How to get Chrome OS updates on a Chromebook after its AUE, or auto-update expiration date

Having used Chromebooks since the very first model, the CR-48 back in 2010, I’ve seen my share of devices hit the Chrome OS auto-update expiration date. So have a number of readers from what I gather.

In fact, I just received a question about this situation from Dean:

I recommended a Groupon to a friend, to purchase a Pixel 2 Chromebook for a very fair price. Much less than mine for sure. Well, it was refurbished and formerly a Verizon Chromebook initially. I was helping her become familiar with the new Chromebook updates, to which I found a message stating “This device will no longer receive the latest software updates. Please consider upgrading.”  She has version 69.0.3497.120. 

Are there any options to bring her device up-to-date and secure?

The official answer is no, the Chromebook Pixel 2 can’t get Chrome OS updates from Google at this point.

Chromebook Pixel

I have the same model, which my wife uses in the living room of our house. It too hasn’t received a software update since Chrome OS 69, falling right in line with its AUE or automatic update expiration policy, found here.

However, there is another option for Dean’s friend, as well as anyone else that has a Chromebook that isn’t receiving automatic updates from Google: Take a look at CloudReady Home Edition from Neverware.

CloudReady is an operating system built on Chromium OS but it isn’t maintained by Google. Instead, Neverware builds and supports the images, mainly to allow people to get more mileage out of older macOS and Windows computers. There are more than 200 certified computers that will work with CloudReady.

You won’t see Chromebooks on the list of certified devices. But that doesn’t mean CloudReady won’t work on an old Chromebook.

In fact, over at iFixit, there’s a fantastic step-by-step guide to installing CloudReady on the original Chromebook Pixel from 2013. I suspect the same instructions will work with the Chromebook Pixel 2015 considering both models have a physical write-protect screw that needs to be removed as part of the process.

Keep in mind that to install CloudReady, you’ll need to put your Chromebook in Developer Mode. Otherwise, the system software can’t be overwritten. And I’d recommend making a USB recovery stick from your Chromebook before taking the CloudReady plunge. That way, if not everything works the way you’d like, you can revert back to the old, but still outdated, official version of Chrome OS.

If CloudReady does work for you, your Chromebook will get Chrome OS updates, which are maintained by Neverware. You may not get every new feature and function provided by the official Chrome OS updates from Google, and the interface may look a little different, but at least you’ll get security updates over time.

Have you tried CloudReady on an old Chromebook? Share your experiences in the comments; maybe you’ll convince me to steal the Chromebook Pixel 2015 model from my wife and run through the install myself.

35 thoughts on “How to get Chrome OS updates on a Chromebook after its AUE, or auto-update expiration date

    • August 11, 2019 at 10:39 am
      Permalink

      I am one of those.

      Reply
    • August 11, 2019 at 12:35 pm
      Permalink

      I remember some threads some time ago where Neverware was adding chrome is devices to their support lists. Now the only say that Chrome devices are not supported.

      This is likely because they don’t want to support the more complicated and hardware process needed.

      Just wondering if there would be anything that would halt chromium updates for Cloudready at some point on these older machines. I’d like to keep my wife’s Acer R11 running past end of life of possible so I may try this at that time. J

      Reply
    • August 16, 2019 at 10:51 pm
      Permalink

      You know what’s even better than a $250 Chromebook, the one that’s already paid for. “Old” doesn’t mean no longer useful.

      You don’t need the newest, fastest thing to surf the internet and check your email. Why throw out something that is still working perfectly just b/c the OS manufacturer sets an arbitrary cut-off date? Even Windows gives you ten years.

      Reply
      • August 17, 2019 at 7:07 am
        Permalink

        I agree in general. But Chrome OS updates don’t just include new features and functions; there are patches to address serious security issues as well. If you can live without them, yes, keep using the old hardware.

        Reply
      • August 17, 2019 at 4:39 pm
        Permalink

        That’s exactly right.

        Can you imagine the public reaction if MS announced that all Windows devices will stop receiving updates 4 or 5 years after you bought it. And they follow up by telling you that you’re free to load a third party version of Windows or Linux. It’s a fast way to push your customers onto another platform.

        Reply
  • August 10, 2019 at 3:53 pm
    Permalink

    This is the only significant downside to Chrome OS IMHO. There are plenty of brand new devices for sale that only have 4 years or less until AUE. I still love using my Toshiba CB2 but it only has less than a year to go.

    I also have a perfectly good, and fast, Mac that just had it’s 10th birthday. It still receives security updates from Apple. Why can’t Google offer the same thing?

    I’m interested to know what the UX is like for your wife though. Is her CB significantly less secure now that it no longer receives updates?

    Reply
    • August 10, 2019 at 5:29 pm
      Permalink

      To be fair, Apple does this too. My late 2009 MacBook didn’t officially get Mojave. Using the Dosguy tutorial, I was able to get it running with no problems.

      Reply
      • August 10, 2019 at 8:01 pm
        Permalink

        Sure, Apple doesn’t provide OS updates on my 10yo Mac either. But they do still push out security updates.

        If Apple can do it, and Neverware can do it, why can’t Google?

        Reply
    • August 10, 2019 at 7:46 pm
      Permalink

      Because of two very simple reasons:
      1 – Apple have released a couple handful devices over the last 10 years that they need to support, and they choose which they release, how many versions etc. Google on the other hand have literally 100s of Chromebooks from dozens of manufacturers and they have little control yet have to support all those different drivers, firmwares, updates etc from bare metal up. Clearly they need to limit their liability somewhere particularly as they are doing this on behalf of the OEM who pay nothing for the service!
      2 – the one element of ChromeOS that rarely ever gets upgraded is the Linux kernel. As changing versions could introduce risk of breaking the system during upgrades if the kernel is refractored in some way. The way of managing this is by picking the most recent LTS version of the kernel at the point of designing the Chromebook, these get ongoing updates for 6 years, consequently it makes sense to align the CrOS lifecycle with that

      Reply
      • August 10, 2019 at 8:28 pm
        Permalink

        Good points!

        Reply
      • August 11, 2019 at 12:59 am
        Permalink

        Yep, Apple have less models to support. But Neverware is a much smaller business than Google and even they manage to offer support past 6 years for the models they focus on.

        Maybe it’s not feasible for Google to support every model past 6 years but they surely can support some. At the very least their own Google branded Chromebooks.

        Reply
        • August 11, 2019 at 1:28 am
          Permalink

          Sure, of course it would be possible. I don’t know how Neverware handle it, but their model would not be able to include the deep secure boot/Titan chip security that genuine ChromeOS devices all use. Possibly they just use the ChromeOS OS/runtime layers reworked to sit on up to date kernel versions. They way their job of maintaining security patching would be far easier – I realise that in practice there may be very little visible difference to the user but it actually would result in a very different security posture for the product. For those of us (yes I’m one) who have a critical business requirement for that, this means ChromeOS is usable and Neverware simply isn’t. There’s also the enterprise administration capabilities that are critical for many, and similarly Neverware is not capable of this.
          In practice, for Google to go past the 6 year LTS cycle that Linux provides for security patches they would have to fundamentally change the product to one where they regularly upgraded the kernel version as well. That would make ChromeOS upgrades far more complex and expensive with much more risk and/or regression testing needed. They’ve made a pragmatic call on that, that fits their business model, but in turn left a market segment open to be exploited by products like Neverware and even enabled Neverware to do so by maintaining the Chromium open source project. I think that provides the best compromise.
          If the Linux kernel team extend the support through LTS to more than 6 years you may find Google reassess as this it the key factor. The only other way would be for Google to continually back port every security patch to Linux themselves, which is a huge undertaking although not one they haven’t done before on occasion. Incidentally, although likely only a once off at the moment (for the reasons of the effort involved I mentioned) the kernelnext project is in the process of upgrading many of the 3.14 kernel devices to a later kernel version to allow support of Linux containers to enable Linux apps on some older Chromebooks. That’s quite interesting. But as you can see from this outline, the effort is huge to do that! Maybe they will eventually have a way of automating this, however I still think they may feel the risk for the limited benefit they get and the additional testing effort might not make it worthwhile doing systematically https://www.chromium.org/chromium-os/how-tos-and-troubleshooting/kernel-rebase-notes

          Reply
          • August 11, 2019 at 1:44 am
            Permalink

            I get your point. If Neverware are providing a product that is less secure than genuine ChromeOS then that would be a deal breaker for many.

            You say “There’s also the enterprise administration capabilities that are critical for many, and similarly Neverware is not capable of this.”
            Are you referring to the Admin Console? We use it with CloudReady devices.
            https://www.neverware.com/blogcontent/2015/5/20/getting-started-with-the-google-admin-console

          • August 11, 2019 at 1:57 am
            Permalink

            Well the console but also the Google enterprise support and rapid access to their engineering to get things fixed (in CrOS and the console) and sensible conversations about feature enhancements (they are surprisingly open to discussions which is refreshing in my experience!)
            But in short, yes I didn’t realise that they still allowed that. I’m aware that they have partners that provide the licence and support but that was always predicated on it being genuine CrOS and the current version so that’s new to me. The licence cost is pretty pricey compared with Google’s, perhaps that’s too pay for the additional product support that Neverware need to provide if an issue is outside the scope of the pure CrOS product?
            Either way, your comments seem to further support that Google has left a viable alternate market segment that a third party can fill and compete in. I don’t think it helps anyone commercially or competition-wise if one vendor either tries to lock down an ecosystem entirely to their own scope and appetite nor when it tries to expand to fill all gaps in a market just for the purpose of excluding all others even when there’s little value to them or their customers being in that part of the market. Sounds like the best balance, no?

          • August 11, 2019 at 9:58 am
            Permalink

            Neverware actually have the same enterprise admin capabilities. Security is very slightly different, but nearly as secure in practice – just disable USB media booting and lock the BIOS with a password.

          • August 11, 2019 at 3:36 pm
            Permalink

            “Google has left a viable alternate market segment that a third party can fill and compete in.”
            That’s fine for people who may want that but I came here for the original CrOS. If I wanted CloudReady or other Linux distros then I would have started out with them.

            I frequently see Windows hardware in the USD$500 and up price range that is better spec’d than similarly priced Chromebooks. Windows devices of course continue to receive updates well past 6 years as well. Considering that few people buy a Chromebook on day 1 of release the average time before AUE is something like 4 or 5 years. So looking at the value proposition a Windows device is cheaper and it has a longer life span.

            From my POV I choose to use CrOS because it suits me best. I have no interest in CloudReady or other Linux distros. And while I thank you for explaining why the AUE time frame exists I still don’t like the idea of throwing out perfectly good hardware every 4 or 5 years.

    • August 11, 2019 at 1:50 am
      Permalink

      The Chromebook Pixel 2 doesn’t stop getting updates until June 2020. I just gave mine to a friend, and mine was regularly getting updates.

      I think this reader has the original Chromebook Pixel. That had some Verizon LTE. The Chromebook Pixel 2 was only WiFi.

      Reply
  • August 10, 2019 at 4:14 pm
    Permalink

    Did this on my Samsung Chromebox Series 3 recently. Was a bit scary talking apart and then soldiering jumper (it’s a jumper on that model instead of write protect screw), but wasn’t getting updates from Google anymore so worth the risk. CloudReady works great on it. Also use CloudReady as my main laptop on a Win10 laptop after one of the Microsoft updates bust it. Really recommend Cloudready for old pcs, macs or Chromebooks. Wish google would support Chromebooks for 10 years though, anything less puts me off buying a new one.

    Reply
    • August 10, 2019 at 4:35 pm
      Permalink

      Nice! Any big interface or functionality differences that you’ve noticed?

      Reply
      • August 10, 2019 at 4:52 pm
        Permalink

        Not really. Got Crostini / Linux apps running fine. Off course big drawback for many will be lack of Play store / Android apps on CloudReady, but doesn’t bother me.

        Reply
        • August 10, 2019 at 4:53 pm
          Permalink

          Interesting. I’ve heard that people have got Play Store working. I’ll have to dig around to see how. Thanks!

          Reply
    • August 10, 2019 at 5:26 pm
      Permalink

      Same here, but I haven’t tried updating them yet and was looking at cloudready this morning. I have 3 chromebooks that no longer receive updates, yet still are very capable hardware wise. I have 2 i5 chromeboxes from Samsung that got ended last year, an i7 chromebox that’s getting its last update next month, and two chrome sticks that get ended in a couple of months, yet are also perfectly fine to plug into a tv’s hdmi port with a wireless keyboard/mouse.

      i’ll echo another comment about Microsoft and Apple still updating old hardware. I have a stack of i7 desktop computers, some 7-8 years old, and they look like they’ll be getting updates indefinitely, or I can at least easily install linux and brave without soldering jumpers or taking anything apart.

      Seems google wants to follow the phone model for updates. Arbitrarily cut off updates on still working devices that are doing the job people want them to do.

      Reply
  • August 10, 2019 at 9:32 pm
    Permalink

    Another route is to install GalliumOS, a version of Xubuntu customized for Chromebooks. It doesn’t run on all Chromebooks. Check the list of verified ones before doing an install. It does take some time and expertise to install GalliumOS, but I’ve been very pleased with the result on my Dell Chromebook 11. See my video GalliumOS First Impressions. https://www.youtube.com/watch?v=EunnUMdiM2o

    I sure wish some Linux vendor would offer Chromebook-style hardware with GalliumOS pre-installed. I’d be first in line to buy one.

    Reply
    • August 11, 2019 at 11:16 am
      Permalink

      The kernel update issue is a red herring. Where the problem lies is hardware drivers from the manufacturers. The kernel will run just fine, but the machine can’t exactly run without hardware drivers, and if say Samsung stops offering an updated driver that is compatible with updated OS packages or syscalls to the driver, then you’re SOL. Most of the backend work in things like Neverware will be to make the last set of drivers released by the manufacturer work with the updated packages, which is a big reason why there is a list of supported devices. Overall system security will also be affected by this, as quite a few driver updates include bugfixes for things like buffer overflows. Radio drivers are the big issue, in particular, and are a major pain because that segment of the device is “walled off” by law, so they will be stuck writing a compatibility layer to an old, outdated radio driver that can’t be updated since it is kept in an encrypted ROM partition that only the carriers and device manufacturers have write access to.

      Reply
      • August 16, 2019 at 1:54 am
        Permalink

        Can you explain how to do this to those of us who are not IT people?

        Reply
  • August 11, 2019 at 8:09 am
    Permalink

    Hi there .. I am in IT (and I’m a PC Tech/Google/Chrome admin) for school district in NE Ohio. We currently have 100’s of carted Samsung xe303’s that have an AUE of June 2018. Some of them are still updating (it’s miss or hit?), but, I am able to use the Chrome Recovery Tool/App that I have setup as an app in my Chrome identity (browser and OS). I’ve used the usb tool/recovery image all summer long to “re-image” ANY of our Samsung xe303’s that have come up with the “your chromebook will not receive updates – please consider a newer device” to bring them ALL up to Chrome OS 75.0.3370.102. This is working 100% on them all and is, by far, a quicker/cleaner/easier solution, right now, than going with the Neverware option. Hope this can help! ..

    Reply
    • August 16, 2019 at 10:14 pm
      Permalink

      I’ve just tried this with no luck. I downloaded the correct recovery media for my Acer C720 and once I had installed the OS, it came up with the same message.
      Is there something you have done differently to enable this to work? I’d be very grateful for any pointers!

      Reply
      • August 16, 2019 at 11:41 pm
        Permalink

        OK, very weird. Put it into developer mode, then back to normal and it has updated to v76. I was just about to go down the Gallium route, so it has now earned another reprieve!

        Reply
      • August 17, 2019 at 7:06 am
        Permalink

        Based on the Chrome Update Matrix here (https://cros-updates-serving.appspot.com/), it seems that some devices past their AEU date can still get recent versions of Chrome OS. Look towards the bottom of the list. Phil’s devices are one of the few. The Acer C720, unfortunately, isn’t there.

        Reply
        • August 17, 2019 at 7:26 am
          Permalink

          It’s now sat on v76 – we’ll see how long it keeps updating, if it gets stopped again, it’s going to be Gallium time!

          Reply
  • August 11, 2019 at 8:43 am
    Permalink

    Hi !

    I have a Windows laptop and installed Cloudready on it 1 year ago.
    Except the trackpad issue – you have to press hard on the trackpad to be able to move the cursor on the desktop, and it has not been solved since then… except that, it works fine, smoothly.
    I have the Google Admin Console (I am a GSuite customer), it works fine.
    it’s stated clearly on Neverware site that they will not be able (in the near future) to support Google Play Store due to legal issues.
    The only solution for the moment is to download the .apk file and run it. Does not work very well in general, but maybe it will change because Google invested in Neverware in 2018 and Neverware acquired Flint Innovations (Flint OS) in 2017.
    Let’s wait and see.

    Reply
  • August 11, 2019 at 12:43 pm
    Permalink

    I remember some threads some time ago where Neverware was adding chrome is devices to their support lists. Now they only say that Chrome devices are not supported.

    This is likely because they don’t want to support the more complicated hardware process needed.

    I’ve installed Cloudready on several older Imacs for family and friends and it works great though a bit slow to boot, 45 – 60 seconds which is likely related to the slower drives than on today’s Chromebooks.

    Just wondering if there would be anything that would halt chromium updates for Cloudready at some point on these older machines.

    I’d like to keep my wife’s Acer R11 running past end of life of possible so I may try this at that time. J

    Reply
  • August 11, 2019 at 1:17 pm
    Permalink

    I have a 2015 Pixel and love it, and will probably install this after AUE comes next June. I do still wish it had Linux support, which is something I believe only newer Chromebooks have.

    Reply
  • August 11, 2019 at 10:14 pm
    Permalink

    I have an original Pixel that I got refurbed, dirt cheap. I put GalliumOS on it, which is pretty easy and has all the drivers for the hardware. So, I can install anything on it like my old laptop. I use an SD card for storage. I didn’t think I’d like the XFCE desktop but it’s very configurable.

    I tried a couple other Linux distros but all had problems or needed fiddling to get everything working.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: