HP Chromebook 11 Review, My New Best Friend

The original HP Chromebook 11
The original HP Chromebook 11

Recently I took delivery of my new workhorse, a Google HP Chromebook 11. (http://www.google.com/intl/en/chrome/devices/hp-chromebook-11/) The packaging alone made me fall in love with this little device. The moulded white cardboard box with rounded edges that mirror the rounded corners and edges of the Chromebook made me want to touch it. I thought it was plastic, but once opened, it is clearly a recyclable paper material

I think everyone has learned from Apple that the product should be front and centre, and not buried in packaging, and the HP 11 packaging follows this rule. Lift the lid off the box, and it is the first thing you see.

Somehow the photos I have seen made me think the HP 11 was thicker than it is. I knew the weight, only 1Kg, before I saw it, but the size and lack of weight is still amazing me.

HP 11 From the Front
HP 11 From the Front

The box has the Chromebook, charger, a card with the three steps to use it (switch it on, select a network, log in) and that is pretty much it.

The screen is the standard (for most Chromebooks) 1366 x 768 resolution. I love this size, My Asus Zenbook has much higher resolution, and frankly the tiny characters and icons are a problem in the readability stakes, I keep fiddling with settings looking for something more readable. The screen is noticeably better than the Samsung, and people who have compared the machines say it is much better that the Acer 720 Chromebook. The Acer is much faster, but for me, the micro-USB charging and superior screen are the winning features. I want to travel with one power supply only. The HP Chromebook 11 allows that.

I quickly power wiped my Samsung and passed it to my son. He has been hard at work configuring it to his liking.

My only disappointment was that the supplier, Harvey Norman Launceston did not have a SlimPort adapter to allow me to connect the Chromebook to my 22″ External monitor. The HP uses the newer and better SlimPort technology (http://en.wikipedia.org/wiki/DisplayPort#SlimPort) rather than MHL to access an external monitor through the micro-USB port.

I have (an expensive) MHL adapter I bought for my Samsung Galaxy SIII, and rarely use. MHL requires an external USB power source. The Slimport is different. It is self powered, but in most cases allows the device to receive power through a second socket. I have ordered a Slimport adapter on line, with a 5-7 day delivery for an extra $10.

MyDP Slimport Adapter
MyDP Slimport Adapter

It is still half the price I would have paid Harvey Norman if their had been one in stock. I prefer to support local suppliers when I can, but in this case necessity overrides local business profits.

In the meantime, I am using the Chromebook display with a stand that lifts the computer slightly to save neck strain, and it is working quite well.

The speakers, hidden under the keyboard are quite good, and surprisingly loud. Some have complained about distortion, but sounds surprisingly good to me.. It plays music and uses Hangouts with no noticeable issues for me. And you can always plug in headphones or speakers.

The keyboard is excellent. I dislike rattles, but this keyboard has a firm feel with good movement and no rocking or clattering. The keyboard is not back-lit, but that is hardly surprising, and with the white keytops, is pretty visible in low light. The keys are textured and feel quite nice to type on. Like all Chromebooks, the keyboard layout it the Google Chromebook design, with dedicated keys for search, changing apps, moving forward and back in the browser and taking the browser to full-screen. It also controls volume, screen brightness and mute. Having the soft power button next to the backspace key has caused problems for some, but I have never had an issue with it.

Many people complain about lack of a delete key, but Alt + Backspace is delete, and if you REALLY want it, Alt + Search is Caps Lock, something I do not miss at all.

HP Chromebook 11 Keyboard
HP Chromebook 11 Keyboard

The HP 11 was famously pulled from sale in the US due to overheating and melting chargers. My Australian charger works fine, but I confess, it still feels pretty warm after a full charge. I will monitor it for a while before leaving the charger unattended overnight.

I tend to be influenced by functionality rather than industrial design and beauty, but this time, I have to say, it really looks sweet!

The light weight and effectively instant suspend and resume mean that this laptop will be doing a lot of travelling with me. I have made a slipcover out of Mylar bubble wrap and gaffer tape as some protection.

I will write again when I have the Slimport adapter to test my full desktop setup.

TrueCrypt – A Trustworthy File Encryption Tool.

 

Why Encrypt Files?

We keep our secrets in files. It has been said that only people with something to  hide object to surveillance and want privacy. Personally, I don’t have many secrets, There are plenty of things I do, say and write that I do not want shared, photographed or discussed. It is PRIVATE.

Everyone has secrets. Governments have secrets. Every business has customer information that must be kept from prying eyes.

Software and hardware companies work long and hard on new products and projects before they release them to the public. And the details will still be secret in many cases. Kentuck Fried Chicken and Coca Cola have secrets.

For Example NASA

NASA

In 2001 NASA suffered four data losses when laptops with unencrypted data where lost or stolen.

NASA suffers major data breach
NASA suffers major data breach

David Miranda

In August, 2013 David Miranda was detained at Heathrow under anti-terrorism laws. He was not suspected of terrorism, he is the partner of Glenn Greenwald, who has been publishing documents leaked by Edward Snowdon that are embarrassing to the NSA and GCHQ in the Guardian newspaper.

David Miranda detained
David Miranda detained

Miranda was forced to hand over passwords for his laptop, phone and several USB keys he was carrying.

If he did not comply, he could be detained.  He was being held under duress. More on this later…

Encryption Tools

There are a number of encryption tools. some of them “on the fly tools” like TrueCrypt.

What is “On the Fly” Decryption?

TrueCrypt mounts a drive, partition or volume (file) so it can be seen and accessed by the operating system as a drive or folder. Files can be copied, read, run, deleted and be edited in real time.

These are just a few of the tools available. Most are not free:

Comparison of disk encryption software
Comparison of disk encryption software

One of the most popular is Bitlocker, and it  is free… But it only works on Windows, and do you trust Microsoft?

Is Bitlocker Safe?

Microsoft has admitted building a back door into Skype after purchasing it. It works with the NSA because as a public company, it has no choice. And it is suspected that there is a back door into Windows, written into the encryption DLL from Windows 95 OSR2 onwards.. It is closed source. No one can look at the code and see if it is clean.

So Microsoft products may not  be trustworthy.

The NSA have even attempted to have a back door built into Linux.

Linux Back Door?
Linux Back Door?

Fortunately, as an open source project, that is not easy to do, with many eyes looking on.

There are other trustworthy open source projects, but TrueCrypt is well known, cross platform, and here.

TrueCrypt

TrueCrypt is:

  • Open source
  • Free
  • Capable of  running on Linux, Windows, Mac
  • System agnostic, create a volume on one OS, it works on all the others
  • Safe, an independent code audit is underway, thanks to a Kickstarter project

 

TrueCrypt is very flexible. It can encrypt:

  • Whole drives
  • Partitions
  • Containers (Files that can function as encrypted folders or drives)

 

It can open containers on:

  • System drives
  • Network drives
  • USB and SD devices

 

It can open or mount devices upon:

  • Booting the system
  • Connection of the device (inserting a USB for example)
  • On user request ( by using the software to mount a volume)

 

It can disconnect a device upon:

  • Shutdown
  • After a period of inactivity (eg. No read/write for 10 minutes)
  • When suspended
  • When requested (manual / user dismount)

 

Some Features

  • It treats an encrypted partition or file as a folder In linux, or, on Windows, a drive letter
  • TrueCrypt volumes can be stored anywhere, including a USB drive
  • All settings are stored in an XML file, not in the Windows registry
  • It uses on the fly symmetric encryption, the data is never stored unencrypted in the file system.
  • A volume looks like noise. There no header that can be used to identify it. It can be any file extension.
  • One corrupt block (128 bits) does not destroy the volume, the header is duplicated

Encryption Technology

The encryption is based on a huge pool of entropy used by the random number generators. This is drawn from the clock and calendar, MAC and IP information, random data from the network card, and movement of the mouse and keystrokes.

Use a Good Password (NOT One of These)

 

The weakest link is the password. ALWAYS use a good password. Here are the worst 25 passwords from 2013. If you use one of these, congratulations, you are in good company, now CHANGE IT!

The 25 most popular (dumbest) passwords of 2013:

1. password
2, 123456
3. 12345678
4. abc123
5. qwerty
6. monkey
7. letmein
8. dragon
9. 111111
10. baseball
11. iloveyou
12. trustno1
13. 1234567
14. sunshine
15. master
16. 123123
17. welcome
18. shadow
19. ashley
20. football
21. jesus
22. michael
23. ninja
24. mustang
25. password1

Some of the more advanced features of TrueCrypt are:

  • Files can be used as part of the password. This will help on a community PC because a keyboard logger cannot read the file data
  • Security tokens (tags, USB devices and smartcards) can be used as security tokens
  • Up to three encryption keys can be chained for maximum security (it IS slower)
  • Header files containing the encryption data can be saved and stored
  • Header files can be used to recover “lost” volumes if passwords are lost

Plausible deniability.

If you are arrested, held prisoner or in a ransom situation failing to give a password can be life threatening. Plausible deniability is being able to demonstrate good faith by giving the demanded information without giving away secrets

In the US and Britain you can be jailed for refusing to give passwords while being questioned as a suspect.

David Miranda, mentioned earlier, supposedly had the password to an encrypted USB drive in his pocket…

Miranda Was Carrying a password
Miranda Was Carrying a password

Note the third bullet point. They decrypted ONE file. If they had found anything incriminating, he would not have been released nine hours later. Perhaps it was a sacrificial file used to protect the presence of a TrueCrypt hidden volume in a duress situation…

Hidden Volumes Provide Plausible Deniability.

A hidden, encrypted volume can be created within a volume. The TrueCrypt application tries to open the outer container with the provided password. If it fails, it searches further. If there is another, hidden container, it opens that.

The result is that in a duress situation the first password will open the outer container and reveal the not so secret, sacrificial files. The second password will open the second truly secret volume.

The size or even existence of the hidden volume is difficult to prove, because TrueCrypt fills every container with random data, So it always looks full.

Until decrypted, a TrueCrypt partition/device appears to consist of nothing more than random data (it does not contain any kind of “signature”). Therefore, it should be impossible to prove that a partition or a device is a TrueCrypt volume or that it has been encrypted (provided that the security requirements and precautions listed in the manual are followed).

Safety and features

Partition headers can be backed up. 1k file. if a corporate PC has an encrypted partition, and the employee loses or changes the password, management can come back with the backed up header and recover the data.

Does TrueCrypt use parallelization?

  • Yes. Increase in encryption/decryption speed is directly proportional to the number of cores/processors your computer has.
  • Benchmarks run under Windows XP found that it ran faster on a TrueCrypt volume than it did using native Windows file systems, because the TrueCrypt drivers use multiple cores or processors to increase throughput!!
  • Encrypting a system drive creates an ISO image you must burn. The disk can repair a damaged boot-loader. damaging the boot-loader could cause TrueCrypt to not know the password, the disk can repair it.
  • TrueCrypt is aware of, and manages wear levelling on SSDs

The TrueCrypt installation installs an excellent 150 page Pdf manual.

There are command line options, for details of usage applying to the Linux and Mac OS X versions, please run: truecrypt –h

Download TrueCrypt from the web site today, and give it a try.

Phil Stephens