We should have the ability to run any code we want on hardware we own
In this context this would mean having the ability and documentation to build or install alternative operating systems on this hardware
It doesn't work. Everything from banks to Netflix and others are slowly edging out anything where they can't fully verify the chain of control to an entity they can have a legal or contractual relationship with. To be clear, this is fundamental, not incidental. You can't run your own operating system because it's not in Netflix's financial interest for you to do so. Or your banks, or your government. They all benefit from you not having control, so you can't.
This is why it's so important to defend the real principles here not just the technical artefacts of them. Netflix shouldn't be able to insist on a particular type of DRM for me to receive their service. Governments shouldn't be able to prevent me from end to end encrypting things. I should be able to opt into all this if I want more security, but it can't be mandatory. However all of these things are not technical, they are principles and rights that we have to argue for.
The reason is that the desktop PC security model is deeply flawed. In modern desktop operating systems, we protect user A from user B. But any program running on my computer is - for some reason - completely trusted with my data. Any program I run is allowed to silently edit, delete or steal anything I own. Unless you install special software, you can't even tell if any of this is happening. This makes every transitive dependency of every program on your computer a potential attack vector.
I want computers to be hackable. But I don't also want my computer to be able to be hacked so easily. Right now, I have to choose between doing banking on my (maybe - hopefully - safe) computer. Or doing banking on my definitely safe iphone. What a horrible choice.
Personally I think we need to start making computers that provide the best of both worlds. I want much more control over what code can do on my computer. I also want programs to be able to run in a safe, sandboxed way. But I should be the one in charge of that sandbox. Not Google. Definitely not Apple. But there's currently no desktop environment that provides that ability.
I think the argument against locked down computers (like iphones and androids) would be a lot stronger if linux & friends provided a real alternative that was both safe and secure. If big companies are the only ones which provide a safe computing experience, we're asking for trouble.
- If you want to run an alternative operating system, you got to learn how it works. That is a trade off not even many tech savvy people want to make.
- There is a trade-off with a desktop OS. I actually like the fact that it isn't super sand-boxed and locked down. I am willing to trade security & safety for control.
Personally I think we need to start making computers that provide the best of both worlds. I want much more control over what code can do on my computer. I also want programs to be able to run in a safe, sandboxed way. But I should be the one in charge of that sandbox. Not Google. Definitely not Apple. But there's currently no desktop environment that provides that ability.
The market and demand for that is low.
BTW. This does exist with Qubes OS already. However there are a bunch of trade-offs that most people are unlikely to want to make.
If you want to run an alternative operating system, you got to learn how it works.
The typical user doesn't know how Windows works, and they can run that. These days, users can run a friendly GNU/Linux distribution not knowing how it works. So, disagree with you here.
The typical user doesn't know how Windows works, and they can run that.
That is because Windows for the most part manages itself and there are enough IT professionals, repairs shops and other third support options (including someone that is good with computers that lives down the road) where people can problems sorted.
This is not the case with Linux.
These days, users can run a friendly GNU/Linux distribution not knowing how it works. So, disagree with you here.
Sooner or later there will be an issue that will need to be solved with opening up a terminal and entering a set of esoteric commands. I've been using Linux on and off since 2002. I have done a Linux from Scratch build. I have tried most of the distros over the years, everything from Ubuntu to Gentoo.
When people claim that you will never have to know how it works. That is simply incorrect and gives a false impression to new users.
I would rather that other Linux users tell potential users the truth. There is trade off. You get a lot more control over your own computer, but you will need to peek under the hood sooner or later and you maybe be on your own solving problems yourself a lot of the time.
Sooner or later there will be an issue that will need to be solved with opening up a terminal and entering a set of esoteric commands.
That's what I did to export drivers from previous windows installation in suspicion of regression.
Anybody who is good with computers should be able to install linux
Installation is not the same as support and isn't the same as trouble shooting.
That why people distro hop. They keep on installing thinking that distro X will solve there problem. It may do, but it frequently has it own problems.
That's what I did to export drivers from previous windows installation in suspicion of regression.
Which is unusual situation. It isn't unusual situation in Linux.
Installation is not the same as support and isn't the same as trouble shooting.
The meme is still alive that windows accumulates garbage and becomes slower with time, so you need to reinstall it periodically. Reinstallation is also how you fix regressions, because ms is busy with cloud services.
It isn't unusual situation in Linux.
As I remember, on linux I have an ample choice of kernel versions, but I didn't encounter regressions. For windows intel provides only the latest drivers.
The meme is still alive that windows accumulates garbage and becomes slower with time, so you need to reinstall it periodically.
I've not needed to worry about this since Windows XP. Which was what? 25 years ago almost.
Reinstallation is also how you fix regressions, because ms is busy with cloud services.
I've never had hardware regressions with Windows. I've had plenty of weird and annoying bugs return with Linux.
e.g. My Dell 6410 has an issue where the wifi card would die after suspend with kernel 6.1. However it would get fixed by a patch, and then get unfixed the next patch.
As I remember, on linux I have an ample choice of kernel versions, but I didn't encounter regressions. For windows intel provides only the latest drivers.
"Swings and Roundabout".
Again. It is a pretty niche problem. I've had plenty of weird hardware regressions with the Kernel. Recently there was a AMD HDMI audio bug, IIRC it was kernel related.
One Linux kernel version broke hdmi audio and another fixed it. Recently a change to power management has made my Intel Ethernet controller stop working about an hour after the computer boots up. And so on. Each time I’ve needed to pouring through forums trying to find the right fix. That or pin an older version which worked correctly.
That is because Windows for the most part manages itself
Windows is the least "manage itself" OS out of all OS available today. It needs pretty constant maintenance and esoteric enchantments to keep trucking.
I must admit - I spent about an hour figuring out how to turn off telemetry and other junk after installation. But since then, windows has been trucking along just fine.
A working permission system would be objectively good. By that I mean one where a program called "image-editor" can only access "~/.config/image-editor", and files that you "File > Open". And if you want to bypass that and give it full permissions, it can be as simple as `$ yolo image-editor` or `# echo /usr/bin/image-editor >> /etc/yololist`.
A permission system that protects /usr/bin and /root, while /home/alex, where all my stuff is is a free-for-all, is bad. I know about chroot and Linux namespaces, and SELinux, and QEMU. None of these are an acceptable way to to day-to-day computing, if you actually want to get work done.
Anything that is proposed has a cost associated with it (time, money). That always has to be weighed up against any potential benefit.
That claim is too generic to add anything to this discussion. Ok, everything has a trade off. Thanks for that fortune cookie wisdom.
It isn't fortune cookie wisdom and no it isn't "too generic". It is something that fundamentally wasn't understood by the person I was replying to from their comment. I also don't believe you really understand the concept either.
But we’re not discussing CS theory 101.
No we are not. We are discussing concepts about security and time / money management.
In this case in particular, what is the cost exactly? Is it a cost worth paying?
You just accused me of "fortune cookie wisdom" and "being too generic". While asking a question where the answer differs dependant on the person / organisation.
All security is predicated on what you are protected against. So it is unique to your needs. What realistically are your threats. This is known as threat modelling.
e.g. I have a old vehicle. The security on it is a joke. Without additional third party security products, you can literally steal it with a flat blade about two inches long and drive away. You don't even need to hot-wire it. Additionally it is highly desirable by thieves. I can only realistically as a individual without a garage to store it in overnight, protect it from an opportunist. So I have a pedal box, a steering wheel lock, and a secret key switch that turns off the ignition and only I know where it is in the cab. That is like stop an opportunist. However more determined individuals. It will be stolen. Therefore I keep it out of public view when parked overnight. BTW because of the security measures, it takes about a good few minutes to be able to drive anywhere.
Realistically. Operating system security is much better than than it was. It is at the point that many recent large scale hacks in the last few years were initiated via social engineering to bypass the OS security entirely. So I would say it is in the area of diminishing returns already. So the level of threats I face and most people face, it is already sufficient. The rest I can mitigate myself.
Just like my vehicle. If a determined individual wants to get into you computer they are going to do so.
like if there are OS utopia exist that has all the advantage without the downside then everybody would use that
but people complaining don't live in reality
It isn't even a freedom vs security. It is usability vs security.
It is usability vs security.
I think a lot of it is "nobody has bothered building it yet" vs security.
Eg Qubes runs everything in Xen isolates - which is a wildly complex, performance limiting way to do sandboxing on modern computers. There are much better ways to implement sandboxing that don't limit performance or communication between applications. For example SeL4's OS level capability model. SeL4 still allows arbitrary IPC / shared memory between processes. Or Solaris / Illumos's Zones. But that route would unfortunately require rewriting / changing most modern software.
I think a lot of it is "nobody has bothered building it yet" vs security.
All of this takes considerable time, money to build and after that you need to get people to buy into it anyway. Large billion dollar software companies have difficulty doing this. If you think it is so easy, go away and build a proof of concept.
BTW They have implementing sand-boxing in most desktop operating system. It is often a PITA. Phone like permissions model already exist in Windows, Linux and I suspect MacOS in various guises.
For development there are various solutions that already exist.
e.g.
https://code.visualstudio.com/docs/devcontainers/containers
So these things already exist and often people don't use them. The reason for that is that there is usually reduces usability by introducing annoyances.
Eg Qubes runs everything in Xen isolates - which is a wildly complex, performance limiting way to do sandboxing on modern computers.
It exists though today. If I care about security enough, I am willing to sacrifice performance. That is a trade off that some people are willing to make.
There are much better ways to implement sandboxing that don't limit performance or communication between applications. For example SeL4's OS level capability model. SeL4 still allows arbitrary IPC / shared memory between processes. Or Solaris / Illumos's Zones. But that route would unfortunately require rewriting / changing most modern software.
If you solution starts with "rewriting most modern software". Then it isn't really a solution.
BTW what you are suggesting is a trade off. You have to trade resources (time and money typically) to build the thing and then you will need to spend more resources to get people to buy into using your tech.
If you want to run an alternative operating system, you got to learn how it works.
You only need to learn how to start a browser. You're a little behind the times, today browser is the OS.
What happens when the browser update fails because the package database got corrupted?
What happens when a lock file stop the whole system updating because of a previous iffy update?
You are going to need to drop to a terminal and fix that issue or reinstall the whole OS.
Either way you are going to need to know something about how the machine works.
You can also choose to do your banking at the physical branch.
We already had "best of both worlds", especially on mobile OSes - granular permissions per-app were quite good, and on Android until few years ago root was widely available if you needed it as well; these permissions could be locked or frozen if there is concern about users, just like work devices are provisioned with limitations. It all depends on your threat model.
They make you use this separate device to scan a color qr code generated by the app. The details of the transaction you're authorizing are then displayed on this completely decoupled device, no internet, nothing. After keying in your pin you're given an OTP to put back into the app to authorize.
And I haven't checked, but I'm sure the 'payload' the qr code conveys is signed.
That doesn't stop scammers. They also keep getting more sophisticated, often using a combination of social engineering and technical skill, and they keep tricking people into giving them money. So unfortunately, while malware is pretty much a non-factor, scammers still thrive.
There are plenty of places where mobile phones don't work, especially in the summer when there are leaves on the trees. This means SMS won't really work. So for this path, SMS, the bank has an alternative -- call a number on your account with a voice reading the 2FA code. Thus, landlines or VOIP work here.
When it comes to an app, forcing Canadians to use a phone OS controlled by US companies, still has pushback. An example being, the concept of "A Canadian having to use software from a US company, to identify themselves to a Canadian company" is still a hotspot. Especially with the US wanting to annex us.
So this lock in has not yet occurred.
Really, the phone call to a phone number on your account, not using SMS is as solid a protection, as an app running on a phone controlled by a foreign country's company. It's an alternate path. And it solves the whole 'rural person' access.
Many people living in rural areas don't even bother with a phone type device. Some have Kindles. But by buy a phone, if it doesn't work where you live?
This logic, combined with them closing rural banks, means they have to be quite sensitive here. EG, closing rural banks, then making it difficult to do online banking is political poison for our banks.
Your parents are more likely to be a victim of a phone call scam than malware, even on PC. There is also no guarantee that malware will not slip through cracks of official stores or signatures.
So what? The lack of perfect security is a terrible argument against better security.
For example, lockpicks exist. Is that a reason to stop locking your house? Our TLS ciphers might eventually be broken. Should we throw away TLS and go back to unencrypted HTTP?
I'm not expecting anything to 100% stop all scams. But modern computer security is a joke. We could do an awful lot better than we are today at keeping people safe from this stuff.
We already had "best of both worlds", especially on mobile OSes - granular permissions per-app were quite good, and on Android until few years ago root was widely available if you needed it as well
Yes. I want something like this on desktop too - but I want to own the signing keys, of course. It seems strange that this is so controversial.
Sure, locking down the OS in this way is more secure, but it's also very restrictive and personally I don't think the added security justifies this. Lock picks do exist, but I am still entirely content with a single lock on my front door. I do not need an extra biometric sensor or camera or security representative standing outside my door to check id's of people passing by in order to consider myself reasonably safe.
Maybe this is cultural/geographical, but I've yet to hear of anyone who lost access to their mail or had unauthorized access to their bank account as a result of malware. I'm sure you can find examples, but I do not consider this an attack vector that is prevalent enough to warrant requiring signed apps or preventing manual installation.
Google blesses malware all the time because otherwise they would go bankrupt. They're an ad company, not a security company.
AI voice and video cloning scams are also only going to increase. Why would scammers need to get people to install random APKs when they can just impersonate a family member and tell them what to give directly?
To me it seems very much like the classic "think of the children" type argument. It's not going to really fix anything in the end but it will benefit Google.
You can also choose to do your banking at the physical branch
The ones banks that do have physical presence are closing left and right? Also, I don’t think I can money transfers at the physical office of my bank.
think of the elderly
This stuff is not just for the elderly and computer illiterate. It's for you as well. You think they're going to stop?
You're giving up freedom for safety. You will have neither.
It's for you as well. You think they're going to stop?
No! Which is why I don't want every npm package I install to have unfettered access to my internet connection and to access all my files. If this is being exploited now, I might not even know! How sloppy is that!
You're giving up freedom for safety.
At the limit, sure, maybe there are tradeoffs between freedom and security. But there's lots of technical solutions that we could build right now that give a lot more safety without losing any freedom at all.
Like sandboxing applications by default. Applications should by default run on my computer with the same permissions as a browser tab. Occasionally applications need more access than that. But that should require explicit privilege escalation rather than being granted to all programs by default. (Why do I need to trust that spotify and davinci resolve won't install keyloggers on my computer? Our computers are so insecure!)
Personally I'd like to see all access to the OS happen through a capability model. This would require changes in the OS and in programming languages. But the upside is it would mean we could fearlessly install software. And if you do it right, even `npm install` could be entirely safe. Here's how we do it: First, all syscalls need to pass unforgable capability tokens. (Eg SeL4). No more "stringy" syscalls. For safe 3rd party dependencies, inside processes we first make an "application capability" that is passed to main(). 3rd party libraries don't get access to any OS objects at all by default. But - if you want to use a 3rd party library to do something (like talk to redis), your program crafts a capability token with access to that specific thing and then passes it to the library as an argument.
Bad:
// Stringy API. Redis client can do anything.
redisClient.connect("127.0.0.1", 6379)
redisConnCap = systemCap.narrow(TCPConnect, "127.0.0.1", 6379)
redisClient.connect(redisConnCap)
This would require some PL level changes too. Like, it wouldn't be secure if libraries can access arbitrary memory within your process. In a language like rust we'd need to limit unsafe code. (And maybe other stuff?). In GC languages like C# and javascript its easier - though we might need to tweak the standard libraries. And ban (or sandbox) native modules like napi and cgo.
At the limit, sure, maybe there are tradeoffs between freedom and security. But there's lots of technical solutions that we could build right now that give a lot more safety without losing any freedom at all.
Everything you have suggested in this post takes away freedom. There is no solution that doesn't take away freedom / your control. There is always a trade off.
Like sandboxing applications by default. Applications should by default run on my computer with the same permissions as a browser tab. Occasionally applications need more access than that. But that should require explicit privilege escalation rather than being granted to all programs by default. (Why do I need to trust that spotify and davinci resolve won't install keyloggers on my computer? Our computers are so insecure!)
This already exists on Linux.
I run Discord/Slack in Flatpak. Out of the box the folders and clipboard permissions are restricted. Only the ~/Downloads folder on my PC is accessible to Discord/Slack. You can't drag and drop things into these apps. Which makes sharing content a PITA.
If you don't want to worry about things like keyloggers, you should run an open source OS and use open source programs where you can verify that there are no key loggers. You should also make sure you find out what firmware your keyboard is using (many keyboards themselves have complex micro controllers on them that can be programmed).
Everything you have suggested in this post takes away freedom. There is no solution that doesn't take away freedom / your control. There is always a trade off.
Huh? In what way does application sandboxing take away my freedom? What can I do today that I can't do with a sandbox-everything-by-default model?
In my mind, it gives me (the user) more freedom because I can run any program I want without fear.
I run Discord/Slack in Flatpak. Out of the box the folders and clipboard permissions are restricted. Only the ~/Downloads folder on my PC is accessible to Discord/Slack. You can't drag and drop things into these apps. Which makes sharing content a PITA.
Cool! Yeah this is the sort of thing I want to see more of. The drag & drop problem is technically solvable - it just sounds like they haven't solved it yet. (Capabilities would be a great solution for this.. just sayin!)
Huh? In what way does application sandboxing take away my freedom? What can I do today that I can't do with a sandbox-everything-by-default model?
I've just explained that sand-boxing causes issues with file access, clipboard sharing etc.
Every hoop you add in makes it more difficult for the user to gain back control, even if that is modifying permissions yourself. Most people will just remove permissions out of annoyance.
If you remove control, you remove people's freedom.
In my mind, it gives me (the user) more freedom because I can run any program I want without fear.
Any security mechanism has a weakness or it will be bypassed by other means. So all this will give you a false sense of security.
The moment you think you are safe. Is when you are most unsafe.
Cool! Yeah this is the sort of thing I want to see more of. The drag & drop problem is technically solvable - it just sounds like they haven't solved it yet. (Capabilities would be a great solution for this.. just sayin!)
I don't. It is a PITA. Eventually people just turn it off. I did.
The reality is that if you want ultimate security you have to make a trade offs. Pretending you can make some theoretical system where those trade off don't exists just isn't realistic.
Your argument would suggest that virtual memory takes away user freedom, because it's now much harder to access hardware or share data between programs, but that sounds ridiculous from a modern perspective. I think it's better to keep freedom and complexity separate, and speak about loss of freedom only when something becomes practically impossible, not just a bit more complex.
You seem to be arguing that adding complexity reduces freedom, but I don't think that's true in a reasonable interpretation of the word
No I am not arguing that at all.
Anything that gets in my way is something that taken control away from me. Unfortunately giving me full control comes with dangers. That is a trade off.
There is a big difference between basic memory protections and what was being discussed.
This is the issue with a lot of people that work in software. They take the most ridiculous interpretation because "that is technically" correct while not bothering to try to understand what was said.
Virtual memory probably isn't what you meant, but take something like user privilege separation. It's usually considered a good idea to not run software as root. To interpret the statement generously, privilege separation does restrict immediate freedom: you have to escalate whenever you want to do system-level changes. But I think josephg's statement:
Sandboxing gives users more control. Not less. Even if they use that control to turn off sandboxing, they still have more freedom because they get to decide if sandboxing is enabled or disabled.
can be directly transposed to user privilege separation. While it's true that escalating to root is more of a hassle than just running everything as root, in another sense it does provide more control because the user can run arbitrary code without being afraid that it will nuke their OS; and more freedom because you could always just run everything as root anyway.
Maybe josephg's sense of freedom and control is what you're saying there is a trade-off between. But the case of privilege separation shows that some trade-offs are such that they provide a lot of security for only a little bit of inconvenience, and that's a trade-off most people are willing to make.
Sometimes the trade-off may seem unacceptable because OS or software support isn't there yet. Like Vista's constant UAC annoyances in the case of privilege separation/escalation. But that doesn't mean that the fundamental idea of privilege levels is bad or that it must necessarily trade off too much convenience for control.
I think that's also what josephg is suggesting about sandboxing. He says that the clipboard problem could probably be fixed; then you say, "but there are other examples". What remains to be shown is whether the examples are inherent to sandboxing and must degrade a capabilities/sandbox approach to a level where the trade-off is unacceptable to most.
The problem is that if what "really counts" is too vaguely defined, then it's hard to pin down and argue the point.
It really wasn't. It isn't hard to understand what was meant.
Virtual memory probably isn't what you meant,
No it wasn't and there is no need to put "probably". It was obvious it wasn't.
can be directly transposed to user privilege separation. While it's true that escalating to root is more of a hassle than just running everything as root, in another sense it does provide more control because the user can run arbitrary code without being afraid that it will nuke their OS; and more freedom because you could always just run everything as root anyway.
The difference is that there are very few things I need to run as user directly daily as root on my Desktop Linux box. I can't think of anything.
However having to cut and paste a meme into ~/Downloads so I can share it on Discord or Slack is a constant PITA. If you sandbox apps you have to restrict what they can access. There is no way around this. The iPhone works the same way BTW. I know I used to own one. You either have to say "Discord can have access to this file", or you have to give it all the access.
Maybe josephg's sense of freedom and control is what you're saying there is a trade-off between. But the case of privilege separation shows that some trade-offs are such that they provide a lot of security for only a little bit of inconvenience, and that's a trade-off most people are willing to make.
No they are a false sense of security with a lot of inconvenience. The inconvenience is inherent and always will be because you will need to restrict resources using a bunch of rules.
Sometimes the trade-off may seem unacceptable because OS or software support isn't there yet. Like Vista's constant UAC annoyances in the case of privilege separation/escalation. But that doesn't mean that the fundamental idea of privilege levels is bad or that it must necessarily trade off too much convenience for control.
There are many things that seem like they are fundamentally sound ideas on the face of it. However there are always secondary effects that happen. e.g. Often people just ignore the prompts, this is called "prompt fatigue". I've literally seen people do it on streams.
Operating systems are now quite a lot more secure than they were. So instead of going for the OS, most bad actors will use a combination of social engineering to gain initial entry to the system. The OS security often isn't the problem. Most operating systems have either app stores, some active threat management.
If you are running things from npm/PyPI/github without doing some due diligence, that is on you. This is well past what non-savvy user is likely to do.
I think that's also what josephg is suggesting about sandboxing. He says that the clipboard problem could probably be fixed; then you say, "but there are other examples". What remains to be shown is whether the examples are inherent to sandboxing and must degrade a capabilities/sandbox approach to a level where the trade-off is unacceptable to most.
It is inherent. It obvious it is. If you want to share stuff between applications like data, which is something you want to do almost all the time. You will need to give it access at least to your file-system. The more of this you do, you will either have to give more access or having to faff moving stuff around. So either you work with a frustrating system (like I have to do at work), or you disable it.
So what happens is you only have "all or nothing".
It isn't hard to understand what was meant.
At least two independent people understood you in the same way. So just dismissing it isn't productive.
PITA. If you sandbox apps you have to restrict what they can access. There is no way around this.
This has nothing to do with freedom though.
You will need to give it access at least to your file-system.
On Qubes, you copy-paste with ctrl+shift+v/c and nothing is shared unless you actively do it yourself. It becomes a habit very quickly (my daily driver). Sharing files is a bit harder (you send them from VM to VM), but it's not as hard as you want it to look.
At least two independent people understood you in the same way. So just dismissing it isn't productive.
Two people that we are aware of.
BTW, I often encounter this when talking to other techies. People go to the most ridiculous extremes to be contrarian. Often they don't even know they are doing. I know because I used to engage in this behaviour.
So I feel like I am well withing my rights to dismiss it.
If you want to share stuff between applications like data, […]. You will need to give it access at least to your file-system. The more of this you do, you will either have to give more access or having to faff moving stuff around.
Why are those the only answers?
If we had free rein to redesign our computers from the ground up, there’s lots of other ways that problem could be solved.
One obvious example is to make copy+paste be an OS level shortcut so apps can’t access the clipboard without the user invoking that chord. Then just copy paste stuff between applications.
Another idea: right now when I invoke a shell script, I say “foo blah.txt”. The argument is passed as a string and I have to trust that the program will open the file I asked - and not look instead at my ssh private keys. Instead of that, my shell program could have access to the filesystem and open the file on behalf of the script. Then the script can be invoked and passed the file descriptor as input. That way, the script doesn’t need access to the rest of my filesystem.
If we’re a little bit creative, there’s probably all sorts of ways to solve these problems. The biggest problem in my mind is that Unix has ossified. It seems that nobody can be bothered making desktop Linux more secure. A pity.
Maybe it’s time to give qubes a try.
However having to cut and paste a meme into ~/Downloads so I can share it on Discord or Slack is a constant PITA.
Why round trip it through the file system or Files.app? That seems like extra (annoying) work On my iPhone, I copy the meme onto the clipboard and then I open discord/slack/signal/Whatsapp and find the right channel/chat, and paste right in there.
I've just explained that sand-boxing causes issues with file access, clipboard sharing etc.
You've explained that flatpak has issues with file access and clipboard sharing. My iphone does sandboxing too, but the clipboard works just fine on my phone.
I don't think "failing clipboards" is a problem specific to sandboxing. I think its a problem specific to flatpak. (And maybe X11 and so on.)
If you remove control, you remove people's freedom.
Sandboxing gives users more control. Not less. Even if they use that control to turn off sandboxing, they still have more freedom because they get to decide if sandboxing is enabled or disabled.
Maybe you're trying to say that security often comes with the tradeoff of accessibility? I think thats true! Security often makes things less convenient - for example, password prompts, confirmation dialogue boxes, and so on. But I think the sweet spot for inconvenience is somewhere around the iphone. On the desktop, I want to get asked the first time a program tries to mess with the data of another program. Most programs shouldn't be allowed to do that by default.
Pretending you can make some theoretical system where those trade off don't exists just isn't realistic.
I think you might be arguing with a strawman. I totally agree with you. I don't think a perfect system exists either. Of course there are tradeoffs - especially at the limit.
But there's still often ways to make things better than they are today. For example, before rust existed, lots of people said you had to make a tradeoff between memory safety and performance. Well, rust showed that by making a really complex language & compiler, you could have memory safety and great performance at the same time. SeL4 shows you can have a high performance microkernel based OS. V8 shows you can have decent performance in a dynamically typed language like JS.
Those are the improvements I'm interested in. Give me capabilities and sandboxing. A lot more security in exchange for maybe a little inconvenience? I'd take that deal.
You've explained that flatpak has issues with file access and clipboard sharing. My iphone does sandboxing too, but the clipboard works just fine on my phone.I don't think "failing clipboards" is a problem specific to sandboxing. I think its a problem specific to flatpak. (And maybe X11 and so on.)
There are other examples.
e.g. There are other things that become a PITA on the phone. Want to share pictures between apps without them having full access to the everything. You need to manually share each picture between apps.
The point being made is that it causes usability issues. What those usability issues are will vary depending on platform. However they will exist.
Sandboxing gives users more control. Not less. Even if they use that control to turn off sandboxing, they still have more freedom because they get to decide if sandboxing is enabled or disabled.
Anything that gets in my way is something that taken control away from me. Unfortunately giving me full control comes with dangers. That is a trade off.
Maybe you're trying to say that security often comes with the tradeoff of accessibility? I think thats true! Security often makes things less convenient - for example, password prompts, confirmation dialogue boxes, and so on. But I think the sweet spot for inconvenience is somewhere around the iphone.
No usability and control.
BTW, Your sweet spot is a platform which is the most locked down.
On the desktop, I want to get asked the first time a program tries to mess with the data of another program. Most programs shouldn't be allowed to do that by default.
Well I don't want to be asked. I find it annoying. I assume that this is the case when I install the program. So I don't install software in the first place that I think might be risky. If I need to install something that I might think is iffy then I find a way to mitigate it.
But there's still often ways to make things better than they are today. For example, before rust existed, lots of people said you had to make a tradeoff between memory safety and performance. Well, rust showed that by making a really complex language & compiler, you could have memory safety and great performance at the same time.
You aren't selling it to me. I got so annoyed by Rust that I didn't complete the tutorial book. Other than the strange decisions. One thing I hate doing is fighting with the compiler. That has a cost associated with it.
I spend a lot of time fighting with the TypeScript compiler (JS ecosystem is a mess) as a result to have some things work with TypeScript you need to faff with tsconfig and transpilers. Then once you are past that you have to keep the compiler happy. Frequently you are forced to write stupid code to keep the compiler happy. That again has a *cost*.
V8 shows you can have decent performance in a dynamically typed language like JS.
I work with JavaScript a lot. While performance is better, it isn't actually that good.
There was also two secondary effects.
- Websites ballooned up in size. Also application development moved to the browser. This meant you can lock people in your SaaS offering. Which reduces control/freedom.
- There is a lot of software that is now written in JavaScript that really shouldn't be. Discord / Slack are two of the slowest and memory hogging programs on my computer. Both using Electron.
Those are the improvements I'm interested in. Give me capabilities and sandboxing. A lot more security in exchange for maybe a little inconvenience? I'd take that deal.
Again. It is a trade-off that you are willing to take. I am willing to make the opposite trade-off.
Any security mechanism has a weakness or it will be bypassed by other means. So all this will give you a false sense of security.The moment you think you are safe. Is when you are most unsafe.
This is demonstrably false. Qubes OS has the lowest number of CVEs, even less than that of Xen. Last VM escape in it was found in 2006 by the Qubes founder (it's called "Blue Pill").
There is nothing and I mean nothing that is completely secure.
Think user accounts but for task classes.
If I'm doing development work, I want to be able to chain together a Frankenstein of apps, toolchain, API services and so on, with full access to everything else in that specific context.
But that doesn't need visibility of my email, my banking and accounting software should have visibility to/from neither, and random shareware apps, games and movies should run, like you say, with a browser tab level of permission.
Making this work in practice while keeping performance maximised is harder than it sounds, preventing leaks via buffers or timing attacks of one sort or another (if apps can take screenshots, game over).. for now I use user accounts, but this is becoming less convenient as the major desktop OS and browser vendors try to force tying user accounts to a specific online identity.
IMO what's needed is less per-app sandboxing, and more per-context.
I think you could do this with capabilities!
The current model makes of security implicit, where an application can make any syscall it wants and its up to the OS to (somehow) figure out if the request is valid or not. Capabilities - on the other hand - restrict access of a resource to the bearer of a certain token. The OS knows that by invoking capability X, the bearer can make requests to a certain resource / account / file / whatever. (Think of it like unix file descriptors. You just call write(1, ...) and the OS knows what file you're writing to, and what your access to that file is.)
There's lots of ways to use capabilities to build the sort of frankenstein app you're talking about using caps. Eg, you could have a supervisor task (maybe the desktop or a script or something) that has a capability for everything the user cares about. It can create sub-capabilities which just have access to specific network ports / files / accounts / whatever. It launches subprocesses and hands the right capabilities to the right sub processes. The sub processes don't even need to know what the capability they were given connects to. They just need to know - for example - that reading from the capability gives it the data it expects to receive. Then you can do all the routing & configuration from the supervisor task.
Because all the sub processes only have the specific capabilities that were passed to them, the security surface area is automatically minimised.
SeL4 shows that you can do this without losing much performance. (In SeL4, the IPC overhead is tiny.) But as I said upthread, I'm sure there's also ways to design our programming languages to allow within-process isolation. So, for example, you can call the leftpad package without giving it capabilities held by other parts of the same program.
Capabilities can also make it easy to virtualise filesystems, the network, and so on. Or to do interdiction - and snoop on the messages being sent. Its easy because you can just make virtual network / filesystem / whatever capabilities and pass those to subprocesses.
I recently requested those rights again because I needed to install something new for a PoC I was working on, and that wasn't allowed anymore. But during onboarding I had those rights and installed homebrew to more easily install dev tools, and homebrew keeps its admin rights to install stuff in a directory owned by admin. So that circumvents this whole security model (and I did, for my PoC).
The problem is that it's all or nothing. Homebrew should have the right only to install in a specific directory. Apps shouldn't automatically get access to potentially sensitive data. Mobile OSs handle that sort of thing more granularly. Desktop OSs should too.
Because the overly restrictive security rules at my work are little more than security theatre when it's so easy to circumvent.
Company A gave me sudo access and I could do anything I wanted.
Company B locks down everything, no sudo, no brew, nothing. But I do get a big VM with root to do anything I want. There is an approved "appstore" of many different varieties of IDEs/tools.
TLDR: Not having brew is not a problem, and /can be/ a better experience if done right.
It took a couple weeks to shift the mental model but I have no problems. The dev experience is quite good because they provide all the libraries you need to do your job.
1. Is the "big VM with root" running macOS itself, or a different OS?
2. Do you do any work on the bare metal version of macOS, or do you just start the VM in the morning and do everything from there?
3. How do you experience the performance/UX of the VM?
4. Do you know why Company B IT has set up this VM solution, instead of a plain old MacBook locked down with Apple's enterprise management tools?
5. Can you explain more about the App Store? Is it the actual Apple App Store but restricted to a curated set of apps, or is it a different system? If so, is the store a custom in-house thing or is it provided by a vendor?
(This was at a branch office where every employee worked on very low-level Linux kernel code, so yeah everyone ran their favorite Linux distro.)
Won't satisfy developers for long though because it cannot work.
The problem is that mobile OS security systems isn't fit to develop anything but shit. It is simply no solution for desktop.
But then again, we write and execute our own code, so of course we have to be able to execute unknown code.
The whole thing feels like an exercise in futility to me. It would make more sense to specify what rights a specific application should have. Let me approve the external urls it wants to visit, the folders it wants to access, etc. Shield everything else off.
My parents are getting old and they aren't tech savvy. The missing piece here is that I want my parents to have a computer they can safely do their banking on, without leaving them vulnerable to scams and viruses and the like.
Purists always forget this point :) What is best for 99% of people.
And dumb Euro bureaucrats.
The only reason we have convenient banking, gov and streaming apps today is because of guaranteed and enforced mobile security by big boys Apple and Google. (Google being Ad company is another matter, not relevant here).
There is no "just works" technical solution for a problem caused mainly by naivete and gullibility. Governments and the private sector know this, of course; as others have said, the real purpose is to control users, not to protect them.
No, we have convenient online services in spite of the endless security theater that permeates consumer tech.
Disagree. No banking app can resist root access owned by attacker.
What's even the point of me being alive is I can't do anything that isn't completely idiot-proof and made for goo goo ga ga users?
Look, I get it. Think of the children! Think of the granny!
But I'm not a child, I'm an adult. I would like to be treated as such. Otherwise what the fuck are we even doing here? Why can't I just live in daycare forever? Why am I paying bills?
This was just useful for them.
I also don't believe more people get scammed on PC compared to mobile platforms. Scammers go where the most naive people congregate.
A sensibly configured Linux system is very secure compared to your mobile device. No security model can really shield against user stupidity. The people would need completely different devices as they simply aren't fit to use a computer. My parents are the same, but I won't accept a bad compromise of an OS just because they essentially need other devices.
At some point a user will be asked to allow execution of code they got through some fishy mail. There is no defense against that other than for the user sticking to books.
A sensibly configured [desktop, i.e., not just a headless server] Linux system is very secure compared to your mobile device.
That is not true. It is understandable that you believe it because it gets repeated a lot, but those repeaters are doing what you are, namely repeating what they heard (and sometimes what they want to be true) without sufficient actual knowledge of what they are talking about.
Sure, it is circumstancial security, but exploits exist for mobile devices as well.
The web browser is an important attack vector, and there are no Linux distros that sandboxes the browser anywhere near as effectively as Android and ChromeOS do except maybe Qubes, but Qubes is stuck using X for the display server and using Zen, both of which have been abandoned by their maintainers and aren't receiving enough maintenance attention to fix security vulnerabilities. I.e., Qubes's reputation for security probably comes from the fact that it was relatively secure many years ago.
Android and ChromeOS use selinux to sandbox the browser. Fedora uses selinux, too, but it only sandboxes server software: any program including a web browser started by the user is unconstrained (unaffected) by Fedora's selinux implementation.
The kernel is another important attack vector (and Linus has always been bored by and impatient with security considerations.)
Ditto the C library. Note that GrapheneOS uses a special, hardened C libary (which in the last few years has migrated to at least one security-focused Linux distro, namely, secureblue, but of course none of the people that show up here on HN proudly proclaiming that Linux is more secure than iOS or Android use secureblue, and the lead of the secureblue project freely admits that MacOS iOS Android and ChromeOS are more secure than secureblue is).
You know how one of the arguments for Wayland is the fact that there is no way to prevent any process from reading the contents of any X window? Well, to actually achieve this "window privacy" inherent in Wayland requires active support from the compositor, and Gnome has the only Wayland compositor that actually provides this support.
Till the vulnerability started getting exploited some time last year, anyone could upload a theme to KDE's theme store that could run arbitrary code when the user chose to install it. No one was reviewing uploaded themes for malware or warning users of the danger.
Hyprland uses a trampoline (files at a known location in the file system that are occasionally executed by Hyprland) for reasons that are hard to explain if we assume that Hyprland's maintainers care anything about security.
Today the main problem is social engineering and scams. The disadvantage of mobile OS are too great to justify bad approaches to desktop systems or security in general. And for browsers that means the security threat isn't some arcane media decoder, it is the well made phishing site.
But my argument is more that perhaps I don't want window privacy because it doesn't fit my security needs and reduces functionality and access. And one assumption in that is that one compromised app can compromise the whole system in the worst case and believe risks must be mitigated elsewhere. In case of doubt, I can reasonably sandbox something I execute myself, if the need is warranted.
I would love a good file explorer for my mobile device. But file access is restricted. How many hours wasted to bad security...
If you insist that using software with trampolines means not "caring anything about security", I'm afraid it's a you problem. I'll still be happy to hug my partner when she comes home regardless of what germs might have been on a tram's seat she was sitting on on the way there, regardless of whether someone thinks that this means I don't care anything about health (I'm sure someone does).
In case someone needs it spelled out: I do care, but there are other things I care about too and I won't let some minuscule threats ruin them.
We’ve found out about a handful of such attacks over the last few years - like xz. And I’ve seen the number of random dependencies which get pulled in by most nodejs, cargo or python projects. The dependencies just scroll on by. There is no vetting process for putting code in npm or cargo. Nobody signs off on anything. Nobody reads the source code. There are no checks, and you can put anything in there.
If malicious code slipped in, would you even notice? I probably wouldn’t. How terrifying.
Linux’s security model means that any malicious code in a crate can run as me and access all of my files. Or delete them or whatever it wants to do. To me this is crazy. There’s no reason to give arbitrary untrusted code full permissions to all of my files and data - but there we have it.
I worry that it’s only a matter of time before we see more attacks like this. It’s such an obvious attack. And our lax endpoint security makes the vulnerability a way bigger problem than it needs to be. It would be trivial for a remote attacker to install C&C software on my computer. They could grab my SSH certificates and install backdoors in any of my projects on github. Read my email. Impersonate me. Crypto locker my stuff. Install malicious extensions into my web browser. And on and on.
None of this would be possible with proper isolation. There’s no reason a build.rs file needs write access to my whole filesystem. It’s crazy.
With the iPhone they get the risk of answering to a scam call or scam sms and giving them the access of their bank account.
Ubuntu is almost bullet proof for beginners.
In fact, that's what I've done for my parents and I had to retire the computer and get another one because it's the hardware which became too old after 15 years of running Ubuntu without any problem.
Security for users isn't just about bootloader expoits.
Even on an iPhone without a sim card, they can download one of the scam casino games from the appstore and give away a lot of money, on Ubuntu they can't do that.
There's more to security than just bytes.
The threats to your average user isn't a bootloader exploit built by some Israeli firm but privacy breaches, social engineering and scams.
Like, iOS makes most unsafe actions incredibly clear. Apple pay always requires the user to double tap the power button. The OS makes it impossible for an application to charge you money through apple pay without an explicit user action.
Phone apps also can't take control of my entire device, or steal my cookies or cryptolocker my hard drive. Any program you download and run from the internet on a desktop computer can do all of this stuff and more. We shouldn't allow that stuff by default on desktop computers either.
Phones have the right idea. I just don't want Apple and Google to be the only ones who can modify the system at the OS level.
And then no, it's not clear for me (even as a developer!) how data transfer between apps work, how the advertising id works and how much data Apple and Google really have that they shouldn't. If it's not clear to me as a software engineer, it certainly isn't for your average user.
The browser is just a much easier mental model, especially that I can install an ad blocker on it to make them safer, which I can't on mobile apps.
Phone apps also can't take control of my entire device, or steal my cookies or cryptolocker my hard drive.
It never happened once with my parents in 15 years of running Ubuntu. Even if that stuff somehow existed, I don't think they would have the tech knowledge to mark the downloaded virus as executable anyways.
The browser is just a much easier mental model, especially that I can install an ad blocker on it to make them safer, which I can't on mobile apps.
I'd like that security model to be the default for desktop apps on my computer as well. Its weird that davinci resolve and spotify and all the rest have full access to look through all my files.
It never happened once with my parents in 15 years of running Ubuntu.
Probably just because so few regular people use ubuntu, scammers & malware authors don't bother targeting it. Still good for your parents though!
I'd like that security model to be the default for desktop apps on my computer as well. Its weird that davinci resolve and spotify and all the rest have full access to look through all my files.
That's how it works on Ubuntu, proprietary apps are usually distributed through snaps which are sandboxed. And unlike on mobile, the OS doesn't have an advertising ID or built-in ad networks.
Normal apps don't need that though because there's a chain of trust which doesn't exist on mobile.
Probably just because so few regular people use ubuntu, scammers & malware authors don't bother targeting it. Still good for your parents though!
No, it's because the bar on publishing on Ubuntu is much much higher than on an iPhone. Nobody would ever accept those scam casino games on Ubuntu.
No, it's because the bar on publishing on Ubuntu is much much higher than on an iPhone. Nobody would ever accept those scam casino games on Ubuntu.
Uhhh are you claiming ubuntu has a stricter app review process than apple has with the iphone app store?
The app review process on the appstore isn't designed for the user's benefit but Apple's benefit. There's no problem publishing a casino game but if your app doesn't pay the tax, be sure that it will be rejected.
This one isn't even hard to argue against; Apple being a good steward for its storefront was true in 2011. It is no longer true today. I'd consider a tech-illiterate user less likely to randomly lose a lot of cash by using different storefronts from the Apple App Store (or again, the Google Play Store), if only because those different storefronts actually do a bit of curation instead of focusing on quantity over quality.
[0] Most of the ones listed here apply that aren't "non-free dependency" or are meant to be a category filter like NSFW. I'd also throw in "microtransactions to unlock basic functionality", but F-Droid effectively bars those with other inclusion rules. https://f-droid.org/docs/Anti-Features/
Main way people around me get scammed by far like 90% is social engineering
All or nothing thinking is counterproductive.
Putting aside the philosophical issues, that statement isn't true for a few years now. It's not well known, even in very technical circles like HN, but macOS actually sandboxes every app:
• All apps from outside the app store are always sandboxed to a lesser degree, even if they are old and don't opt-in.
• All apps from outside the app store may opt in to stricter sandboxing for security hardening purposes.
• All apps from the app store are forced to opt-in, must declare their permissions in a fine grained way, and Apple reviews them to make sure they make sense.
To see this is true try downloading a terminal emulator you haven't used before, and then use it to navigate into your Downloads, Photos, Documents etc folders and run "ls". You'll get a permission prompt from the OS telling you the app is requesting access to that folder. If you click deny, ls will return a permission error.
Now try using vim to edit the Info.plist file of something in /Applications. ls will tell you that you have UNIX write permissions, but you'll find you can't actually edit the file. The kernel blocks apps from tampering with each other's files.
Finally, go into the settings and privacy/security area. You can now enable full disk access for the terminal emulator, or a finer grained permission like managing apps. Restart the terminal and permissions work like you'd expect for UNIX again.
Note that you won't see any permission popup in a GUI app if you open the file via the file picker dialog box. That's because the dialog box is a "powerbox" controlled by the OS, so the act of picking the file grants the app permission implicitly. Same for drag and drop, opening via the finder, etc. The permission prompt only appears when an app directly uses syscalls to open a file without some OS-controlled GUI interaction taking place.
So, if you want a desktop OS with a strong sandbox that you actually control, and which has good usability, and a high level of security too, then you should be using macOS. It's the only OS that has managed this transition to all-sandboxed-all-the-time.
An expensive iPhone ships with iOS and a rigid security model.
If you tap the `about` button 16 times and click a confirmation dialog, you disable certain security mechanisms against arbitrary software installation. Do something else easy but impossible to do accidentally, and you unlock the bootloader. You progressively lose portions of your warranty in doing so.
This is the path I think we should be going down.
They’ve had something like that for a long time on Android, and I think it’s a reasonable middle ground between making the platform open and closed. But as far as I know, Apple never did something like that on iOS.
Get some real sandboxing, let me install whatever I want in my sandbox.
That's a bare minimum.
I also want "I am an adult" mode where I get to do what I want. If Google wants to flag secure net, fine. Not every thing is going to work.
im a older millennial, so i have older parents and young kids. My father could not bother with a smartphone or does not care about internet at all. My mother uses whatsapp and everything after initial year she is quite handy with it. Im not scared about her, im more scared that she is reading AI slop.
My kids are now at the age where a lot of the pears are getting a smartphone for them im not giving them a smartphone. If i give them a smartphone in a year or i will be using parental controls.
I know angle grinders exist. I still lock up my bike.
Might be a tough sell for the volunteer open source community ("linux & friends") to work on such an alternative "locked down" computing experience. Free and open source software is usually more focused on unlocking use cases, not locking them up.
That all said, I basically consider macOS to be a locked down computing experience. So that's my solution for older people.
It's not a perfect solution but the Apple closed ecosystem is better designed for the limited use cases of the elderly. Rely on iCloud and built-in Apple approaches to data security as much as possible.
For example, an iMac and an iPhone can get all "adulting" use cases done, including typing/receiving emails, printing documents, online banking, government services, and so on. Apple Passwords plus Face ID helps to simplify password-based security. My biggest issue is getting TOTP-based two-factor adopted. Apple Passwords supports this but I usually have to do remote tech support to get it set up initially. It's also annoying that right now, the current generation of iMacs don't support FaceID, because that would simplify authentication across the two primary platforms (desktop/mobile).
I would never use this setup myself since I like to run F/OSS everywhere as much as possible. But I am realistic about tech expectations for the elderly who just want to live their life with minimal investment in learning about data/software security.
But you're right, along with other commenters, that it's dangerous for society to rely on a monopolist technocorporate overlord (or a pair of overlords forming a de facto duopoly) for the basic administrative tasks of adult living and lawful citizenship.
What's wrong with that?
again, no incentive to improve it. its either unpaid work or the OS vendor has a stake in it being insecure. (both exists)
I want my parents to have a computer they can safely do their banking on, without leaving them vulnerable to scams and viruses and the like
So you need to install Qubes OS for them?
And I'm afraid most of us are part of the system, rage-clicking away most of our days, distracted, jaded perhaps, like it historically has always been.
There has never been a utopian past and there will never be a utopian future. The past was riddled with despotism and many things that the average man or woman today would consider horrific. The basic principle of democratic society is to prevent those things from recurring by pitting elite factions against each other. Similarly business elites who wield high technology to gain their wealth must also compete and if there is any sign of them cooperating too closely for too long, we need to break them up or shut them down.
When Apple and Google agree, cooperate, and adopt the same policies - we are all doomed. It must never happen and we must furthermore break them up if they try, which they are now doing.
We need agreement to ensure the large corporations adhere to these.
Car manufacturers today have a lot of standards that I expect would make competition from any new contenders harder not easier. Tesla would be an example of that, they did survive but the industry thought it was never going to work precisely because of all the standards and regulations required.
On the other hand, early car manufacturers didn't have standards and shared technology stacks. At that time new car makers popped up everywhere and we had a ton of competition in the space.
Open standards are good for the consumer and good for any features that require interoperability. It has nothing to do with competition though.
If a particular product is tied to a specific proprietary tech stack, then the consumer is also tied to specific suppliers. This is known as vendor lock in.
Microsoft used this approach with Internet Explorer back in the old days; ensuring that it provided proprietary elements and implementation, that would encourage developers to provide websites that only functioned using their browser.
Open standards allow choice.
I think you're also assuming the only competition that matters is long term. In the short term the potential for locking users into your own ecosystem can incentivize short term competition.
Long term competition seems like a good goal, but that assumption wasn't part of it at the beginning of this chain.
that doesn't mean open standards are always better for competition
Yes, they are. Show us a counter-example.
I don't want to be mean, but this isn't a great counterpoint.
This is the core proposition!
The benefit of open standards here, is to the consumers of these standards .. not the engines.
Open standards allow the consumers (websites / apps) to be able to benefit.
If we needed to support another browser we'd need to provide a new solution built to its specification.
Open standards have allowed the possibility of multiple browser vendors, without making the life of browser consumers (i.e. developers and organisations providing apps and sites) a living hell.
Without this, we'd be providing apps and sites for a proprietary system (e.g. Macromedia Flash back in ancient history).
Furthermore, when Flash had cornered a market, it had absolutely no competition at all. A complete monopoly on that segment of the market.
It took Steve Jobs and Apple to destroy it, but that's a different story.
--
The reasoning for only three engines, isn't the fault of open standards.
There are many elements of our economic system that prevent competition. Open standards is not one of them.
Nowadays, all cars became hostile to users thanks to the closed software: https://www.theregister.com/2023/09/06/mozilla_vehicle_data_... I wouldn't call it "better competition".
We only need that the standards are open, and described clearly enough for a schoolchild to implement, and that we are not prevented from adding additional protocol support to systems we acquire.
Hardware protocols are a bit different, but I actually dislike the USB-C standardisation. We already had better de-facto standards (e.g. small, "fixed-function" devices like feature phones and e-readers all use Micro USB-B for charging). Our problems were mainly "this laptop barrel charger is incompatible with this other laptop barrel charger", and proprietary Apple connectors.
The most important hardware protocol is power supply, which we can fix by requiring well-documented, user-accessible contacts that, when sufficiently-clean power is applied to them, will power the device. These could be contacts on the motherboard (for something designed to be opened up), or something like Apple's Smart Connector (without the pointless "I'll refuse to charge until you handshake!" restriction).
Requiring open, well-documented protocols which aren't unnecessarily-complicated is imo more important than requiring standard protocols.
Any standard that is developed closed-source and is protected or proprietary, can and will prevent consumer choice further down the line.
Interoperability of data, choice between vendors, and the ability for smaller players to compete with established larger players are all directly negatively affected by a lack of open standards.
In software, the problem is closedness, protectionism, and undocumentedness, not proprietary wheel reinvention.
In software, the problem is closedness, protectionism, and undocumentedness, not proprietary wheel reinvention.
Quite simply, the first three problems are actually caused by proprietary wheel reinvention.
Standards can be (and are) developed cooperatively and these still allow and encourage progress.
Once upon a time, Jabber was the messaging protocol. But what killed interoperable instant messaging wasn't a shift away from Jabber: it was a shift away from interoperability. Requiring all chat communication systems to be Jabber wouldn't have helped, and it would have prevented IRCv3.
Once upon a time, Jabber was the messaging protocol. But what killed interoperable instant messaging wasn't a shift away from Jabber: it was a shift away from interoperability.
And how is interoperability possible without agreed standards?
The problem is not primarily technological, it is a problem of rule of law. Google is a serial violator, found guilty multiple times. So it is a failure of enforcement of law (unless government actions in the near term end up being very dramatic).
If someone points a gun to your head, I guess you could solve that by inventing a personal forcefield. But until you do, we need law enforcement as a deterrent against murder. Otherwise murderers will just keep on doing it.
There has never been a utopian past and there will never be a utopian future.
I wouldn't call it utopian, but I'd say we are way past "peak democracy" at this point.
There was a time in which corporations did get broken up when too large, when we did understand that it's about serving the population first and accumulating wealth after that, when corporations influencing politics was widely seen as a negative. It does seem to me we are now way past that.
Personally I think there are technological preconditions for stable democracy that have recently been countered by authoritarian leaning technology. We need to invent counter technology to those things.
New technology doesn't change anything about social institutions - the most powerful groups before the technology was invented simply own the technology after it's invented and use it to further cement their power.
I think the luddites were on to something. We don't need technology, we need humans doing things a little differently, maybe even doing bizarre things like setting factories on fire. Personally I hope we can try other things before setting factories on fire, see Keith McHenry's version of The Anarchist Cookbook for peaceful resistance solutions as well.
The point is though without a restructure, new technology doesn't liberate, in fact it further entrenches existing power structures.
New technology doesn't change anything about social institutions
This is of course demonstrably untrue. Marshall McLuhan devoted his life to illuminating how technology changes society. The printing press, radio, television and the Internet have all undoubtedly changed our social institutions. It's hard to imagine secular democracy ever becoming a thing if we hadn't been able to mass produce books and newspapers, and writing manuscripts had remained mostly under the control of the Church. It seems less probable that the Nazis would have come to power if not for the immense skill Goebbels and Hitler had in the use of radio. And I doubt Trump would have been elected if he hadn't known how to press people's buttons so well on social media.
Let's not forget that more ancient things like fire, agriculture and accounting are also technology that irrevocably changed humanity and put new people in power. Or take a look at how railroads remade American society. Or how sufficiently advanced sailboats placed half the world under the thrall of colonialism...
Absolutely there can exist technologies which are anti-democracy, and surveillance technologies are exactly that. You become afraid to say or write the wrong thing in public, and then to say or write it in private, and then to even think it, and finally the thing is forgotten. I felt like Orwell made the point well enough in 1984.
All that said I don't see technology saving us from our current problems, it needs to be invented, it needs to mature, there needs to be adoption. One might imagine mesh networking and censorship proof distributed messaging or something having an influence on society but we simply aren't there yet.
The printing press resulted in the first ultrapowerful media companies that were able to capitalize on later revolutionary technologies such as radio and television (for those nimble enough to keep up with the times). Even in that era the newspaper was leveraged to serve the needs of the wealthy and solidify their power. Countless unpublished books that couldn't get picked up by the publishing houses. And the end game of those media technologies is Rupert Murdoch, Disney.
You are right, power shifted from the church to other Capital holders. And the laborers continued to labor at the whim of some new master.
Railroads led to Standard Oil and America's first ultra powerful monopolies, laying rail to serve their needs (or wasting rail to suck money from the government) rather than the needs of the people.
Sailboats created the East Indian trading company and actual corpotocracies, as you said.
Incredible changes to society in so many ways except perhaps the most important, and that's my point: it won't be technology in the end. It wasn't technology that led to the syndicalization of pre Franco Spain, or the revolutions in Russia and the ROC, or the development of the Paris commune, events that signify some of the few brief times in our history that the core paradigm was shifted if only briefly.
You become afraid to say or write the wrong thing in public, and then to say or write it in private
It's called "social cooling": https://news.ycombinator.com/item?id=24627363
but we simply aren't there yet
Actually, I2P is already here. It should be promoted more.
It is simply that, eventually, people learn how to use technology to their advantage.
Technology, its development and production, is one thing that they control.
The rest of the population (the nonbillionaires) is another thing that they seek to control. It's near the top of their list.
Phones, internet and social media are tools for controlling us. Arguably. Right?
Or are you talking about a very specific industry, because the thread sounds like it is all society or "Late capitalism" which I disagree with.
We have given capitalists more and more power pver the last few decades and instead making things better, its just allowed them to nueter the government regulations that would have prevented them from fucking common people over. The market can not solve for this the same way it cant solve for education or the military. This needs laws
There are laws on the books, Google's breaking them, and it's just forging ahead with more of this anti-consumer control crap anyway. Google's unique in American history, it has recently been ruled an illegal monopolist in two cases in two markets and a third ruling against them in a third market is likely to drop soon. Even Standard Oil didn't achieve a rap sheet like Google's.
Yeah of course we need government action and I'm calling for that. But people need to realize that this monster is way bigger than just passing a law. The judges need to be choosing harsher remedies including a breakup. The enforcement apparatus needs to be stronger, willing and able to seize direct control of the company if it doesn't comply or complies maliciously. EVERYTHING in the system needs an upgrade because Google is so uniquely huge and criminal in the context of American history.
They are a different, far larger and more intractable problem than your standard, garden variety corporate criminals and extreme measures are needed to rein them in.
Now, imagine a future where the Web platform didn't become a duopoly and Phone+Tablet+PC OSes didn't become a triopoly. A half dozen vendors globally for one, and a different half dozen for the other. That's a very very different world where someone is going to carve out plenty of market share by letting you continue to install your own apps even if they're ad blockers or whatever else you would like. You just wouldn't get 12 companies plus the US, EU and Chinese governments or whoever to all agree on a single platform. We need the big guys to fight. We need the market to be divided. We need competition. We need to slay Google and never have another Google again.
And are you going to force app developers to support all of these platforms?
So exactly what law is Google breaking?
I mean, why do you need us to repeat these very well publicized convictions that have been all over the news? They've been found guilty of anti-trust violations in multiple cases in multiple American markets. The details are just a Google search away... Are you disputing the court rulings that Google possesses a monopoly? Which court?
Here are the big, recent U.S. antitrust rulings against Google, with what each court actually decided and where things stand:
#1 Search monopoly (DOJ v. Google – “Search” case) — liability found (Sept 2024) A federal judge found Google illegally maintained monopolies in general search services and general search text ads, violating Section 2 of the Sherman Act. Remedies are being handled separately.
#2 Open-web ad tech (DOJ & states v. Google – E.D. Va.) — liability found (Apr 17, 2025) The court ruled Google monopolized multiple digital advertising technology markets (tools used by publishers and advertisers), harming publishers, competition, and consumers. Remedies proceedings are underway.
#3 Android app distribution & in-app billing (Epic Games v. Google) — jury verdict + injunction affirmed on appeal (Dec 2023 → Oct 2024 → Jul 31, 2025) A jury found Google violated antitrust laws through exclusionary Play Store practices and tying Google Play Billing. The trial judge issued a nationwide permanent injunction (Oct 2024) requiring Google to open the Play Store to rival stores and payment options; the Ninth Circuit unanimously affirmed (Jul 31, 2025).
Case #3 is the direct answer to your question, but I want to again point out that the really serious problem is how Google has abused its market power in MANY US technology markets, and found guilty of these abuses independently by multiple judges in a short span of time, a feat of criminality even Standard Oil failed to achieve. This is why a historic level of action against Google, probably greater than that taken against Standard Oil, needs to be taken.
It's all in the court cases and it's all available publicly online for the interested public to read.
Edit: also, this comment is already too long, but in case it doesn't stand out as obviously to everyone else as it does to me, Google now introducing an additional layer of Google approvals above the multiple app stores that the court is forcing them to accept in case #3 is so amazingly, obviously a telegraphed case of malicious compliance, they are not even trying to hide it. This is the kind of thing I'm talking about when I'm saying passing more laws is part of the solution but not nearly enough on its own.
Today, when we have significantly fast tools, more standards, more shared knowledge, and MUCH more noney moving through the ecosystem, yet somehow it’s harder to support more platforms.
There’s a problem either at the level we’re talking about (the mono/duo-polies), or perhaps one level higher (national economies). My hunch is that it’s the same problems that are widening wealth gaps the world over (not just in the tech industry), but I’m open to other ideas.
Governments should be supporting this competition, or at the very least not encouraging monopolies/duopolies. Give loads of support/help to startups, small businesses. Let the large corps fund themselves.
But instead, we end up giving them huge tax breaks, anti-competitive legislation and even give them a voice in government.
What I like about your comment is that it points out that all technical work-arounds are moot if people as a whole are not willing to stand up with pitchforks and torches to defend their freedoms.
If your system requires extraordinary political efforts from large numbers of people, your system will fail. We are the elites, we have to oppose this. If Netflix asks us to implement this kind of DRM, we have to resign. If Facebook asks us to implement sophisticated surveillance, we have to resign. Etc. etc. We can't keep cashing the checks and then point to the body politic like "I beg you to stop me".
A handful of tech-savvy users with rooted devices and open-source software will not make a difference to the giant crushing machine that is the system.
Agreed, although I don't think that's entirely true, its just that post-smartphones we no longer have any political agency over a significant volume of the new traffic. Much of the new traffic represents that faction of people who initially mocked the internet as "nerd shit". But we don't have to get discouraged by our smallness here.
Rather we can offer a sub-system that satisifes our demands and is an open door to those willing to find it. We could try to fight our corner, but unless we're incredibly organised, its unlikely they'll listen due to how less relevant we are, now that all the normies transitioned online.
So we either jump ship to other, more permissive platforms and help make them good by developing software that closes the gap, or we counter by attacking the systems that prevent people from installing software on the device they have bought.
We just shouldn't expect the general population to care about our problems en-masse because they never have and never will. We will make a difference by creating an alternative sub-system that is poised to grow when the giant crushing machine stumbles at some point in the future.
We can't hate people for picking the parental wing of Apple because for most normies they don't enjoy the freedoms of technology, its the choice and difficulty that they conversely find oppressive.
A study was done a while back of average user competence and when given the task of arranging a meeting in a calendar app for a time where all participants could attend (given calendar conflicts) a meagre 5% of participants succeeded. The bar is tragically low for technical literacy and 95% of people (ballpark) fail to clear it. I'd imagine the first time these sorts of people are aware of side-loading is when they get scammed by being told to side-load some malware. So for these people they wouldn't even notice their digital rights being eroded or taken away completely, because they don't even understand how or why they'd be important.
Then there's the 1%'ers, people causing trouble, be it by being biker thugs or malware authors or toplevel pirates, actually disrupting the system but often not in a way that's good for the masses and when clashing authoritans the authoritans win due to the masses good.
And yes, the "good" for the masses is more about malware whilst DRM is more of powergrab by media industries that were unwilling to adapt.
Maybe conceptually you will be able to run some kind of open operating system with your own code, but it will be unable to access software or services provided by corporate or governmental entities.
This has been obvious for some time, and as soon as passkeys started popping up the endgame became clear.
Pleading to the government definitely can't save us now though, because they want the control just as much as the corporations do.
as soon as passkeys started popping up the endgame became clear
That's why I'm 100% against passkeys. I'll never use them and I'll make sure nobody I know does.
They're just a lock-in mechanism.
Before the branding they were known as FIDO2 "discoverable credentials" or "resident keys".
Two things have changed with the rebrand:
1. A lot of platforms are adopting support for FIDO2 resident keys. This is good actually.
2. A lot of large companies have set themselves up as providers of FIDO2 resident keys without export or migration mechanisms. This is the vendor lock-in part (no export feature), but it's not a feature of the underlying tech itself.
Fwiw FIDO are actively working on some standard for exporting/importing keys so that's something.
If you want to use passkeys without lockin, just use Bitwarden or KeepPassXC - they all have full support. Or you can also store a limited number of passkeys on your FIDO2-compatible hardware key like Yubikey or the open-source Nitrokeys.
trying to pressure KeepassXC to remove exporting passkeys in an open format
I'm not sure that's an entirely accurate representation of the request? At least from a quick skim the claimed issue is being able to export keys in plaintext. For example, from the issue author:
I strongly recommend you temporarily disable this feature or at a minimum require file protection/encryption.
And later:
> Besides, determined advanced users could just write code to decrypt the kdbx file and extract the passkeys anyway.That's fine. Let determined people do that, but don't make it easy for a user to be tricked into handing over all of their credentials in clear text.
I don't quite understand why requiring file protection/encryption can't be a temporary minimum bar here.
To me that doesn't sound like they're requiring a proprietary format. Something like AES encrypted JSON sounds like it'd work as well, and that sounds pretty "open" to me?
> That's fine. Let determined people do that, but don't make it easy for a user to be tricked into handing over all of their credentials in clear text.
Has there even, ever, been an instance of that happening?
There's an entire subsection of the security industry dedicated to this happening. The DefCon international security conference holds an on-stage competition where security researchers demonstrate this happening to real targets in real time in front of a live audience.
I've complained about this GH exchange in the past and have come to understand that Apple is also part of the alliance, and the entire concept of blocking software-only password managers is just dead outside of enterprise situations where they mandate the hardware/software anyway. Mr. Cappalli might disagree, but he and his employer do not have the power to change this without breaking the standard and throwing away over a decade of work.
---
There's levels to appropriate paranoia around these things of course. SSH private keys are stored in plaintext for millions of engineers around the world - sometimes probably even passed around through unsecured emails or whatnot I would guess. They're still largely more secure than user:pass on aggregate, despite that rather major peril.
So ultimately, plaintext creds are not necessarily catastrophic. But still - imo - something worth concerted effort to dissuade at least at early stages of standards' implementation.
---
Edit: also, looks like the outcome of that thread was ultimately that KeepassXC have opted to implement the spec as per[0]. Good outcome to a good request.
[0] https://github.com/keepassxreboot/keepassxc/issues/11363
Lots of services that don't support passkeys currently require remote attestation. Boycotting passkeys (an open, possibly beneficial tech that doesn't require remote attestation) will not prevent bad actors from requiring remote attestation (with or without passkeys).
Passkeys have many benefits over current alternatives for auth, & the inclusion of remote attestation doesn't make them worse than current auth because all current auth can be coupled to remote attestation.
Continue to oppose remote attestation but do use Passkeys. They're a massive improvement.
The large adoption of those devices and standards did not lower the price.
They probably just banked on the enterprise market where every CISO was pressured to tick the hardware/2FA checkbox. And is then gonna allow to use the Microsoft/Google "software" one because it is hard to manage otherwise.
It's also become a much more niche product as software based (and/or primary-device-hardware-based) solutions have evolved & improved. & niche costs more.
All that said I'm really not sure why they've been so quiet on new series releases.
I think there's a bunch of factors to why yubi have upped their prices - not least, waiting for competition in their form factor & not seeing any emerge (token2 & nitrokey are much bulkier)
It is true about the size.
Sill I do not understand the price difference between 5C Nano[0] and the PIN+ Mini-C[1]. 3 to 4 times more expensive depending on the currency.
-[0] https://www.yubico.com/pt/product/yubikey-5-series/yubikey-5...
-[1] https://www.token2.com/shop/product/pin-mini-c-release3-1-fi...
You can choose not to do this, and that's fine. Hardware attestation is dead because Apple refuses to implement it, so no one can force you to.
These days I would explore the TPM option, but I'm worried that has less legal teeth than a physical key if I'm in a law enforcement situation.
There's also practicality; I really, really don't want to tell my boss that TSA or whoever had access to the company git repositories and databases for X minutes or hours, and that's sidestepped by checking a bag with the Yubikey (wastes their time) or mailing it to the destination (needs a warrant).
Why do you think they would even allow this? If you think that governments don't have the incentives or the means to criminalize running non-approved OSes, or the unauthorized use of non-approved hardware, you're insufficiently cynical.
You can do manually like the old days, EXPLICTLY ALLOWING NON GOOGLE/APPLE to do banking in their own mobile phone meaning THERE ARE MILLIONS OF USERS that can fall victim to scammer+cracker
how cant you see all of that???? ITS JUST NOT ABOUT YOU
edit: please educate first, y'all need to know differences between mobile banking and internet banking
You can downvote me all you want, but I don't want to hear lecture from non-security compliant engineer about what to do about security
Users on Apple and Windows are not safer because a bank has chosen to block Linux.
internet banking via browser has been OS agnostic way before mobile banking exist
please educate/research what is mobile banking before making an literally false argument that is not about mobile banking
Before you ask, no, other banks aren't any better where I live. They all stopped using physical 2FA keys years ago. And no, they won't let you come in physically for things that can be done online.
This is why they limit service to certain devices or OS versions, even when it comes at the expense of convenience.
What if I want to require (for anti-piracy reasons) that to use my software you must also give me complete access to your computer, all the data on it, and all your communications. You might say, "Well, if anyone is stupid enough to make that deal, let them." But it's easy to sugar coat what you're doing, especially with less technical users. I think it's better to say, "That's just not something you are allowed to do. It's trampling on rights more important than your anti-piracy rights."
In the same way, you cannot murder someone even if they agree to be murdered (an actual case in Germany).
What if I want to require (for anti-piracy reasons) that to use my software you must also give me complete access to your computer, all the data on it, and all your communications.
That's exactly what happens with anti-cheat kernel modules. As one might expect, ordinary people couldn't care less, as long as it works good enough.
We cannot expect those rootkits to be properly supported long term for any security issues they may cause. I would think that the solution is simple: nobody forces them to make their IP available in non hacked computers...
If they want a hardened computer to deliver their IP, then they should sell their own hardware. But forcing their blocking into the whole stack is not acceptable.
For instance: I cannot see any udemy or netflix content from my computer, because their IP protection blocks the lenovo docking station I use to connect my monitors to my MBP... each part is standard! And somehow nobody tested that scenario. So, no, that tech is barely tested, it must not be forced into any computer.
As I understand it, Netflix wishes to authenticate the device, and DRM their content. I'm not aware of anything beyond that (but I'm also not paying attention. )
Now you may have used the example of what might happen, but then Netfix seems a strange example. Surely Apple and/or Google are more likely players in that example?
why shouldn’t Netflix have the right to choose who they distribute content to?
power asymmetry
Edit: i mean to say this is true whether or not you've even heard of the company.
There's a lot of media worth studying, analyzing, and preserving. And in that sense, between the constant churn of catalog items, exclusive content, and the egregious DRM, I think these sorts of streaming services are, unfortunately, kind of harmful.
Now, if you want to do an in-depth study of film and television material as a whole, you're actually better off avoiding Netflix and making use of archives such as public libraries, university libraries, and the Internet Archive.
I say "know-how" and "access" because, while I'd still argue decrypting, say, Widevine L3 is not exactly super common knowledge, decrypting things like 4K Netflix content, among other things, generally requires you to have something like a Widevine L1 CDM from one of the Netflix-approved devices, which typically sits in those hardware trusted execution environments, so you need an active valuable exploit or insider leaks from someone at one of the manufacturers.
But also on top of all of that, you also need to hope other people kept the upload alive by the time you decide to access it, and then you also often need to have access to various semi-elitist private trackers to consistently be able to even find some of this stuff.
The legal issues with DRM here are hardly exclusive to Netflix and other streaming services, but at least in the case of things like Blu-rays or whatever — even if it is technically illegal in most countries to actually make use of virtually any backed-up disc due to AACS — you usually don't have the same time-pressure problem nor the significant technical expertise barrier.
If streaming services like Netflix are harmful then we should avoid using them. Thus it should not be important for our freedom-preserving computers to be able to access Netflix.
I generally do avoid them whenever possible, though, yes. And I've explicitly disabled DRM support in Firefox on my computer. But I am just one person and I don't think my behavior reflects the average person, for better or for worse.
decrypting things like 4K Netflix content, among other things, generally requires you to have something like a Widevine L1 CDM from one of the Netflix-approved devices, which typically sits in those hardware trusted execution environments, so you need an active valuable exploit or insider leaks from someone at one of the manufacturers.
Or just use a cheap Chinese HDMI splitter that strips HDCP 2.2 and record the 4K video with a simple HDMI capture device.
But if you are talking about preserving media or making media accessible, then it's not like we NEED 4K.
I don't think you can really solve this problem as long as there's an operating system monopoly, or even duopoly/triopoly. The lure of total control is just too great. Every operating system vendor, hell every intellectual property vendor will always dream of it. A company that becomes powerful enough to put chains on its users will do so.
From the British Raj to Standard Oil to IBM and Microsoft, monopolies are some of the most powerful forces in history. There is a case to be made that we were on a similar path with Microsoft until a combination of the Internet and a half-assed but not completely ineffective anti-trust campaign made them hit the brakes, for a while.
I think that the solution is to highlight the abuses perpetrated by the biggest tech giants specifically, and advocate for radical government action on multiple levels. #1 to break up these companies. #2, to shackle them and anyone who gets as large as them so that they can't do anything like this again. #3, publicly fund the development of competing, open operating systems.
If you are a US citizen then #1 and #2 are the more realistic paths and you should be watching the various anti-trust cases against Big Tech like a hawk, the celebrity du jour is really Amit Mehta who is scheduled to release his Google remedies any day now. You need to make it clear to your representatives that this is your top issue at the ballot box. We need a second American Progressive Era that's seasoned with digital rights and anti-megacorp sentiment and with "doomscroll" and "Luigi" having entered the vernacular I think we could be closer than many here believe.
If you are an EU or Chinese citizen you should support the development and adoption in those polities of alternative, Linux-based operating systems. In the way the South Korean government specifically encouraged the growth of Samsung into a company with a global footprint, you should do that for local companies which develop OSes that compete with Apple and Google's. These geographies fundamentally can't do much to influence the American legal system so they should instead lean into public sentiment around nationalism and sovereignty and tie these to software freedom because that is likely the only elemental, emotional force that will capture enough public attention and support. Use state-scale resources to create competition for the American tech giants and establish a balance of power, because they are assuredly your enemies at this point.
And lastly for the ten millionth time I'll say it - Stallman predicted this. He saw it all coming. He warned us. He told us what would happen and what we needed to do. It's time to listen and to think big.
The Stallman generation is slowly leaving this realm, the opportunity has been lost already.
The digital hermit argument is not going to resonate with 99.9% of users. People buy devices because they want to do stuff. Telling them they shouldn't do what they want to do is never going to convince anyone.
The real question is where are the representatives who are supposed to be acting in the interests of their people while all this is happening? We seem to have regulatory capture on a global scale now where there isn't really anyone in government even making the case that all these consumer-hostile practices should be disrupted. They apparently recognize the economic argument that big business makes big bucks but completely ignore the eroding value of technology to our quality of life.
However all of these things are not technical
You understand it, but even in this thread you have people proposing solutions like switching from traditional banking to bitcoin, stoping using Netflix and starting torrenting again etc.
Tech crowd always tries to solve non-technical problems through technical means, and this is why I don't have much hope.
Look at Chat Control in the EU: they started with mandating server-side scanning. Nobody liked that so everyone implemented E2EE. Now there's a new law that adds mandatory client-side scanning.
Most of my tech-brained friends are saying "whatever, we'll just compile from source or use alternative means of distribution. But is that becomes popular, what's the next step? I'm fully expecting the EU's to then try to mandate the service providers need to ensure their apps aren't tampered with, which can only be done by locking devices down to official means of distribution and implementing end-to-end cryptographic attestation. Then we truly are out of options.
Establishing trust with hardware, firmware, and operating system software is currently an intractable problem. Besides the halting problem and the reflections on trusting trust problem (i.e., supply chain problems) the sheer size of these codebases and object code (since you'll need to confirm that the object code is not altered as in the reflections on trusting trust paper) is just too big for the public to be able to understand it. Sure, maybe we could use AI to review all of this, but... that's expensive if every person has to do it, and... that's got a bootstrapping problem.
Basically the walled garden is unlikely to go away anytime soon. It would be easier to change the rules politically to do things like reduce transaction fees, but truly allowing the wide public to run anything they want seems difficult not just politically but technically, because the technical problems will lead to political ones.
Unfortunately for now it seems our representatives are letting them have it so personally I'm rooting for a snake-eating-its-tail moment as a result of Windows 10 losing support. There will inevitably be erosion of security and support for applications on Windows 10 once Microsoft declares it yesterday's OS - as we've seen with past versions of Windows. This time there is the added complication that a lot of perfectly good hardware can't run Windows 11 - largely because of the TPM/verification issue we're discussing.
So probably a lot of people who haven't moved to 11 yet aren't going to unless their current computer breaks and they get 11 by default when they buy a replacement. If the charts are correct then 11 only recently overtook 10 in user numbers. After all this time and despite all the pressure from Microsoft and the imminent EOL of Windows 10 over 40% of Windows users are still running that version. (https://gs.statcounter.com/os-version-market-share/windows/d...) So how exactly do the big organisations that want to control the client plan to deal with that over the next few years?
Unfortunately unless there is also some sort of intervention to deal with the collusion and market manipulation by vested interests I doubt enough Windows 10 refugees will jump to open platforms when their current devices fail for those open platforms to reach a critical mass of users. If five years from now Windows 10 user levels are negligible and almost all of the former users are now on Windows 11+ by default then the controlled client side probably wins effectively forever. I think it would take something dramatic happening that increased the desktop market share of open alternatives like Linux to say 10+% to avoid this fate. The only likely source of that drama I can see is if Valve's support for gaming on Linux encourages significant numbers of home users to switch and then general public awareness that you don't have to run Windows or macOS increases.
Another though; if we were actually able to pass laws that helped people, one that I’d like to see would be: for a totally locked down proprietary device, everything done with it should be the legal liability of the vendor. If your bank account gets broken into via the device, you can’t audit what happened, you couldn’t have have broken it, so it ought to be their responsibility.
This is why it's so important to defend the real principles here not just the technical artefacts of them.
You're not wrong, but technical artefacts can be an important step in the right direction. I came to my bank, showed them my Librem 5 phone and asked where I can download an app for it. It was a much clearer message than "but Android isn't free!" (which is of course true). I do the same with governmental services. It also makes it much easier to explain to ordinary people that the choice must not be artificially restricted to just two megacorps.
You don’t have the right to other people’s content - especially for rental content in the case of Netflix.
Even if you don’t agree with that, do you really think that Google should allow Google Wallet run on hardware where they can’t verify the security? No one in the payment chain would trust Android devices. Credit card terminals and every one else has to fall under compliance regulations.
The banks are liable for fraud. Are you okay to say if use unverified hardware to use banking services they aren’t liable for any losses?
It doesn't work. Everything from banks to Netflix and others are slowly edging out anything where they can't fully verify the chain of control to an entity they can have a legal or contractual relationship with.
Theres nothing stopping a hardware vendor from being able to delete the system installed keys/certificates, breaking trust to allow you to install your own. Sure netflix might not like it but you still have the right to run your own code and netflix has the right not to trust your OS.
Governments shouldn't be able to prevent me from end to end encrypting things.
Agreed.
[a] whether that's a single device like a fingerprint scanner, or a device like a phone or tablet
[b] no crippled or low-performance open source driver
[c] any OS, including Windows, Mac, Linux, BSD, or some obscure minor OS as long as such OS is readily available for free or for a reasonable price
E.g. if using open free platforms was already the norm, netflix requiring a verified OS would just result in netflix becoming unusable for most people rather than just killing a couple edgecases used by a relatively small number of people. And so it would no longer be in their financial interest. It's why we've had desktops for so long without this happening, although the pieces are finally being put in place to make it a reality.
Banks on the other hand have so much more control over my life. With their apps being locked to the two major mobile OS I have many hoops to go through when I want to use an alternative one. It's not impossible yet, but it becomes very cumbersome to do so.
I do love freedom but such freedom will come with a disclaimer. You do want to use a bank app unsigned and you do not want the bank to check your latest SIM card replacement. You understand and assess the risk and will not discriminate the bank for any loss occurred. Same with Netflix and piracy.
This is fair.
Sometimes this system may have warts like not getting to watch Netflix on your Switch, but that seems like a small price to pay for respecting individual autonomy.
This isn't a surprise. A vocal minority have been saying the same ad infinitum.
The need hasn't changed, and won't change; however there's a strong likelihood we'll get to a point where action isn't possible because we've passed the point of no return.
One of the articles: https://palant.info/2023/01/02/south-koreas-online-security-...
I often recommend people to kill their subscription as well because of this fact. Netflix just isn't oriented to improve their service for their users and it shows.
It won't hit any of their KPI or metrics, but their shitty behavior has a real effect. That said, most other alternatives suck as well. Killed Paramount almost immediately, can't remember why I left Disney. I think there were similar issues.
Netflix shouldn't be able to insist on a particular type of DRM for me to receive their service.
Maybe it’s just a bad example, but why would this be true? As a private company delivering entertainment, they can have any restrictions they want as a condition to selling to you.
Everything from banks to Netflix and others are slowly edging out anything where they can't fully verify the chain of control to an entity they can have a legal or contractual relationship with.
We need to make that illegal. Classify it as discrimination. They should be obligated to treat any client that tries to connect the same as they would treat their own software. Anything else is illegal discrimination against users, a crime comparable to racial discrimination.
Anything short of this means they've won. Everything the word "hacker" ever stood for will be destroyed. Throw all FOSS into the trash. None of it matters anymore. What's the point of free software that we can't run? That can't actually do anything useful because it fails remote attestation? Completely useless.
What are you prepared to do to reverse the contemporary tide of tyranny? What have you done to make those in power afraid to move forward with policy founded in loathing of humanity?
I think it's worth adding that this is fundamental enough to not just be a tech issue. There's a strong legal framework in almost all developed companies for regulating companies where acting in their self interest harms the consumer interest. Without which, lots of things we take for granted (electrical safety certification, usb c, splits between serviceand investment banking).
I think the key thing that's missing at the moment is that the types of restrictions OP is mentioning (DRM, blocking encryption) harm both consumer rights and economic development.
That's an argument that needs to come from people knowledgable about both the indistry, and the technology. Like a lot of the people reading this post.
Politics is a spectrum. Some claim that model is oversimplified but it's not. Here you're making a left wing argument that individual bad actors must be regulated for the good of the collective. However, left politicians would look at the situation and see the opposite. They prioritize an authoritarian safety-first victim-first mindset, in which individual freedoms are sacrificed to help the weakest. But companies like Google and Apple are already doing that. And whilst you're trying to hammer this situation into a left wing framing, the number of individuals who care about the freedom to install apps from anonymous developers is very small. Trivial, on the scale of a country. They do not represent the "consumer interest" in any meaningful way.
So if you lobbied politicians this way, Google/Apple would lobby back and they'd say, we are exactly what you always demand! We're acting proactively to protect the victims by limiting the freedoms of bad guys for the greater good. And the left would be not only highly receptive to that message, but having suddenly become aware of what is technically possible would likely demand they go much further! We already see this with left wing governments banning VPNs and DNS resolutions so they can better control the internet in order to keep this or that group safe.
Which sort of politicians care about the rights of freedom-loving minorities over the safety of the collective? Libertarian politicians do. But they are themselves in a minority, and would not be receptive to an argument framed as "we must regulate the big evil corporations for the greater good", because regulation is always about removing freedoms: in this case, the freedom to design a computing device as you see fit. They probably would be receptive to an argument of the form "it is important to be able to distribute code and communicate anonymously", but prioritizing something so few people care about is exactly why they don't tend to win elections.
So there's no direct solution in politics, but the closest approximation is to support politicians who are more libertarian than average. They won't solve the problem but they will at least not make it worse, and might be open to very targeted regulations that can be framed as protecting market competition e.g. requiring unlockable bootloaders can be framed as protecting competition in the operating systems market. Meanwhile you can try and increase the popularity of platforms that prioritize freedom over safety. In practice that means demonstrating some sort of use case that the big vendors disallow, which is valuable, morally positive and requires anonymous app distribution.
When you look at it like that, then what Google and Apple is doing does not fit this point of view. They are (extremely) powerful entities imposing themselves on the whole world.
here you're making a left wing argument that individual bad actors must be regulated for the good of the collective. However, left politicians would look at the situation and see the opposite. They prioritize an authoritarian safety-first victim-first mindset, in which individual freedoms are sacrificed to help the weakest.
I think you're simplifying a few things here, mainly the amount of different views that are under the umbrella you're classing as "left-wing" (some of which will fit your categorisation, and some won't) and the amount of different issues under the umbrella of "running your own things".
What I'm trying to say is that there's multiple arguments to be made along the lines of "large companies can and should be restricted from blocking out freedoms of smaller companies and individuals". There's a big economic argument to allowing competition, and I think that's something that unites a lot of thinkers you'd probably class as right wing, as well as the traditional left.
- If you want to run something other than iPadOS or Google TV, go for it. (Smart TVs are just tablets with a don’t-touch screen.)
- If you want to install spyware on someone’s phone, you can’t; the HSM keys held by their OS are lost when you try to install a patched version and restore from a backup, and their backup doesn’t restore properly because half of it depends on the HSM or the cloud and everything is tagged with the old OS’s signature.
- If you want to patch macOS and then deploy it to your fleet, you can; it won’t be Signed By Apple but you’re an enterprise and don’t care about the small losses of functionality from that.
- If you want to dual boot, go ahead; the issues with the HSMs not permitting you to host two OSes worth of partitioned keystones can be resolved by regulatory pressure.
This satisfies all the terms of “let me install whatever I want”, while allowing the OG App Store to continue operating in Safe Mode for everyday users in a way that can’t be entrapped without the scammer on the phone telling them to delete everything, which destroys the data the scammer wants.
My car already allows me to do this. My phone should too.
My car already allows me to do this. My phone should too.
If you're referring to CarPlay and/or Android Auto you should know that it's not actually running on your car. It's basically RDPing your phone onto your car screen. You can already install RDP apps on your phone and connect to systems that provide more freedom, of course.
For example, by bank (abn amro) still allows online banking on desktop via a physical auth device, but they are actively pushing for login only via their app. I called their support line for a lost card, and had to go through to second level support because I didn't have the app. If they get their way, eventually an apple or google account will be mandatory to have a bank account with them.
My kid goes to a school that outsourced all communication via an app. They have a web version, but it's barely usable. The app doesn't run without certain google libs installed. Again, to participate in school communication about my kid effectively requires an apple or google account.
I feel like the conversation we should be having is that we are sleepwalking into a world where to participate in society you must have an account with either apple or google. If you decide you don't want a relationship with either of those companies you will be extremely disadvantaged.
So far I've been able to avoid using apps for pretty much anything, but when the school says "use an app or you won't get your kids" and then also say they will call CPS and have your kids seized if you don't get them in time, that puts you in a real fucked up situation.
* No cellular service
* No landline service
* No postal delivery to your property, and a physical address that isn't in any database
* No public utilities
I HATE this kind of nonsense, and threatening you as a parent is only making things worse. Why not offer a way to handle this on a simple website? It would have lower cost to the school and be more accessible to anyone with any device able to access websites. Nonsense.
There's also the problem that once they have your kid, the tables are completely turned, rather than them showing why they should take them, now you have to show why you should get them back and that is a process that can be dragged out for over a year.
Unfortunately CPS has wide latitude, secret courts, and the ability to unendingly fuck with you, so it's better just to not "invite" them in your life if you can. And if they do manage to snatch your kid, note they give so little fucks for the kid that their contractors will leave a kid in a hot car to die because apparently that's safer than being with their parents.[]
[] https://abcnews.go.com/US/3-year-dies-hot-car-custody-contra...
I once called them because the day care lady of a friend‘s kid is a bit of an idiot and kinda scared us about mass closure of day care centers and it was probably the nicest interaction I’ve ever had with a government agency.
But from what I’ve heard, America in general is a whole other beast both regarding expectations for parents, trust in the kids and the trouble you can get in for minor things.
I grew up in a low income neighborhood in the Netherlands and many times saw people be utterly terrified of CPS. In many cases these were households where outside help could've been really useful, but even in the worst cases where heavy CPS involvement was the only option (real "take the child away" cases), the child's situation often unfortunately hardly got better, just different. In less intense cases CPS involvement often just seemed to thrust a compliance burden on households without offering much real support, mostly just leaving people feeling guilty and stigmatized. Overall still better for them to exist than not, and budget cuts and restructuring really hurt the situation later, but still an organization with very real odds of making the situation worse, sometimes catastrophically worse.
The only saving grace has been be my eyes and other apps that allow for some level of access without needing another human available. It really sucks though as back in the early 2000s strides were being made for the blind community but now it feels like things have regressed because of technology and basic human dignity and kindness has lost out.
Similarly, if the school is going to have control over your kids, the school should be prohibited by law from requiring you to use an app that's tied to a particular company. They should be required to provide you functional access using any client that supports the appropriate open standards.
For the bank, I don’t really see why it would be preferable to intervene with the bank vs the tech company. Either way the state will have to impose on a private company.
You need a bank to function--that means the bank should be prohibited by law from tying you to an app from a particular company, whether it's Google or Apple or anyone else. You should be able to access their functions using any client that supports the appropriate open standards (such as web browsers).
Really this is an interoperability problem, so the government would have to impose on both sides. An OS should be mandated to come with a browser than supports some locked down functionality—a subset of HTML, nothing fancy, no scripting or anything like that. The bank should be required to provide a portal that speaks that language.
Because the bank has a fiduciary responsibility to its customers. The tech company doesn't. The bank can't just deny you access to your money because you don't want to have a Google or Apple account. That should already be the legal framework, but apparently it needs to be clarified and enforced better.
> Either way the state will have to impose on a private company.
Banks are already not "private companies" the way tech companies are; banks are already agents of the state in a number of important ways (such as being required to report all kinds of transactions, follow know your customer rules, etc.).
In any case, that's not what I was suggesting. I was simply suggesting that banks shouldn't be allowed to force you to depend on certain apps or app stores to get access to your money. Similarly, schools shouldn't be allowed to force you to depend on certain apps or app stores to take proper care of your kids.
I suppose you could print your public key as a QR code on a piece of paper, or display it on a phone, or use a USB security key device, and physically give it to an authorized employee at a local bank branch. Or if there is a way to electronically open an account you submit it then, along with whatever other proof of identification is deemed acceptable. I think root of trust has been, and always will be, a hard problem. It's just about finding the acceptable level of risk. Security is weaponized inconvenience.
Edit: Just to think down that road a little further, I expect the issue exists because the solution chosen by the school/bank/gov't/business will not be the optimal one for users, but the most expedient for the org. They're going to do the lazy thing that works for 80-90%, because there currently is no better alternative that they can implement with minimal effort.
If we look at the past we see that postal mail and telephones became standard methods of communication, but you could always walk into an office somewhere and handle business in person. Now that last default is quickly being phased out. So what should be final fallback method of communication?
So I see two problems: there is no better way, and there is no required minimum. Both need to be solved.
"can't participate in society without a mobile phone" "can't participate in society without internet" "can't participate in society without google"
not sure where is the logical correct threshold making it wrong. because we all accept maybe people not participating without internet.
not sure where is the logical correct threshold making it wrong
This can't be more clear: Forcing to use the duopoly is against the competition and is totally wrong.
I think this is a process; and somehow slowly people accepting those levels, and in a society it becomes normal ( to have whatsapp for friend group, to have facebook for family photos etc etc ) and you are being left out eventually if you are outside of those norms.
So it is not so different for bank to require something like google provided software.
The difficult part is how to guarantee this right without opening the floodgates for all sorts of scammers and organised criminals.
We need some sort of due process proportional in cost to the effects of account terminations (or rejections) on people's lives.
I think the conversation needs to change from "can't run software of our choice" to "can't participate in society without an apple or google account".
This won't work out for you. It just turns into technically being able to, but it being practically impossible. In Sweden (i.e. basically your future), we're already there.
Then we have another problem. Cashlessness. There are fewer and fewer places that accept cash for payment and even if they do some of them won't have change (since it's so rare that other people are paying in cash).
I have a friend now who was cut off from the BankID (and thus cashless) system and it's quite a struggle for him. He has to constantly have other people (i.e. us) do things for him, or drive 40km to one city or another during specific hours to do things (since all the local outlets for everything closed since 99% of people do 99% of everything online now).
How does one get shut out?
Perhaps a story of his life now could be told to whatever politician may make sense? (I just do not know that for your part of the world)
Seems to me there must be some basic government run thing to manage this. Using corporations has too many problems.
And you may tell me BankID is government! Hope not.
The government isn't requiring BankID except for on their own services (where sometimes other options are provided). It's kind of just the most convenient thing that all agencies and businesses end up using. There's no laws around it, I mean. They all opted into it. It's run by a private consortium of banks.
We all had junk drawers of useless charging cables, everyone agreed it was stupid, hence a universal charging connector standard along with the promise that the charger junk drawers will be freed.
Even if we mandate the “POSIX of smart phones”, for lack of a better term, what problem today, for everyday users, does it solve? It might even make interactions with various government technology worse as that API will likely only be begrudgingly supported, which won’t win any hearts or minds.
Basically until you have a one line slogan that most people can relate to which, and is a problem they have today, movement will be very slow.
Also, in the short term, if these various site are AI coded, and thus follow existing software patterns, expect this to get worse.
If for whatever reason you dislike WhatsApp, you just can't also be a society's functioning member.
Some companies have decided to deprecate email and phone support and only have a WhatsApp chat, potentially with AI slop. I've had to discontinue my services with some of these companies because of that.
Even some government services are going through WhatsApp; I've had to be there in person, among senior citizens just because of their tech choices.
I pretty much vouch for "vote with your wallet," but I am running out of alternatives.
It's amazing where those dark patterns are cropping up (government services, SPCA, etc).
Here’s what I mean: suppose I want to order a cup of coffee at a cafe. I’ve made a choice to go to that cafe, and it’s at least generally reasonable that the cafe and I should agree to some terms under which they sell me coffee, and those terms should be enforceable.
But if the cafe requires me to use an app, and the app requires me to use a Google account, then using the app and the Google account is not actually a choice I made — it’s incidental to my patronage of the cafe. And I think it’s at least interesting to imagine a world in which this usage categorically cannot bind me to any contract with the app vendor or Google. Sure, I should have to obey the law, and Google should have to obey the law, but maybe that should be it. If Google cannot find a way to participate without a contract, then they shouldn't participate.
I might even go farther: Google and the app’s participation should be non discriminatory. If the cafe doesn’t want to sell me coffee, fine. But Google should have no right to tell the cafe not to serve me coffee.
(For any of this to work well, Google should not be able to incorporate its terms into the terms of the cafe. One way to address this might be to have a rule that third parties like Google cannot assert any sort of claim against an end user arising from that end user’s terms of service with the cafe. If Google thinks I did something wrong (civilly, not criminally) in my use of the app, they would possibly have a claim against the cafe, but neither Google nor the cafe would have a claim against me.)
One way to address this might be to have a rule that third parties like Google cannot assert any sort of claim against an end user arising from that end user’s terms of service with the cafe.
Or just require retail businesses to accept cash. Which many jurisdictions have done.
Problem solved.
It's not perfect, but nowhere near Google/Apple duopoly. Also this is very local US issue, solvable on city level regulation, while smartphones are everywhere.
Cellphone providers + Starlink mean there’s more than 3 options in basically every US home.
- Starlink
- AT&T wireless
- T-Mobile wireless
- Verizon wireless
The choices of fixed ISPs is often more limited (in my area, the physical options are AT&T copper, Xfinity cable, Monkeybrains wireless).
1. It's not necessarily different. Your ISP has monopolistic power over you, and it should be regulated more aggressively.
2. A non-mobile ISP is currently much less important than an Apple/Google account for interacting with modern society, and less important than it was even a decade ago. If all 1.5 of my available home ISPs turned evil I could manage just fine without them.
3. Given the relative public perceptions this feels weird to say, but Comcast and their ilk are much less problematic than the Apple/Google monopolies. You can largely just pay for internet (plus an extra 10-40% from scammy business practices) and do whatever you want to do, with the analytics they're selling about you being less invasive than those which Apple/Google use.
No one is arguing for using ISP-hosted accounts as an alternative.
The core problem isn't even rooted in identity per se, it's about platform owners actively working to limit access to essential information from platforms they cannot profit from.
Even granting the most cherubic motives, this ongoing behavior is atrocious on it's face and should be prevented by any means, including competition, rule making and legislation.
Google and Apple increasingly become the entity required to identify yourself, either directly ("login with Google/Apple to participate") or indirectly ("use our App on iOS/Android to confirm your identity and participate")
Good times.
I have done some backpacking these past two years, and it is worrying how easy it is to get into big trouble if you lose your phone or payment cards.
As an example, my debit card got eaten by an ATM on my way to Argentina, and after my 6 month travel, the backup credit card I had brought was about to expire.
Despite my card working as a means of payment, I was starting to feel the effects of this corner case in every aspect of modern life. I could not use our equivalent of cashapp, I assume because my card was about to expire. I could not ride public transit, or trains, or do things like book a yoga class with my friends, all because all these institutions basically only let you interact with their service through their apps, where I had no way to pay.
I spent some time visiting friends in the capitol on my way home, and tried to sort the situation out with my bank. They thankfully were able to order some new cards to their office, rather than to my home address. But immediately after my talk with them I found that my one remaining card had been cancelled.
Then I tried bringing my passport to withdraw some cash, but the bank teller almost laughed at me, before explaining that you can't just do that anymore. The bank isn't even allowed to let you get your money in cash and leave. You can get bits of it in bills at the ATM for a fee the price of a coffee, but also that requires a card, of course.
Electronic payment solutions are so convenient, for the public and for institutions, for law enforcement and control, that we've forgotten how much we need to give up in order to use them, and now they're being made mandatory as we trudge along into a cashless society.
Now I couldn't even get food or shelter, if not for my friends. I remember half stumbling out of the bank with my passport in my hand, half dizzy with shock and anger. This, along with lots of other small mishaps like losing my phone and encountering trouble, kind of radicalized me on these topics.
"can't participate in society without an apple or google account".
Wow. You nailed it. Thank you.
When desktop operating systems were dominant, the need for the freedom to control your own software installation was beyond obvious.
But now our phones are an even more dominant/necessary computing/communication tool.
Apple and Google's appeal to security is such a fig leaf. They can continue to lock down our phones, add even more security.
BUT, simply provide a way for users to mindfully bypass that. They could make the pass through screen as scary as they feel they need to. That's it.
(If they did that, customer pressure would naturally build over time, for less draconian warnings, as other verifiably/clearly responsible sources became popular.
Another benefit. Apple would soon put its considerable resources competing to delivering the most robust security of a more valuable kind. The kind that enforces the walls between unpermissioned/dark behavior without limiting desired behavior and innovation. That would create healthier quality-loyalty based "lock in" that their vertical integration and high focus DNA already gives them advantages to "win".)
I really liked Huawei phones and I wanted to keep using them after the US forced them to part with Google, but after doing some research and finding out some of the everyday things I wouldn't be able to do due to not having the Google Play Services (I'm not even talking about not having a Google account!), I just gave up.
I called their support line for a lost card, and had to go through to second level support because I didn't have the app.
What’s the alternative? The bank sending out a debit card to anyone who calls up and says “I’m @kristov, trust me…”
You were not able to served by the standard path, because you couldn’t authenticate yourself via the standard mechanism. You still got service by an alternate path. No different from opting out of the airport scanner; it takes longer and is a little less convenient, but you still get service.
https://www.kiplinger.com/personal-finance/banking/is-your-l...
Since 2020, the rate of bank branch closures in the U.S. has doubled. The majority of those closures come from large and very large banks, contributing to an overall 5.6% decline in total bank branches nationwide since the start of the pandemic.
That's exactly the point: there's an easy and common method that many people choose to use, but there is still a perfectly working method for people who choose to not use apple or google.
Please, don't be so obtuse just for the sake of argument. Any rational, well-informed person can wee where this is going.
That's an example of how the banks are continuing to accommodate customer preference, not the other way around. As to "where this is going", ATMs and debit cards are nearly pervasive and, yet almost 60 years after their introduction, I can still choose to bank with a teller if I insist on not having a debit card.
opting out of the airport scanner
slightly OT, but where can you opt out of the scanner?
Every time I've tried they told me I won't be allowed through security unless I subject myself to the scanner, despite me protesting that they can search me however else they please.
That is domestic US airports plus airports like Toronto and Dublin where you, for practical purposes, clear into the US on foreign soil and land in the US as a domestic flight.
* - I think this only doesn't apply if your boarding pass got tagged with the dreaded "SSSS" enhanced screening tag, but that's a fairly rare corner case for most passengers.
You can opt out of the millimeter wave radar.
Opting out means you go through a metal detector, a 20-second pat-down and perhaps a hand swab for explosives sniffer.
If you have SSSS on your boarding card, that means the pat-down, hand swab and digging through your carry-on luggage happen whether you opt out of the mmwave or not.
From the TSA website, https://www.tsa.gov/news/press/factsheets/technology , "Most passengers have the opportunity to decline AIT screening in favor of physical screening. However, some passengers will not be able to opt out of AIT screening if their boarding pass indicates that they have been selected for enhanced screening."
Can you believe that I had to prove my identity to the support group in charge of requesting replacement cards in order to get a replacement card?!
Uh, yeah, that makes total sense; what part of this tale of woe is surprising or interesting?
Are you under the impression that this wasn't a solved problem for the half-century before "apps?"
Yes, there was some tiny fraction of fraud, but it's not like adding all these layers upon layers of technology has fixed anything. The difference is that instead of getting ripped off by one of the people in your own town, anyone anywhere on the planet can rip you off now.
If you decide you don't want a relationship with either of those companies you will be extremely disadvantaged.
Even more worrying is the inverse of this - if Google and/or Apple decide for whatever reason they don't want a relationship with you (aka they ban you for no reason) - you are completely screwed
Those countries are North Korea, Iran, Russia, Google and Apple.
US Citizen. Contacted lawyers, all informed me they'd given up trying to sue for these things because it's hopeless.
I was released after an HSI guy showed up, took a quick look at me, decided I wasn't a terrorist or whatever, served me the retroactive warrant, and then I was sent on a prisoner transport van to be dumped at the border with my all my shit (including my shoelaces) in a plastic bag.
For the hospital part I was sent a ~$1k bill, which is still in collections.
screw the lawyers. go public and name names
Nothing changed. Same port of entry, same hospital network, same everything (I don't think she was jailed like me though). Lawsuit failed and public press did nothing. Later the ACLU won some kind of suit that forced all involved parties to be warned, which they promptly ignored, and that was the end of it.
https://www.southernborder.org/woman-suing-border-patrol-ove...
https://www.kgun9.com/news/local-news/woman-sues-cbp-over-bo...
to be dumped at the border
does this mean you were originally on your way into the US and that's where they nabbed you, and then when they finished with you they took you back to where they picked you up?
i'm not here to debate or defend in either direction, i don't know enough about any of it, but i believe that i have heard from a lawyer podcast that whether you are a US citizen who is entitled to enter or not, the rules (including your bill of rights status) are different "at the border" because you are not in the US yet
https://ij.org/press-release/us-citizen-and-army-veteran-sub...
I typed up a ~100 page document with very thorough records of the retroactive warrant, what happened, and medical records to try and hold at least the "medical care providers" accountable but the board determined that the medical care providers were performing a (warrantless) law enforcement search and not medical care so their license wasn't in jeapordy. Not sure how they determined this since they were in no way deputized nor were they employed by the government, and in fact I was personally being billed for it.
The CBP argued the opposite, that medical care was rendered and not a search so CBP was not liable for extending the ~12 hours during which they "detained" me with no evidence. CBP argued they held me for my own safety because I could die of non-existent drugs.
The challenges to this have all failed (see Ashley Cervantes, basically identical legal facts) so it seems the courts are pretty satisfied with the catch-22 of any challenges of the criminal aspect to be ruled as medical care (thus unchallengables) and then any challenge of the medical care to be ruled as a detainment for a criminal search (thus unchallengable).
It always starts like that.
What makes this difficult though is that they are under constant attack from highly organised and automated criminal operations that create and exploit accounts en masse.
Any solution to the tyrannical state of affairs we are subjected to (even more so as developers) needs to balance better protections for real people (including as you say for people who have committed some transgressions) with fighting organised crime.
"Harmful" content has significant overlap with freedom of speech, so governments find it hard to ban directly. But when there's a big corporation facilitating access to that content, then it becomes a clear case of "evil capitalist profiting from harmful content - corporations need to take responsibility!".
When a government doesn't like end-to-end encrypted photos and cloud drives, all they have to do is issue a secret order telling Apple to disable it.
And when people find workarounds for intrusive and insecure age verification methods, what's better than a total sideloading ban to regain control?
governments love centralisation of control in very few hands
Honestly, that was one of the things that shocked me about the Digital Markets Act in the EU. It gives them less power over their citizens, not more. (Of course, they also passed the Digital Services Act around the same time, and now they're looking at age verification and breaking E2EE, so I guess they figured they had to balance things out...)
I don't mind this being a bit chaotic. At least it shows that there are trade-offs.
I do think the personal mental health angle matters a lot, but it adds urgency to consider school, banking, etc being dependent on private company memberships.
My local gym did something wonderful. They retained a keyfob-based access system instead of using an app, specifically because the owner knew "someone's going to have a dumbphone and complain they can't get in."
Normally tie in sales are illigal, but because it happens in the digital world, we/they fail to notice...
Its banks, but also government and health (the dutch digi-d app), food markets, schools, more and more
If there is a EU DMA, where is an independent app store?
Bur if you look around theres a lot of money going into defacing democracy and electing morons, by the same business forces.
You aint getting a fundamental freedom by individual contributors, the same way bitcoin is turning into a centralized scam bank.
1. Open, hackable hardware for those who want full control and for driving innovation
2. Locked-down, managed devices for vulnerable users who benefit from protection
This concept of "I should run any code on hardware I own" is completely wrong as a universal principle. Yes, we absolutely should be able to run any code we want on open hardware we own - that option must exist. But we should not expect manufacturers of phones and tablets to allow anyone to run any code on every device, since this will cause harm to many users.
There should be more open and hackable products available in the market. The DIY mindset at the junction of hardware and software is crucial for tech innovation - we wouldn't be where we are today without it. However, I also want regulations and restrictions on the phones I buy for my kids and grandparents. They need protection from themselves and from bad actors.
The market should serve both groups: those who want to tinker and innovate, and those who need a safe, managed experience. The problem isn't that locked-down devices exist - it's that we don't have enough truly open alternatives for those who want them.
Choice 2. Empowered user. The end user is free to CHOOSE to delegate the hardware's approved signing solutions to a third party. Possibly even a third party that is already included in the base firmware such as Microsoft, Apple, OEM, 'Open Source' (sub menu: List of several reputable distros and a choice which might have a big scary message and involved confirmation process to trust the inserted boot media or the URL the user typed in...)
There should also be a reset option, which might involve a jumper or physical key (E.G. clear CMOS) that factory resets any TPM / persistent storage. Yes it'd nuke everything in the enclave but it would release the hardware.
Never give up your freedom.
If you have to give up your privacy to ensure your freedom, so be it.
If you have to give up your security to ensure your privacy, so be it.
This goes for governments and phones.
This goes for governments and phones.
Apple does not have the ability to throw me in prison or take away my freedoms. Only to not grant me extra freedoms subsidized by their R&D budget.
Their R&D budget is at the expense of a free market that would have delivered the same or better products.
Did you ever see how wild and innovative the Japanese mobile phones were before iPhone monoculture took over?
I want crazy stuff like a smartphone that has the form factor of a Raspberry Pi. Or a smartphone with e-Ink. Crazy new categories of devices.
Sadly, the Apple/Google monopoly has turned smartphones into one of the shittiest, most locked down device categories. It's a death place for innovation.
If you do decide to buy their products, nothing has changed since the day of your purchase, so they haven’t taken away anything from you.
Their “monoculture” didn’t “take hold” - it beat the Japanese offerings through innovation and a better product.
They operate in a free market, their R&D budget is made possible by their market success. If things change in the market (e.g. AI) the market will vote the way it always does.
The market is now so depressed that everyone has to jump through these companies' hoops to participate in the most important computing form factor in the world.
Don't apologize for trillion dollar hyperscalers. They don't need your love, adoration, or apology. They do not care about you at all.
Too much power has accrued to these two and it's being leveraged against all of society and the open market. Competition is supposed to be difficult, ruthless, challenging, and frenetic. I see two companies resting on their laurels that are happy to tax us into the next century while we wear their little straightjackets.
In that case, the free market sucks and I want government intervention.
Do you honestly believe "a free market" would only produce two alternatives
No. A free market will eventually produce a single monopolistic winner.
If you have ability to buy your competition, and most of people consider it a job and not some religious calling, monopoly is the most logical outcome.
Same way a black hole is the most logical outcome of gravity.
Reality is that people pay a lot of money because they 'trust' Apple (and to a lesser extent Google), but Meta is the sleaziest one of them all. (And I don't use their shit either.) But people want Whatapp and Instagram, and so you are telling them now they have sell-out and go to the "Meta App Store" to talk to their friends. That fucking sucks. And I think you agree with that.
I think you have a reason for defending Apple. Maybe you love the company, maybe you've got their stock, maybe you've worked for them.
Apple is a trillion dollar behemoth that has distorted the market and removed freedom and choice. They're a menace that needs to be regulated. Period.
I also think Zuckerberg's tracking needs to be regulated, but that's a battle for another day. It's one we haven't so egregiously lost yet.
People don't need Meta. People need smartphones. And smartphones are draconian dictatorships that the government has been too asleep and too lax to regulate.
big scary message
Open question:
Any idea on making it so difficult that grandma isn't even able to follow a phisher’s instructions over the phone but yet nearly trivial for anyone who knows what they’re doing?
Then you put grandma's device in closed mode and explicitly tell her never to do the scary thing that takes it back out again and call you immediately if anyone asks her to. Or, for someone who is not competent to follow that simple instruction (e.g. small children or senile adults), you make the factory reset require a password and then don't give it to them.
I’m sure I’m missing a problem with the following approach: shipping in _closed_ mode with a sticker on the front notifying the person they should do a factory reset immediately to make sure they can do everything they want to do. During the reset, include a scary message for those who opt in to get to open mode.
Everyone simply goes by defaults so it would only be technical people presumably who would even get into the open mode in the first place. And then require the debugger to leave closed mode like you said.
Edit: this comment worries about solo/asocial/“orphaned” members of our society
This isn’t a gdpr opt out where both alternatives need to be equally easy. We (as a society) absolutely need the devices to default to the current model when purchased.
This isn’t a gdpr opt out where both alternatives need to be equally easy. We (as a society) absolutely need the devices to default to the current model when purchased.
I feel like this is completely the opposite. The case for closed devices is that if grandma is senile she can't be trusted to make sound choices and needs a piece of hardware to limit her options, whereas that isn't the case for random chemists and college students and farmers, i.e. the general population.
It's one of the cases where tech people can't see the forest for the trees. The vast majority of people can make reasonable decisions about their own lives, but then if a tiny percentage make mistakes, those are the ones who come to you with problems and then it seems like everyone who comes to you is having problems because only the people having problems come to you.
Then megacorps use that false perception that everyone is incompetent to try to weasel their way in as a middle man taking a thick margin while locking the doors so the average person can't go to the competition, which is the option that needs to be not just preserved but actually used by ordinary people.
And not just because of the margins. Centralizing everything is a skeleton key for authoritarians. If you want to ban a social media app because people are using it to find out about something you want to censor or organize opposition to your administration and having it banned from Google Play and Apple makes it so 99% of people can't use it, you'd win when we need you to lose.
False positives from PC virus scanners are very rare.
There is no reason anyone purporting to be from a business or the government should be able to place a call without cryptographically proving their identity.
And presumably we could set up notifications so our elderly relatives’ phones would alert us to calls from unverified numbers not in their contact list lasting longer than a minute or two.
I like the way Chromebooks do things, initially locking down the hardware but allowing you to do whatever if you intentionally know what you're doing
Did you hear? Google's not allowing "sideloading" (whitewashing the meaning of installing) third party apps by unknown developers.
after wiping the device for security reasons
Think of the ~~children~~ data!
On a chromebook, if you toggle to developer mode you get a nag screen on early-boot telling you it's in developer mode every time, and if you're not in developer mode you can only boot signed code.
Basically, just bake into device's firmware that "if any non-apple keys have been added, forcibly display 'bootloader not signed by Apple, signed by X'", and if someone sees that on a "new" device, they'll know to run.
And this attack is already doable by simply replacing the iPhone with a fake. It won't fool the user for long either, but you get to steal a real iPhone in exchange for a cheap fake.
You don't need the NSA to target someone and replace their device with a malware driven one. Just a porch pirate and your own delivery - two to three years and you're almost guaranteed an attack window.
Please don’t let me go back to the early days of the internet where my mother had 50 toolbars and malware installed
Please don’t let me go back to the early days of the internet where my mother had 50 toolbars and malware installed
I removed hundreds of toolbars from my mother/grandmother/anyone computer.
I still prefer that to techno-fascism where it's ok for companies to brick my hardware remotely, to lock me out of all my hardware because I have a picture of my kid in a bath, to read all my messages for whatever reason, to extract value from my personal files, pictures, musical tastes, to not allow me to install an app I bought because it have been removed from the store, to not allow me to install an app my friend created, to not allow me to create an app and sell it myself, to not allow me to not do the action ever but just "Later this week", and so on and so on.
This toolbar thing is a wrong excuse. And it was 90% because Windows was shitty.
Most mothers would have easily downloaded and installed crapware embedded with whatever they downloaded, but most mothers aren't doing to go to "Settings > About > Tap 10 times on OS version > Bootloader > Disable Bootloader protection > "Are you sure because your phone will become insecure ?" > Yes > Fucking yes.
And if they still do it to purposefully install malware, I'm sorry to say they are just stupid and I cannot care less about the toolbars.
We need a mobile bill of rights for this stuff.
- The devices all of society has standardized upon should not be owned by companies after purchase.
- The devices all of society has standardized upon should not have transactions be taxed by the companies that make them, nor have their activities monitored by the companies that make them. (Gaming consoles are very different than devices we use to do banking and read menus at restaurants.)
- The devices all of society has standardized upon should not enforce rules for downstream software apart from heuristic scanning for viruses/abuse and strong security/permissions sandboxing that the user themselves controls.
- The devices all of society has standardized upon should be strictly regulated by governments all around the world to ensure citizens and businesses cannot be strong-armed.
- The devices all of society has standardized upon should be a burden for the limited few companies that gate keep them.
more stress tested and vetted by more people
Grandma and grandpa aren't reading the source code and certainly not up at a professional level. This is one of the core misconceptions of the "free/libre" formulation of OSS.
Grandma and grandpa aren't reading the source code and certainly not up at a professional level.
This is one of the core misconceptions of the anti "free/libre" formulation of OSS. Most users don't need to read the entire Debian source to know that it is safe to use. You are free to look up who maintains any part of the project and look at the history of changes that have been made. A lot of projects have nice, easy to read notes along with the actual code.
If you are so paranoid that you can't even trust open release notes then why would you trust a closed project at all?
A lot of projects have nice, easy to read notes along with the actual code
This alone doesn't improve the quality of the source.
Paranoid
Nothing to do with it. Please be logical. Having millions of people who can't program trust maintainers doesn't make those maintainers do better work.
The whole idea of more eyeballs is an appeal to a vision of crowdsourcing that was a new idea in the early internet. What we found out is that complacency sets in, the notes eventually don't mean anything, and most source code is not read.
This vision of more programmers spending more time reading other people's programs is wholly born from within programmer communities, from programmers talking to other programmers, forgetting that the average user will never program and not because they lack access. It's a romanticized ideal that is only even a plausible idea in a room full of programmers.
Until you focus on how the non-programmer is going to meaningfully improve the review and production of the open technologies, you will never have a scalable or equitable solution.
This incredibly selfish point of view put forth by a particular sect of _OSS polls sufficiently well at the engineer's only meeting in Palo Alto and nowhere else.
When people were coming up with the idea of computer literacy being ubiquitous like math, they meant math like addition and subtraction. To make the kind of impact that "free/libre" advocates want the everyday Joe to be responsible for, Joes need to know the CS equivalents of perturbation theory and how to solve partial differential equations. It's not happening, but believing that it can happen allows those ostensibly in favor of it to keep acting like they have a plan, like they want a solution.
As long as the hardware hacker is stuck in the mindset of what 0.01% of users want to do with devices, while they may find sympathy from the 0.1% who are software engineers, many of whom gather on this site, this is not even blowing at the gauge from halfway across the room in terms of moving the needle. Either figure out what is important to the consumer and how it aligns with your interests or just go home.
When people were coming up with the idea of computer literacy being ubiquitous
If you require everyone to have a computer/phone to live in society for example by digital ID - then is ubiquitous and you must regard it as such.
This incredibly selfish point of view put forth by a particular sect of _OSS polls sufficiently well at the engineer's only meeting in Palo Alto and nowhere else.
No one forces you to change your OS. No one forces you to code. No one forces you to dissemble. No one forces you to compile. No one forces you to add or remove certification authority (change the trust).
We only want to force corporations and states to allow Us to do that to device we own.
You are already responsible on code - closed source also GIVES NO WARRANTY.
sect
the 'sect' as you called it - envisioned world in which when you get device you have driver to it and code to it.
Should manufacturer decide that you will get no new updates - you COULD go to another company and buy updates from them - because you would have ownership of software.
Should your phone manufacturer decide that you will not get no new updates - you COULD go to another company and buy updates from them - because you would have ownership of software.
Should your washing machine manufacturer decide to s-you and force you to connect to cloud via their app - you COULD go to another company and buy software that doesn't force you to do that, and let them install it for you - because you would have ownership of software.
If you want to use smart home - you could without any manufacturer connectivity bs - because you would have ownership of software.
You could decide that you trust company A for OS updates - and if they deceive your trust, change it to B. because you would have ownership of software.
Yes you would need to pay for updates and software - unless software company did sign a real deal with you for your data.
I hate when people say that Free Software is communism - it is not, it is consumer capitalism in purest form.
The whole point wasn't you SHOULD do it yourself - but you CAN do it yourself. The problem - you need market before any company can enter it. No libre drivers, no libre firmware - no such company.
And before anyone asks - yes you could extend it to cars. You would need stricter CA check (here you can make a reasonable exception that self-signed should not work) on that type of device though, but no longer ONLY MANUFACTURER. Why would you pay another company to do software updates / change when you do buy a repair / parts from third party?
This was intent - not 'increase self-dentistry literacy' - the literacy part came from the users of Linux mostly - you should think about it as after-effect.
The solution to a bridge collapsing is to increase civil engineering literacy?
If the bridge collapsed because you have no good engineers then yes.
How much of how many literacies will we be willing to acquire so as to balance the responsibility we ask of every other profession and even those who are low and unskilled?
You are not making good engineers/politicians/doctors etc. if you take ones who want to get paid big money - you are making good ones if the people teach are interested in their work and are willing to get better in it.
To do that you must give them opportunity to grow.
You need casual->small->big->"anti-monopoly split" company path
if you remove casual you don't have a market, you have a graveyard of one.
And the solution to cavities is to increase self-dentistry literacy?
This is what is done, in practice. You teach people at a young age how to take care of their own teeth and gums. The majority of the problem is preventative, you don't outsource the management of your health to some monopoly. And it's not unimaginable that the average person would have the ability to fill a cavity or something. If anything, dentistry is less archaic than computer software, the reason it's a profession is a more a matter of skill.
The solution to a bridge collapsing is to increase civil engineering literacy? The solution to a plane crash caused by a cracked turbine blade is to increase casual aerospace engineering literacy?
I think that the difference in this situation is that anyone can play a role auditing and changing computer software they use (and recognize malware vs well built open software), but not everyone gets to build the bridge that everyone uses.
You might say that a lot of the world's software right now exists in the form of services, and you would be right. The goal is to make a world in which people are less dependent on centralized services. I think that most programmers here get paid to think in terms of client-server architecture instead of directly create useful software which is harder to monetize.
When people were coming up with the idea of computer literacy being ubiquitous like math, they meant math like addition and subtraction. To make the kind of impact that "free/libre" advocates want the everyday Joe to be responsible for, Joes need to know the CS equivalents of perturbation theory and how to solve partial differential equations.
Not really, I think most computer software is a lot simpler than that. And I also generally don't believe that complex topics are inaccessible to most people. If it's the kind of information you learn about in college, then you just have to read textbooks and digest the information. Thanks to the internet, information on most topics are pretty accessible. I don't think there is some sort of "IQ" cap on the vast majority of topics, and you can pretty much learn anything as long as you are reasonably intelligent and motivated.
I think you are stuck in this "consumer vs producer" mentality with regards to technology, where some part of the population is destined to be drooling serfs and we just have to design everything to accommodate them. I take the opposite stance, which is that people are generally capable of learning and adapting to a far wider range of challenging environments than exist in modern society, and that those who can't are a small minority that should be culled anyways.
It was only a couple of decades ago that access to computers was limited to the elite few who understood computers, and society seemed to hum along fine back then.
With increasing automation and access to information, you would think that people would have more time and info to study and become knowledgeable on a wider range of topics. Instead, they are even busier working fake jobs and competing in zero-sum arenas. Instead of setting lower standards for competence in society, why not increase standards and elevate the agency of the common man?
We all know that most commercial code is much shittier than open source
Citation needed. Seriously.
I could make the same argument about MongoDB of a decade ago implying that all open source is trash...
Plenty of examples I've heard about but haven't actually used myself so I can't confidently assert the quality of the software. But Windows ME, Norton, and McAfee, I have personal experience with.
Oh, and also Windows Vista.
Plenty of badly-written open source software, too; won't argue against that. But one of the biggest reasons, for me at least, why I prefer to use open-source software rather than commercial if I have a choice is bug fixes. I've reported over a dozen bugs against open-source software I use over the years; most of them have been fixed (in a couple cases I was able to fix it myself). I've rarely even been able to report a bug against closed-source software, let alone get those bugs fixed. So even if if were true that commercial software as a whole has similar or better quality than open-source, my personal experience is the other way around: open-source quality gets better over time while the closed-source software that I have to use (lacking open-source alternatives) doesn't improve the same way.
contributors do
More users != more contributors. As software gets more popular, you begin getting 10, 100, 1000, 1,000,000 users for every contributor.
This doesn't just affect non-programmers. We can't even police NPM.
People want it to be true so that it will be a talking point, but it's not true, and we need to find new talking points that align with facts that are evident outside the echo chambers.
contributors do
I would argue most code of any license is not actually regularly audited if at all, and certainly nowhere near the levels people seem to think they are.
We all know that most commercial code is much shittier than open source
citation needed
You can't expect services and organizations to last forever, there is always some risk they'll collapse when you are around.
The existence of locked-down hardware eliminates the feasibility of open hardware through network effects. That is what is happening now.
Everyone else can put on their loincloths and go back to living in flinstones-esque rock huts.
Are you sure you maybe don't have this the complete opposite way around?
Open hardware is essentially useless if I need to carry both an open phone and a phone with the parking app, the banking app, messenger app to contact friends, etc.
Locked-down, managed devices for vulnerable users who benefit from protection
Thats fine! Just make sure it is possible for someone to take the same device and remove the locked down protections.
Make it require a difficult/obvious factory reset to enable, if you are concerned about someone being "tricked" into turning off the lockdown.
If someone wants baby mode on, all power too them! Thats their choice. Just like it should be everyone else's choice to own the same hardware and turn it off.
Make it require a difficult/obvious factory reset to enable, if you are concerned about someone being "tricked" into turning off the lockdown.
Is there also a way to make it obvious to the user that a device is running non-OEM software? For example, imagine someone intercepts a new device parcel, flashes spyware on it, then delivers it in similar/the same packaging unbeknownst to the end user. The same could be said for second-hand/used devices.
It's potentially possible the bootrom/uefi/etc bootup process shows some warning for x seconds on each boot that non-OEM software is loaded, but for that to happen you need to be locked out of being able to flash your own bootrom to the device.
The problem isn't that locked-down devices exist - it's that we don't have enough truly open alternatives for those who want them.
Not for lack of trying. See for yourself
https://en.m.wikipedia.org/wiki/List_of_open-source_mobile_p...
The list is not short.
Plenty of companies have attempted this over the years but it’s not obvious that a big enough customer base exists to support the tremendous number of engineering hours it takes to make a phone. Making a decent smart phone is really hard. And the operations needed to support production isn’t cheap either.
The problem isn't that locked-down devices exist - it's that we don't have enough truly open alternatives for those who want them.
The problems is that vendors use "locked down devices" as an excuse to limit competition.
Suppose you have a "locked down" device that can only install apps from official sources, but "official sources" means Apple, Google, Samsung or Amazon. Moreover, you can disable any of these if you want to (requiring a factory reset to re-enable), but Google or Apple can't unilaterally insist that you can't use Amazon, or for that matter F-Droid etc.
Let the owner of the device lock it down as much as they want. Do not let the vendor do this when the owner doesn't want it.
Why do we need devices we can't unlock? Who is harmed by unlocking? This is the major point nobody has ever been able to explain to me. Who exactly does the big scary unlocked bootloader hurt? My parents have unlockable devices and they haven't had all their money stolen, because they haven't unlocked them.
The problem in my eyes seems to be that there isn't enough capital interested to sufficiently fund 1) to compete and create a comparable product. Thus, at best, we end up with much inferior products which even people semi-interested in 1) are not willing to adopt due to the extreme trade offs in usability.
A.k.a, "nice google account you've got there, holding all your memories, emails, contacts, and interface to modern living; would be a shame if something happened to it because you decided to sideload an app ..."
We don't need option 2, period, and it shouldn't exist.
Just put the hackability behind a switch or something. If people turn it on, that's on them.
My hardware. My decision.
The first step needs to be people moving out of the denial phase and realizing that we're already there. Our current laws are written that way.
That's the prerequisite to have any significant initiative to move the needle in the right direction. Most people won't care about fighting hard to secure rights they assume they still have in full.
Google and Apple have more power than most nations.
And that is what is wrong here. Even the smallest nation should be far more powerful than the largest corporation. But corporations are now more powerful than most nations, including some really big ones. So the only way to solve this is to for an umbrella for nations that offsets the power that these corporations have.
The first thing you notice when you arrive at Brussels airport is the absolute barrage of Google advertising that tries to convince you that Google is doing everything they can to play by the rules. When it is of course doing the exact opposite. So at least Google seems to realize that smaller nations banding together wield power. But they will never wield it as effectively as a company can, so we still have many problems.
Company aims for profit.
Bigger scale allows for better efficiency.
So companies naturally grow big. The bigger they are, the easier for them to compete.
Big companies have access to tremendous resources, so they can push laws by bribing law makers, advertising their agenda to the masses.
There's no way around it, not without dismantling capitalism. Nations will serve to the corporations, no other way around.
There are natural boundaries of the growth scale, which are related to the inherent efficiency of communications between people and overall human capability. Corporations are controlled by people and people have limited brains and mouths. I feel that with AI development, those boundaries will move apart and allow for even greater growth eventually.
This is dogma, not proven fact, and most people that argue this tend to use self-serving metrics and a tailored definition of "efficient". Some counterexamples: early Google was much more efficient in responding to market changes than the current top-heavy organization; small hospitals tend to have better health outcomes (both per patient and per dollar) than large chains. Tesla was able to innovate much faster than established behemoths.
There are good examples, though—you can produce a single gold ring a lot cheaper than you can produce a one-of-a-trillion of them, cuz at some point you simply run out of gold. Another example is running into a cap in demand. Classic sigmoid vs exponential patterns.
And that is what is wrong here. Even the smallest nation should be far more powerful than the largest corporation
Since nations can be really small, I don't agree.
I think it's shocking how many people Google can affect through its search algorithms (more than any nation on Earth) and yet there is no democratic system to hold them accountable.
Even the smallest nations have the legal right to permanently incarcerate, strip you of your assets or even murder you if you are in their sphere of influence.
A nation that did that would be able to do that exactly once before everyone decides to never do business with it ever again, which they can afford to do because it's such a small market. Exercising arbitrary power is not the trump card you think it is. Hell, even a tiny nation with reasonable but annoying (from the point of view of a corporation) laws may not be worth it to deal with.
https://en.wikipedia.org/wiki/Assassination_of_Jamal_Khashog...
> Even the smallest nations have the legal right to permanently incarcerate, strip you of your assets or even murder you if you are in their sphere of influence.A nation that did that would be able to do that exactly once before everyone decides to never do business with it ever again
US CBP and ICE would like a word with you.
Point being, also states can do murder.
ability to run other operating systems on phonesbuilding those alternatives is basically impossible
For smart people it is not impossible. Just few years ago, few folks wrote complicated drivers for completely closed hardware, and I'm talking about M1 Macbook.
Google Pixel, on the other hand, was pretty open until very recently. I might be wrong about specifics, but I'm pretty sure that most of software was open, so you could just look at the kernel sources in the readable C to look for anything. You can literally build this kernel and run linux userspace and go from there to any lengths of development. Or you can build alternative systems, looking at driver sources.
I don't understand why mobile systems do not attract OS builders.
They're graphical consumer devices, the quality bar is so high nobody can reach it except huge well funded teams. It's like asking why desktop Linux doesn't still attract OS builders, or for that matter, why the PC platform doesn't attract OS builders. Occasionally someone makes an OS that boots to a simple windowed GUI as a hobby, that's as far as it gets now.
A lot of these HN discussions dance around or ignore this point. When people demand the freedom to run whatever they want, they never give use cases that motivate this. Which OS do they want to dual boot? Some minor respin of Android with a few tweaks that doesn't disagree with Google on anything substantial (Google accepted a lot of PRs from GrapheneOS people).
Nobody is building a compelling new OS even on platforms that have fully documented drivers. There's no point. There are no new ideas, operating systems are mature, it's done, there's nothing to do there. Even Meta gave up on their XROS and that was at least for a new hardware profile. Google did bend over backwards to let people treat phones like they were PCs but it seems regular Android is in practice open enough for what people want to do.
Eh, Redox probably counters your statement here. It's just in that wide gulch of "the easy part is done and the hard parts are hard".
But it is being built, and some would definitely consider it compelling.
I don't understand why mobile systems do not attract OS builders.
My guess would be that it's a continuously moving target. There's no point in spending years working to support some weird integrated wifi adapter+battery controller when by the time you're done the hardware is already obsolete and no longer being manufactured. Repeat that for every device on the phone. The only ones who can keep up with that pace are the manufacturers themselves. It'd be different if there was some kind of standardization that would make the effort worthwhile, though.
I don't understand why mobile systems do not attract OS builders.
Cellphones are not very useful as programming tools (too small), which is what Open Source excels at.
Also, cellphones need to handle some annoying things, like it should always be possible and easy to call emergency services. Which is to say, the UI work seems stressful.
It should be able to make an OS. It should be able to write drivers. It should be able to port code to new platforms. It should be able to transpile compiled binaries (which are just languages of a different language) across architectures.
Sure seems we are very far from that, but really these are breadth-based knowledge with extensive examples / training sources. It SHOULD be something LLMs are good at, not new/novel/deep/difficult problems. What I described are labor-intensive and complicated, but not "difficult".
And would any corporate AI allow that?
We should be pretty paranoid about centralized control attempts, especially in tech. This is a ... fragile ... time.
You can feed it assembly listings, or bytecode that the decompiler couldn't handle, and get back solid results.
And corporate AIs don't really have a fuck to give, at least not yet. You can sic Claude on obvious decompiler outputs, or a repo of questionable sources with a "VERY BIG CORPO - PROPRIETARY AND CONFIDENTIAL" in every single file, and it'll sift through it - no complaints, no questions asked. And if that data somehow circles back into the training eventually, then all the funnier.
I haven't heard much from the major projects yet, but I'm not ear-to-the-ground.
I guess that is what is disappointing. It's all (to quote n-gage) webshit you see being used for this, and corpo-code so far, to your point.
It should be able to make an OS. It should be able to write drivers.
How is it going to do that without testing (and potentially bricking) hardware in real life?
It should be able to transpile compiled binaries (which are just languages of a different language) across architectures
I don't know why you would use an LLM to do that. Couldn't you just distribute the binaries in some intermediate format, or decompile them to a comprehensible source format first?
My line of thinking is that AI essentially is really good at breadth-based problems wide knowledge.
An operating system is a specific well-known set of problems. Generally, it's not novel technology involved. An OS is a massive amount of work. Technical butrudgerous work.
If there's a large amount of source code, a great deal of discussion on that source code, and lots of other working examples, and you're really just kind of doing a derivative n + 1 design or adaptation of an existing product, that sounds like something in llm can do
Obviously I'm not talking about vibe, coding and OS. But could an OS do 99% of that and vastly reduce the amount of work to get a OS to work with your hardware with the big assumption that you have access to specs or some way of doing that?
Google and Apple have more power than most nations.
To push further, Google and Apple have basically as much power as the US.
The UK going after Apple, only to get rebutted by the US is the most simple instance of it. International treaties pushed by the US strongly protecting it's top corporations is the more standard behavior.
Any entity fighting the duopoly is effectively getting into a fight with the US.
To push further, Google and Apple have basically as much power as the US.
If this is true then why is Tim Cook visiting Trump? Shouldn’t it be the other way around.
There is a whole antropologic field around that, but to keep it short, if you pay your palace and all expenses with the money funneled to you as gifts, you're not the one in control.
Apple and Google are still a problem, but they are a secondary problem.
The sheer technical difficulty is what makes this kind of thing impractical.
The network does validate that a SIM card is a real SIM card, but you can put a "real SIM card" in anything.
The M1 Macbook Air is 5 years old now, has an active development, lots of community funding and attention, yet is still missing basic functionality like external monitors and video decoding. Because it's just a mammoth task to support modern hardware. Unless you have a whole paid team on it you've got no hope.
Because the number of non-Google and non-Apple phones is a rounding error.
And why is that? Because, except for the incumbents, it is almost impossible to certify a phone.
We could have nice sub-$100 phones (remove camera, etc.) if people could get them certified. But they can't; so we don't.
The problem right now is that even if I had a couple of million dollars lying around, I STILL couldn't reliably get a piece of hardware certified for the cellular network. I would have to set up a company, spend untold amounts of money bribing^Wwooing cellular company executives for a couple years, and, maybe, just maybe, I could get my phone through the certification process.
The technical aspects of certification are the easy part.
The problem is that the cellular companies fully understand that when it happens their power goes to zero because they suddenly become a dumb pipe that everybody just wants to ignore.
That's why this will take legislation.
Without that fraudulent marketing, Android never would have crowded out other options so quickly in the marketplace.
The solution is to either have Google back down on breaking its promise that Android would be open or to have an antitrust lawsuit strip Android from Google's control.
I was part of this problem. I've accepted what Apple is doing because I had Android. I didn't think they'd come for me next so I didn't speak up
What worries me is that Google has a fairly legit argument to say "then Apple should as well".
Not a legal argument, since Apple never claimed the iPhone was anything else but a walled garden, and walled gardens are legal as long as you are clear that users will be buying into a walled garden from the start.
(For example: Nintendo, PlayStation and Xbox)
Legally, the only thing you could do is change the law to make walled gardens illegal, as they did in the EU.
The changes Google has proposed for sideloading are illegal under existing law, since Android was sold to consumers with the promise that it was the "open" platform that allowed users to run anything they like.
Legislation, as you say, seems like it'll be necessary :/
When you chose to create an open platform with multiple participants, you are creating a new open market where antitrust laws will apply... even to you as the platform creator.
Microsoft, for example, was found guilty of antitrust in the personal computer market long after the original computers running Windows were gone.
Google and Apple have more power than most nations.
Yep. They control our information - how we make it, what we are allowed to find, and what we can say. And they are large enough to not face real competition. So let’s treat them like the state owned corporations they are and regulate heavily. Smaller companies can be left unregulated. But not companies worth 500 billion or more.
So let’s treat them like the state owned corporations
If they were state owned, we could vote for how the profits get used and we would have larger budgets for healthcare and education.
States are neither good at innovation nor dynamism.
But they are very good at telling you what you should and should not do.
The latter part has some wonderful consequences for consumer or worker protections, but it has some terrible ones for creating new stuff or improving the old.
https://fiscaldata.treasury.gov/americas-finance-guide/feder...
Another $1.3 trillion on wealth transfers from workers to non workers (including disability). And another $608B on wealth transfers from people with higher income to people with lower or no incomes.
Alphabet and Apple, combined, earned $193B in 2024, from the entire world.
https://www.macrotrends.net/stocks/charts/GOOG/alphabet/net-...
https://www.macrotrends.net/stocks/charts/AAPL/apple/net-inc...
How does your suggestion make any difference, other than destroying 2 of the very few organizations driving demand for US assets, and hence help support the US dollar's purchasing power?
This makes the point that the real battle we should be fighting is not for control of Android/iOS, but the ability to run other operating systems on phones.
Sometimes owner control, cf. corporate control, can be had by sacrificing hardware functionality, i.e., features, closed source drivers. Choice between particular hardware feature(s) working and control over the hardware in general.
let's be real: Google and Apple have more power than most nations.
Lets be real, they do not have more power than any nations. They have a lot of power in a few tiny silos that happen to make up like 90% of the mental space of a lot of terminally online folk.
Heck they probably have less power than Coca Cola or Pepsi did during the Cola wars, or United Fruit Company at its height.
Wake me up when Apple rolls a tank into red square or Google does anything but complain about national security legislation it then goes and assertively complies with.
https://www.realbusinessrescue.co.uk/advice-hub/companies-wo... https://techcrunch.com/2023/06/29/so-who-watches-the-watchme... https://www.theguardian.com/business/2024/sep/23/amazon-tesl...
www.realbusinessrescue.co.uk/advice-hub/companies-worth-more-than-countries
techcrunch.com/2023/06/29/so-who-watches-the-watchmen
www.theguardian.com/business/2024/sep/23/amazon-tesla-meta-climate-change-democracy
EDIT: Now in plain text since the last URL does not show up otherwise. And why is it rendering with --, its only - in the URL?
While it would be a burden to require a degree of openness, it's not like companies are all rugged individualists who would never want to see legal restrictions in the field.
It's just a question of what is overall best and fairest.
Restrictions can both help and hinder innovation, and it's innovation that in the ling run makes things improve IMO.
Restrictions can both help and hinder innovation
I'm not sure innovation is really impacted when restricting the private sector. Traditionally, innovation happens in public (e.g, universities) or military spaces.
It's just a question of what is overall best and fairest.
If only it were so. But it's not just that. It's also a question of which section of society has the power to demand or prevent the creation of such a system.
Whether enacting labor protections or the Magna Carta, these beneficial restrictions require some leverage. Otherwise what is overall beat and fairest won't be coming up.
as the author acknowledges, building those alternatives is basically impossible
I don't understand why everybody is ignoring existing, working GNU/Linux phones: Librem 5 and Pinephone. The former is my daily driver btw.
Personally, I think a usable pure Linux phone is required to weaken the desktop vs. mobile distinction and break the lock-in. This would additionally empower the desktop platform, confirm it as baseline.
It should be possible to run Android on an iPhone and manufacturers should be required by law to provide enough technical support and documentation to make the development of new operating systems possible
As someone who enjoyed Linux phones like the Nokia N900/950 and would love to see those hacker-spirited devices again, statements like this sound more than naïve to me. I can acknowledge my own interests here (having control over how exactly the device I own runs), but I can also see the interests of phone manufacturers — protecting revenue streams, managing liability and regulatory risks, optimizing hardware–software integration, and so on. I don't see how my own interests here outweigh collective interests here.
I also don’t see Apple or Google as merely companies that assemble parts and selling us "hardware". The decades when hardware and software were two disconnected worlds are gone.
Reading technical documentation on things like secure enclaves, UWB chips, computational photography stack, HRTF tuning, unified memory, TrueDepth cameras, AWDL, etc., it feels very wrong to support claims like the OP makes. “Hardware I own” sounds like you bought a pan and demand the right to cook any food you want. But we’re not buying pans anymore — we’re buying airplanes that also happen to serve food.
“Hardware I own” sounds like you bought a pan and demand the right to cook any food you want.
Because I did. How come I can do what I want with my computer, but not my phone? Why are phones so inferior in this area?
My phone is more powerful than many of the computers I've had in the past, yet I need to jump through a million hoops to use it as a software development platform. Why?
These are specialized hardware+software gadgets designed to a particular purpose, which is very different from being a development platform.
Then I shouldn't be able to install software on it at all. For any given device either its functions are fixed, or they're modifiable at the sole discretion of the owner. There should be no middle ground.
There should be no middle ground.
Why?
Think about music rights ownership - there are mechanical rights, performance rights, sync rights, derivative rights, etc. I'm not defending music industry ownership system, but it shows clearly that binary view of ownership is far from reality.
You own the flat, but you can't remove the wall. You may own the house, but you can't build a factory there due to zoning regulations. You can own electric car, but you can't put diesel fuel there.
I see that main disagreement here is whether phones are "general purpose computers" or not. I have no idea why anyone would call these ultra-packed cameras on steroids a "general purpose computer". Framed like this, this is a debate about OP demanding private companies to transform their product into something very different and urging governments to step in. And the thing is those products exists – Libreum 5, Ubuntu Phone or PinePhone phones, or already mentioned Maemo/MeeGo phones (N900/N9/N950). If they were a better product on the market, we would have them everywhere, but industry and market decided otherwise (PinePhone was discontinued just couple of weeks ago, sadly).
Think about music rights ownership
What are we talking about exactly? Ownership as in IP, or ownership of a copy?
You own the flat, but you can't remove the wall.
Of course I can, as long as the wall is internal and non-structural. Everything inside the inner surfaces of the external walls is mine.
You may own the house, but you can't build a factory there due to zoning regulations.
Well, zoning laws exist because plots of land don't exist in isolation, and affect each other. If I choose to run software X on a computer I own, how does that per se affect anyone else, that I should not be allowed to do so? Not that I should be punished if I do it, but that I should be stopped technologically from being able to attempt it? As I see it, there should be a very compelling reason to infringe on property rights in such an invasive way.
You can own electric car, but you can't put diesel fuel there.
Literally what's stopping you from opening the charging port of your electric car and pouring in a can of diesel if you really want to? Or, for a more realistic example, what's stopping you from modifying your car by installing a diesel generator in the backseat that continuously charges the battery as you drive?
I have no idea why anyone would call these ultra-packed cameras on steroids a "general purpose computer".
If you really wanted, you could build an APK yourself to use an Android phone to host a website. Is it good idea? I don't know. That's for you to decide. But in what way is a device that's capable of doing this not a "general purpose computer"? What more does it need?
Framed like this, this is a debate about OP demanding private companies to transform their product into something very different
No. Phones are already this. They have processing elements, memory, stored programs... They're just computers. No one should get to decide what my computer runs over me. If I want to run something I should be able to run it, and if I want to stop something from running I should be able to stop it. Whether that causes problems for myself is my own business. I don't understand what's so complicated about this, or why anyone would argue against this.
What are we talking about exactly?
About your claim that ownership as a concept is black and white, and no middle ground should be allowed.
I don't understand what's so complicated about this, or why anyone would argue against this.
It's hard to understand the world if you see things through a binary lens - no ownership vs full ownership, or total support vs outright rejection. A more useful framework is to see what people support, reject, and tolerate.
For example, I totally support open-source hardware and software, and would love to see more of it. But I also tolerate proprietary hardware and software stacks, for many reasons. I'm definitely not rejecting the concept of private companies making hardware that runs their proprietary software and taking control over decisions about what software should run on their hardware.
From your comments, I see that you also support what I support, but you're totally rejecting the idea of hardware that runs proprietary software or not allowing you to run your own. So these calls for the government to step in and force private companies to disallow that concept are something I definitely can't support.
A more useful framework is to see what people support, reject, and tolerate.
It's certainly more useful for those who want to take what's yours.
I'm definitely not rejecting the concept of private companies making hardware that runs their proprietary software and taking control over decisions about what software should run on their hardware.
What "their" hardware? It's not their hardware, it's your hardware! You didn't lease it, you didn't borrow it; you bought it outright. On top of that, it's running on your electricity. If you let someone else tell your hardware what it is or isn't allowed to do, you're just a fool. Congratulations, you paid money to give a conglomerate of corporations permission to run software on your premises, on your dime. What a deal! Hey, wanna buy my game console? Just put it in your home with access to the Internet and once in a while I'll let you play a game on it, provided it's been "idling" enough for my tastes.
but you're totally rejecting the idea of hardware that runs proprietary software
No I'm not. I'm not even arguing that we should be able to change the OS. Honestly, I don't think that's that important. But we shouldn't accept not being able to even install any application software we want. What's even the point of it being a computer at that point?
That said, a camera with a fully open software stack would be fun.
Its just a completely bogus argument. Its not a fucking smart fridge, come on
It doesn't have to be easy or convenient, but it shouldn't be impossible.
How come I can do what I want with my computer, but not my phone?
It kind of started because phones interact with phone networks and the network companies didn't want hacked software mucking up their networks. I realise the baseband part is separate from the rest of the phone but it's always been that way with every cell phone I've had over 30 years, that they are part locked down.
Whereas none of the regular computers and laptops have been especially locked down.
It would be cool if you could just connect your laptop to a radio and connect to cell networks but I don't think any of them allow that?
Because I did. How come I can do what I want with my computer, but not my phone? Why are phones so inferior in this area?
Apple and Microsoft are constantly working on fixing the issue with their appstores and requiring app signing in more places. The way industry going is to lock down more of laptops, than allowing phones to be like computers.
I can acknowledge my own interests here (having control over how exactly the device I own runs), but I can also see the interests of phone manufacturers — protecting revenue streams, managing liability and regulatory risks, optimizing hardware–software integration, and so on. I don't see how my own interests here outweigh collective interests here.
However the interests you mention aren't collective at all but very singularly the ones of the manufacturer only
And there should also be the right to be able to opt out of the manufacturers' protections of course.
There are many ways to protect security, leaving all your keys in the hands of one party is not the only one.
When youre dealing with idiots its a bit harder than you might expect. Tons of idiots own phones and if apple allowed them to be the victim of security vulnerabilities they get terrible pr.
Apples decision to ban sideloading is a huge part of how they became the most popular phone maker in the us
I'm skeptical. A robust permission model limiting the damage an ill-behaved app was surely part of it, as was the existence of a curated app store. The relative rarity of people directly installing apps on Android suggests Apple didn't really need to force the use of that curated store.
(Hell: I'd personally be OK without "documentation"... it should simply be illegal to actively go out of your way to prevent people from doing this. This way you also aren't mandating anyone go to extra effort they otherwise wouldn't bother with: the status quo is that, because they can, they thrown down an incredible amount of effort trying to prevent people from figuring things out themselves, and that really sucks.)
$50m to build a modern OS from scratch
heh.
Of course, having any kind of documentation or driver sources that could be referenced would make it much easier, and much less taxing on sanity.
I also don’t see Apple or Google as merely companies that assemble parts and selling us "hardware". The decades when hardware and software were two disconnected worlds are gone.
That when you buy a phone you're also buying software components doesn't change the fact that the phone is owned entirely by you. You're not entering into a partnership to co-own the phone with anyone else, it's entirely yours. No one should get to decide how you use it but you.
But we’re not buying pans anymore — we’re buying airplanes that also happen to serve food.
So the argument is that by taking a piece of electronics I paid for that is running on electricity I pay for, and making it run some arbitrary piece of software, I'm putting people's lives at risk?
It should be possible to run Android on an iPhone and manufacturers should be required by law to provide enough technical support and documentation to make the development of new operating systems possible
I was writing in reference to this quote ^
It would have been more accurate for me to say "support the development of arbitrary software stacks," but where do you draw the line between "supporting the development of" and "supporting"?
Regardless, we're talking about products here—"authoritarian" is a word reserved to situations where the threat of force is involved.
In this specific example, forcing a company to do something is authoritarian (because they will be fined or jailed if they do not comply with the rules). Corporations are not, as a rule, authoritarian—they may, however, do things that are not to your benefit or liking.
If I make a product and I don't specifically help you do certain things with it, is that authoritarian?
If were referring to products necessary to function in society, YES! Obviously yes, a big exclaiming yes, yes with no room for debate.
A car, but you can't drive anywhere but to work. Electricity, but you can't use it to listen to radio that criticizes our dear leader. A TV, but you can't use it to watch anything other than military parades.
A phone, but you can only use it to perform government approved actions on government approved software.
As someone who enjoyed Linux phones like the Nokia N900/950 and would love to see those hacker-spirited devices again
Why haven't we seen a spiritual successor to the N900? It's a little strange to me that it's cheaper than ever to produce hardware, even in relatively small quantities, but no one (AFAIK) is producing any geek-oriented phones like the N900. Linux hardware support gets better every year. It shouldn't be terribly hard to have a factory produce a small number of open phones that can run Linux. They wouldn't be any good without significant investment in phone-specific usability, but still.
In fact it further argues that the degree of vertical integration is monopolistic. Why should a Sony CMOS camera be tied to some Apple computational photography code only available in Apple firmware or iOS? What if I do not like that it makes up images that don't exist? What if someone has a better method but now cannot bring it to market?
Break it up and open it up. I assure you it can be done.
Will it be as good as the iOS implementation? Probably not. But it's hardly an impossible fact and not one that has to be done entirely over and over for every device. The Asahi folks showed it could be done despite hostile conditions.
I think that's a huge difference from the sideloading issue, though. Which is effectively saying "you must purchase all your software for this device from us, even if it's not our software, and even if it's available elsewhere for less".
I get how one statement creates the monopoly that allows the other statement, but I think they are still two separate statements.
I've been delighted to get my parents on iPhone+iPad for simplicity (and they have too). It feels this crowd sometimes assumes every barrier put in place is anti-consumer, but it's not. Blocking access to sensors, limiting background runtime, blocking access to other app's data, limiting it to reviewed apps... are all great things for most people. Most people don't have the technical literacy to have "informed consent" prompts popping up every 5 minutes, and most of them know it too. Most folks don't mind trusting Apple to make the tougher technical calls for them, and actually appreciate it.
Make cool hacker centric hardware. Make cool easy to use, locked down, and foolproof hardware. Both can and should exist.
Not a monopoly my ass.
Make cool hacker centric hardware. Make cool easy to use, locked down, and foolproof hardware. Both can and should exist.
Yes, what a splendid idea! Let me just invest a few billion I have lying around here. And maybe after that we can all take a spaceship to Mars and colonize it!
Get real.
Also, doesn't even fucking matter. Guess what, let's say I do invest the 10 billion dollars to make said device.
Will my bank allow it? No. Why? Because Google says so. Google says "no, that's not attested"
It doesn't matter if I make one device, two devices, or one trillion devices. Its still ALL Google. They decide everything.
There's only one device currently produced in the US which can run grapheneos. Grapheneos is the only custom rom which can get even an ounce of attestation.
There are many devices produced which can run iOS.
There are plenty of other devices out there that will run other software, you can buy one of those if you want to run other software - our devices are designed to only run our software, and we're only going to support tha
except in about a hundred million examples where the niche software that is running on the niche hardware has no viable alternative.
In The Real World when you have a component that breaks somewhere, and the manufacturer of the thing either fails to help or no longer exists you contract a third party to retrofit a repair module of some sort, or you do the work yourself to get the thing working.
How does this principle apply when the producer of the thing booby traps it with encryption and circuit breakers?
Software is special, comparing it to other industries never works well.
There are plenty of other devices out there...
No there isn't, and one of the main problems.
secure phone for banking
Secure from the owner doesn't equal security in general.
I know of no reasonable, modern Linux devices besides the Starlite tablet and potentially the Furiphone. And boy, have I looked and looked. But the second has not been around long enough to be reviewed by a reputable entity.
However, I strongly believe that - should one choose to do so - you should not be stopped from jailbreaking, cracking, etc. manufacturer restrictions on the hardware you own. Companies aren't obligated to support me doing this - but why should legislation stop me if I want to try? (You can easily guess my thoughts on the DMCA.)
Companies aren't obligated to support me doing this
Where does one draw the line on support? If I jailbreak an iPhone, should I still get Apple customer support for the apps on it, even though they may have been manipulated by some aspect of the jailbreak? (Very real problem, easy to cause crashes in other apps when you mess around with root access) Should I still get a battery replacement within warranty from Apple even though I've used software that runs the battery hotter and faster than it would on average on a non-jailbroken iPhone?
I feel like changing the software shouldn't void your warranty, but I can see arguments against that. I probably fall on the side of losing all software support if you make changes like this, but even then it's not clear cut.
And if you decide to give the device a try in your own swimming pool or a random spot you'd like to explore, the device won't work and you might be banned from using it elsewhere. Would that make any sense?
Charging IC has NTC thermistor and battery absolutely must withstand the system running on 100% and then some.
As for battery lifetime, batteries are cheap, unless you glue them to an expensive assembly and force people to replace whole assembly as phone vendors do.
If you run the software they provide and their guardrails aren't strict enough, that's clearly a warranty case. But if you modify the software to remove their guardrails, it feels reasonable that they can deny a warranty fix.
Overclocking is perhaps a clearer cut version of this – it's a "software change", but can affect the hardware lifespan.
Can see how people more interested in the software side of things would care about support from [parent company] though. "Lose all support if you bypass our restrictions" is the relatively straightforward approach, but the collateral damage might be quite high. In an ideal world, perhaps the network of third party repair services could take up the slack?
I can see how it might be unreasonable to expect companies to publish documentation, build infrastructure, etc. to support running your own code on the hardware you own (which 99% of people will never need to do).
Did you know that television schematics used to come with the documentation for the TV? Discussed not-too-recently on HN: https://news.ycombinator.com/item?id=26996413
The key is that if you choose not to run that software, your hardware should not be constrained. You own the hardware, it's a tangible thing that is your property.
Boils down to a consumer rights issue that I fall on the same side of as the author.
Also worrisome are e-fuses, which allow software to make irrevocable physical changes to your hardware. They shouldn't be allowed to be modified except by the owner. (See Nintendo Switch updates blowing e-fuses to prevent downgrades.)
Because I can do make believe type arguments all day. We should lock everyone up, because what if a super astroid hits the Earth and only prison is strong enough to protect them??
See, easy, and kind of fun. Doesn't mean much though.
Again, if you want to run purely OSS software with permissive licenses, that should be your prerogative. But you might miss out on the Play store. If you want to mess with Valve anti-cheat, you can't connect to Steam games online. Etc. I think these companies do have a right to dictate software requirements for client code accessing their servers.
But, you should be able to wipe those clients if you don't care about them and play tux racer on Arch.
Well, the line is drawn by the fact that hardware and software have intrinsic differences.
Do they? Is microcode hardware, or software? If I open up the plugboard on my IBM 407 and rewire the connections, am I updating software or reconfiguring hardware? I think this is a false dichotomy. Software or hardware, kernel or userspace, these are all just parts of a machine. I care about the holistic behaviour of that machine, not about which specific parts do which specific things.
But, you should be able to wipe those clients if you don't care about them and play tux racer on Arch.
I don't need to play tux racer. I need to use my bank.
I think these companies do have a right to dictate software requirements for client code accessing their servers.
They're not just dictating the requirements of the client code, they're dictating requirements for the entire execution environment. Following your logic to its conclusion, if I'm going to do banking from my phone (and that's a foregone conclusion), I have to have to cede that bank the right to veto any other piece of software from my phone.
I could buy a second phone, because I'm a relatively affluent software developer, but most people have neither the money nor the energy to buy a special phone for banking. They'll just let the bank control their phone. I consider this is an unacceptable abridgement of their freedom.
I have no problem with Valve anti-cheat, so long as it's reasonably permissive. Valve anti-cheat won't stop me from installing my own software. I'm not drawing a hard technical line here; there's a grey area of reasonable integrity provisions. Sideloading restrictions in Android cross well beyond that grey into the black.
The smartphone does not consist of just one processor, it's a collection of dedicated processors, each running custom algorithms locally. Sure, there's software running in the application layer, but it's playing more of a coordination role than actually doing the work. Just think of sending a packet over the internet and how different it is between a smartphone and a computer, how much more complex a cellular modem is compared to a network card.
It's less about software now and more about hardware accelerated modules. Even CPUs run primarily on microcode which can be patched after the fact.
These patterns are cyclical. It will take a number of years before we return to standardized compute again, but return we will. Eventually.
In practice, a whole lot software would have to be open source too so that the hardware is reasonably usable. The layers you'd need to let an iPhone run android well, or a Pixel phone to run iOS are not small.
Fully open phone systems consistently fail to sell enough to make a difference, which is a bit of a shame, but honestly at this point the market has spoken.
If they want to climb over the protection fence, they should be able to do it as they clearly WANT to do it. Why should you have control what they can or cannot do? (Unless they are your kids.) Should experts in other fields also be able to control over what their layman family members are allowed to do?
always inform them of the consequences
This would be about as useful as telling the cat why he can’t go out right now. The words would not be understood, as they won’t be by probably 90% of humanity.
If they want to…
They don’t. Categorically. The only reason they would try is because they are being scammed with offers of getting something or cajolement entreating them to allow it.
Why should you have control what they can or cannot do?
Me? I’m not asking for control. I’m saying that most people aren’t equipped to understand the threats they face, even in the face of explanation or warning, and their use-cases are comprehensively covered without it. My parents are old. My brother ends up with any PC he owns full of malware and viruses. The current status quo serves them and many millions of other people very well, and we need to be very cautious when arguing to rip this away in the name of our freedom - to them it only represents freedom to be exploited.
Should experts in other fields also be able to control over what their layman family member…
Experts in other fields determine the extent of what all laypeople may do legally all the time. Or do you live somewhere that there are zero restrictions on (for example) gas plumbing or work on electrical systems?
They don’t. Categorically.
They do. Categorically.
The only reason they would try is because they are being scammed with offers of getting something or cajolement entreating them to allow it.
F-Droid installed German university made QR app. Messaging app that government does not like because it disallows spying on citizens.
The current status quo serves them and many millions of other people very well
Said you.
So well that only time I had to deal with malware and scam in one was when my parent installed QR App from Google Play and got AD served to them to confirm mobile payment.
REALLY * WELL.
to them
To you.
it only represents freedom to be exploited.
There is no reason that verification cannot happen in SSL style - and no layperson will create CA certificate, believe me.
be very cautious when
Because of that Google decided that it will first introduce it in Brazil, Indonesia, Singapore, and Thailand... wait a moment I think I seen that list somewhere...
https://en.wikipedia.org/wiki/Censorship_in_Brazil https://en.wikipedia.org/wiki/Censorship_in_Thailand https://en.wikipedia.org/wiki/Censorship_in_Singapore https://en.wikipedia.org/wiki/Censorship_in_Indonesia
This was created so governments can censor any application that allow people to communicate. To limit freedom of expression. You are made into useful idiot.
The fact alone that the 'test subjects' are people living in censorship-like countries should tell you enough.
Experts in other fields determine the extent
There is exception here - no one determines who can speak - but now Google can do so by revoking application certificate.
rip that away
You are ripping that away - all of current democratic infrastructure now requires computer communication.
You are removing user's ability to install software, You are giving governments way to censor and spy on citizen on massive scale. You want change. You should be careful not us.
all the time.
Not all the time - only when there is reasonable ground. You do not provide one - if you think your 'reason' is good then we should ban all communications because someone may send malware in one of links in them.
If you want apple go apple.
Me? I’m not asking for control.
Yes you do - you asking for control to be given to governments in long run, saying otherwise is disingenuous.
Why aren't your family members sending money to the Nigerian prince? I bet your parents and brother are able to perform money transfer, so the tech isn't blocking it, but they don't do it.
Windows has very poor security model. It fails all security requirements I mentioned in my previous post. Needing elevated permissions to move a shortcut to a subfolder on their desktop just trains users that a lot of warning in Windows are useless.
A lot of dangerous and stupid activities are legal. Experts influence laws, but they don't have the power to prohibit laymen around them from doing legal things. Running software of your choice on your devices is legal last time I checked.
The only important thing is for the bank, Netflix and co to not be able to discriminate. But again nothing would provide the bank to offer a setting for the user to restrict where it can use it's banking app if it was not discriminatory. But we know well where this goes, in the end if you don't enable it
It’s a security measure, particularly as we place more responsibility on banks to prevent their customers being defrauded.
How will we use the brain chip? Citizen, for your security, you must not ever see the brain chip software. You must trust it is perfectly secure and will not be used for nefarious reasons.
All citizens who deny the brain chip, please board the train to your designated shanty town.
As a developer I write apps for myself and I side-load them. Why take away my right to do so, just because other people can't then nobody should?
- Running code on your car that compromises safety, like modifying/disabling legally-required safety features.
- Modifying code on health devices, like pacemakers
- Protective code involving things like overheating protections (e.g., firmware preventing you from disabling cooling fans in your laptop or running your 3D printer so that it catches fire)
- Running devices with parameters known by the manufacturer to damage them (e.g., processor manufacturers will let you overclock their chips but will keep some parameters limited/locked that the designers know will not work)
It’s notable that Google is implementing this change first specifically in countries that are impacted by a specific style of fake app scam. They seem to be responding to a legitimate consumer safety issue.
Should we be able to run our own code on our own devices? Generally, yes, and it’s also already legal to do so even if the manufacturer doesn’t want you to. But it’s also legal for manufacturers to set their own parameters.
Like you said, examples like Kindles and game consoles exist where the business needs to have some level of freedom in defining their business model. Would you be able to buy a $150 4K TV at Walmart if the included Roku software wasn’t subsidizing it?
The issues surrounding anticompetitive lock-down only occur in markets with a lack of competition and I think those issues can be balanced agains the manufacturer’s desires to sell a specific experience.
Most of the use-cases you listed are about modifying devices which do not run "software" per se.
Phones, more and more like computers, are becoming general purpose computing devices, which require software to be useful. I think there's a distinction that we need to be aware of.
That’s why I love my iPhone, but I’m not super happy about what happens with my Mac.
There’s something in the reality that it’s the app developers not the user that are being restricted by Apple. Apple keeps the app developers from doing things I don’t like for the most part. I don’t feel very restricted.
But I don’t want my computer to become a walled garden. It’s only OK for my phone.
There’s something in the reality that it’s the app developers not the user that are being restricted by Apple.
Reading this comment as a user and developer in one person, it's so weird to see this disjointed picture of developers and users. You should have rights and feel unrestricted as a user but I shouldn't? Have you considered that being a developer is about the same as being a writer instead of a reader? We're the same...
I don’t want my computer to become a walled garden
Why not? I don't think I can articulate an answer to the "I don't feel restricted" remark earlier better than you can probably do yourself by seeking what it is that rebels against these walls
The difference is I bought the device so I don’t care if you feel restricted as a developer. I’m just saying as a user I feel protected by having someone review the apps that are going on my phone and denying ones they feel suck.
I’m also a developer however I don’t write phone apps
The difference is I bought the device so I don’t care if you feel restricted as a developer.
I don't see how that logically follows. I bought my device, too. How does that consequence developer-me not being allowed to make software?
If you think I'm behind one of these obnoxious corporations, no sir the 180° opposite. I haven't made a mobile app in my life that I haven't also published the source code of, nor made a dime off of them, salaried or otherwise. Desktop or mobile is all the same ethos, if I'm reading correctly that you seem to expect the worst just because I code things up for my own device and whoever else wants to use it?
My comment is an argument against sideloading for phone devices because there’s a lot of nefarious behavior in these types of apps by comparing apples process because Apple is the other operator in this duopoly of phone operating systems. Sorry that was not clear.
How can people be convinced about it is the hardest part. How do you convince people that have no idea about how technology and corporation interests work that the little device that you carry is bascially a brick at the mercy of its vendors?
And when they kind of get you, they don't see the point that you are trying to make, easily dismissing you on why would you want to do something like that when you have "all the apps for free" with a few taps and that there is not such need for what you are trying to explain to them.
People don't even get it when you explain that FB, Google, etc are not free products and so on. Is kind of a rabbit hole and people don't want to dive on such topics because is an endless talk and they lose patience very quickly.
Is very hard to make them see the problem. People are happy with new phones, apps and entertainment every day, they don't care if they are unable to run custom software that may benefit their very own interests. As long as they can do the things that they usually do, to them there's no problem at all. Is as simple as that.
People are switching to Linux now because it works better. The privacy is still a nice-to-have bonus.
There's no reason we shouldn't be able to run what we want on our hardware, without having to trust anything other than the microkernel inside the operating systems.
[1] https://en.wikipedia.org/wiki/Capability-based_security
[2] https://en.wikipedia.org/wiki/Capability-based_operating_sys...
[3] https://en.wikipedia.org/wiki/User_Account_Control
[4] https://en.wikipedia.org/wiki/AppArmor
[5] https://en.wikipedia.org/wiki/Security-Enhanced_Linux
Put yourself in my place... Computer Security is a solved problem, and has been for decades, yet we find ourselves in an infinite loop of crises that result in ignorance of solutions. Maybe 5% of all discourse here on HN is about a problem we don't have to have.
How would you push the world to resolution?
If you want the government to force other people to do the work to let you have your cake and eat it too, I can't support that.
A car that can only drive itself at 10 MPH by a software lock is certainly safer.
But that's stupid and that should be illegal.
Also, the horse is driving the carriage here. Why do you think Apple is just de facto more secure?
That's just pure blind faith. You have zero evidence for that and you couldn't find evidence if your life depended on it. The entire device is closed-source.
Youre just blindly trusting Apple not to pwn you.
Makes me think that google did this now since trump has been criticizing the DMA, so now they feel empowered by their leader to break the law
In theory EU can mandate open bootloaders like EU mandates USB-C charging, but they won't.
The EU cannot simply mandate random stuff, it needs to make a strong case and prove an economic benefit considering also the possible negative consequences.
Noone is forced to do business in the EU, so it always has to consider the cost and risk for a company vs. the overall benefit for a company of doing business in the EU.
Defining a mandate for "open hardware" is a MASSIVE undertaking, creating investment risks for innovators, potential security-risks for the entire EU, additional costs for development, maintenance, support for all manufacturers selling in that market.
What is the economic, technology-agnostic case in favor of open bootloaders which would make EU member-countries support such a regulation?
How much would a manufacturer be required to provide to be compliant? Continued operation even when the trust-chain is broken? Developer Documentation? compilable source-code? Hardware-warranty?
Should a car still be allowed to operate after it's unlocked? Should it behave somehow differently to ensure safety for its owner as well as others? How about an elevator? How about a Microwave?
What would be the tangible economic benefit of such a mandate to companies and citizens in the EU sector?
For a regulatory action, all of this needs to be described in an agnostic way, providing a clear path for a manufacturer to be compliant without creating too much burden on any party in the process.
It's not enough though.
All we can do is make all the decisions possible to keep an open stack as viable as possible - even though what we have now is woefully incomplete. We need to push for this within our teams, within our companies, within our governments, in civil society, and everywhere else that we can because the corporate crowding out of a free technology stack will crowd out everything else if it's allowed to.
The real problem is that @gmail.com or @icloud.com are now required to participate in society. I'm happy to use an iPhone, it's in my subjective opinion the best device on the market. My concern is that I need an iCloud account to talk to my bank. It's become nearly as powerful as my ID card.
The real problem is that @gmail.com or @icloud.com are now required to participate in society
They absolutely are not, though. I've been fully bought into the Apple ecosystem for nearly 2 decades and have used a Fastmail email address with it for the last decade (when I ditched my MobileMe email address). Similarly, I have never had an @gmail.com email address, though I've used various Google products.
Try to live without an Apple ID or Google account. Probably about as difficult as living without an ID.
Forcing Apple to change core tenets of iOS by legislative means would undermine what made the iPhone successful.
Even if this is true… so what? Perhaps the App Store monopoly has helped make the iPhone successful, but that doesn't make it a good thing.
If you want to play Playstation games on your PS5 you must suffer Sony’s restrictions, but if you want to convert your PS5 into an emulator running Linux that should be possible.
Why? What if Sony's restrictions are bad? Why are we ceding corporations the right to treat us however they want, so long as we're using their software?
You shouldn't have to flash a new OS onto your hardware in order for it to respect you as its user & owner. You shouldn't need to be tech-savvy, either. The happy path for the median user should be privacy and freedom.
Free/libre alternatives to consumer software are always going to be second-class, because respecting users is at odds with making money off them. If we people to be treated well by tech, it's not enough to provide an alternative ecosystem. We have to deny corporations the option to treat users badly in the first place.
For instance, the "stop killing games" proposal¹ is by far one of the most demanding laws I can imagine in this vein, but I've (anecdotally) seen massive support for it in gaming communities.
If a manufacturer makes a device locked down, it's the technological protections preventing you from running your own code. Not IP/copyright. Sometimes they get jailbroken but sometimes not.
There may be alternatives to copyright and IP in general, but that would require dramatic changes to society, and maybe not in a good way. What you would get is essentially communism. Rejection of intellectual property is a form of rejection of private property, which is at the core of communism. Problem is, looking at past examples, it didn't work great.
Actually enforcing the anti-monopoly rules on the books would help, too.
And while we're making wishes, we could kill the VC-backed tech play by enforcing a digital version of anti-dumping laws.
With those rules in place, we'd see our market engine quite a bit more aligned with the social good.
Forgive me this seemingly unrelated introduction, but when I read such threads I don't have much hope something will change, for similar reasons. People that care about computer user's freedom and agency will write blog posts and create hundreds of comments about how things should look like, how government and corporations want to enslave them etc. And then do nothing to give those adversaries even a smallest inconvenience. Some will create a new "privacy-oriented" and "freedom-focused" project on GitHub, naively thinking it will solve problem that is not technical at all.
Those without power always become victims. If it is all bark but no bite, no one is going to back down.
Component supplier should not be allowed to only provide datasheet upon signing an NDA and only to some customers while providing chips to the resellers. If you put it on the open market, cough up the FULL datasheet, period.
So basically market forces and profit optimization is at work here as always.
However, if we can still unlock the boot loader and install Lineage OS or something like that and have a way to pay for developers to release their apps on stores like f-droid we can use the hardware.
The biggest problem with having freedom to use our devices is that the model is broken for the developers who support them. You "can donate", but from the numbers I've seen it's like 1 in 1000 donate. No pay == developers can't invest their time to improve the software.
So if there is "really" a substantial number of enthusiasts that are ready to pay for the freedom they crave, then companies like Librem will have enough customers to create decent and usable products for this audience. Want digital freedom - prepare to support the people who provide it.
Yes, that might mean that we'll need to have 2 devices, 1 for "banking/government services" that is "certified" and one for our own usage. Shitty but we'll be forced to do that sooner on later. The efficiencies for the government to enforce the policies is so strong that they can't helps themselves. And corporations like to have more data to squeeze every cent from the customer.
So if there is a working business model for "freedom" we might have a partial freedom. If there isn't we'd be just a digital farm animals to be optimized for max profits and max compliance.
If you agree with this article, do you also agree with these statements?
* "We should be able to repair our firearms with freely available full-auto conversions kits."
* "We should be able to repair our own cars, and add software like Volkswagen did to bypass EPA and state inspection testing."
* "We should be able to repair our own homes and offices, and ignore building codes and ADA guidelines."
However, at least in Sweden, a smart phone is practically mandatory since it has become a means of identification used by banks, police, our IRS counterpart etc. Even our physical mail is slowly being digitalised, and these services practically require you to own a smart phone. You can get by without one, but it’s a real struggle.
Therefore there should be laws requiring more transparency of these devices, in my opinion.
Here in this very thread I'm quite sure there's dozens of people who have pretty much made millions off of the back of this exact thing, i.e. working as developers at the likes of Google, Meta and Apple, part of the machine.
We need those people to atone and start funding lawyers out of pocket and bringing such cases, rather than just chatting about woe is me. In Europe that is, where the judiciary is still much less captured - the US is a lost cause. Such lawsuits are also much cheaper than going up against MegaCorp in US court.
Android uses Google Play Services updates to update some features or security without relying on manufacturers to update the OS and drivers.
0 results
These things are never thought through. Sure, Apple could unlock the whole thing, tell everyone to go nuts. Who's writing the damn drivers? Apple's certainly not obligated to open source theirs, I also can't imagine them signing someone else's. So we end up with a bunch of homebrew drivers, devices crashing, getting pwned, and the dozens of people who install a third party OS on their iPhone write furious articles that get voted up to the front page of HN.
https://support.fairphone.com/hc/en-us/articles/104924762388...
None of their previous phones were (at release) as close to competitive as the Fairphone 6 is today
We could have both an ethical/privacy device and many models at competitive price points, but that requires economies of scale to the same extent as non-fair competitors are doing. It sounded for a short time (like ten years ago) as though more vendors would go this route when incontrovertibly shown that it is possible and they merely need to tell FP's vendors "give some of that fairly mined Cobalt to us, too", but FP is here and history hasn't played out that way so this is what we've got. I assume this is the best that they were able to achieve with the resources they could muster. All we can do to help it grow is buy the device, or start a competitor or collaboration
Surely the latest hardware and privacy/environmental responsibility are not mutually exclusive.
It pretty much is. The engineering for bringing out a latest-and-greatest device and opening it up is something a small independent outfit can't afford, and the big companies capable of it are not interested in doing it.
They'll make the same choice again because it's not really a choice. Nobody would buy the device, or could make much use of it, without Google services on it. They'd be out of business
Edit, to be clear: that is not to say I disagree with what they do. They allow you to unlock the bootloader and they even supply an open and degoogled version of the OS! That is more than any other vendor I'm aware of. Every time I need a new phone, I check if the latest Fairphone fits my needs, and even though it's a compromise, I've tried it out in the past for several weeks. It's really worth supporting. But Google's new restriction will almost certainly affect Fairphone users, too
https://support.fairphone.com/hc/en-us/articles/997915455681...
https://shop.fairphone.com/the-fairphone-gen-6-e-operating-s...
You can also run Ubuntu Touch on the Fair Phones.
Oh, you want to jailbreak it and use it as an authenticator? No. That doesn't seem like a reasonable requirement.
Instructions for installing alternate firmware : https://grapheneos.org/install/web
No, says the car manufacturers, those cycles belong to us
No, says the nerds in Redmond, your computer belongs to us
I’d guess in 5 years you’ll start getting friction for using AD, and heavy push towards cloud services first. You’ll probably have to subscribe to legacy features or migrate to Azure to use them.
Their legacy systems management tool is a zombie product, and the replacement is Intune, which and an MDM solution which locks you out of your computer similar to Android or iOS.
I’ll be retired, so IDNGAF, but in 15 years, Microsoft will be capturing all of the value they give you for free in windows. The future will look like a 1980s mainframe.
That said, service providers, corporations and the like should be allowed one remedy: They can refuse future services and business to anyone if that person violates whatever b.s. rule they came up with.
However, the government (any government) has no authority to police post-ownership activity in a manner that deprives the owner of their property rights. In other words, they can say "You can't own an AK-47" or "You can't generate sound over certain dB" , but they can't say "You can't shoot your AK-47 on your property, even if it pauses no risk of harm to others, but you can own it", and they can't say "You can't use your speaker at maximum volume" (they can police the sound you generate but not the usage of your property, if the speaker passes the legal threshold then the speaker isn't relevant, the sound generated is).
This also applies to free (not commercial) sharing of property (copyright laws are fundamentally invalid).
The problem is, I am talking logic and reason which doesn't translate well into real-world scenarios. In the real world, the guys with the biggest guns make up random rules and pretend it is just and valid.
The reason I'm stating all this, is in the hopes that I can convince anyone who reads this and maybe if enough of us agree, some day democracy might work and laws can change.
The government can prevent ownership of things. It cannot however pass laws that dicate you can come into possesion of things and by all reason it is your property, but as a matter of technicality it can't be considered property and is subject to arbitrary usage laws by the government or rules by third-parties.
That said (I promise, my last one!), access to network services is special. If someone made some software where to function it requires some network service, and they came up with random rules on the network service side, then that is also their right, since that service is on their property. The remedy people have for this is to avoid that service. And if that service is the only one of its kind and using it is required, then the government has a natural obligation to protect the public against monopolies.
I had a hole other post/thread that got negative feedback and some interesting discussion about Google, Android and their sideloading policies. If you glean anything from this post of mine, please let it be that I am advocating for solving of the root causes of these problems. It is all too easy to be reactionary and fall into these rage-baiting events. Solving root causes is never easy, but good solutions are often simple. If reasonable minds can have a healthy discourse to find these solutions then many problems are solved, instead of playing whack-a-mole forever.
I think the real problem is that these countries are abdicating their duty to govern. Why are they not jailing these people running these scams? Or if they are in another country, using political and economic pressure on the other country to crack down?
I don't believe that Google's intentions are actually that great, but there is a real problem in these countries with scams and people's lives being harmed by them.
I think the real problem is that these countries are abdicating their duty to govern. Why are they not jailing these people running these scams?
I 110% agree with you. I advocate for blocking entire countries from the Internet until they start enforcing criminal liabilities to the scum.
Unfortunately, business loves the scum. I'd argue business wants the scum because it's a playground field for "innovating" locked down hardware.
building new operating systems to run on mobile hardware is impossible, or at least much harder than it should be.
Why isn't there a linux flavor for phones with an app store?
Yet there is more BSD and MIT code than ever.
Android is full of open source stuff. GPL3 would have prevented this. We've all been bamboozled and we are starting to realize it.
I wonder if any project will start switching license. Unlikely, but one can dream.
If they just wanted hardware, they could buy their own and piece something together, if we're exploring those kinds of hypotheticals. But buying an Apple or Android device is a different choice and I think, within that context, a user should be able to run the software they want.
To be honest, it was way more of a problem than I ever imagined. The average user who tries to mod their system isn’t as proficient as you imagine they would be. As an engineer you imagine other engineers approaching the system as you would. In practice, it’s a lot of people with a lot of free time who copy and paste things into terminal sessions from forum posts and YouTube video comments. When it doesn’t work, they try to get your customer support team to fix it. They will deny, deny, deny when asked if they’ve modified the system because they want to trick support into debugging it anyway. When customer support refuses to handle their modified system, they try to RMA or return it for a refund in protest.
Over time, it drains you. You see the customer support request statistics and realize that a massive support burden could be avoided by locking it down. You see the RMA analysis and realize a lot of perfectly good devices are being returned with weird hacks applied. Every time you change an API or improve the system you have to deal with a vocal minority of angry modders who don’t want you to change anything, ever, because they expect the latest updates to work perfectly with all of their customer software.
It’s tiresome. I think the only way this works is if customers have to log in to a system and agree to surrender all customer support and warranty service for a device to enable the free-for-all mode for them. That doesn’t work, though, because warranty laws require that you service the device regardless unless you can prove it was the modification that caused the RMA, which is a model that works with vehicle service but not the $100 consumer hardware device.
So I get. I wish every device could be totally open, but doing that with normal customer service and support is a huge burden. The only place it really works is devices like Raspberry Pi where it’s sold as something where you’re on your own, not something where customer support agents have to deal with what the product was supposed to do before all of the different mods were applied.
No, please, don't let me touch memory! It's too dangerous. Give me a nice bubble wrapped playpen to "program" in.
Complaining about programming languages which allow me not to think of malloc bugs when making something not critical makes no sense whatsoever.
The OS and hardware are parts of the whole.
So you're phrasing it wrong.
I should have the ability to run any code I want on my smart phone that I own.
And to my clear, I own my smart phone. You own your smart phone. Any EULA to the contrary should be null and void.
Buy a more open phone if you want one, but stop trying to use legal means to force the software on my phone to be worse for my use-case just because you want to have your cake and eat it too.
If the USG decides to pass a law saying you can only buy iPhones, then we will have more to talk about w.r.t. liberty.
Nothing actually prevents you from modifying your iPhone however you see fit, btw. If you are incapable of breaking Apple's security without bricking the phone, that's a "you" problem.
If the USG decides to pass a law saying you can only buy iPhones, then we will have more to talk about w.r.t. liberty.
Is what the US government does the only concern to you? This feels like a very semantic argument that tries to define the government as the sole arbiter of what's expected in our society. Majority consensus has an equal if not greater reach in telling us what we can and can't do. Case in point: the only two types of smartphones you can reasonably use nowadays are iOS devices and Android devices (and that is Google-sanctioned Android devices, custom ROMs are being rooted out as we speak). Sure, you can technically buy a random dumbphone, and just accept losing access to most of society, including services where using specific apps on specific platforms is mandatory. Is that liberty to you? Everyone telling you that you must pick from one of these options, but you're not forced to at gunpoint, so it's fine?
Nothing actually prevents you from modifying your iPhone however you see fit, btw. If you are incapable of breaking Apple's security without bricking the phone, that's a "you" problem.
I would agree if we were still in the 2000s, when people could actually plug their phones in and flash whatever firmware they desired on them. Current-day phones, iPhones especially, are black boxes that are designed to be impenetrable by anyone by Apple, under the guise of 'security'. Everything is cross-checked to ensure that you can't as much as screw your phone open without consequences. The threat vectors they're supposedly addressing are utterly ludicrous. It's gotta be stuff like "Oh, what if a malicious actor steals grandma's iPhone, opens it, installs a battery that wasn't blessed by Apple, and explodes it after giving it back to her?".
Everyone knows they're doing this because they want every facet their devices to be in their tight grip, so that you just obtain temporary permission to do some things with it under their watchful eye, as long as you stay in your lane. Best of all, they can just incessantly scream something about "safety", "security" or "integrity" and that will be good enough justification.
And 99% of people don't even have the capacity to care about any of this, they'll just pick "security" and cheer on for any new "secure" update that tightens corporate control over you and what you can do. The 1% is too small of a market to care about, they will just reluctantly use the socially acceptable option because what choice do they have?
You can in fact replace the battery with a non-Apple battery without issue.
No you can't. The apple batteries have a chip in them with a code that tells the phone they're authentic - only authentic apple components are allowed.
Its not a conspiracy theory. Apple is just a piece of shit company.
If you think being a piece of shit has to be a conspiracy, you're just naive.
Maybe you got lucky or the manufacturer cheated and copied Apples chip. Probably the latter.
Which, good for the manufacturer, but kind of goes your whole ethos, doesn't it?
Regardless, none of this is really a secret. You can look it up. Its not a conspiracy - again, companies don't need a conspiracy to be pieces of shit. They can just be pieces of shit. You don't need to go bat for them buddy, I promise they don't care about you.
You can keep your device enslaved to Apple all you want. You don't have to use the administrator permissions on Windows if you don't want them. Some of us do want freedom
You've got it completely backwards that having the option to control your hardware means you, as an individual, are impacted by anything at all if you don't want to administrate your own device
One (a big entity with enough resources) should take this as an opportunity and create a new, third truly open alternative to iOS and Android (no, I'm not talking about an AOSP fork, I'm saying something totally new) and let iOS/Android have their thing as they want, letting consumers decide between the three instead of forcing vendors into ridiculous business decisions like forcefully opening their own platforms for others.
I'm not convinced there is some inalienable right to load an OS onto any hardware but said hardware/OS should never be on the critical path to anything a citizen needs to do.
Why not build your own hardware and run your own software on it, instead of screaming at clouds of big tech.
There is Fairphone as an example so it is possible to build/buy hardware directly.
Why not build your own hardware
Haven't looked at this in depth, but designing and manufacturing a phone with a similar miniaturization level and performance to commercial models is a huge electronics/firmware/design engineering challenge. Additionally, often the datasheets for processors, etc. are difficult to obtain and/or under NDA.
Nothing a group of determined engineers with the funding and connections couldn't achieve, but it's no easy task. Fairphone required a few million $ to develop the first model.
Either way, developing software is hard enough - having to build hardware too moves the project toward "pipe dream" territory IMO.
Jesus fucking Christ. We're asking for a drop here from a mega corporation, and still there will be people bending over backwards and spreading their cheeks and actually begging for it. Its not enough to get fucked, we actually have to want to get fucked, and not wanting it is weird or something.
Banks offer web frontends and many make you use 2FA and even hardware keys, which work on phones. We have been doing e-banking even before smartphone phones existed. We still do. On our full of malware and virus windows desktops.
These mobile apps are in reality web frontends disguised as mobile apps with biometrics on top of it. Nothing else really. I develop an iOS app for a bank. It’s really like that.
Despite that I have to obfuscate the binaries, check for cydia, make sure I am not jaibtoken and all kinds of useless stuff.
When you buy a PlayStation you are buying a piece of hardware that Sony sells you at a break even or a loss so that you can buy their games. You are not buying your hardware. You are buying means to run video games on a piece of hardware Sony is selling to you.
When I buy an iPhone I am paying a lot of money for my pocket computer, my internet communicator. The margins are so big, it doesn’t even make sense to squeeze more out of them.
When I buy an Android phone I fail to see the end game except that Google wants to have absolute control over everything I do in my life.
I cannot really deny them their right to do whatever they want.
Still I can’t see really how they want to protect users by having full control. That’s a big lie.
If you want to play Playstation games on your PS5 you must suffer Sony’s restrictions, but if you want to convert your PS5 into an emulator running Linux that should be possible.
This is what Sony did with the PS3, but afaik Linux was then used as a backdoor to jailbreak the "PS3 OS" and sideload games.
I guess, this is why Sony abandoned the idea of allowing Linux on their consoles. Kind of sad, but understandable.
Now we're at a point where there is no justification even for the cost of development/maintenance of such "open compute" features. Why even create a path for parts of your product to be "without rails" when there is no (legal) requirement for it and no significant commercial market, but just increased cost and complexity as well as security-risks.
I would like to see more devices being unlockable and provide the freedom to run "any code we want". But as there is no visible critical mass willing to pay for this, there is no market, and this means the current economic system doesn't support a company walking such a path.
So the only path I can see is to introduce an incentive for this into the system via a legal mandate, or change the system.
Ahem, where was I
Ah yes: ever since dipping my toes in Android, I've always said I'd never buy an Apple device where I can't run my own software or control what proprietary software does. Now that the freedom is being taken away, the world is changing and I care about it. Until now, it was just a matter of buying any brand except one closed one. Not that hard to avoid
I agree that there is currently no expectation for Sony to open up their OS to run just any software (such as pirated games). Nobody said that. There should be an open widely supported mobile OS because that's fast becoming about as fundamental to modern life (in my country at least) as roads and electricity are
Android being so easy to make software for is what hooked me as a teenager, after failing to develop for my previous Symbian phone. Taking that away is possible now because the alternatives are all gone. Where are you going to migrate to without making major concessions in your life? You'll have to forfeit popular messengers that your family, friends, landlord, etc. are on; no more mobile banking; extra fees to use online banking at all; extra fees to legally use public transport; no downloading of episodes or music from streaming services for offline use; no phone calls depending on your country's 2G status; etc.
I would personally love to start contributing to a truly open alternative which doesn't rely on Google being not evil anymore.
Forcing Apple to change core tenets of iOS by legislative means would undermine what made the iPhone successful.
Successful for whom? If you're talking about the commercial success of apple through lock down behaviour, sure. But there is *nothing* that would prevent them from providing the exact same experience while adding a toggle in settings "allow sideloading". You want the "crisp" experience that comes from apple's strict review process, just use the official app store.
Looking at android till now, it is still possible to offer a "certified" os that is flexible enough for you to use foss stores. The argument pretending that removing sideloading is customer centric are borderline fallacious. I don't think that playing on semantics between hardware and OS changes any of that
From a government perspective, I think the issue is anonymity. In the long run, governments cannot accept ownership of a thing without being able to attribute usage of that thing. From that perspective, as much as you cannot anonymously own a warehouse, you cannot anonymously own a programmable radio device.
From the corporate perspective, it's even worse: They cannot accept you using a device freely if they license you software or data. They would probably be fine if you could prove to them that you were not violating the terms (or vice versa, they could prove when you did), but that probably has a massive impact on privacy.
The hardware aspect is quite irrelevant to the whole point: the hardware only runs with software that does not respect your freedom and there's no feasible way to make the hardware run software that does respect our freedom. And of course our banks and streaming services and whatever else we need also don't offer us any software that respect our freedoms. So no, it's not about hardware, it's about free software. Always has been.
All nflix da should require is the interfaces outer needs.
Network stack CODECS CRYPTO stack (DRM)
The OS seems irrelevant.
I mean sure you worked be limited to whatever interface a browser could provide.
It's not as if certification of a certain operating system means anything other than the certificate.
Netflix used play4sure beck in my days at Apple, and literally t out was a tick box for them to assure the content owners they had DRM.
Nobody certified apple's netflix app for ATV back then, I know, Ben Lee and I wrote it...
We desperately need OS research, exokernels should be a thing by now, at least then the question becomes moot.
Windows, (alphabet)OS, Linux and BSD all provide operating systems that enable productive work but there's a lot of cruft
When Google restricts your ability to install certain applications they aren’t constraining what you can do with the hardware you own, they are constraining what you can do using the software they provide with said hardware.
No. Incorrect. Because the argument that we should be focusing on software is a distraction. They use restricting the OS as an argument to restrict the Hardware. Their is pressure put on on hardware devs to toe this line.
You can see this with secure enclaves. If they didn't care about what software was running on their hardware, they wouldn't be designing hardware to restrict the kind of OS you can run on the hardware. Secure Boot/UEFI is going in that direction and Mobile devices are already there to some extent.
This whole argument is a distraction designed to lure people away from the real problem. That all technology (Hardware and Software) is being designed to restrict freedoms. If you are focus on this distraction, you are missing the point.
It should be possible to participate in the modern economy using standard technology.
To this end, I think there should be a mandate that all govt and commercial infrastructure apps offer a progressive web app with at least feature parity with proprietary phone apps.
Want me to use a phone to pay for lunch, EV charging, parking or a toll? Great. It needs to be doable with anything running firefox, safari or chrome.
- As a user sometimes I want to sideload legitimate applications (the question now is why can't these apps get approved on the appstore?)
- As a user sometimes I want to be able to use different devices from different vendors, I don't want to be forced to stay on Apple because airdrop or the keychain or login with Apple or my airpods pro don't work on Android anymore.
Android doesn't even let you access your files. It has famously blocked acess to the subfolders of /Android/data - every app has a subfolder there where it sfores files. And you can not visit these subfolders since Android 11.
A buggy app accumulates gigabytes (literaly, i am not exagregating) of temp files there, but i cant visit the folder to delete them.
Google explains that "it's for you safety".
I have to call it with the strong word "idiotic".
There are apps now where storing files in a shared, accessible folder is a payed option.
And in this world you want to own your hardware.
TBH, I think most people wouldn't care, specially in USA, it is way easier and cheaper to replace than to repair, workmanship is really expensive here.
But If a manufacturer shuts down a Cloud service that bricks my device they should open the interfaces and protocols to make them functional.
It should be possible to run Android on an iPhone and manufacturers should be required by law to provide enough technical support and documentation to make the development of new operating systems possible.
Why?
The author doesn't explain why and I've yet to see any justification for this other than, essentially, "because I want to" - usually evoking supposed freedoms and rights that exist only in the realm of wishful thinking.
I’ve given talks on how various jailbreak exploits work in order to teach people how to protect their own software but also with the suggestion that we should be able to do this.
It’s nuts that personal computers aren’t personal anymore. Devices you might not think of as PC’s… just are. They’re sold in slick hardware. And the software ecosystem tries to prevent tampering in the name of security… but it’s not security for the end user most of the time. It’s security for the investors to ensure you have to keep paying them.
Before the middle ages, you'd make your own product. That turned into local production, mass productio, but still devices could be desicected and analyzed how they worked. A car from the 60's as an example.
So for the most part of our society, reverse engineering was possible. It is only the last decades with closed source software that the opposite is occuring. But did 'we' ever made this a consious decision? Or our we sucker punched by progress
but ultimately it doesn't matter, if the market could bear the additional cost a competitor could emerge... but they barely do anywhere
honestly at this point in life I think it would be easier to change society to be structured in a way to make the people running these companies want to give it to you
You can agree on anti-monopoly but to say we (who is we here) can do this without any resource consideration is not thinking but wishful thinking.
Open source is not wishful thinking but until the user pay …
In reality, what you are expecting is, to be able to use your common tools to modify the device. But the vendor uses some weirdly shaped screws for which you don't have tools to work with. That is the real complaint.
If the government would enforce laws about computer security, tech companies would not have to restrict user freedom.
Obviously this situation benefits those tech companies, but honestly the solution is not as easy as it seems.
Of course it's a different story for the right to repair and DRM.
In March 2014, makers of the free Android derivative Replicant announced they had found a backdoor in the baseband software of Samsung Galaxy phones that allows remote access to the user data stored on the phone.
the change impacts closed source software distributed without verification which is by definition unknown so the "want" is not possible - i.e. you can't know if you want to run it.
There is ONLY ONE valid way to check trust - it is called keyring.
All linux distributions do use it.
Think on how you use SSL certificates on your browser, now remember that you can always import your own Certificate authority.
As simple as that. Unless you have nefarious purposes.
this is happening with apple ecosystem since forever and people fine with it, so what is the issue here???
oh I know, people mad because someone take what they been able used to
not because they cant sideload. you can (just need an developer account for that)
I want there to be the same openness on devices too, don't get me wrong.
It’s through this control of the operating system that Google is exerting control, not at the hardware layer.
True, but many phones use the hardware layer to prevent you from installing a different OS. It's all part of the same system designed to deny us real ownership of the computer we paid for.
But to answer the claim, no, only software that you own or are allowed by the software owner to run, is obviously what should be allowed. And clearly illegal and harmful software should not be allowed at all. It's a no-brainer.
Cars are increasingly controlled more via code than driver, but that (hopefully) goes through certification and oversight processes. Lane control, collision detection, self parking, self driving features - should people be able to hack these systems? Do we want people running their own collision detection routines that are less sensitive, because the stock option keeps slowing them down so much everyday when they drive past a school?
I imagine many of us here have encountered a computer that's broken because the user installed a programe to "make their machine faster" which deleted important windows files or removed everything from the startup folder that the user needs to use. I'm sure I could make a lot of money with a programme that decreases the time it takes to recharge your EV. Might remove heat protections, run at your own risk! (And the risk of passengers, neighbours, pedestrians and anyone your share a road with...)
I don't care if you want to run code that can allow more nuances to the seat heating, but do I think that's an important enough principle to also allow drivers to watch netflix on the in car display?
TVs and home appliances are less concerning, but I'm sure there's users out there who'd like to disable the annoying "don't run the dryer when it's full of lint" lock out or stop their garage door from beeping at their car everyday, not realising that setting also keeps it from closing on top of neighbourhood kids or cats.
I don't know if there's anyway to balance a reasonable right to tinker with a general right to live in a safe environment. I also suspect EU and US readers will have quite different takes on it - in part because of the current culture, in part because I think a lot of it is quite effected by geography. Live in dense housing and your neighbours ability to burn their house down is much more of your concern!)
What do you think when you say ownership?
I think - "this is totally mine. Nobody else's. I can do with this what I want. It is entirely up to me."
Do you own your passport? In fact, you probably do not. Most passports have a page stating to the effect that "this passport remains the property of <relevant authority>".
DO you own your device? I feel like I own my devices. I will defend them from theft, or loss. Because they are "mine". But ownership in a broader or legal context implies more rights that I don't think I have. I don't own the IP to the hardware and software on the device. These components have licenses to which I agree and am bound simply because I possess and use the device. These contracts restrict the things I am allowed to do. So my "ownership" also comes with certain "responsibilities" - which I personally don't believe I ever think about. But they exist.
For instance, probably somewhere in these contracts something is said to the effect that I cannot reverse engineer, reproduce and resell components or plans for these components. And myriad other things. Designed to protect the business and investment and people who invented and built them.
"Ownership" in the age of complex "finished products" that result from trillions dollar global supply changes of incomprehensible complexity is more nuanced than the idea that I found a log in the forest, and now the log is mine.
I don't "own" my passport. I'm not allowed to alter it in any way. I have to report it to the authorities if it gets lost or stolen. I'm not allowed to sell it or give it away. It's an official government document.
I do own my smartphone. I can put stickers on it. I can open it and modify the hardware (if I can work around the various roadblocks by the manufacturer). I don't have to tell anybody if I lose it. I can destroy it on purpose if I like. I can sell it, give it away, share it etc.
You mention IP. That has nothing to do with my use of the device. That concerns (as you mention) reverse engineering with the purpose to make money from it.
I do think that it should be easier for people to build and install alternative OSes on their phones.
However, building your own mobile OS is just really hard. And on top of the technical challenges, the UX challenges, the overall polish challenges, there are non-technical challenges that are often impossible for alternative OSes.
* Industry connections problems. As an example, no open source mobile OS has a contactless payments app, at least not one that is generic and can support more or less any credit card out there. That is, you can't build an Apple/Google Wallet analogue and have it work.
* As much as I wish Jobs had stuck to his guns on the "no iPhone SDK" thing, and had instead developed and improved the mobile web stack, that's not the reality today. There are many things you just cannot do current mobile OSes through its web browser. Native apps are required there. And so that means companies need to choose the platforms they build for. Today that's easy: iOS and Android. But getting governments and banks and various companies to build apps for your niche mobile OS is going to be essentially impossible. And with closed-source kitchen-sink libraries like Google Play Services, it's incredibly difficult even to get a lot of Android apps running properly (and consistently reliably) on "de-Googled" Android phones.
Ultimately the real problem is that there's no capable, standardized, OS-agnostic platform for building mobile apps. The web platform could have been it, but it's not, and now Apple and Google have a vested interest in ensuring that it never can be, because building native iOS and Android apps locks people and companies into those ecosystems.
Ultimately^2 the real problem is that free markets are a myth, and don't work. Companies want to become monopolies, and want to bar new entrants. I would absolutely love some mandate/legislation/whatever that made it mandatory that we have a fully open source mobile OS, and that all the players involved need to be allowed to build equivalent functionality into it that Android and iOS have. I know that sounds radical and like government overreach (and current governments wouldn't go for it anyway). But the alternative is what we have today: monopolists that don't care about the rights of their customers. There's really no "free-market" way out of this.
Security-conscious people might actually prefer to own hardware-limited devices. An example of this is having a camera with a physical shutter, or a light that shows camera activity that can't be disabled by software.
Similarly, some people might prefer to own devices that don't allow side-loading at all, since it disables a potential vulnerability. Maybe it would be best if Google allowed this to be a configurable option when buying an Android phone. (I suppose they could buy an iPhone, though.)