I have managed over a thousand Chromebooks for schools. They're really pretty good.
"Against that backdrop, eight years seems almost optimistic."
Quite. Three-four years is about average for REALLY GOOD private school kids. In state schools, I'd give it a year or two! Eight years is a long time.
It's sad, though, that it's taken all this time to realise that the way to secure a user terminal is to stop it being a general purpose OS for the user, run as a limited user, don't allow background services and software installs, and just run things through an interpreted browser. We've finally come back to the unprivileged user interface terminal that I've wanted for decades as a network manager, because that's all a user needs.
And if it's compromised (which I have yet to ever witness!) you get control of... a crappy old Chromebook that accesses everything vital over HTTPS on remote servers anyway, so it can't do very much damage at all.
Loving them. Just wish I could explain to staff that, no, you can't "just install" things on them, I'm not pushing every Chrome extension known to man to them (if it lets you "read all website data", it's simply never going near my network), and no you can't "take control" of them so you can look at every kid's screen all the time and manipulate them remotely (maybe in certain limited circumstances, but modern OS just shouldn't allow that and often don't).
They're great things, but they're great things for schools because someone sat, thought about it, and said "We'll just give a highly controlled browser that allows no other software whatsoever" - because you can turn off the Android features and the Linux developer access, and it's just Chrome. And that's all 99% of people need for most things. Hell, our kids video-edit live in the browser with them.