Comment by bane
1 month ago
I'm struck with how long the history of Apple's earliest iPhone has shaped and produced long-term damage to the concept of digital ownership. Apple originally didn't allow anybody but Apple to create software for the 1st gen iPhone, and only later was forced "opening" it my market forces.
People who realized they actually owned the thing they bought wanted to do what they wanted, which required circumventing Apple's control or "jailbreaking". This differentiator stimulated Google to "allow" installing on Android without "jailbreaking" the device aka "sideloading", giving the illusion of the kind of freedom that was never in question on normal computers.
It is interesting though how this same conversation doesn't exist in the same way in other areas of computing like video game consoles or other embedded computing devices where the controls against arbitrary applications is even stronger.
The fact that mobile phones aren't yet just a standard type of portable computer with an open-ish harware/driver ecosystem that anybody can just make an OS for (and hence allow anybody to just install what they want) is kind of wild IMHO. Why hasn't the kind of ferver that created Linux driven engineers to fix their phones? Is Android and iOS just good enough to keep us complacent and trapped forever? I can't help but think there might be some effect here that's locking us all in similar to how the U.S. healthcare system can't seem to shake for profit insurance.
I'm sometimes surprised at the plethora of cheap handheld gaming systems coming out of China that support either Linux, Android, or sometimes both, and seem to be based on a handful of chipsets. If anybody ever slapped an LTE module and drivers onto one of those things we'd have criminally cheap and powerful, open phone ecosystem.
> It is interesting though how this same conversation doesn't exist in the same way in other areas of computing like video game consoles
Historically, when the first game consoles with game cartridges existed, the hardware was much more niche than the available personal computers. Game system developers designed hardware specifically for games, and game developers developed for those specific systems. Also, physical media for games provided an ownership model and DRM.
In 2003, Apple released the iTunes Music Store partnering with music labels to counteract the prevalence of music pirating. That was the first major digital marketplace with DRM and way before the App Store in 2008!
In 2005, digital distribution for video game consoles came with the Xbox 360, PlayStation 2, and Wii. Being game consoles with unique hardware, they kept their restricted licensed development model of previous generations.
The iPhone and App Store just followed that pattern. Unique hardware and a licensed digital marketplace to go with it.
Now, the hardware between video game consoles, smartphones, and personal computers are mostly unified; and the only real difference is software, but the restricted marketplace model still remains.
---
> The fact that mobile phones aren't yet just a standard type of portable computer with an open-ish harware/driver ecosystem that anybody can just make an OS for (and hence allow anybody to just install what they want) is kind of wild IMHO. Why hasn't the kind of ferver that created Linux driven engineers to fix their phones?
DRM. There are already devices where you can unlock the bootloader and install any OS on it. But then you won't be able to install apps that use the Play Integrity API to ensure DRM. Companies/developers want revenue and develop apps that require Play Integrity.
Any device that doesn't have DRM will never support a paid digital marketplace or paid content streaming.
> Is Android and iOS just good enough to keep us complacent and trapped forever?
Probably. Microsoft tried a DRM supported OS with Windows Phone and that failed.
---
That being said, digital marketplaces and DRM have there place to prevent piracy and allow developers and creators to make a living.
If someone has a solution to prevent piracy without a root of trust that would be ideal.
"That being said, digital marketplaces and DRM have there place to prevent piracy and allow developers and creators to make a living.
If someone has a solution to prevent piracy without a root of trust that would be ideal.'
This is the equivalent statement to inspecting everyone's bag at any point because they might have something illegal. It's not an acceptable move from google.
> If someone has a solution to prevent piracy without a root of trust that would be ideal
and that someone is named Gaben, and the solution is called Steam. He has done more to solve piracy than any media empire who proportedly spent billions in law suits, lobbying and anti-circumvention ever did.
9 replies →
I think it's more equivalent to when game consoles check the license on disc media.
It used to be via hardware in the disc reader, then online license checking. And now it's fully digital, media and license.
The fucked up part is the fact that we can't transfer digital ownership of purchases. But at least I can use my purchases across multiple devices. Maybe this is what we should use blockchains for, but it would still require a locked device with root-of-trust.
---
> It's not an acceptable move from google.
By all means, you can have an unlocked Android device with a non-Google sanctioned OS and not use Google Play. That way you can use any app that doesn't require Google Play Protect.
Companies are OK with it because it makes them money. The majority of users are OK with it because they can use those companies' apps.
> Any device that doesn't have DRM will never support a paid digital marketplace
Yet here am on linux buying games on steam
Steam is a bit different, since that originated as a PC digital marketplace before complete root-of-trust DRM from HW->bootloader->OS->SW.
If anything, I would bet on a shift where Steam on Linux requires a signed OS like Windows Secure Boot. Call of Duty and Battlefield 6 already require Windows Secure Boot.
Wait, a signed Linux OS with Secure Boot already exists. It's Android Play Protect.
Also on Linux, you only get Widevine L3, which limits video and audio quality for DRM web content.
10 replies →
Indeed. The complement of No Tux No Bux is If Tux Then Bux.
It's less likely that game consoles and smartphones will become fully unlocked like personal computers. I would bet on the opposite where personal computers have the same HW/SW model as smartphones. We are already almost there with macOS SIP and Windows Secure Boot. The only thing missing is removal or isolation of root privilege escalation.
> Now, the hardware between video game consoles, smartphones, and personal computers are mostly unified; and the only real difference is software, but the restricted marketplace model still remains.
Not really in regards to consoles, the hardware is still tailormade for game development, even if some components seem common.
> Any device that doesn't have DRM will never support a paid digital marketplace or paid content streaming.
None of the attestation stuff actually works for that.
For streamed content the pirates only need one person to crack one device and then everything is on The Pirate Bay. Notice that it's all still available in such places despite the DRM and the people still paying for it are still paying for it despite its availability there.
And apps are the same. If you put some attestation in your app, the pirates would just disable it in the copy they distribute, because attestation does nothing to prevent copying.
What it's nominally supposed to be for is so that a server can verify that the device is approved before providing some service. But that only works if a) the thing the server is providing is individualized rather than generally available, and b) the attacker can't get an approved device. The first is what makes it useless for copy protection. The second is what makes it useless for e.g. a bank app, because the attacker will just steal the user's credentials on a compromised device that never even attempts attestation because it's only connecting to the attacker's servers, and then put the stolen credentials into an approved device in order to transfer the money.
The only party to benefit from any of this is the incumbent platform if they can fool useful idiots into using it in order to lock customers into their platform.
> For streamed content the pirates only need one person to crack one device
Thus the push for locked devices.
> What it's nominally supposed to be for is so that a server can verify that the device is approved before providing some service.
Which is why Neflix wont work with a device failing Play Protect.
> The first is what makes it useless for copy protection
Not if you require a locked device to download the artifact in the first place to prevent copying.
14 replies →
It took years before Apple relented and allowed the concept of a file be exposed to end users.
To be fair, initially Lisa also had the same document concept from Bravo, and that they took into iOS.
So Apple has been through this before.
Don't prevent piracy
> In 2005, digital distribution for video game consoles came with the Xbox 360, PlayStation 2, and Wii.
Or at least ten years earlier with a Japanese SNES:
https://wikipedia.org/wiki/Satellaview
> I'm sometimes surprised at the plethora of cheap handheld gaming systems coming out of China that support either Linux[...]
Do you have examples?
All the ones I see that "support Linux" are locked to a single kernel build, and so aren't much better than a hacked Android ROM, which is because the SoC manufacturer makes a "sort of working" version and dumps it over the wall, and this is exactly the same thing they do with the crappy Android phones which are never mainlined.
There are massive projects to bring all of these in mainline such as SunXi, which makes AllWinner look supported even though they actively work against it.
> It is interesting though how this same conversation doesn't exist in the same way in other areas of computing like video game consoles
Yes, there needs to be a lot more uproar for these cases as well. One of the most appalling cases is that of macOS. To distribute your app (as a .dmg for instance), you need to sign up and pay for a Developer ID, sign the app with a Developer ID certificate and then notarize it, EVEN if you don't intend to use their App Store.
You can self sign without a developer account and self distribute and all it does is notify the user that the software is from the internet the first time they run it. They can still use the app. If it is completely unsigned, users may have to bypass gatekeeper, but that is just a setting.
If you want to sign using a cert trusted by apple, and distribute on their infrastructure, you do need a paid account.
This seems like a reasonable compromise, quite honestly. That is based on remembering the bad old days of just having to trust that the software you downloaded from some random shareware site hadn't been modified maliciously.
99% of users are not going to understand why they can't just double click the app to run it. And the second they see macOS gaslight them into thinking self-signed applications are radioactive biohazards via scary warnings, they aren't going to take additional complicated steps to run the app they wanted to run in the first place.
Users will just assume the app is broken, a virus or that you're a hacker, all because of the way macOS treats apps from developers who didn't pay the Apple tax or submit the app to Apple's panopticon for approval.
Users should not have to know some cursed and arcane ritual to run the apps they want to run.
1 reply →
Wait, do you need to do that? I've never attempted distribution, but I've created multiple local apps with Electron and Tauri for myself, and they are just a .app on my Applications folder. Wouldn't it be as easy as sharing this file with anyone else if I wanted to distribute them?
No, macOS treats your machine's self-signed certificates in a special way so that running apps signed with them is transparent to you, but a nightmare to anyone you dare to distribute the apps to without Apple's approval.
They need to try to open it, visit Settings > Privacy & Security, scroll down quite a bit, hit Open Anyway, try to open it again, and confirm one last time.
(Might be quicker for some in Terminal if supported.)
I think it used to be Right Click > Open, then confirm.
> that was never in question on normal computers.
One of the things that really worries me is that this seems to be creeping in to desktop OS's as well. It's still possible, for now, to install software on Windows 11 without going through the "Microsoft Store", but I remember having to tweak some security settings to make that possible... and was really alarmed the first time I tried to install software on a fresh install and got blocked and directed to the Microsoft Store.
I've always had mixed feelings about RMS and FSF, mostly due to their hardline attitudes (I'm not opposed to proprietary closed-source software even if I have a preference for FOSS... I think there's room for both) but this trend of software installation gate-keeping that came from mobile has me really worried (and I've never been much of a mobile user either, so any creep from mobile into desktop is always unwelcome and alarming to me).
You're talking about "S mode" on Windows. This is not the default mode for a new Windows install but it is sometimes chosen by the device manufacturer or controlling organization for.. reasons? It can easily be disabled
> It's still possible, for now, to install software on Windows 11 without going through the "Microsoft Store", but I remember having to tweak some security settings to make that possible... and was really alarmed the first time I tried to install software on a fresh install and got blocked and directed to the Microsoft Store.
I’ve done several fresh Windows 11 installs lately and haven’t seen this at all.
As the other comment said, you must have used a machine that had a special mode set.
The first time this really hit for me was when i had to jump trough so many hoops to get the at the time most popular controller (ps3 controller) at the time to work with a windows pc due to microsofts hardware signing bullshit.
I could order the most random stuff from aliexpress and it would work but not the competitions controller at the time.
> I can't help but think there might be some effect here that's locking us all in similar to how the U.S. healthcare system can't seem to shake for profit insurance.
Yup. The Amish have had no trouble implementing a single payer healthcare system in the USA. It can be done, where the people want it. But, by and large, the people really don't care. In the back of their minds they might think it would be nice to have in the same way they think it would be nice to have a muscly six pack, but when it comes down to putting in the effort to see it happen...
I understand what you're saying, but I still think it's wrong to blame the people "not wanting it". The corporations and politicians are really powerful and they go far and wide to protect their profits and interests.
Yes, the people could care more and could stand up for it, but it's so easy to blame them and that's exactly what the corporations & politicians want.
Maybe in some magical AGI future computers can do the work, but until then where else is the effort going to come from? It isn't going to randomly appear out of thin air, that is for sure. There is nothing else to "blame" but them.
It's not the "corporations"[1] keeping you from that six pack, nor it is it keeping you from building a single payer healthcare system. Not wanting to put in the toil to make it happen will certainly get in the way, though. We all understand why nobody really wants to put in the hard work and suffering to make the necessary changes, but that doesn't change the fact that it won't happen until you do it.
[1] Which, in this context, is just another way to say people. And in this case often the very same people. ~40% of US corporate stock is held by Average Joe retirements savings account (IRA, 401k, etc.). Ask these people if they'd like a single payer healthcare system and the answer would almost certainly be "Yes!". But if you then ask them to do the work to see it through: "Never mind. What we have will do.".
4 replies →
There's been plenty of politicians trying to get single payer going, people don't vote for them. You can blame propaganda and stuff but at the end of the day people choose freely who they vote for.
This is unreal, do you think people who face the choice between lifelong debt and the loss of a loved one really are comparable to people wanting a six pack? Do you think people really don't care about literal life and death situations?
I'd argue the fact a significant minority of US citizens are cheering on the assassination of healthcare executives (something that does not happen in countries with socialized healthcare systems) mean they are quite motivated for changes but can't find a political outlet for this motivation.
> The fact that mobile phones aren't yet just a standard type of portable computer with an open-ish harware/driver ecosystem that anybody can just make an OS for (and hence allow anybody to just install what they want) is kind of wild IMHO.
It is worth mentioning that the push against open phones never came from big tech but from governments everywhere in the world. Tightly controlled communications was and still is the status quo. People sometimes forget that e.g. in Germany telecommunication used to be a government authority and it was prohibited by penal law to even open a telephone. Things like weak encryption standards and tightly closed down proprietary communication chips inside phones were always intentional.
None of this justifies or explains Google's actions but it puts things into perspective. Personal computing is an outlier, and if home computers had been connected to a network from the start they would probably have been as tightly controlled as all other communication devices have always been.
Unfortunately, the control authorities still exist and seek to gain more power over computing devices and their goals mostly align with the commercial interests of large tech companies, who have basically just become alternative telco providers. So, I estimate that personal computing will be more or less eradicated relatively soon.
> It is interesting though how this same conversation doesn't exist in the same way in other areas of computing like video game consoles
This is part proprietary pedigree too.
You had to buy Nintendo cartridges to play Nintendo games, so no one ever questioned the Nintendo seal.
> The fact that mobile phones aren't yet just a standard type of portable computer with an open-ish harware/driver ecosystem that anybody can just make an OS for (and hence allow anybody to just install what they want) is kind of wild IMHO.
It's because the "killer app" of phones is that they are a phone, aka a remote communications tool that relies on a subscription payment to access someone else's infrastructure. People don't care that phones are not general purpose platforms, because the point of having a phone is to communicate with others, which currently requires paying for that privilege.
If you didn't have to pay for access to a network, and the phone still worked as a phone, then you might see a change.
But the vast, vast majority of that communication is done over IP and has been for the past decade. It's not a "phone" at all. It's a computer with an Internet connection.
and you are welcome to buy a hackable tablet to run a browser or desktop app and use that for all your comms. This is not how most people work though :)
The far far worse issue is that public utilities (i.e. governments) and entities like banks force you to use an app only available through one of 2 privately owned distribution channels to interact with them. IMO this is a far worse and pervasive issue than phones being locked hardware.
1 reply →
> It's because the "killer app" of phones is that they are a phone, aka a remote communications tool that relies on a subscription payment to access someone else's infrastructure.
My computer's killer app is to be a remote communications tool that relies on a subscription payment to access someone else's infrastructure.
But you can. I don't even use telephony anymore; it just works like crap here. I have all my calls over IM. At that point the phone is literally just a normal PC with an Internet connection, it just so happens the connection is wireless.
See my other reply to sibling. If this is how you operate, you are welcome to purchase or build hardware that better reflects your needs. Forcing a private company to modify their product, which people are happily paying for, because you personally disagree is a stretch. The better argument is that other entities whom you pay (government; tax, bank; fees) shall allow non Play or Apple store interfaces to their services, and not supporting this is an abdication of their responsibility to you.
3 replies →
> The fact that mobile phones aren't yet just a standard type of portable computer with an open-ish harware/driver ecosystem that anybody can just make an OS for (and hence allow anybody to just install what they want) is kind of wild IMHO. Why hasn't the kind of ferver that created Linux driven engineers to fix their phones?
It's because each phone SoC is essentially its own bespoke architecture. You can't build one arm64 Linux ISO that will work on all phones like you can an x86_64 ISO on a PC. Each and every model of phone requires 0) unlocked bootloaders and either 1) full support from the vendor for Linux or 2) dedicated hackers willing to reverse engineer the board to get it to boot Linux in the first place & then developers willing to write missing device drivers & then maintainers willing to keep the fork up to date or mainline the changes.
It will always be cheaper for phone manufacturers to develop bespoke SoCs than it is for them to implement protocols and interfaces that make booting and hardware discovery standardized like they are on the PC. Making a phone as accessible as a PC to booting generic operating systems inherently means increasing costs at every level from the design up.
> I'm sometimes surprised at the plethora of cheap handheld gaming systems coming out of China that support either Linux, Android, or sometimes both, and seem to be based on a handful of chipsets. If anybody ever slapped an LTE module and drivers onto one of those things we'd have criminally cheap and powerful, open phone ecosystem.
On the surface it seems like that, but all of those devices suffer from the same issues I described above. There will be thousands of devices that "support" Linux, but only nominally.
What happens is, if the manufacturer even releases the kernel source, you get a git dump of a forked kernel that was never modified to be upstreamed with the vanilla mainline kernel. That essentially means you are stuck using that fork unless you have the time, knowledge and skill to port that fork over to the mainline, which is a lot of work. This applies to every SoC, and SoC modification, in gaming systems. Barely any of this work crosses over or can be standardized like it is on a PC.
None of that makes a platform a real open ecosystem.
Source: I'm involved in porting and maintaining a Linux distro for those cheap Chinese handheld gaming systems. The only reason Linux runs on them is because weird nerds spent time getting it to run on them. When they get bored, your Linux "support" ends.
The best we can hope for is for ARM servers to scale down to the point we can use them in small form factors, as ARM servers implement the same standards PCs do to run generic Linux ISOs. We aren't going to get this from the mobile hardware ecosystem, there just are no incentives to make such an investment. Maybe we'll get them if ARM PCs truly take off.
> It is interesting though how this same conversation doesn't exist in the same way in other areas of computing like video game consoles or other embedded computing devices where the controls against arbitrary applications is even stronger.
The conversation takes place all the time, there are tons of people who want to, and do, run homebrew and Linux on their consoles, same thing with embedded devices. Getting Linux or Doom to run on an embedded device is a rite of passage.
One of the interesting history of the PC was when Microsoft started selling their OS to clone makers. To hear Balmer tell it, it was frighting as IBM was making their PS2 machines more proprietary. They won and IBM os2 lost. I figured android was Google’s MSDos for mobile, but it seems the temptation of ad revenue is too strong (even showing up on windows..)
Linux is the answer though on mobile it’s just starting to be a little competitive.
“Steve Ballmer: We said ooh, IBM's probably not going to like this. This is going to threaten OS 2. Now we told them about it, right away we told them about it, but we still did it. They didn't like it, we told em about it, we told em about it, we offered to licence it to em.
Bill Gates: We always thought the best thing to do is to try and combine IBM promoting the software with us doing the engineering. And so it was only when they broke off communication and decided to go their own way that we thought, okay, we're on our own, and that was definitely very, very scary.”
https://www.pbs.org/nerds/part2.html
That Balmer quote can be read in Trump's voice and it fits perfectly lol.
1 reply →
> It's because each phone SoC is essentially its own bespoke architecture.
Right, but that's a choice from manufacturers, not a requirement of building a mobile platform.
> It will always be cheaper for phone manufacturers to develop bespoke SoCs than it is for them to implement protocols and interfaces that make booting and hardware discovery standardized like they are on the PC.
This... seems suspect? I'm not doubting you, but I do wonder if it's a question of robbing Peter to pay Paul; perhaps it is cheaper to design a bespoke chip than it is to develop a standard for it, but over the course of many generations the benefits of standardizing would kick in?
I do know that RISC-V can support UEFI, so perhaps that's where we need to look to see how developments work out in the long run.
> Right, but that's a choice from manufacturers, not a requirement of building a mobile platform.
Yup, it's a cost thing.
Standardizing busses, protocols, discovery etc is costly, it adds a cost to every SoC, just wiring up components on PCBs is quick, cheap and takes up less space. All three are important in mobile.
The reason you'd implement the standards is for interoperability, which is not what mobile devices are going for. You're getting the OS the manufacturer chooses and that's it, the hardware doesn't have to support anything else.
Standards are also a commitment, and that commitment can be a cost in the future. It's not free for PCs to support all of the legacy hardware they do, for example. A lot of work goes into that.
The reason I bring up ARM servers and PCs is because both have a long legacy of standardization, and to be a real player in either space, you need to meet those expected standards, which ARM ISAs have. Mobile has no such legacy. If PCs had no such legacy, I think we'd see the same issues mobile does today (which we kind of already do on tablets, Chromebooks, etc).
> It is interesting though how this same conversation doesn't exist in the same way in other areas of computing like video game consoles or other embedded computing devices ...
Well that is the consumers choice. A friend who has no desire to mess with computers and said hands down he will spend money on a console any day of the week because all he . He has a desktop and a laptop but rarely games on them.
Me, I don't buy game consoles because it kills me to own a powerful compute device that is crippled by the manufacturer to only run certain blessed software. No thanks. I prefer to game on open platforms like my Linux PC running open source games (e.g. gzdoom), DOSbox, Steam games and so on.
> The fact that mobile phones aren't yet just a standard type of portable computer with an open-ish harware/driver ecosystem that anybody can just make an OS for
Such phones exist:
https://en.wikipedia.org/wiki/Librem_5
https://en.wikipedia.org/wiki/Librem_5
> criminally cheap and powerful, open phone ecosystem.
It wouldn't, you need drivers for your modem, gpu, gps etc. It's encumbered with patents and "prohibited" software circumvention techniques, you're right about one thing it would be regarded as criminally offensive by our current legal system.
Speaking of android, if iOS had jailbreaking, maybe we need a bigger prisonbreaking from Google
Did you hear about Pinephone?
>It is interesting though how this same conversation doesn't exist in the same way in other areas of computing like video game consoles or other embedded computing devices where the controls against arbitrary applications is even stronger.
Far less technical people from my perspective
Not fun if you work I.T. whatever you role is
I don't know - the iPhone came with some "bundled" native apps like Safari and Mail - and webapp support. Apple later changed this - but in some ways the iPhone 1 was more open - in the sense that all third party apps were just webapps.
> Why hasn't the kind of ferver that created Linux driven engineers to fix their phones? Is Android and iOS just good enough to keep us complacent and trapped forever?
I obviously can't speak for all "Linux driven engineers", but only about myself, as someone who's daily driven linux for a long time and who enjoys tinkering with computers.
I consider phones in the same category as a gaming console: a "single purpose" device.
I find they're not practical for much more than mindless scrolling and the occasional text (and even that's a pain, to the point I usually do it from my computer). I just hate staring at a tiny screen and obscuring half of it with my hand when I need to interact with it.
I'm all for geeking out on things, and love to tinker. But the phones are simply not attractive to me. I used to have Android phones with custom roms, but that was only because samsung had atrocious support for older devices. My current iphone is supported until it can't be used anymore and does everything I need.
Whenever I get the itch to tinker, I'll do it on a computer with a full keyboard and big screen.
> Is Android and iOS just good enough to keep us complacent and trapped forever?
I think they are, especially since us "linux driven engineers" are a tiny fraction of the market. Basically nobody but us cares about these things. Just like almost nobody wants a small phone, or thick phone. Even with regular computers, most people didn't tinker, they would just install a few programs, which would have been on an hypothetical app store anyway.
> I can't help but think there might be some effect here that's locking us all in similar to how the U.S. healthcare system can't seem to shake for profit insurance.
Yeah. It's called capitalism, where the reasoning behind everything is "How can businesses make a profit?". And in the U.S., it's also, if the business doesn't make a profit I'll starve.
> It is interesting though how this same conversation doesn't exist in the same way in other areas of computing like video game consoles or other embedded computing devices ...
Well that is the consumers choice. I have a friend who is a hard core gamer and said hands down he will buy a console any day of the week because all he wants to do is play a game. He doesn't want to deal with Windows updates (or god forbid, fiddling with Linux), driver issues, things suddenly not working, and so on.
Personally, I don't buy video game consoles because it kills me to own a powerful compute device that is hamstrung by the manufacturer to only run blessed software. No thanks. I game on open platforms like my Linux PC running open source games like gzdoom, classics on DOSbox, emulators for classic consoles/arcades, Steam games and so on. And I can run whatever I damn well please.