Comment by matheusmoreira
18 hours ago
> "Winning" doesn't have to mean owning every transistor
It absolutely does.
Corporations are pushing remote attestation now. They can detect if we "tampered" with our devices now. They discriminate against us for it. Installed your own open source software? All services denied. Can't even log into your own bank account.
We're marginalized. Second class citizens. There is no choice, it's either corporate owned computers or nothing. What good is free software if we can't run it?
Its a lost battle not a lost war. You have to adapt for the circumstances of the time. Today that seems to be using a device that is closed but gapped only to get the essentials done(government services, banking etc.)
For everything else continue to use and improve the open offerings.
In the meantime, keep fighting and supporting organizations to get laws pushed to ensure open devices can access essential services. (Administrations change, whats dire now may be hope tomorrow).
I've come to realize that a lot of closed digital services are just fluff and not needed. So I try to accept that I dont need them. Its a journey.
This may sound silly but I think desktop linux "winning" is of the utmost importance right now. Free software is pretty much shut off from the appliance/mobile computing platforms but if a sizable portion of personal computers remain using free software it will be hard for the big corporations to fully close the web or make platform attestation truly required for everything.
Preserving such mindshare into the future might enable us to show people why they should care about free software and perhaps finally obviate how much malfeasance the perpetrators of closed platforms can do contrasted to the remaining open platforms on pcs (assuming people don't just completely abandon pcs...). This may also help push and convince law makers into legislating in favor of free software and open platforms.
Desktop is still useful, but it doesn’t matter. Everything important to non-techies outside of work life is happening on the smartphone, which has had hardware attestation since forever.
6 replies →
I still feel a bit sad about the changes that happened ~2012. Linux on the desktop really had a strong momentum going around Ubuntu and Gnome 2, where quite a few non-geeks started switching over as well. But then everything fragmented quite rapidly – Gnome Shell was quite unpopular on launch, Ubuntu went in their own direction with Unity, Mint went in a different direction with MATE and Cinnamon, Elementary forked off Pantheon, etc. Similarly, RedHat pushed for Wayland and Flatpack while Canonical pushed for Mir and Snap, and so on.
I'm not saying that Ubuntu/Gnome was everything Linux had to offer (I myself was on Arch and i3wm at the time), but that period was certainly when the largest percentage of people around me were enthusiastically adopting the Linux desktop.
2 replies →
Agreed. It's all about leverage. Without huge numbers of users, we have no leverage. Corporations can afford to just drop us because of our software preferences. That would not be the case if there were more of us.
Multiple devices is the answer. Otherwise you end up with people having their banking hacked because they installed a game mod.
This leads to a massive transfer of power from end users to corporations and governments. User-owned computers and the open web limit the ability of such institutions to place demands on users. Is that worth a slight reduction in the rate of bank fraud?
12 replies →
I am not an expert, but I think this could be improved if the smartphone operating systems had better security models.
For example, an application needs "access to your disk storage", because it needs e.g. to save photos. Okay, let's give it access to its own directory. Or maybe to a subdirectory of "my pictures". But it doesn't need the access to the entire disk, right? Yet in Android, it is all or nothing.
Perhaps with better system, we wouldn't have to ban installing game mods, only to make sure that those game mods do not have unreasonable access rights. Or maybe the banking operation could state "I can only be installed when no other app has an access to my private data" or something like that.
Here's a take on this which might be unpopular:
Open source software lost in this domain fair and absolutely square. Desktop linux has been an extremely accessible and decent option desktops and laptops for, what, three decades; it lost in the open market. I'm typing this comment on arch linux, but even so: It failed to become a force sizable enough to fight back against the tide of corporate-owned attested consumer hardware. Android has been an option for nearly two decades. Its reasonably successful, globally. Google is now toggling the doomsday switch everyone knew they had, to force all applications to go through the Google Mothership. Samsung could fight back; they won't. Motorola could fight back; they won't. The market could revolt; it won't.
Software being open source is not enough to change the tide on what the market wants. Should service providers be forced (e.g. by regulation) to support consumer hardware stacks they prefer not to? By what mechanism do you propose we stop a bank from saying "we'll only support connections from iOS devices", if not the democratic market force of ensuring enough of their customers demand access from devices running free and open source software? You get there by building products people want. Anything else is succumbing to the same authoritarian forces that you're hoping free software will stop, by forcing service providers to behave against their own interests.
If that was unpopular, here's where it gets really unpopular: I don't see a doomsday-level problem with a world where, in addition to whatever awesome FOSS hardware I might have, I also have an iPhone 12 ($130 on swappa) as my "attested device" to do "attested stuff" with, like store my drivers license, banking, whatever. To me, this is... fine. Not ideal; but fine. We should fight like hell to score wins where we can, like in right to repair, parts availability, ensuring old devices are kept up to date for as long as possible (Apple is pretty good at this); but if I have to carry an old iPhone in my backpack to access my bank because they refuse to support my hypothetical GnuPhone 5, the world isn't going to end.
We need nerds who care about this to stop typing on hackernews and go start a phone hardware company. That's it.
> Should service providers be forced (e.g. by regulation) to support consumer hardware stacks they prefer not to?
Yes.
Well, sort of. They don't actually have to do anything. Nobody wants to force them to work for us, that's slavery.
Just don't get in our way when we start writing and using our own software. That's the "support" we want. Just stay out of our way. Leave us alone, without actively discriminating against us for it.
For example, companies wielding DMCA "anti-circumvention" section 1201 [0] to put people in jail.
Or tricks like Nintendo designing their hardware only boot games which show the Nintendo logo on the screen, so that they can shut down any third-party games for trademark infringement.
[0] https://www.eff.org/pages/unintended-consequences-fifteen-ye...
1 reply →
> Should service providers be forced (e.g. by regulation) to support consumer hardware stacks they prefer not to? By what mechanism do you propose we stop a bank from saying "we'll only support connections from iOS devices", if not the democratic market force of ensuring enough of their customers demand access from devices running free and open source software?
The same mechanism that stops a bank from saying, "sure you can withdraw more than $10,000 from your account and we won't ask any questions about what you plan to do with it" - explicit financial regulation with real penalties attached to it, that banks systematically adhere to. I'm not necessarily a fan of all legal regulations around banks or other financial product providers - this is a huge reason I'm interested in truly decentralized cryptocurrency systems - but given that the regulated fiat financial system does exist and is widely used, we might as well demand that these regulations include provisions that the bank has to let people running free smartphone OSs connect to their systems too.
> We need nerds who care about this to stop typing on hackernews and go start a phone hardware company.
We need nerds who care about this to stop complaining about minor things in existing GNU/Linux phones and other similar devices on the market and go buy them. These hardware companies have been there for years already.
It's hard to build a profitable and sustainable business only basing on the minority that doesn't mind it being "too thick", "too slow", "not high-res enough" or "unable to run modern PC games" (all of these are real things I heard from people here, no kidding). And I assure you that if you really care, you'll easily find a way to live with a (swappable) battery that lasts 20 hours.
I own one of these devices (pinephone) and it is legitimately not good enough for day-to-day use (despite the incredible efforts of the people who are working on it's software). I only use my phone for locally-stored music, text-only web browsing and calls/SMS. The Pinephone cannot perform any of these tasks competently. The thing it does best is playing music, but this drains the battery. It will not reliably place/recieve calls/texts (and 911 doesn't work IIRC). It can barely handle basic web browsing. KDE on this device literally pegs both CPU cores to 100% all of the time. Phosh is better but still dog-slow. This is the case even with the many years of improvements the community has been making to these devices. It used to be significantly worse, and the software is monumentally better than it ever has been. I love this device, and it deeply saddens me that it has such major flaws.
All of the current Linux phones have major showstopper issues, and saying we're complaining about them being "unable to run modern PC games" is a strawman. The simple fact of the matter is there are no decent mobile Linux options available.
The most endemic problem right now is "Linux" phones that use crummy forked vendor kernels and Halium. For all intents and purposes, these devices are trapped in time and can't meaningfully get software updates for major system components. The 2 decent Halium-free options, the Pinephone and the Librem 5, both still use downstream kernels, and the Pinephone's kernel is maintained by 1 person in their spare time. I think it's apparent that this is not sustainable, and one can't reasonably expect megi to maintain this device forever.
As sad as it makes me feel to say this, I don't foresee these problems improving for a long time. As of now, I remain stuck with a Moto E6 from 2019 (Android 9.0) as it seems to be the final device ever produced with a replaceable battery, headphone jack, SD card slot, and screws instead of glue.
14 replies →
> By what mechanism do you propose we stop a bank from saying "we'll only support connections from iOS devices", if not the democratic market force of ensuring enough of their customers demand access from devices running free and open source software?
Similar to all the accessibility requirements, of course. Do you think the society / government should force banks to provide services to blind or deaf people? Or should we just let the market decide?
I never stated that its never reasonable or good to force corporations to behave against their interests. What you stated is that the "mechanism" might be to treat a person's chosen software stack as a protected class. I can't agree with this, in any sense, and I think you're just trying to distract the conversation by suggesting it.
2 replies →
I've done research on this, and have considered it but it's capital and time intensive even if I think it's viable.
There are two reasons I think it's viable now:
1. It's possible to wire an agentic system management service into the OS to handle a lot of the routine stuff, so non-technical users will be able to just talk to their computer and it'll be fine tuned to be good at fixing system issues, installing/removing software, managing windows, etc. I developed a scheduling inversion of control executor for enterprise agent control that I've looked into adapting for this use case.
2. The steam deck has proven a new model. Game friendly and a simplified UI is enough to carry Linux. New Arch rices like Omarchy are pushing the envelope of usability. I've been ricing desktops since enlightenment on slackware 96, so I'm pretty familiar with this world.
Regarding form factor, I'm not a huge fan of phones, too many tradeoffs. I think with strong AI voice systems, the optimal setup is buds + tablet. That's a better setup for mobile linux anyhow, and it makes the hardware almost a non-issue.
This is a valid take. I do not agree with it in general: if we look beside the consumer devices, FOSS software us everywhere. and powers almost everything consequential.
But the mobile phones specifically turned from phones into trusted terminal which institutions like banks and governments use to let users control large amounts of money and responsibility. And the first rule of a secure device is to be limited. In particular, the device should limit the ability of its owner to fake its identity, or do unauthorized things with networking, camera, etc.
This junction of a general portable computer and a secure terminal is very unfortunate, because it exerts a very real pressure on the general computing part. Malicious users exist, hence more and more locking, attestation, etc, so that the other side could trust the mobile phone as a secure terminal.
It would be great to have a mobile computer where you can run whatever you please, because it's nobody's business. And additionally there'd be a security attachment that runs software which is limited, vetted, signed, completely locked-up and tamper-proof on the hardware level (also open-source), which sides of the communication would trust. Think about a Yubikey, or a TPM, but larger and more capable. The cellular modem and a SIM card are other examples, even though they may be not as severely hardened. They are still quite severely limited, and this is good.
If I were to offer an open-source phone (and, frankly, any mobile phone), I would consider following this principle. Much like the cellular modem, it would carry a locked up and certified security block, which would not be user-alterable. It would be also quite limited, unable to snoop into the rest of the phone. The rest of the phone would be a general-purpose computer with few limitations. Anything that would want to run on it securely would connect to the unforgeable interface of the security module, and do encryption / decryption / signing / secure storage that other parties, local and remote, would be able to verify and thus trust.
One can dream.
If they want to manage their hedge fund from their phone, then maybe they should consider using a special device for that. It doesn’t really matter for the rest of the people as status quo shows
Locked devices are created to supposedly ensure the security of a device user, not because malicious users exist.
SIM card is a good example. Technically, that's trivially solvable with a PKI infrastructure (a malicious user can't trivially and successfully misrepresent as google.com): operator runs their CA, and by signing your certificate, they attest that you are the owner of a particular phone number. No malicious user can mess with that (other than attacking the CA).
What they can do is attack end-user devices through different cheaper means (social engineering, malicious apps, exploits...), and extract individuals' private keys, thus allowing them to misrepresent as that individual. A SIM card protects against this by not making private key accessible in the first place.
This is exactly what locked devices do: they protect customers from not knowing how to properly (including securely) use their devices.
This is what we need to focus on as technologists: if we know how to securely use our devices, how do we opt out of others "protecting" us, and take full responsibility and liability for security lapses?
5 replies →
> We need nerds who care about this to stop typing on hackernews and go start a phone hardware company. That's it.
We need nerds that are more politically conscious than that, and are not naive enough to believe they can solve political problems through creating companies and hardware.
At this point there are only two things stopping me from using kde or gnome on my work box: Apple and my employer, and I could probably convince my employer. The hardware though is something I’m not willing to compromise on and Apple is in a tier above everyone else currently, so I’m stuck with subpar macOS, not planning upgrading to Tahoe for as long as possible.
How do you price this? How many flops per watt for freedom?
Can you be more specific about why you are not upgrading to Tahoe concerning software freedom?
1 reply →
You can run Linux on Apple devices using the work of these folks:
https://asahilinux.org/
Nerd have been at it since the OpenMoko days, the problem is that they don't understand what the general public cares about, thus all those efforts end up failing, as the few nerds that care about being customers all get a phone, and there isn't anyone left to keep the business going, buying new devices.
Eh? Samsung still maintains a whole suite of independent alternative apps, providing things ranging from NFC payments to calendaring and contact management, that they stuff onto their phones in addition to the usual Google fare.
Until very recently, most/all of their phones had alternative Samsung-produced chipsets available in various markets (Exynos).
They've got their own app store as a built-in.
And they also maintain their own small-system operating system, with Tizen, in case it all goes to shit.
They've been working very hard on parallel development for quite a long time. They're probably better-prepared to jump ship than any other top-tier manufacturer of Android cell phones is.
Motorola Mobility? That was spun out of the stodgy-big batwing mothership in Chicago a long time ago -- and first purchased by Google, before being sold to Lenovo. Subsequent to Google's influence, whatever remains is ill-prepared to jump ship, but that was certainly a design intent. That behemoth is much more dug-in.
So the outlook is certainly gloomy, but it's not all darkness.
(In terms of things like banks only supporting one OS or another: Gosh. Prior to the entrenchment of the smart phone age, I never installed a company-specific consumer banking application on any computing devices at all. It was OK. I just used Sir Tim Berners-Lee's World Wide Web to do that stuff, sometimes with a side dose of SMS on my dumb-phone for active notifications.
And still today, I don't have banking apps for most of the companies that I do banking-stuff with -- and I get along fine with keeping track of the money I have, the money I owe, and the bills I need to pay.
Maybe the right answer here is to shore up the utility of the platform-independent WWW.)
>Eh? Samsung still maintains a whole suite of independent alternative apps, providing things ranging from NFC payments to calendaring and contact management, that they stuff onto their phones in addition to the usual Google fare.
Which is EVEN WORSE in maintaining device attestation than Android. Read about the Knox warranty bits.
> To me, this is... fine. Not ideal; but fine. We should fight like hell to score wins where we can, like in right to repair, parts availability, ensuring old devices are kept up to date for as long as possible (Apple is pretty good at this); but if I have to carry an old iPhone in my backpack to access my bank because they refuse to support my hypothetical GnuPhone 5, the world isn't going to end.
But even as you say, as you're using Arch as your desktop computer, things may be fine now, but they're only going to get worse.
Should we all have to carry two laptops because anything running a free software core is just utterly unusable due to remote attestation?
> We need nerds who care about this to stop typing on hackernews and go start a phone hardware company. That's it.
Didn't you just spend most of your comment talking about how the market forces don't care anyway? Would good is starting up a phone hardware company that will ultimately go bust due to total apathy of the general consumer?
Agreed. Its only going to get worse and all current trends validate that. It’s clearly trending towards closed source big brother platforms. E.g ios, android, windows and macos.
1 reply →
Yep
"free and open web" isn't even used to be anymore, many are using bots and AI to make things worse and many people especially young people didn't even do "surfing" on the web anymore
like it or not but internet that need verification on personal level is the future, I don't agree with it either but if you see from the progress perspective its always been like that
As I said other times: we need a Free Hardware Foundation now like we needed the Free Software Foundation for many years. The GSD (GNU software distribution) is basically a standard GNU-Linux distro using GUIX as the package manager seems very interesting, but if you want to run 100% free software on a RYF-certified device you'll have to pay a lot of extra money for 15 years old class hardware.
We need the equivalent of a Linus Torvalds + Richard Stallman but hardware. We were lucky to have had both for software at the same time. We need the same luck again now.
Pointless. Silicon fabs currently cost billions of dollars. They are single points of failure. Even if the market starts trending towards openness, governments can just regulate a backdoor into these fabs. They have every incentive in the world to do it. Democratized access to cryptography is subversive.
We need some kind of 3D printer that can print computer chips. We need the ability to make our own hardware at home, just like we can make our own software at home. Democratized electronics fabrication. That's the only way we'll be saved.
While I, for the most part, agree to this in principle, at the moment, general compute hardware production is relatively safe (or so it seems).
But when it comes to humongous costs, the fact that even "open source AI models" don't have their training data available (the actual "source") is one thing, but even if it was, it'd be impossible to retrain a model "at home". But if data was available, I am sure any of the existing free software foundations, or a new one, could rally users around sponsoring one DC.
We are back in the "mainframe" days where top-end compute is accessible only to few (with lots of money).
> It absolutely does.
I'm not sure I follow. Corporations are free to impose requirements for access to their platforms. FOSS didn't start by demanding that MS release the source code for Windows and Office. It started with developers writing their own alternatives. What helped was the open and standardized nature of the IBM/PC stack that made it all possible. Without it, FOSS would have died before birth.
> Corporations are free to impose requirements for access to their platforms.
To wit, hardware that I bought is not "their platform", but many corporations sure like to pretend it is.
It's already not illegal to reverse engineer hardware you have bought (for the purpose of maintaining it or compatibility), regardless of how much IP lawyers like to pretend otherwise. (And even if it were illegal, I would contend that reverse engineering is a fundamental right that laws cannot rob you of.)
When BlackRock has stake in 95% of fortune 500 companies, and we are forced to use software and services provided by them because no viable FOSS alternatives exist, it becomes, and already is, a big problem.
You have to own a phone to participate in society these days. I need one to even log onto my laptop for work. Eventually I'm sure some form of digital ID / biometric information will be required for verifying my online identity.
It's a slippery slope, and we're sliding into the abyss.
> Corporations are free to impose requirements for access to their platforms.
Yeah? They shouldn't be. Any attempt to deny us service on the basis of the software we use should be classified as discrimination. It should be a crime of the same caliber as racial discrimination.
Sure, I can get behind that statement for certain things that we consider essential to a person's dignity and safety. Demanding access to Gmail or Facebook doesn't sound like it.
2 replies →
> It should be a crime of the same caliber as racial discrimination.
Universal, but unmentionable and with no consequences in practice?
"Yeah? They shouldn't be. Any attempt to deny us service on the basis of the software we use should be classified as discrimination"
but this doesn't work in real world are they??? I mean look at apple, the iOS is locked down device and consumer know what they buy into
and its user also fine with it
5 replies →
Absolutely.
The takeover of "free software" by the enemies of freedom is not the "winning" of free software.
I think it's worth distinguishing between what "winning" should mean and what's still possible in the world we're in. We may not win by owning every transistor, but we sure as hell lose if we stop demanding the right to.
This looks like a loser's move, but if your bank has no other options except for mobile app, you can buy a cheap phone for that app only, and connect it over WiFi (without SIM card) so the bank would only get your IP address from this and nothing more.
This is indeed a way to cope. But why should we have to merely cope? Why do we accept the world getting objectively worse? The necessary technology is cheaper, better and more abundant than ever – so why are we letting a few megacorps and some power-hungry politicians decide how we use it?
> This looks like a loser's move, but if your bank has no other options except for mobile app, you can…
…switch banks.
I think it's easier just to buy a shitty iPhone...
7 replies →
Come on, this kind of defeatism only emboldens entrenched players.
Yes, we're awkwardly cornered - hardware used to be open or easily reverse-engineered. Now it isn't. The solution is to demonstrate the demand for open hardware. No one is going to walk away from money that can be made even if the market is smaller.
This movement was strong enough that the incumbents themselves offered Linux-friendly hardware. We continue to see momentum in the mobile space as well with /e/OS, Fairphone, etc. GrapheneOS is pursuing alternatives to Pixel.
Be brave!
> Yes, we're awkwardly cornered - hardware used to be open or easily reverse-engineered. Now it isn't.
When exactly was that? The 1980s?
Linux hardware support is better now than its ever been.
What did it take to port Linux to M1 series Macs (which at least has an unlocked bootloader)?
How do I install GNU/Linux distribution on a latest Galaxy S25 or iPhone or Google Pixel or Apple Watch or... (these are likely top-selling general compute devices in the world)?
Yes, on Windows PCs, Linux usually works better than Windows itself (except for the very newest stuff for a short while). But I think you missed the point of the GP.
> No one is going to walk away from money that can be made even if the market is smaller.
Unfortunately the tech industry has shown us that isn't true. For example, look at the iPhone mini - I forget the exact sales numbers others have cited, but it sold very well. There is clearly a solid market there, even if it is smaller. But Apple isn't willing to chase it, and nor are the various Android OEMs. The same may well prove true for open hardware.
Sold very well for your home business is very different than sold very well for Apple. At the time the first Mini was released, when the previous regulat iPhone (5s) was available for cheap and the new Mini had few compromises not dictated by size, it was may be 1/6 of Apple’s sales in the first year and dropped precipitously after that. It never sold well.
> Apple isn't willing to chase it
They are, it returns next year as iPhone Fold for $2K.
This is one of the reasons to embrace crypto - having an intermediary with direct control over your finances is absurd.
Are you able to source all (or even the majority) of goods and services that YOU use, within the crypto ecosystem? Are you getting paid directly in crypto (or if you offer goods/services, do you only accept crypto)? i.e. direct exchange of crypto for goods and services? If not, you are using an intermediary to convert crypto into fiat and vice-versa. Do you invest in ANY non-crypto assets? If not, you are relying on a financial intermediary. Do you practice true self-custody of your crypto? If not, you are relying on intermediaries.
For all the theory about the being financially independent of intermediaries, in practice it is nigh on impossible for most folks living in the real economy. Meaning that for most of them, even the crypto-knowledgeable, "embracing crypto" means a compromise with the "absurd" as you put it.
This, and especially when the intermediaries attempt to police what you can and can't purchase with your own money when you wish to purchase a fully legal good/service (see: Visa and Mastercard fiasco)
Nothing is stopping your crypto exchange from requiring remote attestation.
Nothing is stopping you from keeping fiat under your mattress.
This isn't really a crypto issue.
I agree. I really like Monero.
That’s the value proposition of banks actually. Unfortunately we have let them delegate responsibility for fraud.
People like you are arguing that one should give up on society because of society's flaws. I think your attitude is sad and poisonous.
We need societies, and we need to work to fix their flaws. Every person cannot be an island.
If you're definition of winning is owning every transistor, then it is an unproductive definition.
Under that definition, we have and will always lose.
Y'all should've pushed back far more strongly against their "security" long ago... but now the only way forward is to keep fighting.
But they did, there's even people in this thread saying the FSF/GNU is too strict with their requirements and is akin to the "old man yelling at cloud".
What else are they supposed to do then? Start Luigi'ing people?
Often times the problem is literally yelling at Cloud.
Cloud doesn't have an automatic philosophical match to the way the Freedoms were justified originally. The Freedoms are based on the notion that you should have the right to do what you will with hardware you own; you don't own someone else's hardware in the Cloud.
1 reply →
Yes. This is not even an exaggeration as it is, and they've barely even started.
Where does this resigned opinion that open source can not do attestation come from? Do you really think it's impossible to build the attestation mechanisms inside open source OSs?
Checking what software a user is running can be done with open source software, but actually doing so takes away the user's right to run modified copies of software. The fact that it basically needs hardware-backed DRM also doesn't help.
I see, it makes sense. But I feel like it is a worth while compromise.
Attestation as I understand it is to allow third parties to trust a user's computing device for purposes of handling their sensitive data (both from the user's and the third party's point of view) in a way that doesn't rely strictly on the user's savvy for keeping everything leak proof.
Even if this data belongs to me - as said user - I still think that the existence of open source attested software is a net benefit in the bigger picture because the future looks more and more dependent on secure computation.
You can run it, I'm just under no obligation to let your machine send signals to my machine that my machine will respond to if you are running software I do not trust.
And that's the complexity of this era of computing. We just got finished convincing people that it made sense that they should have the right to run whatever software they wanted on hardware they owned... And then immediately the technology shifted so that most things no longer get done using exclusively hardware that you own. The RMS four freedoms approach is only chipping away at the larger problem: capitalism (I mean that literally in that the problem is that the machines that do the work, the capital, are owned by a tiny ownership class).
> You can run it, I'm just under no obligation to let your machine send signals to my machine that my machine will respond to if you are running software I do not trust.
If some piece of software I'm running is the only reason for you to refuse the connection, then you should be obligated.
It's slightly similar to how protected class laws work. You can block me for no reason, but not that reason.
This is especially important when I just want to run my own OS and not have people go out of their way to deliberately break things because of that.
> If some piece of software I'm running is the only reason for you to refuse the connection, then you should be obligated.
Obligated how? Like through violence? What happened to freedom of association?
4 replies →
> If some piece of software I'm running is the only reason for you to refuse the connection, then you should be obligated.
In general, the obligation has been soft: "If everything adheres to the protocols, it will interoperate" is how we got the Internet. And the Internet was generally useful and so self-incentivized making software work with it with minimal stumbling blocks; nobody was gating FTP clients on only working with Oracle-branded FTP servers because then you couldn't access all the other FTP servers.
But that's not the only model, and I don't see an obvious argument for why should enters into it here. How does that "should" work? Is there legal compulsion? On what moral or philosophical grounds?
> It's slightly similar to how protected class laws work. You can block me for no reason, but not that reason.
Yes, and instituting those laws was a messy uphill battle over immutable properties of human beings. That is a far philosophical cry from "No thank you; I'd like to use all that Apple cloud tech without buying an Apple computer please." I suppose, unless we break the back of capitalism as a societal structuring model, in which case... Yep. We can make whatever laws we want if we throw out the current system.
6 replies →
If the future hopes for openness in computing rely on ending capitalism, we're already toast. Nobody's going to be building the next generation of chip fabs without gargantuan amounts of funding.
Capitalism isn't a necessary prerequisite for gargantuan amounts of funding.
> I'm just under no obligation
You should be.
What are you talking about?
Smartphones have cryptographic hardware that can provide proof that a device has not been "tampered with". This is called attestation. The hardware attests to the fact trust has been preserved since boot.
Your device will not attest to this if you install your own operating system, if you root your phone, if you do anything that they don't like, anything at all.
You install your bank's app and try to use it. The bank's servers ask for the attestation. You will not have one. They decide you cannot be trusted and deny you service.
Even if you can program your own keys into your device, nobody is gonna trust those keys. Why would your bank trust your own keys? They'll trust Google's keys, Apple's keys, the government's keys. You? You don't get to participate.
The corporations and governments want to own your computer. They demand cryptographic proof that your device is owned by them and that they have complete control. If you don't provide it, you're banned and ostracized from everything.
The most absurd part is that you totally can access the home banking from your desktop PC with Linux, without any need of hardware attestation.
Suddenly it's mandatory because the device is a phone?
5 replies →
Remote attestation on Android is one of the primary examples. Banking apps and a bunch of other apps that will cut you off if you do something like root your phone.
(This is not directed to you but the wider community writ large, you just happened to be the one to kick the hornets nest)
You know… there was time before this latest generation started calling everyone that complained to a manager a karen… that complaining to manager would resolve issues… and if that failed, publishing your story and refusing to do business with someone was seen as proper conduct.
Banks!!! Lol! Are the most fragile institutions ever! Fdic, exists for a reason… get enough people to withdraw their money all at once and see what happens.
Open source people that want to stick to your grit… don’t work with banks that won’t let you use open source software. Oh is that too hard for ya? If you’re not compiling your own slackware distro than you have no leg to stand on (/s)
But seriously, use a local bank and try solving human problems by dealing with human’s. Quit trying to tech everything… if the open source community would get unified and actualize… thats a fuck ton of people!
Here’s another crazy concept that the oss community could do… they could literally just open their own bank… voila (its not as hard as it seems and takes way less money than you think)
> try solving human problems by dealing with human’s
Welp. I actually tried it. Here's my experience.
I contacted my banks and got in touch with their managers and devs. They do have APIs. I wanted to use those to create my own software with read only access to my account. I didn't even want to transfer money anywhere, just get my transactions for accounting purposes. I was using ledger at the time and was getting tired of manually inputting everything into the journal.
I eventually discovered I would need to incorporate and beg the central bank for permission to touch the financial system.
Open source people that want to stick to your grit… don’t work with banks that won’t let you use open source software
there is not a single bank in my area that would let me do that, unless it is by accident. so the choice you suggest is de facto not available.
Cryptocurrency says hi?
> But seriously, use a local bank and try solving human problems by dealing with human’s. Quit trying to tech everything… if the open source community would get unified and actualize… thats a fuck ton of people!
Wise, and thus downvoted. Many FOSS enthusiasts are antisocial, sometimes even misanthropic, fragile snowflakes ("I should be able to run any software I like, on any device I like"), so any call for collective political action, that actually could achieve something more, is disregarded.
M-x dispute-charge
[flagged]
[dead]
I think free software has to adapt. I find it very difficult to run QGIS on a modern Mac with an up-to-date OS. It won't run for genuine security reasons, not because some corporation doesn't want me to run free software.