Reasons for going x86 in Chrome OS? There may be some

9 July 2009

One thing that's been niggling at me all day on Google's Chrome OS is: if everything just runs in a browser-based sandbox, why bother with an x86 port? You are, on average, going to pay more for an x86-based machine than one based around an equivalent ARM processor for the simple reason that ARM licensees will tear each others' throats out to get into a high-volume design. Intel doesn't have the same kind of pressure, although it does need to play nice for a while to avoid driving too many customers into the ARM world.

But the main reason for slinging an x86 processor into anything at the low end of the pricing or size scale is compatibility with Microsoft Windows. If all the applications run in a browser, presumably using some mixture of Javascript, XML and services from The Cloud, there is no real advantage in having an x86.

PC makers may prefer to put Chrome OS onto an x86-based board for inventory reasons - one selling point may be that such a stripped-down environment gives them a way of selling a $99 machine without cannibalising the market for slightly more capable machines able to run a full Linux or Windows 7 OS. Having to do an ARM version as well as x86 for very similar hardware increases design cost perhaps to the point where the price differential between Intel's silicon and everybody else's becomes irrelevant.

Then you have the compatibility option: force Windows into its own little sandbox and run it under virtualisation as an option for those who cannot give up on everything Microsoft. Google has made no mention of virtualisation. But the idea of a Windows that cannot do too much damage to your main computing environment has its attractions. It's something that the military is already using in a different context through software such as Green Hills' Integrity.

Strictly speaking, Windows runs on emulated hardware on top of Integrity but the idea is that Integrity has full control over the system and, in one implementation, has been certified to Common Criteria EAL 6+. In other words, it's very tough to hack into, unlike Windows which is two levels down. Level 4 sounds good but means it's vulnerable to "casual" attacks.

I can't see Google going to Common Criteria certification. But a heavily slimmed down kernel provides a smaller attack surface. Having Windows isolated through virtualisation with the tunnel to and from the web monitored by the core OS may provide a more secure way to run Windows applications, or at least the illusion of it, which is all Google really needs. Then Google can sell its own sandbox as a more trouble-free environment: "only go to Windows when you really, absolutely must get to Exchange through a VPN connection".

Otherwise, you are left with the reason for having x86 compatibility feature so prominently being that Chrome was written initially for that architecture. That's not really much of a reason to pay more for the hardware.