Comment by why_at
21 hours ago
>On the other hand, being cryptographically locked-down is an optional feature. If you don't like it, buy a computer without that feature.
But that's the thing, where can I buy a phone without a locked-down operating system? GrapheneOS on a Google Pixel is basically the only option right now, and this still has problems thanks to hardware attestation in a lot of apps that the ecosystem forces us to use.
This is largely because Apple has dictated the direction of smartphones for the past two decades. All of our expectations for control over our phones are completely out of whack compared to other computers.
Somehow we managed to survive without the majority of society being scammed out of their life savings before Apple came in with the iPhone and locked down iOS, and yet now people are earnestly defending the notion that 90% of people should not even have access to the filesystem on their own device.
> All of our expectations for control over our phones are completely out of whack compared to other computers.
I would, sadly, challenge this. If anything, our desktops and laptops are the exception now. Phones, TVs, game consoles, set top boxes, cars, Amazon echos, ebook readers, tablets, security cameras, autonomous devices like vacuum cleaners — when I think of the myriad devices we interact with that have a computer in them, they are all as stringently locked down as possible.
> hardware attestation in a lot of apps that the ecosystem forces us to use
Only a tiny amount of apps force you into hardware attestation, and these are mostly around banking, mobile payments and the like. So just use a separate, locked down device for those (where the anti-fraud protection of a locked-down system can be a benefit) and your more open day-to-day device for mostly everything else. A hidden advantage is that the dedicated device for secure uses is not something that you're forced to carry with you; you can leave it in a secure place instead.
>Only a tiny amount of apps force you into hardware attestation
Luckily this is still true, but I'm not confident that it will stay this way. For a few examples, I've been unable to use my phone as a metro card in my city because even though it goes through the metro's app, the app redirects back to google pay. Google's own Waymo app won't work without stock OS even though all it does is call robotaxis.
>these are mostly around banking, mobile payments and the like. So just use a separate, locked down device for those
I don't think this is a very reasonable suggestion, carrying around a second phone that I use at most a couple of times a day is inconvenient and expensive. Half of the point of these is convenience and this would defeat the purpose.
The broader point is that our standards for phones are so different from everything else. I also carry around a credit card which requires no authorization to use, not to mention cash. I can have just as much personal data on my laptop if not more, so why does it have to be this way just for phones?
A smart phone's primary function is to initiate and receive phone calls, or arguably 1/3 of it's primary function if the metric is the Jobs iPhone launch presentation, however since "smart phone" and "iPhone" have "phone" in their names I'm going to argue its their primary function.
People have come to expect that phones nearly always work, and rely on them for critical communication with loved ones, services like emergency services. When these aren't dependable you don't have a phone but instead a toy.
The case made two decades ago is that running arbitrary software on a phone incurs a risk that malware can compromise the device and alter its dependability. _General purpose computers don't have this historical burden._ Phone and mobile OS makers sell their products with their purposeful limitations made fairly clear. You want a mobile device with different capabilities then seek out am alternate device, it's kinda obvious.
There's always communities of people who attempt to repurpose the products they own for purposes the weren't originally intended, and I would like to see that laws that make that hobby more legitimate and legal. I would love to see 3rd parties able to support these hobbyists, that would be great. But Apple, Google with their hardware partners have no obligation to do so, and justifiable positions for making repurposing non-trivial to do.
Be sure to give apps that behave that way one-star reviews.
I just tested Waymo and my usual solution of Magisk Play Integrity Fix was insufficient, suggesting hardware-backed attestation. This is the kind of crap Microsoft was doing that inspired Google to put "don't be evil" in its mission statement. We all know how that went.
2 replies →
I was able to get Waymo to work on GrapheneOS, but it took some doing, and relies on the GrapheneOS developers hacking around the official Google Play services in some way. Waymo definitely made it more difficult than it needs to be to run this on something other than ordinary Android, and it's unclear if they did so in order to make themselves more money, or simply because doing things the official Google Android way is easier for them and they aren't even thinking about people who are trying to have a less-restricted smartphone OS.
> carrying around a second phone that I use at most a couple of times a day is inconvenient
Guess it depends on the person. As somebody who carries around all sorts of shit all the time, a slim, extra phone is peanuts
> Only a tiny amount of apps force you into hardware attestation, and these are mostly around banking, mobile payments and the like.
I.e. the only ones that make the phone critical to daily lives of most poeple. Don't forget to add government applications, multimedia applications (DRM) and communications too.
And that's only going get worse, because every app seems to think they're most important. We're in the middle of the phase where every app tries to force strong MFA on users, despite most apps having no fucking business having this level of security. Banks are actually lagging behind toilet paper roll simulator apps nad stores selling hats for pets and such.
Wait when they're done that, leveraging attestation APIs will be next.
>Only a tiny amount of apps force you into hardware attestation
Or basically anything to do with work, even if it's just clocking in and out or 2-factor verifying for login purposes.
And what gives you the confidence that the amount of apos will stay tiny?
>Somehow we managed to survive without the majority of society being scammed out of their life savings before Apple came in with the iPhone and locked down iOS
What on earth are you talking about? People have been getting scammed since the days of AOL! What an insane perspective. It's not about total money lost from scams. It's about the amount of impact it has on the individuals who get scammed. What's the problem with Russian roulette after all? Most people playing Russian Roulette are absolutely fine! The point is that the damage done to the few people who get scammed is so high, we ought to care about their lives too. At the end of the day, it might end up being us... it probably won't, but it might.
Yes, monopolistic network effects are a problem, but that can be handled with regulation.
We don't save few people suffering high damage from losing a round of Russian Roulette by restricting ability to roll D6, because of then harm a bad roll can do when in form of a barrel of a loaded revolver. Also "only criminals need random number generators".
Yes that's how we're treating end user computing.