[ale] hacking the Acer chromebook 13

Jim Kinney jim.kinney at gmail.com
Fri Nov 7 12:48:01 EST 2014


The older chromebooks had hardware switches. This has software only.

There is a shell with ssh available but the VPN at the perimeter is SSL
only and NOT OpenVPN compatible.

I'm looking at getting an OpenVPN system accessible from outside the
official VPN but I'm quite certain that will get shot down pretty quickly.

On Fri, Nov 7, 2014 at 12:36 PM, Chuck Payne <terrorpup at gmail.com> wrote:

> The partition sound like what the Mac uses to do back in before 10.x, they
> had like 9 partitions.  I thought there was a dip switch that lets you
> install something on those chrome boxes. I guess hitting a site with SSH +
> VNC is out.
>
> On Fri, Nov 7, 2014 at 12:26 PM, Jim Kinney <jim.kinney at gmail.com> wrote:
>
>> Got one of these beasties. It has the NVidia Tegra K1 cpu with 192 cuda
>> cores and quad 64-bit arm cpu, amazing power efficiency and a 1080p 13"
>> screen that's rather decent for less than $400.
>>
>> Now for the challenge, get a non-chromeOS Linux distro to run on this
>> thing.
>>
>> Not that the shipping chromeos is bad. It's not. OK. It's actually pretty
>> nice for what it does.
>>
>> BUT...
>>
>> It has no VPN support for the SSL thing used at work. It does support
>> IPSEC and OpenVPN but not the F5 Big IP thing.
>>
>> The chrome browser dropped support for mozilla plugin api so the spice
>> client browser plugin is now DOA.
>>
>> Yeah. The two things I was specifically planning to use - vpn from
>> anywhere to get to work-based VM over a spice connection for a near
>> live-feel full desktop environment.
>>
>> bummer
>>
>> The system has a TPM that will block running a non-google signed kernel
>> unless it's in developer mode. Easy enough to get into (and a nice security
>> feature is going into developer mode from trusted mode wipes all user data
>> out - no password leakage - and the user space is all encrypted anyway).
>> Entering dev mode effectively turns off the TPM.
>>
>> The recover image installs onto a USB thumb drive and uses some very
>> strange partitioning:
>> GPT with a EUFI support partition plus another 11 partitions!
>> parted reports errors in the formatting of the thing but the unit is
>> happy with it.
>> The process uses a partition called KERN-A and ROOT-A, KERN-B and ROOT-B
>> for supporting a current version of kernel and filesystem plus a backup or
>> newly upgraded version.
>>
>> The system supports 3 pairings of this so there's room for a different
>> filesystem. I've seen some notes on using those extra partitions (on the
>> SSD, not on the thumb drive recovery device) to allow dual booting in other
>> hardware (older chromebooks). Ubuntu 14.10 and Fedora 21 have support for
>> the Tegra K1 on the Jetson board (kernel 3.10+). That's a development board
>> that's pretty much the same thing as the Acer mainboard except the Acer has
>> no serial port. :-( and uses soldered-on SSD and RAM.
>>
>> I need to be able to extract the weird setting from the recovery image
>> partitioning so I can recreate them with new data bits. And this is where I
>> get to learn more stuff.
>>
>> Note: I intend to keep the google kernel (maybe) as it has good hardware
>> support for the system but use my own filesystem tree so I can add firefox
>> and toys for other needs. I have a 32 GB SSD (and 4GB DDR3 RAM :-) so space
>> is not to shabby.
>>
>> Ideas are welcome for reading partition data. I'll post what I see from
>> this later.
>>
>> --
>> --
>> James P. Kinney III
>>
>> Every time you stop a school, you will have to build a jail. What you
>> gain at one end you lose at the other. It's like feeding a dog on his own
>> tail. It won't fatten the dog.
>> - Speech 11/23/1900 Mark Twain
>>
>>
>> *http://heretothereideas.blogspot.com/
>> <http://heretothereideas.blogspot.com/>*
>>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>>
>>
>
>
> --
> Terror PUP a.k.a
> Chuck "PUP" Payne
>
> 678 636 9678
> -----------------------------------------
> Discover it! Enjoy it! Share it! openSUSE Linux.
> -----------------------------------------
> openSUSE -- Terrorpup
> openSUSE Ambassador/openSUSE Member
> skype,twiiter,identica,friendfeed -- terrorpup
> freenode(irc) --terrorpup/lupinstein
> Register Linux Userid: 155363
>
> Have you tried SUSE Studio? Need to create a Live CD,  an app you want to
> package and distribute , or create your own linux distro. Give SUSE Studio
> a try.
>
>


-- 
-- 
James P. Kinney III

Every time you stop a school, you will have to build a jail. What you gain
at one end you lose at the other. It's like feeding a dog on his own tail.
It won't fatten the dog.
- Speech 11/23/1900 Mark Twain


*http://heretothereideas.blogspot.com/
<http://heretothereideas.blogspot.com/>*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20141107/95d08183/attachment.html>


More information about the Ale mailing list