 30 years!

The trouble with that strategy is there is just one company that seems to profit from expensive and overdesigned hardware and we know who that is.

> there is just one company that seems to profit from expensive and overdesigned hardware and we know who that is

Lockheed Martin with the F-35 project? Because it's so hot that it takes my breath away.

Can you explain what you mean? I am trying to extract any meaning out of your comment and failing. Why would an idiot boss (as compared to a ... non-idiot boss? non-boss idiot?) specifically want an expensive Chromebook?

Usually to flash some new expensive tech item around the office in a show of dominance. Then us devs get stuck dealing with the fallout when the tech purchase wipes out the network or something.

Your comment seems like a troll...lol.

I'm not sure how a Chromebook could "wipe out the network".

In fact, if anything, I'd argue it's less likely to than a Window laptop since Chromebooks are so secure out of the box.

I bought one for my mother a few years ago, and honestly, not having to go over and clean up malware periodically, or ever do Windows Updates, or ever worry about her clicking on dodgy links on the internet has been a Godsend.

I installed Linux Mint Debian for my mother, works just as you described. Once in a while I login as root and run "apt-get update && apt dist-upgrade" on the machine. That's about it. Even when her laptop broke and she needed to switch to a backup machine, I just plugged out the hard drive and put it in the new laptop. After installing wifi drivers, linux continued to run. And I'm at peace since she doesn't know the root password or even what root means :).

Yeah, I tried the Ubuntu desktop experience for them as well.

Unfortunately, even though I wish it was the year of the Linux desktop it's still not quite there yet for the non-tech savvy.

New devices are a pain, websites that don't work for whatever reason are a pain (since Linux penetration is so small, a lot of people don't test it), and overall the UI is nice for power-users but still inscrutably complex and unintuitive for the non-initiated. It's possible your mother has a knack for the UI though =). Which desktop environment did you use?

I installed linux mint debian, with Cinnamon. There is the start menu, there is a file explorer, there is firefox and an email client. There isn't any difference to Windows for a casual user.

I admit, setting up the system can be a little time-consuming. But once everything is working, it is real easy to operate.

If there are any problems, I help.

I'm not talking about a literal Chromebook. It is a figure of speech.

And it's spelled "troll".

Sure, let me fix the typo.

However, I'm still unclear about your main point.

If you're not talking about a "literal" Chromebook...what are you talking about?

Really anything new and flashy that someone in power buys.


Boss: Hey dabockster, I just bought this flashy new drone from this vendor we never heard of before. I had my doubts but he gave me a bunch of light up fidget spinners for my kids. Can you hook this up to wifi?

Me: Sure thing.

Hour later:

Boss: Why is the internet down?

Me: Your drone wouldn't stop pinging out main DNS server.

Boss: But it's expensive and flashy and SPIN CITY!

Me: facepalm


Note that didn't actually happen. But it's an example.

> Boss: Why is the internet down?

> Me: Your drone wouldn't stop pinging out main DNS server.

... you should fix your DNS server.

Anyway, this is all off-topic. I recommend that you stop commenting on a thread about Chromebooks about non-Chromebook issues, and spend the time learning how to deploy high-quality infrastructure, because your hypothetical boss is right.

I'm disappointed that the 16GB models aren't ready and that they didn't announce (or open up any additional documentation) about crosvm or Project Termina.

They didn't even highlight that this is the first Chromebook to have a non-Chromebook keyboard... The keyboard looks aimed directly at developers.

I really hope the Chromium wiki releases some new documentation soon.

(If anyone has gleaned more details about Termina from Chromium git logs or has other speculation, I'd love to know /read more about it. Thanks)

I've been trying to track the termina project (along with the KVM and vm_launcher bits). From what I can glean: termina is a minimal flavor chromeOS designed to be run with the vm_launcher that will support OCI based containers. I have no idea how the UI will look around it or be exposed. The virtio wayland stuff requires support from the guest VM and termina has it. Tatl and tael are just the x64 and arm flavors of termina.

So as a developer you could easily spin up your own VM (I guess without a GUI) to mess around with, but use a single instance of termina to launch a bunch of container based linux apps for yourself so you don't run out of ram launching tons of vms.

This is a bit of speculation on my part mostly from picking through docs and commits messages. I'm not sure how it will all come together. I'd be completely sold on a NVMe pixelbook once I see some announcements or commitment to something like this for developers.

Maybe Project Termina is what they use at Google CLoud? https://cloud.google.com/container-optimized-os/docs/

Agree, on everything. It would be great to have more technical details on the new version.

Forgive my ignorance, but when I was introduced to the Chromebook concept a few years ago, it was basically supposed to be a cheaper "thin" (not physically necessarily but spec-wise) computer mostly running web apps. Now they're instead high-end laptops. Are they no longer about running mostly web apps, or what? What changed in the last couple of years? Why is this hardware needed? I don't get it.

Now they run Android apps as well.

Also, the web changed; there are webapps that require gigabytes of memory out there, such as Gmail.

All respect to Google, I use a Chromebook for offline writing and general browsing and it's wonderful, but I agree that I'm not seeing the use-case for this one yet.

Maybe they'll port Android Studio to it? That might be pretty nice.

Nowadays browsers use relatively a lot of resources. I don't know how ChromeOS handles tabs, but I imagine running everything in a browser takes a toll on performance.

I remember the agony I experienced when I needed to use Word365 online for a project. The javascript implementation was so slow and resource heavy that I was almost going to go crazy. Google Docs on the other hand worked fine most of the time. But none of them could replace a native MS Office or Libreoffice. Maybe with webassembly things are going to get different, but adding abstraction layers come at a cost.

Also these machines need to run videos and process pictures and maybe movies. With those requirements performance doesn't hurt.

What's the experience like for Linux-on-Chromebook these days? Can I expect hardware support that's equal of what I get with a Lenovo T470s?

I think you'd probably just use crouton instead in which case you'll get flawless hardware support since it's using Chrome OS's kernel & drivers.

It's pretty great (I don't have one, but I have heard universal positivity for it) That said, you loose a lot of the security features that come with a Chromebook when you enable Dev mode.

Does it still take one wrong key press at the wrong time during boot to delete all local files when in dev mode?

GalliumOS is beautiful, period... great hardware support

My initial observations:

* 12.4" 2400x1600 (235 ppi) is great

* Battery life looks good at "up to 10 hours"

* 4 Mics for noise cancelling is interesting

* $99 for the pressure sensitive Pixelbook Pen seems steep

* Core i5 options ship in 3-4 weeks

* Core i7/16GB/512 SSD option puts you on a waitlist

* Fully spec'd out: i7, Pen, and Preferred Care is $1997

* Why only two USB-C ports?!

My initial observations:

* bezel

it's a convertible tablet. they all have huge bezels, because that's where you put your thumbs.

How big are these thumbs supposed to be? Because the screen on this thing looks like a postage stamp in the middle of a football field.

This guys thumbs don't look freakishly large to me, and they can only partially grip the side bezel:


"1) Up to 10 hours of use. Battery performance is based on a mix of standby, web browsing and other use. Actual results may vary."

On standby, the laptop isn't "life".

Who is the target audience for a $1k Pixelbook? How much friction will there be to try and use it as a dev laptop?

I'm in the market but at the moment I'm more attracted to something like the SurfaceBook for something I can dev on, have a pen, and watch stuff in tablet mode.

Well, there's Termux, but I don't think this is any good for developing on yet. Maybe once Android Studio is ported?

As a fan of my Chromebook Plus ... I'm kinda lost on what more you do at that price / performance other than being able to multitask a few more apps and tabs.

It's not like there is much in the way of high performance demanding applications on ChromeOS.

Either these apps are already predicted to arrive or google will make sure they do. I can't see why Google would want people to do computing on their own machines though.

This looks a lot like an attempt to grab some would be MacBook buyers that are unhappy with the latest models.

>I can't see why Google would want people to do computing on their own machines though.


"Either these apps are already predicted to arrive or google will make sure they do."

This argument could have been made when they released the 2013 Chromebook Pixel for $1,300, yet here we are.

There is a lot of comments in here confused with chromeOS and all the justification for an expensive machine that doesnt really run that much software.

I agree with most of the sentiment and I think they should just keep the nice UI but switch to a debian distro so that devs and some creatives could use all the linux software if they know how to install it. I would use the crap out of a google UI debian distro.

The point of these things is to install real Linux on them. The hardware is excellent and they make great laptops for doing real work. Here are some notes about installing Xubuntu on the 2013 model. I hope some of this transfers to newer models:


What's the actual chip used - HQ, U, or Y series? Odd they call it "high performance" but don't publish even the clock speed.

Wired says it is Y series: http://www.wired.co.uk/article/google-pixelbook-release-date...

So according to the intel website it should be this one: https://ark.intel.com/products/95441/Intel-Core-i7-7Y75-Proc...

And it's fanless, so more likely to throttle. They're calling it "high performance" but that might be a bit of a stretch, at 4.5W the latest iPads will probably run rings around it.

This landing page is incredibly laggy on my mid 2015 Retina MBPRO, scrolling is super annoying.

Out of the US the landing page redirects you to the chromecast one.

Will it run crouton? That's all I need :) (oh, and proper "xorg", because "xiwi" is not as fast).

e.g. I'm using Acer 4GB RAM, 32GB SSD (actually 22-23GB useable) running CLion, bazel, clang, etc. It's great, but it just needs a bit notch up. For personal needs just switch to normal ChromeOS for netflix, etc.

Having android apps on it is also good feature (like I'm able to play Heroes Of Might and Magic III on it).

I prefer GalliumOS.

Thanks for that - it could be an even better choice!

The subreddit for it is quite nice:


"Proper" crouton, not getting beeped at, waiting for boot delay & sacrificing security etc would be the only way this could be compelling.

what are the drawbacks of the current crouton implementation making giving you pause?

What I list really, having to put the laptop into dev mode.

My mrs accidentally wiped crouton by following the prompts to take it out.

For a high end products, one of the things I will splurge on is warranty since I tend to keep bigger purchases on a much longer update cycle. Considering Google's reputation for poor customer service, I took at look through their "Preferred Care" addition to see what it actually does.[1] The terms seem pretty comparable but one thing stood out:

* We'll protect your laptop for two years ... through our service provider, Assurant.

Now this scares me as:

1. The number of complaints against Assurant that I've heard from Project Fi compatible phone owners is a big red flag. (I'm a Fi user so I frequent those circles.)

2. Separating repair and customer support is bound to lead to communication issues.

3. 3rd parties are not going to go above and beyond with making you feel like a valued customer. There is nothing in it for them after all.

For this reason alone, I would not buy a Pixelbook.

[1] https://store.google.com/magazine/preferred_care#4b4ba03b5f5...

What I'd like to know is if the support for this is still 5 years (I believe that's what's promised for Chromebooks), or more, and also if Google ends to use Ryzen APUs in the future, too.

Google with its architecture-agnostic OS has zero reasons to maintain Intel's monopoly for yet another platform.

The thing this doesn't explain is what you need the performance for on a chomebook....

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact