← Back to context

Comment by AJRF

9 hours ago

I don't know how large a group who will do this is - but if the UK bans VPNs I can see Graphene having a very large target on its back.

  - Buy Pixel, Get Graphene
  - Use FDroid, don't sign up for Google Play, download Tor browser
  - Censorship resistant access to the internet without handing over your ID.

Pixel being a fairly popular phone in the UK is the interesting bit - if you had to buy some niche device I couldn't see it hitting more than a few hundred people doing it, but there are likely 100k pixels in the UK, and it's still possible to buy one and put Graphene on it.

The squeeze on the free internet happened so quick by the UK (well it took years of indifference and a failure to enshrine protections - but once they started moving the did so super fast)

Realistically we're speed running ID being tied to internet usage - create your escape hatch while you can!

39 comments

AJRF

Reply
leoedin  9 hours ago

There must be 10s of millions of x86 PCs with unlocked bioses in the UK. The issue won't be running an open device. The problem is software - what does someone running Linux do if the government mandates online services require proprietary attestation APIs?

It's scary how quickly the banning is moving. The problem is what happens next. When they realise that banning things doesn't really work. The next logical step is severely limiting internet traffic.

  • lifty  8 hours ago

    The first wave will be to mandate ID verification for online services. Some people will then start using p2p services, so the next step is to ban devices that can run non-approved software. Probably having your own VPS running your own software will also not be allowed. And like that, all the avenues for escaping control will be closed… for your safety, of course.

  • torginus  8 hours ago

    I think a lot of them already do, considering you can do things like digitally sign legally binding contracts.

  • jasonvorhe  9 hours ago

    Don't use those services. You're not gonna miss most of the crap after a few weeks anyways. Everything else is consent.

  • rjsw  9 hours ago

    Am currently trying to open a business bank account in the UK, several banks require running a proprietary ID validation app.

  • altairprime  9 hours ago

    > what does someone running Linux do if the government mandates online services require proprietary attestation APIs?

    One dual-boots to a reputable Linux vendor’s signed/sealed OS image with secure boot enabled in BIOS, so that the attestations are valid; financially supports said vendor; contacts them quarterly with check-ins on the status of their lockdown+attestation roadmap and uses professional journalism approaches to highlight their (in/)action; and, contacts one’s relevant governing body to petition for the addition of that vendor’s signed/sealed product line to be added to the authorized signatures list by both government-sponsored apps and to the verification platforms of the competing vendors (in order to balance the necessities of attestations with an appropriate degree of anti-monopolistic protections for consumers).

    > It's scary how quickly the banning is moving. The problem is what happens next. When they realise that banning things doesn't really work

    This confidence that ‘attestation doesn’t really work’ is the same sort of confidence that lead the Linux user community to largely scoff at, and ignore, attestation’s threat from when it was ballistically launched three decades ago towards the future. Options are now very limited for stopping it, and largely reduced to ‘getting some Linux into the approval list’. Severe compromises in user freedom will be required for the signed+sealed distro images to receive government approvals.

    Imagine if Linux were an app on a video game console and you start to see the outcome: it’s a perfectly great working environment into which all of /usr/local and /opt and /home are writable, but the lockdown prevents you from modifying the OS in any way that could defeat the attestation protections. Apps you install into /opt can only access their own /opt/prefix, apps you install into /usr/local can access $HOME. The apps you install can choose to write session data (such as digital age verification certificates) to a system-protected /data store keyed first by the kernel’s signature, and second by the vendor signature the kernel reads from the app; with the understanding that an attestation latch-forward after an exploit patch will wipe that store, and that dual-booting to a different vendor will suspend access to sessions stored by that vendor.

    This is, to climb on my hobby horse for a moment, why I continue to believe that Valve will be the first Linux vendor to receive government attestation approval alongside Apple / Google / Microsoft have previously across the desktop and mobile spaces. I’d really prefer that to be Graphene, Ubuntu, and Valve — but Graphene’s customer base is hostile to this, Ubuntu doesn’t have any incentive to care, and of the Linux vendors out there, Valve has a decade-long head start on the need for a locked-down and attested platform for business reasons. All of the above falls out naturally from considering how to defend one app from another on Android, iOS, Steam Deck, and Xbox. So far as I can tell today, though, Linux intends to be left out in the cold on all this. Oh well.

    • m3galinux  7 hours ago

      Linux intends to be left out of all this attestation garbage because it completely undermines the point of fully owning and controlling your own devices. I don't want or need to ask permission before I run a program - not from random megacorporations, and ESPECIALLY not from any of the various governments. If some third party service wants to make sure I'm not doing anything nefarious, they should do it at the border of their servers and the services they offer.

      2 replies →

    • dmantis  8 hours ago

      >signed/sealed OS image

      This way we will just have unremovable age verification, spyware, online accounts to use the os, name another bs from other vendors. What's the point of Linux then? The moment big corps and the state can seal spyware into your computer, they'll happily do it.

      I'd rather have a separate burn device with whatever os for state services which lives in a faraday cage most of the time and have a proper OS I control on the main device than give somebody control over it.

      4 replies →

    • doublerabbit  8 hours ago

      I would never ever trust Linux from a vendor. If it's not installed by myself, I refuse to use it.

      When you accept government gift in approval consider it tapped. At any point they can return to the vendor and go "install this". No? Okay bye to your certification.

      Call me paranoid.

      3 replies →

spogbiper  9 hours ago

https://www.androidauthority.com/google-pixel-organized-crim...

“Every time we see a Google Pixel, we suspect it might belong to a drug dealer,” said a police official leading the anti-drug operation in Catalonia.."

Seems like some countries/areas are already targeting the Pixel (really its because of GrapheneOS)

  • HybridStatAnim8  8 hours ago

    It is far more likely that it is due to scams and grifts that pretend to be GrapheneOS, associated with GrapheneOS, or based on GrapheneOS, rather than GrapheneOS itself. Criminals tend to be not that bright.

RickS  9 hours ago

I regret not signing up for Discord when they first introduced facial recognition and middle schoolers were trivially spoofing their ID checks with meme pics.

There's really something to be said for greedily signing up for most things and trying to get grandfathered before the zipcuffs tighten.

IRL, though, fuck this. Home depot added flock cams and broad facial recognition, grocery store installed turnstiles, haven't stepped foot in either since. I'm just dropping out of the IRL retail economy left and right.

  • frollogaston  1 hour ago

    I was super greedy. I have like 10 Gmails, 2 Discords, and 3 Facebooks, not counting the ones I forgot about. One unused Twitter account; nowadays any new one gets scrutinized so hard that you can get banned as a "bot" before even touching it.

LightBug1  9 hours ago

Who said the UK is going to ban VPN?

Genuine question. That's news to me and I'm here.