Locking your computer when you go away is good, but it's not failsafe. If you've seen any movie or TV shows with hackers, you know anyone with a malicious USB stick compromising your device. But Chrome OS will eventually help protect against these types of attacks on the Chromebook with a new feature called USBGuard.
Simply put, a new USB device connected to a locked Chromebook won't work. It includes physical access attacks such as "rubber ducky" USB or flash drives that pretend to be a keyboard when plugged in to run malicious code or programs. The feature, discovered in a recent Chrome Canary build of Chrome Story, also allows devices that are already plugged in before locking the screen, such as chargers, legitimate keyboards and mice, to be whitelisted.
This is similar to a feature added to iOS during the summer. In the iOS 11.4.1 update, Apple introduced a USB-limited mode that turns off the lightning port on the iPhone when they were idle for one hour. The mode keeps bad actors and law enforcement from bypassing Apple's encryption and breaking into your phones.
MacOS allows technical users to turn off USB ports, but it's complicated. You can also disable or restrict access to USB drives on Windows, although it is a multi-step process and not quite as elegant or automatic as iOS or detected Chromebook feature.
We've come out to Google for more information on new feature and will update when we hear back.
Although not very likely, some hacker in a hood will try to tie your Chromebook if you go to the toilet while working at a coffee shop, you never know. Generally, this is a good and easy update for the Chromebook, especially for less-tech savvy users or anyone who spends their time in public places.