← Back to context

Comment by zmmmmm

1 month ago

> In this context this would mean having the ability and documentation to build or install alternative operating systems on this hardware

It doesn't work. Everything from banks to Netflix and others are slowly edging out anything where they can't fully verify the chain of control to an entity they can have a legal or contractual relationship with. To be clear, this is fundamental, not incidental. You can't run your own operating system because it's not in Netflix's financial interest for you to do so. Or your banks, or your government. They all benefit from you not having control, so you can't.

This is why it's so important to defend the real principles here not just the technical artefacts of them. Netflix shouldn't be able to insist on a particular type of DRM for me to receive their service. Governments shouldn't be able to prevent me from end to end encrypting things. I should be able to opt into all this if I want more security, but it can't be mandatory. However all of these things are not technical, they are principles and rights that we have to argue for.

What I like about your comment is that it points out that all technical work-arounds are moot if people as a whole are not willing to stand up with pitchforks and torches to defend their freedoms. It will always come down to that. A handful of tech-savvy users with rooted devices and open-source software will not make a difference to the giant crushing machine that is the system.

And I'm afraid most of us are part of the system, rage-clicking away most of our days, distracted, jaded perhaps, like it historically has always been.

  • Only competition can provide a solution. We have lost sight of this principle even though all Western democracies are built on the idea of separation of powers, and making it hard for any one faction of elites to gain full control and ruin things for everyone else. Make them fight with each other, let them get a piece of the pie, but never all of it. That's why we have multiple branches of government, multiple parties etc. That's why we have markets with many firms instead of monopolies.

    There has never been a utopian past and there will never be a utopian future. The past was riddled with despotism and many things that the average man or woman today would consider horrific. The basic principle of democratic society is to prevent those things from recurring by pitting elite factions against each other. Similarly business elites who wield high technology to gain their wealth must also compete and if there is any sign of them cooperating too closely for too long, we need to break them up or shut them down.

    When Apple and Google agree, cooperate, and adopt the same policies - we are all doomed. It must never happen and we must furthermore break them up if they try, which they are now doing.

    • >There has never been a utopian past and there will never be a utopian future.

      I wouldn't call it utopian, but I'd say we are way past "peak democracy" at this point.

      There was a time in which corporations did get broken up when too large, when we did understand that it's about serving the population first and accumulating wealth after that, when corporations influencing politics was widely seen as a negative. It does seem to me we are now way past that.

      16 replies →

    • In fact true competition is only possible via open standards, protocols and technology stacks.

      We need agreement to ensure the large corporations adhere to these.

      40 replies →

    • I wish this was a higher up comment because it's such an important point, and it's totally an achievable thing.

      Governments should be supporting this competition, or at the very least not encouraging monopolies/duopolies. Give loads of support/help to startups, small businesses. Let the large corps fund themselves.

      But instead, we end up giving them huge tax breaks, anti-competitive legislation and even give them a voice in government.

    • in the face of large monopolies such as today's platforms, to keep competition you must regulate with laws that stop consumer abuse

    • This doesnt work if the market incentives themselves encourage these rent seeking actions.

      We have given capitalists more and more power pver the last few decades and instead making things better, its just allowed them to nueter the government regulations that would have prevented them from fucking common people over. The market can not solve for this the same way it cant solve for education or the military. This needs laws

      6 replies →

  • The problem is that tech-savvy users are like bikers, most of us are law-abiding and want the best for society.

    Then there's the 1%'ers, people causing trouble, be it by being biker thugs or malware authors or toplevel pirates, actually disrupting the system but often not in a way that's good for the masses and when clashing authoritans the authoritans win due to the masses good.

    And yes, the "good" for the masses is more about malware whilst DRM is more of powergrab by media industries that were unwilling to adapt.

  • > A handful of tech-savvy users with rooted devices and open-source software will not make a difference to the giant crushing machine that is the system.

    Agreed, although I don't think that's entirely true, its just that post-smartphones we no longer have any political agency over a significant volume of the new traffic. Much of the new traffic represents that faction of people who initially mocked the internet as "nerd shit". But we don't have to get discouraged by our smallness here.

    Rather we can offer a sub-system that satisifes our demands and is an open door to those willing to find it. We could try to fight our corner, but unless we're incredibly organised, its unlikely they'll listen due to how less relevant we are, now that all the normies transitioned online.

    So we either jump ship to other, more permissive platforms and help make them good by developing software that closes the gap, or we counter by attacking the systems that prevent people from installing software on the device they have bought.

    We just shouldn't expect the general population to care about our problems en-masse because they never have and never will. We will make a difference by creating an alternative sub-system that is poised to grow when the giant crushing machine stumbles at some point in the future.

    We can't hate people for picking the parental wing of Apple because for most normies they don't enjoy the freedoms of technology, its the choice and difficulty that they conversely find oppressive.

  • I am looking forward for the day I remote ssh into a <insert kvm solution> controlling my iPhone/Android so I can login to my bank app because they stopped allowing web access, and I don't want to compromise on privacy. Shit is nuts.

  • > What I like about your comment is that it points out that all technical work-arounds are moot if people as a whole are not willing to stand up with pitchforks and torches to defend their freedoms.

    If your system requires extraordinary political efforts from large numbers of people, your system will fail. We are the elites, we have to oppose this. If Netflix asks us to implement this kind of DRM, we have to resign. If Facebook asks us to implement sophisticated surveillance, we have to resign. Etc. etc. We can't keep cashing the checks and then point to the body politic like "I beg you to stop me".

My parents are getting old and they aren't tech savvy. The missing piece here is that I want my parents to have a computer they can safely do their banking on, without leaving them vulnerable to scams and viruses and the like. I like that they have iphones. Doing internet banking on their phone is safer than doing it on their desktop computer. Why is that?

The reason is that the desktop PC security model is deeply flawed. In modern desktop operating systems, we protect user A from user B. But any program running on my computer is - for some reason - completely trusted with my data. Any program I run is allowed to silently edit, delete or steal anything I own. Unless you install special software, you can't even tell if any of this is happening. This makes every transitive dependency of every program on your computer a potential attack vector.

I want computers to be hackable. But I don't also want my computer to be able to be hacked so easily. Right now, I have to choose between doing banking on my (maybe - hopefully - safe) computer. Or doing banking on my definitely safe iphone. What a horrible choice.

Personally I think we need to start making computers that provide the best of both worlds. I want much more control over what code can do on my computer. I also want programs to be able to run in a safe, sandboxed way. But I should be the one in charge of that sandbox. Not Google. Definitely not Apple. But there's currently no desktop environment that provides that ability.

I think the argument against locked down computers (like iphones and androids) would be a lot stronger if linux & friends provided a real alternative that was both safe and secure. If big companies are the only ones which provide a safe computing experience, we're asking for trouble.

  • Your parents are more likely to be a victim of a phone call scam than malware, even on PC. There is also no guarantee that malware will not slip through cracks of official stores or signatures.

    You can also choose to do your banking at the physical branch.

    We already had "best of both worlds", especially on mobile OSes - granular permissions per-app were quite good, and on Android until few years ago root was widely available if you needed it as well; these permissions could be locked or frozen if there is concern about users, just like work devices are provisioned with limitations. It all depends on your threat model.

    • In the netherlands we do not have physical branches anymore. They died out. All banking started to go through browser. This was very sensitive to malware and viruses, so two-factor was added through phones. Then less and less people had PCs because phone provides enough. Now mobile apps for banking is the only way to do banking. Or it is required for MFA. Even if you’re calling with the bank it is used as MFA

      11 replies →

    • Phone scams have you install malware. Banks don’t know if you’re on the phone with the scammer, but they would like to detect if you’re using a screen sharing app on the password or transfer screens.

    • > You can also choose to do your banking at the physical branch

      The ones banks that do have physical presence are closing left and right? Also, I don’t think I can money transfers at the physical office of my bank.

      1 reply →

    • Also the good old phishing emails/links. So many people are simply unaware when a website is pretending to look like an app/floating window. Even younger people who you'd hope know better are falling for it today. I work on a PC game and players (mostly young adults) are constantly getting their accounts compromised by the same phishing sites that pop up monthly.

      AI voice and video cloning scams are also only going to increase. Why would scammers need to get people to install random APKs when they can just impersonate a family member and tell them what to give directly?

      To me it seems very much like the classic "think of the children" type argument. It's not going to really fix anything in the end but it will benefit Google.

    • > Your parents are more likely to be a victim of a phone call scam than malware, even on PC. There is also no guarantee that malware will not slip through cracks of official stores or signatures.

      So what? The lack of perfect security is a terrible argument against better security.

      For example, lockpicks exist. Is that a reason to stop locking your house? Our TLS ciphers might eventually be broken. Should we throw away TLS and go back to unencrypted HTTP?

      I'm not expecting anything to 100% stop all scams. But modern computer security is a joke. We could do an awful lot better than we are today at keeping people safe from this stuff.

      > We already had "best of both worlds", especially on mobile OSes - granular permissions per-app were quite good, and on Android until few years ago root was widely available if you needed it as well

      Yes. I want something like this on desktop too - but I want to own the signing keys, of course. It seems strange that this is so controversial.

      3 replies →

  • Everything in life is about trade-offs. Certain trade-offs people aren't going to make.

    - If you want to run an alternative operating system, you got to learn how it works. That is a trade off not even many tech savvy people want to make.

    - There is a trade-off with a desktop OS. I actually like the fact that it isn't super sand-boxed and locked down. I am willing to trade security & safety for control.

    > Personally I think we need to start making computers that provide the best of both worlds. I want much more control over what code can do on my computer. I also want programs to be able to run in a safe, sandboxed way. But I should be the one in charge of that sandbox. Not Google. Definitely not Apple. But there's currently no desktop environment that provides that ability.

    The market and demand for that is low.

    BTW. This does exist with Qubes OS already. However there are a bunch of trade-offs that most people are unlikely to want to make.

    https://www.qubes-os.org/

    • No, not everything is a trade-off. Some things are just good and some are just bad.

      A working permission system would be objectively good. By that I mean one where a program called "image-editor" can only access "~/.config/image-editor", and files that you "File > Open". And if you want to bypass that and give it full permissions, it can be as simple as `$ yolo image-editor` or `# echo /usr/bin/image-editor >> /etc/yololist`.

      A permission system that protects /usr/bin and /root, while /home/alex, where all my stuff is is a free-for-all, is bad. I know about chroot and Linux namespaces, and SELinux, and QEMU. None of these are an acceptable way to to day-to-day computing, if you actually want to get work done.

      8 replies →

    • > If you want to run an alternative operating system, you got to learn how it works.

      The typical user doesn't know how Windows works, and they can run that. These days, users can run a friendly GNU/Linux distribution not knowing how it works. So, disagree with you here.

      14 replies →

    • AFAICT the only trade off is there's no support and few apps for Qubes OS. If it was as popular as MacOS or Windows what would the trade off be?

      1 reply →

    • exactly, people want all the benefit without the consequences

      like if there are OS utopia exist that has all the advantage without the downside then everybody would use that

      but people complaining don't live in reality

      3 replies →

    • >If you want to run an alternative operating system, you got to learn how it works.

      You only need to learn how to start a browser. You're a little behind the times, today browser is the OS.

      2 replies →

  • It is the other way around. The security model of mobile devices seriously inhibits innovation and we end up with ever the same crappy apps we don't really need.

    I also don't believe more people get scammed on PC compared to mobile platforms. Scammers go where the most naive people congregate.

    A sensibly configured Linux system is very secure compared to your mobile device. No security model can really shield against user stupidity. The people would need completely different devices as they simply aren't fit to use a computer. My parents are the same, but I won't accept a bad compromise of an OS just because they essentially need other devices.

    At some point a user will be asked to allow execution of code they got through some fishy mail. There is no defense against that other than for the user sticking to books.

    • >A sensibly configured [desktop, i.e., not just a headless server] Linux system is very secure compared to your mobile device.

      That is not true. It is understandable that you believe it because it gets repeated a lot, but those repeaters are doing what you are, namely repeating what they heard (and sometimes what they want to be true) without sufficient actual knowledge of what they are talking about.

      5 replies →

  • As is Android has support for multi user more.

    Get some real sandboxing, let me install whatever I want in my sandbox.

    That's a bare minimum.

    I also want "I am an adult" mode where I get to do what I want. If Google wants to flag secure net, fine. Not every thing is going to work.

    • yeah this whole shit where lets optimize it for the lowest common denominator is stupid. I hate everything about it.

      im a older millennial, so i have older parents and young kids. My father could not bother with a smartphone or does not care about internet at all. My mother uses whatsapp and everything after initial year she is quite handy with it. Im not scared about her, im more scared that she is reading AI slop.

      My kids are now at the age where a lot of the pears are getting a smartphone for them im not giving them a smartphone. If i give them a smartphone in a year or i will be using parental controls.

  • Well no, if your parents truly are tech illiterate, I would give them Ubuntu and not an iPhone.

    With the iPhone they get the risk of answering to a scam call or scam sms and giving them the access of their bank account.

    Ubuntu is almost bullet proof for beginners.

    In fact, that's what I've done for my parents and I had to retire the computer and get another one because it's the hardware which became too old after 15 years of running Ubuntu without any problem.

    Security for users isn't just about bootloader expoits.

  • > Any program I run is allowed to silently edit, delete or steal anything I own ... there's currently no desktop environment that provides that ability

    Putting aside the philosophical issues, that statement isn't true for a few years now. It's not well known, even in very technical circles like HN, but macOS actually sandboxes every app:

    • All apps from outside the app store are always sandboxed to a lesser degree, even if they are old and don't opt-in.

    • All apps from outside the app store may opt in to stricter sandboxing for security hardening purposes.

    • All apps from the app store are forced to opt-in, must declare their permissions in a fine grained way, and Apple reviews them to make sure they make sense.

    To see this is true try downloading a terminal emulator you haven't used before, and then use it to navigate into your Downloads, Photos, Documents etc folders and run "ls". You'll get a permission prompt from the OS telling you the app is requesting access to that folder. If you click deny, ls will return a permission error.

    Now try using vim to edit the Info.plist file of something in /Applications. ls will tell you that you have UNIX write permissions, but you'll find you can't actually edit the file. The kernel blocks apps from tampering with each other's files.

    Finally, go into the settings and privacy/security area. You can now enable full disk access for the terminal emulator, or a finer grained permission like managing apps. Restart the terminal and permissions work like you'd expect for UNIX again.

    Note that you won't see any permission popup in a GUI app if you open the file via the file picker dialog box. That's because the dialog box is a "powerbox" controlled by the OS, so the act of picking the file grants the app permission implicitly. Same for drag and drop, opening via the finder, etc. The permission prompt only appears when an app directly uses syscalls to open a file without some OS-controlled GUI interaction taking place.

    So, if you want a desktop OS with a strong sandbox that you actually control, and which has good usability, and a high level of security too, then you should be using macOS. It's the only OS that has managed this transition to all-sandboxed-all-the-time.

    • > It's the only OS that has managed this transition to all-sandboxed-all-the-time.

      Depending on how broadly you define [desktop] OS. There are immutable Linux distributions like Fedora Silverblue or Kinoite where all user apps are run from Flatpak, and so have sandboxing. I'd say it's less mature than MacOS but it's catching up.

      1 reply →

    • >It's the only OS that has managed this transition to all-sandboxed-all-the-time.

      Apps are all-sandboxed-all-the-time on iOS and Android, too; right?

      1 reply →

  • > think of the elderly

    This stuff is not just for the elderly and computer illiterate. It's for you as well. You think they're going to stop?

    You're giving up freedom for safety. You will have neither.

    • > It's for you as well. You think they're going to stop?

      No! Which is why I don't want every npm package I install to have unfettered access to my internet connection and to access all my files. If this is being exploited now, I might not even know! How sloppy is that!

      > You're giving up freedom for safety.

      At the limit, sure, maybe there are tradeoffs between freedom and security. But there's lots of technical solutions that we could build right now that give a lot more safety without losing any freedom at all.

      Like sandboxing applications by default. Applications should by default run on my computer with the same permissions as a browser tab. Occasionally applications need more access than that. But that should require explicit privilege escalation rather than being granted to all programs by default. (Why do I need to trust that spotify and davinci resolve won't install keyloggers on my computer? Our computers are so insecure!)

      Personally I'd like to see all access to the OS happen through a capability model. This would require changes in the OS and in programming languages. But the upside is it would mean we could fearlessly install software. And if you do it right, even `npm install` could be entirely safe. Here's how we do it: First, all syscalls need to pass unforgable capability tokens. (Eg SeL4). No more "stringy" syscalls. For safe 3rd party dependencies, inside processes we first make an "application capability" that is passed to main(). 3rd party libraries don't get access to any OS objects at all by default. But - if you want to use a 3rd party library to do something (like talk to redis), your program crafts a capability token with access to that specific thing and then passes it to the library as an argument.

      Bad:

          // Stringy API. Redis client can do anything.
          redisClient.connect("127.0.0.1", 6379)
      

      Good:

          redisConnCap = systemCap.narrow(TCPConnect, "127.0.0.1", 6379)
          redisClient.connect(redisConnCap)
      

      This way, the redis library can only make outgoing connections on the specified TCP port. Everything else - including the filesystem - is off limits to this library.

      This would require some PL level changes too. Like, it wouldn't be secure if libraries can access arbitrary memory within your process. In a language like rust we'd need to limit unsafe code. (And maybe other stuff?). In GC languages like C# and javascript its easier - though we might need to tweak the standard libraries. And ban (or sandbox) native modules like napi and cgo.

      24 replies →

  • Good point. The current security model of desktop OSs sucks. I was recently reminded of this by an issue at work. I'm used to devs having admin rights on their laptops, but here they closed that down: you have to request admin rights for a specific purpose, and then you get them for a week.

    I recently requested those rights again because I needed to install something new for a PoC I was working on, and that wasn't allowed anymore. But during onboarding I had those rights and installed homebrew to more easily install dev tools, and homebrew keeps its admin rights to install stuff in a directory owned by admin. So that circumvents this whole security model (and I did, for my PoC).

    The problem is that it's all or nothing. Homebrew should have the right only to install in a specific directory. Apps shouldn't automatically get access to potentially sensitive data. Mobile OSs handle that sort of thing more granularly. Desktop OSs should too.

    Because the overly restrictive security rules at my work are little more than security theatre when it's so easy to circumvent.

    • There is software that does exactly that. You install a software kiosk were users can pick from and users don't get admin rights.

      Won't satisfy developers for long though because it cannot work.

      The problem is that mobile OS security systems isn't fit to develop anything but shit. It is simply no solution for desktop.

      1 reply →

    • It's not theater, your IT department just isn't implementing it correctly. I recently switched jobs and gave up one macbook pro for another (work issued).

      Company A gave me sudo access and I could do anything I wanted.

      Company B locks down everything, no sudo, no brew, nothing. But I do get a big VM with root to do anything I want. There is an approved "appstore" of many different varieties of IDEs/tools.

      TLDR: Not having brew is not a problem, and /can be/ a better experience if done right.

      It took a couple weeks to shift the mental model but I have no problems. The dev experience is quite good because they provide all the libraries you need to do your job.

      4 replies →

  • But you can choose, your parents can have a phone with the "lockdown" setting turned on and I can have it off if I want. How we expose and handle that setting is a UX problem we can solve.

    What's wrong with that?

    • Because parents typically have bad eyes and need big monitors, or they just want to be able to use a computer like we have been for years?

  • In this case I install Linux Mint. No virus problem. This is a popularity problem: you are more likely to have a sandbox escape on iphone than a virus on PC, because iphone gets more attention.

  • This is where Linux and Apple's centralized repository method shines.

    Social engineering is really where the threat is at these days.

  • Is it really safer on a phone ? Don't banking apps reject latest community Androids builds with all the CVE fixes or Graphene OS yet work totally fine on years old, full of vulnerabilities yet signed official Android ROMs ?

    • Sadly yes. The average joe is not a target for technical exploits that use CVEs. They are, however, targets for meatsack exploits tricking them in installing crap like remote control software.

  • What are the stats here, this sounds like pure bs to be honest.

    Main way people around me get scammed by far like 90% is social engineering

  • This argument doesn't contradict the article.

    An expensive iPhone ships with iOS and a rigid security model.

    If you tap the `about` button 16 times and click a confirmation dialog, you disable certain security mechanisms against arbitrary software installation. Do something else easy but impossible to do accidentally, and you unlock the bootloader. You progressively lose portions of your warranty in doing so.

    This is the path I think we should be going down.

    • Citation please? It’s my understanding that there is no officially approved way to unlock an iPhone.

      They’ve had something like that for a long time on Android, and I think it’s a reasonable middle ground between making the platform open and closed. But as far as I know, Apple never did something like that on iOS.

      1 reply →

  • All this will do is ensure that if malware does get through the official channels (which it can and regularly does) it will be more widely distributed

    • Security doesn't need to be 100% effective to add value. The more hoops we make scammers jump through, the fewer people will end up getting scammed.

      I know angle grinders exist. I still lock up my bike.

      1 reply →

  • > I want my parents to have a computer they can safely do their banking on, without leaving them vulnerable to scams and viruses and the like

    So you need to install Qubes OS for them?

  • KISS : Have a separate device to do banking, and ONLY banking on.

    (More tech savvy users could instead boot into a different partition.)

  • What do you mean by "locked down computer." Maybe something like ChromiumOS?

    Might be a tough sell for the volunteer open source community ("linux & friends") to work on such an alternative "locked down" computing experience. Free and open source software is usually more focused on unlocking use cases, not locking them up.

    That all said, I basically consider macOS to be a locked down computing experience. So that's my solution for older people.

    It's not a perfect solution but the Apple closed ecosystem is better designed for the limited use cases of the elderly. Rely on iCloud and built-in Apple approaches to data security as much as possible.

    For example, an iMac and an iPhone can get all "adulting" use cases done, including typing/receiving emails, printing documents, online banking, government services, and so on. Apple Passwords plus Face ID helps to simplify password-based security. My biggest issue is getting TOTP-based two-factor adopted. Apple Passwords supports this but I usually have to do remote tech support to get it set up initially. It's also annoying that right now, the current generation of iMacs don't support FaceID, because that would simplify authentication across the two primary platforms (desktop/mobile).

    I would never use this setup myself since I like to run F/OSS everywhere as much as possible. But I am realistic about tech expectations for the elderly who just want to live their life with minimal investment in learning about data/software security.

    But you're right, along with other commenters, that it's dangerous for society to rely on a monopolist technocorporate overlord (or a pair of overlords forming a de facto duopoly) for the basic administrative tasks of adult living and lawful citizenship.

  • most reason OSes are insecure is bexause they are designed badly regarding security. they are from a time it wasnt important and most ways of building them also from that same era. its hardly modernized -_-. sure its not the same OS as 20 years back,... it has a lot of layers of junk ontop.

    again, no incentive to improve it. its either unpaid work or the OS vendor has a stake in it being insecure. (both exists)

  • > My parents are getting old and they aren't tech savvy. The missing piece here is that I want my parents to have a computer they can safely do their banking on, without leaving them vulnerable to scams and viruses and the like.

    Purists always forget this point :) What is best for 99% of people.

    And dumb Euro bureaucrats.

    • That's what can be achieved by encapsulation/containerization of apps: a la flatpak, snaps, docker or VMs...

      I found my parents to install random crappy adware apps from official stores too. What protects their banking application is granular permissions, not root access.

This is the crux of the matter.

Maybe conceptually you will be able to run some kind of open operating system with your own code, but it will be unable to access software or services provided by corporate or governmental entities.

This has been obvious for some time, and as soon as passkeys started popping up the endgame became clear.

Pleading to the government definitely can't save us now though, because they want the control just as much as the corporations do.

  • > as soon as passkeys started popping up the endgame became clear

    That's why I'm 100% against passkeys. I'll never use them and I'll make sure nobody I know does.

    They're just a lock-in mechanism.

    • "Passkeys" is a new brand name slapped on an older open, interoperable technology, so it's difficult for me to be "against passkeys" as they haven't fundamentally changed anything.

      Before the branding they were known as FIDO2 "discoverable credentials" or "resident keys".

      Two things have changed with the rebrand:

      1. A lot of platforms are adopting support for FIDO2 resident keys. This is good actually.

      2. A lot of large companies have set themselves up as providers of FIDO2 resident keys without export or migration mechanisms. This is the vendor lock-in part (no export feature), but it's not a feature of the underlying tech itself.

      Fwiw FIDO are actively working on some standard for exporting/importing keys so that's something.

      If you want to use passkeys without lockin, just use Bitwarden or KeepPassXC - they all have full support. Or you can also store a limited number of passkeys on your FIDO2-compatible hardware key like Yubikey or the open-source Nitrokeys.

      14 replies →

  • > passkeys started popping up the endgame became clear.

    This logical leap puzzles me, as it is completely unrelated to HW lock-in and a rather generic medium.

    This is more of a case of OP diverting a topic to shove in his pet peeve on technology they don’t like or understand.

  • Ironically, if everyone adopted passkeys (the real deal tied to secure enclaves or TPMs), then Android malware could not steal your credentials through any kind of social engineering.

  • > Maybe conceptually you will be able to run some kind of open operating system with your own code

    Why do you think they would even allow this? If you think that governments don't have the incentives or the means to criminalize running non-approved OSes, or the unauthorized use of non-approved hardware, you're insufficiently cynical.

    • It's hard to enforce, and not dangerous enough. Accessing something serious from this unapproved code is the opposite, and is being locked down. Try running your own code on your phone's baseband processor, or boot your own OS with Secure Boot on.

  • Should have made open-source components in some key nodes of the ecosystem popular and profitable. But that was a tall order.

    • Open-source software permeates the Internet infrastructure. Netflix is one of the biggest contributors to FreeBSD code. Tons of TVs run OSS-based stack.

      But once it touches the money-extraction path, like DRM, things expectedly lock up.

> However all of these things are not technical

You understand it, but even in this thread you have people proposing solutions like switching from traditional banking to bitcoin, stoping using Netflix and starting torrenting again etc.

Tech crowd always tries to solve non-technical problems through technical means, and this is why I don't have much hope.

  • Technical solutions and alternatives can provide enough leverage for the common citizen to force the hand of those in power. It might not fully "solve" the issue, but making it easier to route around will always force those in power to bend somewhat.

    • In practice the opposite happens - when new technical workarounds are popularized, more technical solutions are found to prevent them and legislation is proposed to mandate them.

      Look at Chat Control in the EU: they started with mandating server-side scanning. Nobody liked that so everyone implemented E2EE. Now there's a new law that adds mandatory client-side scanning.

      Most of my tech-brained friends are saying "whatever, we'll just compile from source or use alternative means of distribution. But is that becomes popular, what's the next step? I'm fully expecting the EU's to then try to mandate the service providers need to ensure their apps aren't tampered with, which can only be done by locking devices down to official means of distribution and implementing end-to-end cryptographic attestation. Then we truly are out of options.

      1 reply →

    • I'm unconvinced. Look at the current wave of attacks on privacy-focused chat + file sharing. The niche tools and workarounds are getting vilified and used as _reasons_ for more elite control.

Joining all the other comments agreeing completely with this take.

I think it's worth adding that this is fundamental enough to not just be a tech issue. There's a strong legal framework in almost all developed companies for regulating companies where acting in their self interest harms the consumer interest. Without which, lots of things we take for granted (electrical safety certification, usb c, splits between serviceand investment banking).

I think the key thing that's missing at the moment is that the types of restrictions OP is mentioning (DRM, blocking encryption) harm both consumer rights and economic development.

That's an argument that needs to come from people knowledgable about both the indistry, and the technology. Like a lot of the people reading this post.

  • Most politicians would find that argument confusing and not agree with you. I don't think the outcomes of running to government would be what you expect. It could easily backfire.

    Politics is a spectrum. Some claim that model is oversimplified but it's not. Here you're making a left wing argument that individual bad actors must be regulated for the good of the collective. However, left politicians would look at the situation and see the opposite. They prioritize an authoritarian safety-first victim-first mindset, in which individual freedoms are sacrificed to help the weakest. But companies like Google and Apple are already doing that. And whilst you're trying to hammer this situation into a left wing framing, the number of individuals who care about the freedom to install apps from anonymous developers is very small. Trivial, on the scale of a country. They do not represent the "consumer interest" in any meaningful way.

    So if you lobbied politicians this way, Google/Apple would lobby back and they'd say, we are exactly what you always demand! We're acting proactively to protect the victims by limiting the freedoms of bad guys for the greater good. And the left would be not only highly receptive to that message, but having suddenly become aware of what is technically possible would likely demand they go much further! We already see this with left wing governments banning VPNs and DNS resolutions so they can better control the internet in order to keep this or that group safe.

    Which sort of politicians care about the rights of freedom-loving minorities over the safety of the collective? Libertarian politicians do. But they are themselves in a minority, and would not be receptive to an argument framed as "we must regulate the big evil corporations for the greater good", because regulation is always about removing freedoms: in this case, the freedom to design a computing device as you see fit. They probably would be receptive to an argument of the form "it is important to be able to distribute code and communicate anonymously", but prioritizing something so few people care about is exactly why they don't tend to win elections.

    So there's no direct solution in politics, but the closest approximation is to support politicians who are more libertarian than average. They won't solve the problem but they will at least not make it worse, and might be open to very targeted regulations that can be framed as protecting market competition e.g. requiring unlockable bootloaders can be framed as protecting competition in the operating systems market. Meanwhile you can try and increase the popularity of platforms that prioritize freedom over safety. In practice that means demonstrating some sort of use case that the big vendors disallow, which is valuable, morally positive and requires anonymous app distribution.

    • I think the framing that "individual bad actors must be regulated for the good of the collective" is wrong here. In my opinion, what GP is saying is more along the line of "powerful actors must be regulated for the good of the collective powerless people".

      When you look at it like that, then what Google and Apple is doing does not fit this point of view. They are (extremely) powerful entities imposing themselves on the whole world.

      1 reply →

    • > here you're making a left wing argument that individual bad actors must be regulated for the good of the collective. However, left politicians would look at the situation and see the opposite. They prioritize an authoritarian safety-first victim-first mindset, in which individual freedoms are sacrificed to help the weakest.

      I think you're simplifying a few things here, mainly the amount of different views that are under the umbrella you're classing as "left-wing" (some of which will fit your categorisation, and some won't) and the amount of different issues under the umbrella of "running your own things".

      What I'm trying to say is that there's multiple arguments to be made along the lines of "large companies can and should be restricted from blocking out freedoms of smaller companies and individuals". There's a big economic argument to allowing competition, and I think that's something that unites a lot of thinkers you'd probably class as right wing, as well as the traditional left.

There’s a scenario where this does work: you can install any operating system on the hardware you own, if you complete a “erase all content and settings” dire scary confirmation screen.

- If you want to run something other than iPadOS or Google TV, go for it. (Smart TVs are just tablets with a don’t-touch screen.)

- If you want to install spyware on someone’s phone, you can’t; the HSM keys held by their OS are lost when you try to install a patched version and restore from a backup, and their backup doesn’t restore properly because half of it depends on the HSM or the cloud and everything is tagged with the old OS’s signature.

- If you want to patch macOS and then deploy it to your fleet, you can; it won’t be Signed By Apple but you’re an enterprise and don’t care about the small losses of functionality from that.

- If you want to dual boot, go ahead; the issues with the HSMs not permitting you to host two OSes worth of partitioned keystones can be resolved by regulatory pressure.

This satisfies all the terms of “let me install whatever I want”, while allowing the OG App Store to continue operating in Safe Mode for everyday users in a way that can’t be entrapped without the scammer on the phone telling them to delete everything, which destroys the data the scammer wants.

My car already allows me to do this. My phone should too.

  • > My car already allows me to do this. My phone should too.

    If you're referring to CarPlay and/or Android Auto you should know that it's not actually running on your car. It's basically RDPing your phone onto your car screen. You can already install RDP apps on your phone and connect to systems that provide more freedom, of course.

  • Your phone can allow that. Many Android devices allow exactly that. Google Pixel devices do, for instance, exactly because Google's Android team has always agreed with you.

You could just not watch Netflix. Most of the content is kind of crap anyway, low effort filler. And the streaming services have trouble even licensing third-party content at all unless they have robust copy protection. That may be stupid because it drives more consumers to privacy but copyright holders are free to negotiate any licensing terms they want.

  • You could just not watch Netflix.

    The digital hermit argument is not going to resonate with 99.9% of users. People buy devices because they want to do stuff. Telling them they shouldn't do what they want to do is never going to convince anyone.

    The real question is where are the representatives who are supposed to be acting in the interests of their people while all this is happening? We seem to have regulatory capture on a global scale now where there isn't really anyone in government even making the case that all these consumer-hostile practices should be disrupted. They apparently recognize the economic argument that big business makes big bucks but completely ignore the eroding value of technology to our quality of life.

  • Netflix is right in its prime right now, K-Pop Demon Hunters is a smash hit and probably the biggest cultural thing going on right now, it has like 4 songs from it in the top 10. Wednesday is coming back this weekfor the end of season 2. Stranger Things is wrapping up in November,

    • Odd to hear for me. Netflix Australia has been in steep decline for years now. The only shows I recognise by title or actors in the poster are 15+ years old, or are adorned with 'Leaving Soon'. Everything of value has been poached by a competitor.

      1 reply →

  • You could also not bother with any of it and return to a dumb phone. That's not a solution though.

    • A smartphone is not a good video device due to small screen. If you do, you just become zombiewalking.

There is also the possibility that without a [paid] curator (the vendor, like Google or Apple) we can't have security for how do we ascertain provenance? You might not buy that argument, but the vendor will make it, and it will resonate with the public and/or the politicians.

Establishing trust with hardware, firmware, and operating system software is currently an intractable problem. Besides the halting problem and the reflections on trusting trust problem (i.e., supply chain problems) the sheer size of these codebases and object code (since you'll need to confirm that the object code is not altered as in the reflections on trusting trust paper) is just too big for the public to be able to understand it. Sure, maybe we could use AI to review all of this, but... that's expensive if every person has to do it, and... that's got a bootstrapping problem.

Basically the walled garden is unlikely to go away anytime soon. It would be easier to change the rules politically to do things like reduce transaction fees, but truly allowing the wide public to run anything they want seems difficult not just politically but technically, because the technical problems will lead to political ones.

  • The digital sovereignty angle will end up quilling the platform lockdown.

    There is no way countries agree to have American companies getting so much control on key infrastructures especially in the current context.

  • Not really. Many countries emit digital signatures that could be used to prove that someone signed something. We would just need to convince countries to use that same infra for companies. So it may be possible to require everything to be properly signed, without requiring everyone to be bound to certain company wishes.

I wouldn’t be totally opposed to having some sort of totally locked down device that I was just used for banking. The bank could even sell them or give them away with the account (doesn’t need high performance).

Another though; if we were actually able to pass laws that helped people, one that I’d like to see would be: for a totally locked down proprietary device, everything done with it should be the legal liability of the vendor. If your bank account gets broken into via the device, you can’t audit what happened, you couldn’t have have broken it, so it ought to be their responsibility.

  • That's basically how it used to work. Before the app my bank required the use of a card and QR reader with a screen that could authorize transactions

This is ultimately a form of collusion and anti-competitive behaviour - practices that we prohibit in other scenarios because we consider them harmful to our society. It's obvious why some large organisations would like more control over our lives. It's not obvious why we should let them have it.

Unfortunately for now it seems our representatives are letting them have it so personally I'm rooting for a snake-eating-its-tail moment as a result of Windows 10 losing support. There will inevitably be erosion of security and support for applications on Windows 10 once Microsoft declares it yesterday's OS - as we've seen with past versions of Windows. This time there is the added complication that a lot of perfectly good hardware can't run Windows 11 - largely because of the TPM/verification issue we're discussing.

So probably a lot of people who haven't moved to 11 yet aren't going to unless their current computer breaks and they get 11 by default when they buy a replacement. If the charts are correct then 11 only recently overtook 10 in user numbers. After all this time and despite all the pressure from Microsoft and the imminent EOL of Windows 10 over 40% of Windows users are still running that version. (https://gs.statcounter.com/os-version-market-share/windows/d...) So how exactly do the big organisations that want to control the client plan to deal with that over the next few years?

Unfortunately unless there is also some sort of intervention to deal with the collusion and market manipulation by vested interests I doubt enough Windows 10 refugees will jump to open platforms when their current devices fail for those open platforms to reach a critical mass of users. If five years from now Windows 10 user levels are negligible and almost all of the former users are now on Windows 11+ by default then the controlled client side probably wins effectively forever. I think it would take something dramatic happening that increased the desktop market share of open alternatives like Linux to say 10+% to avoid this fate. The only likely source of that drama I can see is if Valve's support for gaming on Linux encourages significant numbers of home users to switch and then general public awareness that you don't have to run Windows or macOS increases.

>It doesn't work. Everything from banks to Netflix and others are slowly edging out anything where they can't fully verify the chain of control to an entity they can have a legal or contractual relationship with.

Theres nothing stopping a hardware vendor from being able to delete the system installed keys/certificates, breaking trust to allow you to install your own. Sure netflix might not like it but you still have the right to run your own code and netflix has the right not to trust your OS.

>Governments shouldn't be able to prevent me from end to end encrypting things.

Agreed.

We need legislation mandating that all hardware[a] have at least one fully-functional[b] open source driver for any operating system[c]. And that any device with a microprocessor with writable memory permit custom software to be run on it.

[a] whether that's a single device like a fingerprint scanner, or a device like a phone or tablet

[b] no crippled or low-performance open source driver

[c] any OS, including Windows, Mac, Linux, BSD, or some obscure minor OS as long as such OS is readily available for free or for a reasonable price

I agree, but your points becomes stronger when you leave Netflix away. Netflix is a private entertainment company, and when I don't like their conditions I can always quit.

Banks on the other hand have so much more control over my life. With their apps being locked to the two major mobile OS I have many hoops to go through when I want to use an alternative one. It's not impossible yet, but it becomes very cumbersome to do so.

I'm attempting to revive/create a streaming service to compete with Netflix et al. without any DRM. This would leverage physical media to eliminate requirements from copyright holders about how you might access something you actually own. There are challenges, and I'm almost certain to be sued, but it's a fight I believe is needed.

I think you're right but I'd say it even more generally: we just can't let companies get so big that they can do these things without facing pushback and competition from other entities.

> Everything from banks to Netflix and others are slowly edging out anything where they can't fully verify the chain of control to an entity they can have a legal or contractual relationship with.

We need to make that illegal. Classify it as discrimination. They should be obligated to treat any client that tries to connect the same as they would treat their own software. Anything else is illegal discrimination against users, a crime comparable to racial discrimination.

Anything short of this means they've won. Everything the word "hacker" ever stood for will be destroyed. Throw all FOSS into the trash. None of it matters anymore. What's the point of free software that we can't run? That can't actually do anything useful because it fails remote attestation? Completely useless.

While you have a point there is another aspect to this: If our current situation were already different, netflix and banks would not be able to pull these things in the first place.

E.g. if using open free platforms was already the norm, netflix requiring a verified OS would just result in netflix becoming unusable for most people rather than just killing a couple edgecases used by a relatively small number of people. And so it would no longer be in their financial interest. It's why we've had desktops for so long without this happening, although the pieces are finally being put in place to make it a reality.

> This is why it's so important to defend the real principles here not just the technical artefacts of them.

You're not wrong, but technical artefacts can be an important step in the right direction. I came to my bank, showed them my Librem 5 phone and asked where I can download an app for it. It was a much clearer message than "but Android isn't free!" (which is of course true). I do the same with governmental services. It also makes it much easier to explain to ordinary people that the choice must not be artificially restricted to just two megacorps.

We need an open web, with open principles and to prevent any commercial enterprise from dominating our social / tech sphere via monopolisation or methods of proprietary control.

This isn't a surprise. A vocal minority have been saying the same ad infinitum.

The need hasn't changed, and won't change; however there's a strong likelihood we'll get to a point where action isn't possible because we've passed the point of no return.

They do not benefit from having control, they risk if they don't. This is fundamental.

I do love freedom but such freedom will come with a disclaimer. You do want to use a bank app unsigned and you do not want the bank to check your latest SIM card replacement. You understand and assess the risk and will not discriminate the bank for any loss occurred. Same with Netflix and piracy.

This is fair.

This is a sad reality. I see 2 paths forward 1) we somehow build the right layers into the internet that we can withstand open hardware. 2) open hardware running any software becomes an education use and hobbyist market only. I could see an edu slice to every corporate entity deploying open and free stuff just as onboarding to paid. Hackable hardware with kiddyflix.

> Netflix shouldn't be able to insist on a particular type of DRM for me to receive their service.

Maybe it’s just a bad example, but why would this be true? As a private company delivering entertainment, they can have any restrictions they want as a condition to selling to you.

> Everything from banks to Netflix and others

I have unlocked bootloader. That's it, I don't even have enabled root account. One app refuses to work anyway: McDonald’s. I actually can't decide if it is more funny or scary.

  • I'll be "funny" to publish findings about apps on a very public page and see it being brought to the forefront of the news cycle. A bit of a name and shame type of things, since Corps don't seem to understand any other language.

It is of high financial interest of Netflix. I killed my subscription because they couldn't support my sensibly configured browser.

I often recommend people to kill their subscription as well because of this fact. Netflix just isn't oriented to improve their service for their users and it shows.

It won't hit any of their KPI or metrics, but their shitty behavior has a real effect. That said, most other alternatives suck as well. Killed Paramount almost immediately, can't remember why I left Disney. I think there were similar issues.

How feasible is it currently (I never tried as I don't want or need it yet) to run Android under Linux for your banking/gov apps? I can accessibility tooling to control them, so only in those cases, I could communicate with the android layer. I don't care about Netflix etc (I know many people do) but I must he able to login to banking and gov.

Perhaps we should pick a page from the example of radio and force all video content to be openly reproducible for a forced flat fee.

I prefer to live in a society where adults are free to come to their own arrangements with other adults. Not one where those with a penchant for authoritarianism set terms for others.

Sometimes this system may have warts like not getting to watch Netflix on your Switch, but that seems like a small price to pay for respecting individual autonomy.

Right, so "defend" does a lot of lifting in there.

What are you prepared to do to reverse the contemporary tide of tyranny? What have you done to make those in power afraid to move forward with policy founded in loathing of humanity?

Maybe we must find individual solutions to each controlling application? Replace netflix with bittorrent, replace banks with bitcoin, etc?

Let’s say we do all that. How do you explain to a common layperson exactly what has been achieved? What is the ultimate benefit?

Really not a libertarian, but why shouldn’t Netflix have the right to choose who they distribute content to? They negotiated conditions with the creators, why shouldn’t they be able to specify the DRM? No one is forcing you to subscribe to Netflix. Or even to buy an iPad.

  • The issue is the means of enforcement requires taking away other rights they shouldn't be able to.

    What if I want to require (for anti-piracy reasons) that to use my software you must also give me complete access to your computer, all the data on it, and all your communications. You might say, "Well, if anyone is stupid enough to make that deal, let them." But it's easy to sugar coat what you're doing, especially with less technical users. I think it's better to say, "That's just not something you are allowed to do. It's trampling on rights more important than your anti-piracy rights."

    In the same way, you cannot murder someone even if they agree to be murdered (an actual case in Germany).

    • > What if I want to require (for anti-piracy reasons) that to use my software you must also give me complete access to your computer, all the data on it, and all your communications.

      That's exactly what happens with anti-cheat kernel modules. As one might expect, ordinary people couldn't care less, as long as it works good enough.

      1 reply →

    • Forgive me, but is Netflix asking for that?

      As I understand it, Netflix wishes to authenticate the device, and DRM their content. I'm not aware of anything beyond that (but I'm also not paying attention. )

      Now you may have used the example of what might happen, but then Netfix seems a strange example. Surely Apple and/or Google are more likely players in that example?

      1 reply →

  • For Netflix sure. I don't care. But when it comes to banking and you are forced to use between two OS or this means no access to your bank digitally, this is a massive problem and restriction to citizens' freedom. Everyone needs a bank to operate, and they need to maximize the options available to use them.

    • I mentioned that in another thread, but banks have a legal obligation to to assess and mitigate risks in the service they give to you- you, personally, might be tech savvy enough to understand what you are doing but most people are not and the bank is held accountable when something bad happens.

      This is why they limit service to certain devices or OS versions, even when it comes at the expense of convenience.

      2 replies →

    • well no one to force you to do banking from smartphones

      You can do manually like the old days, EXPLICTLY ALLOWING NON GOOGLE/APPLE to do banking in their own mobile phone meaning THERE ARE MILLIONS OF USERS that can fall victim to scammer+cracker

      how cant you see all of that???? ITS JUST NOT ABOUT YOU

      edit: please educate first, y'all need to know differences between mobile banking and internet banking

      You can downvote me all you want, but I don't want to hear lecture from non-security compliant engineer about what to do about security

      7 replies →

  • Because it's bad for consumers to lose choices, even if they don't normally exercise those choices. The choice is the distributed power we have against the consolidated corporate power. We can choose not to let them restrict those choices, for example with interoperability regulations.

  • >why shouldn’t Netflix have the right to choose who they distribute content to?

    power asymmetry

    • TBH I don't care if Netflix wants to abuse such an asymmetry. I don't need Netflix in my life, so I'll just cancel my subscription(already have). I honestly don't want my lawmakers to spend even a second thinking about Netflix when we have so many large issues in the world right now. If we were talking about something like financial services where I have to engage I would be more sympathetic.

      6 replies →

  • It's sort of antitrust adjacent. They are big enough to set market rules on the manner of distribution, like DRM and hardware-software lock-in, which doesn't directly stifle competition in their field (only a little) but in another field, and the results are arguably anti-consumer. That sort of power should not be in the hands of a single company.

So you want the “freedom” of being able to run the hardware you want. But you don’t think Netflix should have the “freedom” to decide where there software should run?

You don’t have the right to other people’s content - especially for rental content in the case of Netflix.

Even if you don’t agree with that, do you really think that Google should allow Google Wallet run on hardware where they can’t verify the security? No one in the payment chain would trust Android devices. Credit card terminals and every one else has to fall under compliance regulations.

The banks are liable for fraud. Are you okay to say if use unverified hardware to use banking services they aren’t liable for any losses?

I mean you’re right but it seems like the equilibrium we’re heading towards is one where the opposite is true and our internet and society looks more like China’s. Principles unfortunately mean little in the face of societal and technological change, the only thing that matters is the resulting incentives.

I'm going to get wild-eyed now but you can blame Google for that as they're the ones who just announced they'll retroactively ban me from installing software on the computer I bought and own.

I don't think you can really solve this problem as long as there's an operating system monopoly, or even duopoly/triopoly. The lure of total control is just too great. Every operating system vendor, hell every intellectual property vendor will always dream of it. A company that becomes powerful enough to put chains on its users will do so.

From the British Raj to Standard Oil to IBM and Microsoft, monopolies are some of the most powerful forces in history. There is a case to be made that we were on a similar path with Microsoft until a combination of the Internet and a half-assed but not completely ineffective anti-trust campaign made them hit the brakes, for a while.

I think that the solution is to highlight the abuses perpetrated by the biggest tech giants specifically, and advocate for radical government action on multiple levels. #1 to break up these companies. #2, to shackle them and anyone who gets as large as them so that they can't do anything like this again. #3, publicly fund the development of competing, open operating systems.

If you are a US citizen then #1 and #2 are the more realistic paths and you should be watching the various anti-trust cases against Big Tech like a hawk, the celebrity du jour is really Amit Mehta who is scheduled to release his Google remedies any day now. You need to make it clear to your representatives that this is your top issue at the ballot box. We need a second American Progressive Era that's seasoned with digital rights and anti-megacorp sentiment and with "doomscroll" and "Luigi" having entered the vernacular I think we could be closer than many here believe.

If you are an EU or Chinese citizen you should support the development and adoption in those polities of alternative, Linux-based operating systems. In the way the South Korean government specifically encouraged the growth of Samsung into a company with a global footprint, you should do that for local companies which develop OSes that compete with Apple and Google's. These geographies fundamentally can't do much to influence the American legal system so they should instead lean into public sentiment around nationalism and sovereignty and tie these to software freedom because that is likely the only elemental, emotional force that will capture enough public attention and support. Use state-scale resources to create competition for the American tech giants and establish a balance of power, because they are assuredly your enemies at this point.

And lastly for the ten millionth time I'll say it - Stallman predicted this. He saw it all coming. He warned us. He told us what would happen and what we needed to do. It's time to listen and to think big.

  • Meanwhile FOSDEM and similar conferences are full of people carrying Apple devices, and most folks keep picking non-copyleft licenses instead of dual licensing.

    The Stallman generation is slowly leaving this realm, the opportunity has been lost already.

  • It is no coincidence whatsoever that the control accelerated at a pace seen never before just as those two words entered the vernacular. Censorship of such topics on places like Reddit and Youtube tenfolded. It scared them. It's the only thing that works.