Comment by purplehat_
21 hours ago
I really don't understand the argument here. That the product is locked down by design is a feature, not a limitation.
Yes, this has the side effect of making them more money and allowing a walled garden to form, but given that the vast majority of users wouldn't do anything different with their phones if a shell was present, this is in my opinion not that large of an effect.
The snide around "clicking on links is dangerous" and locking down the bootloader is unwarranted, because for most people a phone is not a toy (or at least, not just a toy) - it has their communications history, their bank information, their passwords, any many more. And it's really easy to steal people's phones on the subway. This isn't about freedom of computing, this is about the fact that an iPhone in BFU is nearly as secure as a GrapheneOS phone.
There are many problems with Apple software. It's buggy, uses proprietary formats that you can't export, and interoperable with open standards. It's bad, and is the primary reason why I won't buy another iPhone, but Macs have that same problem. On the other hand, being cryptographically locked-down is an optional feature. If you don't like it, buy a computer without that feature. It's harmful to us, to tinkerers and people who want to see how things work, but the average person does not care at all and just wants to be able to open LOVE-LETTER-FOR-YOU.TXT.vbs without having their 401k get drained.
>On the other hand, being cryptographically locked-down is an optional feature. If you don't like it, buy a computer without that feature.
But that's the thing, where can I buy a phone without a locked-down operating system? GrapheneOS on a Google Pixel is basically the only option right now, and this still has problems thanks to hardware attestation in a lot of apps that the ecosystem forces us to use.
This is largely because Apple has dictated the direction of smartphones for the past two decades. All of our expectations for control over our phones are completely out of whack compared to other computers.
Somehow we managed to survive without the majority of society being scammed out of their life savings before Apple came in with the iPhone and locked down iOS, and yet now people are earnestly defending the notion that 90% of people should not even have access to the filesystem on their own device.
> All of our expectations for control over our phones are completely out of whack compared to other computers.
I would, sadly, challenge this. If anything, our desktops and laptops are the exception now. Phones, TVs, game consoles, set top boxes, cars, Amazon echos, ebook readers, tablets, security cameras, autonomous devices like vacuum cleaners — when I think of the myriad devices we interact with that have a computer in them, they are all as stringently locked down as possible.
> hardware attestation in a lot of apps that the ecosystem forces us to use
Only a tiny amount of apps force you into hardware attestation, and these are mostly around banking, mobile payments and the like. So just use a separate, locked down device for those (where the anti-fraud protection of a locked-down system can be a benefit) and your more open day-to-day device for mostly everything else. A hidden advantage is that the dedicated device for secure uses is not something that you're forced to carry with you; you can leave it in a secure place instead.
>Only a tiny amount of apps force you into hardware attestation
Luckily this is still true, but I'm not confident that it will stay this way. For a few examples, I've been unable to use my phone as a metro card in my city because even though it goes through the metro's app, the app redirects back to google pay. Google's own Waymo app won't work without stock OS even though all it does is call robotaxis.
>these are mostly around banking, mobile payments and the like. So just use a separate, locked down device for those
I don't think this is a very reasonable suggestion, carrying around a second phone that I use at most a couple of times a day is inconvenient and expensive. Half of the point of these is convenience and this would defeat the purpose.
The broader point is that our standards for phones are so different from everything else. I also carry around a credit card which requires no authorization to use, not to mention cash. I can have just as much personal data on my laptop if not more, so why does it have to be this way just for phones?
6 replies →
> Only a tiny amount of apps force you into hardware attestation, and these are mostly around banking, mobile payments and the like.
I.e. the only ones that make the phone critical to daily lives of most poeple. Don't forget to add government applications, multimedia applications (DRM) and communications too.
And that's only going get worse, because every app seems to think they're most important. We're in the middle of the phase where every app tries to force strong MFA on users, despite most apps having no fucking business having this level of security. Banks are actually lagging behind toilet paper roll simulator apps nad stores selling hats for pets and such.
Wait when they're done that, leveraging attestation APIs will be next.
>Only a tiny amount of apps force you into hardware attestation
Or basically anything to do with work, even if it's just clocking in and out or 2-factor verifying for login purposes.
And what gives you the confidence that the amount of apos will stay tiny?
>Somehow we managed to survive without the majority of society being scammed out of their life savings before Apple came in with the iPhone and locked down iOS
What on earth are you talking about? People have been getting scammed since the days of AOL! What an insane perspective. It's not about total money lost from scams. It's about the amount of impact it has on the individuals who get scammed. What's the problem with Russian roulette after all? Most people playing Russian Roulette are absolutely fine! The point is that the damage done to the few people who get scammed is so high, we ought to care about their lives too. At the end of the day, it might end up being us... it probably won't, but it might.
Yes, monopolistic network effects are a problem, but that can be handled with regulation.
We don't save few people suffering high damage from losing a round of Russian Roulette by restricting ability to roll D6, because of then harm a bad roll can do when in form of a barrel of a loaded revolver. Also "only criminals need random number generators".
Yes that's how we're treating end user computing.
> because for most people a phone is not a toy (or at least, not just a toy) - it has their communications history, their bank information, their passwords, any many more. And it's really easy to steal people's phones on the subway. This isn't about freedom of computing, this is about the fact that an iPhone in BFU is nearly as secure as a GrapheneOS phone.
If that were the entire reason, the straight-forward thing would be to give the user tools to secure the phone, such as setting a password and encrypting data based on that password.
It wouldn't make sense to spent enormous amounts of resources to "secure" the phone against its own user, yet that is what they do.
I think a more honest explanation is that they aren't just securing their own corporate power, but also the power and business models of all kinds of app developers - this way, developers can sell trivial UI improvements as "premium features" or even put in deliberate anti-features and the user can't do anything about it.
Games can put in loot boxes and microtransactions, YouTube can declare that keeping a song playing and putting the phone away is a premium feature and movie rightsholders can decide the exact circumstances under which a movie may be watched.
That's all before the ubiquitous tracking and data collection.
Everyone wins, except the user...
> and just wants to be able to open LOVE-LETTER-FOR-YOU.TXT.vbs without having their 401k get drained.
So do I, even if I'm a tinkerer. That's what sane permission settings and - if you like - a locked bootloader are for. What you don't need for that is to restrict the owner from unlocking the bootloader.
I understood this stance more 10 years ago, but now we have many layers of fairly well documented exploit tactics and none of them rely on the app store. However forcing users to use an app store was supposed to benefit us has clearly failed.
And, somehow, the indignity of being forced into paying apple a 30% tax for a market they wholly own never comes up alongside other paternalistic arguments....
Can you elaborate on "fairly well documented exploit tactics"? My impression is that most of these are either social engineering, for which we need to hire better designers, or complicated chains of hard-to-find primitives only accessible to state actors.
There's definitely problems but the solution isn't to make the iPhone a general purpose computer. We definitely need to defend the existence of general purpose computing at a time where regulation is likely to begin encroaching on it, but the promise of the App Store is "pay a 30% tax and any app you download here will be safe." In my mind, at least, that's the promise, and perhaps one solution to the situation would be to erect consequences to breaking that promise.
It came out in the Epic trial that 90% of App Stors revenue comes from shitty pay to win games and loot boxes - cry me a river for them.
Most of the other revenue that companies make from mobile are using the app as a front end to services where payments never go through the App Store
> the promise of the App Store is "pay a 30% tax and any app you download here will be safe."
Apple, who revealed in court that they enjoy a 75% profit margin on that fee, is being sued for that promise being false advertising on account of the crypto scams they keep approving.
https://9to5mac.com/2025/06/19/class-action-suit-app-store-c...
Stemming from the case where Apple revealed their 75% profit margin on these fees, Apple was referred for criminal investigation for illegally forcing everyone to pay that fee violating a court order to ensure they get it and then lying to a judge about it.
https://daringfireball.net/2025/04/gonzales_rogers_apple_app...
They are also being questioned in the EU to ascertain whether they are doing enough to stop the proliferation of scams on the App Store.
https://9to5mac.com/2025/09/23/apple-under-legal-scrutiny-in...
They are even facing a RICO case for their role distributing and profiting from illegal gambling apps.
https://readwrite.com/apple-google-rico-lawsuit-sweepstakes-...
A 30% tax and no freedom to install what you want better come with protection from state actors lmaooo. Otherwise what could be worth such a heavy-handed (and under a rational state, illegal) method?
Especially when the app store is nos filled with gambling apps and social media built to exploit children....
I still remember the era when jailbreaking Android and iPhones was gaining popularity among less technical people. It was eye opening to watch how many people I knew would search for a random web page and then unquestioningly follow instructions on the screen to install software from the first link they clicked.
All of this to get custom fonts in their messaging app or some other little feature they saw on someone’s phone.
I started getting a lot of requests for help from people who had broken key functions on their phones or even bricked them entirely.
Even today there’s a culture of downloading Android builds from long forum threads on XDA developers and other forums and hoping they’re not compromised.
> All of this to get custom fonts in their messaging app or some other little feature they saw on someone’s phone.
Yes, and this is normal and right. They're expressing curiosity, and in the process also actually exercising ownership of their devices.
It's how most of us here learned computers, too.
The only problem in this picture, really, is that we've allowed - or even helped - software and platform vendors to disempower regular users so much that "to get custom fonts in their messaging app" they need to do something high-risk.
Most of what regular people try to do is like this anyway - something that should be a basic functionality, that used to be basic functionality, but has been taken away from users for their "safety" or because "sekhurity" or such.
> Even today there’s a culture of downloading Android builds from long forum threads on XDA developers
I did that this month. I wouldn't do that for a device I use for anything sensitive, but I have a niche use case for my old Nexus 5, and it needed to be running at least Android 8.
The Linux community settled very quickly on the model of a Linux distribution, distributed via FTP, as a safe place to acquire on OS. Some got very popular.
Is there anything like that in the Android world? I'd love an alternative Android distro the supports writing notes with the S-Pen from the lockscreen. Where does one find such a thing?
There are AOSP-based distros like grapheneOS and calyxOS with various "app stores" like fdroid that behave similar to package managers on linux. There are also just run-linux-on-your-smartphone distros like postmarketOS. I doubt stylus integration is good in either.
> That the product is locked down by design is a feature, not a limitation.
And why should the entity locking down the design be the same entity as the one selling it? Is that a feature too?
You can't imagine a world where people can install different services by different providers to protect their devices? And have some actual competition? And therefore choice?
We almost had that with the browser wars, when Microsoft was forced to have customers choose which browser they wanted when they got a computer. Operating system choice was already lost to Windows, but at least browser, they were forced by EU directive to let the customer choose which one they wanted. Then the game changed, and now it's basically Google or Apple for your smartphone, with a tiny bit of competition that doesn't really count. If the EU really had guts, they'd say that computing devices must let the user install a OS of their choice, at their risk, and businesses would be able to just sell phones, with the option of GrapheneOS alongside Android and iOS or Windows Mobile or FirefoxOS or WebOS. We didn't get that future, unfortunately.
We really need to have a "no-tether law" that says that the consumer should be able to break all ties with the vendor and still be able to use the device as advertised.
Otherwise, you bought a service, not a product.
If you make a bootloader unlock require a full wipe/rekey of the device, and make unlock status visible at boot, most of the "someone might unlock my bootloader maliciously" concerns go away.
Right, but unless you prevent apps from being able to query for this status, the market will still force people into locked phones, because "sekhurity" isn't about actual security, but checking boxes and control.
Fairphone actually does this. My FP3+ displays a red bar with an open padlock as long as the bootloader is unlocked, and when one changes the bootloader lock one way or the other, the phone wipes itself.
Fair point, but that solution doesn't address the market for theft, so there's a tradeoff there.
If you put the icloud-lockout stuff early enough in the boot chain (which I believe is the case on apple silicon macs already?), that seems like a solvable problem too. I can understand why apple hasn't put the engineering effort into making something like this happen, but I don't think it's because they can't make it happen.
And it is not stopping people from steal IPhones as they can resell parts as usual.
2 replies →
I understand this for a user’s primary phone, and agree to a large extent.
However, the article touches on ideas like using an old phone as a server. It would be nice if on first boot a user could choose if the device will be a phone or a generic device. This way, when I decide to upgrade my phone, my old would could be reset and then setup with macOS to use for wherever I want. The alternatives are to sell it, recycle it, use it as an overpowered iPod touch, or throw it in a drawer for 10 years.
> Apple software. It's buggy, uses proprietary formats that you can't export
Buggy sure, but proprietary formats? Calendar entries can be imported or exported as iCalendar .ics (RFC 5545), contacts as vCard .vcf (RFC 6350), photos as .jpeg or .heif (ISO/IEC 23008-12), books use the open .epub (ISO/IEC TS 30135), iTunes dropped DRM for purchased files in 2016 and uses mp4 (ISO/IEC 14496-14:2020) (though not sure what Apple Music streaming uses). TextEdit uses .rtf (a closed Microsoft format), and Pages, Numbers, Keynote use their own formats (as other office software does), but they import and export to many common formats. Notes imports and exports markdown (and you can always print/export as pdf).
What are the "proprietary formats that you can't export"?
ETA: Oh, Messages, yeah. To export those, you have to copy/paste a conversation, or use a 3rd party app, fair enough.
iMessage lives as a sqlite db at ~/Library/Messages/chat.db , I wouldn't call a sqlite db proprietary per say.
All good points. But what would be really useful and easy is allowing the iPhone to be used as a full-fledged computer on a file system completely distinct from that used to run the phone. Then my laptop is just peripherals connected to my phone.
Also phones are network devices on a carrier network. A long time ago, people didn’t even own their own phones. Their landlines were property of the phone company.
Apple achieved what was nearly impossible by getting iPhone capabilities on a carrier’s network. (They did another impossible feat with the iTunes Store and selling tracks for 0.99)
iPhone capabilities caught up to most people’s computing needs but at the core these are still devices that need to be approved to run on a carrier’s network with basic service contracts. So they are locked down.
Phone networks have always been crusty legacy things when you look at it from a modern computing lens
You can buy a cellular data plan for your laptop. Just plug in a 5g radio to your usb port or in some laptops you can even install it internally in a dedicated pcie slot.
Carrier approval is not the reason phones are locked down. If it were then rooting android devices wouldn’t be possible.
Problem is a lot of apps require a locked-down device. You can't use a phone that isn't locked down in most of the world. And it will spread to PCs eventually.
"locked down by default"
This is not an honest portrayal of iOS. iOS is locked down period. "By default" makes it seem like there's a choice involved anywhere, and there isn't.
I like iPhones because they are a little bit restricted.
But let’s be real here. They should have unified everything 5 years ago. Your phone should plugin to a screen and be a “netbook” level device and anything 13 inches and up should be running MacOS. The iPad should have a real affordable keyboard.
These limitations are no longer designed to make the product better.
I moved to a beach town and found out the tides app only exists on my Apple Watch. I went through 10 iOS apps that didn’t work properly or wanted me to pay subscription before giving up. I just don’t understand… do they not use their own products or something?
It does have a “real affordable keyboard” - any BT keyboard and mouse. My wife uses both that came from Amazon for $30 bucks each
If it was easy I would expect 5-10% if people would probably do it, much like alternate desktop installs
This would mean millions of devices
You mention Graphene is more secure so what exactly am I gaining from not being able to install it other than my phone being trash once it's out of support
> That the product is locked down by design is a feature, not a limitation.
> Yes, this has the side effect of making them more money and allowing a walled garden to form
Come on now. This is so naive. Why not lock your computer down too? If its so proconsumerist
And yet, try getting a full backup of your Google phone onto your own computer. (Without rooting/wiping the whole thing.) Heck, try getting just your text messages off (without a separate app)!
You can't. (Last time I checked.) The backup is encrypted in the cloud, and the only way to download it is to restore it to a phone.
Whereas I can just plug in my iPhone and get a full backup, complete with sqlite manifest, completely accessible. Text messages, photo library, everything.
Google takeout. Done, nice try though to make some totally irrelevant comparison to excuse apple behavior.
Does that include all the local storage from my apps now?
Can you restore it to your phone?
Oh please:
> Yes, this has the side effect of making them more money and allowing a walled garden to form [...]
I think you've mixed up 'side effect' with 'primary motivation'.
So exactly what “proprietary standard” does Apple use as far as media, files, connectors etc?
It’s only about the right to use your device as you see fit.
It is kind of silly that people buy raspberry pis to run their NAS, while they trash ther infinitely more capable iphone every couple of years.
The iPhone is designed to be a good smartphone, not a good NAS. It is silly to expect anyone to compromise the design of a mass market product to support some esoteric MacGyvering entirely unrelated to the original product.
Should we all expect Toyota to design their ECUs to be used as a NAS?
It's not about "design", because the iPhone is perfectly capable of running arbitrary code, it just refuses to do so if you're not Apple.
The situation is such that the legal owner of the device has less power over it, post-sale, than the company that made it.
That reason alone, the imbalance of power, should be enough to support abolishing those restrictions, preferably by law.
To be clear: this is something that should be beyond market forces, and it should apply to anything that is sold to consumers and can run code. The end goal should be that no user remain less powerful, in terms of code execution and access to content, than the manufacturer.
A NAS is just an example, here's a better one; I love to use my old phones as wall mounted displays and controls for home assistant, or as remote music players plugged in to some speakers that I can hook into in music assistant. Some of my old phones are more than capable of this hardware wise but are locked to older versions of android and can't run anything built for a newer version, so they end up as ewaste intstead.
I think my next phone is going to be a fairphone or something for this reason.
1 reply →
Of course Apple doesn’t want people to use their device in a way that’s not how they designed it. They’re very anal about the user experience, they don’t want kids to install ArchLinux on their grandparents iPhones, and have the grandparents complain that their phone is shit. I get that.
Conveniently, the way they designed the phone allows them to charge 30% of every transaction that happens on the device…
But that’s beyond the point. The point is that the iphone is a capable device, that probably can run macos, and it’s a waste that we’re not allowed to.
If you steal someones phone on the subway its not going to be BFU.
Reading your comment made me segfault a little.
You don't understand the argument of why people might want to install their own OS on a device they own. And then say you won't buy another iPhone because you don't like their software... It sounds like you _do_ understand the argument.
I greatly dislike Apple software, but I think their hardware is quite nice. I would buy apple hardware if it wasn't handy-caped by their OS.
It used to be said that Apple was a hardware company that happens to make an OS. This argument never made sense to me, because while they make good hardware they very clearly don't want people to use it.
> The snide around "clicking on links is dangerous" and locking down the bootloader is unwarranted, because for most people a phone is not a toy (or at least, not just a toy) - it has their communications history, their bank information, their passwords, any many more.
And so is their god damn computer!
The ONLY reason why we treat phones differently from computers has no relationship at all with what's at stake, it's purely because Apple felt they could get away with it for phone, while they estimated that people would stop buying macs right away if they did the same thing for computers. It's literally that simple.
> That the product is locked down by design is a feature, not a limitation.
I would say most people in tech who aren't interested in fiddling with their phones have no issue with this either and frankly intentionally prefer more locked down options, all things considered.
It's fine to criticize abusive practices that companies engage in, but I tire of the narrow-mindedness of some people who measure everything according to their personal interests. Like, expand your mind, man.
do you like the boot's taste?
[dead]