Accepting the risk that other people might misbehave is price of freedom.
Do you want a General Purpose Computer? Or do you want an appliance that is ultimately controlled by someone else, where you have to get permission[1] if you want to use it in any way that wasn't pre-aproved? What are the odds that the things you want to do will continue to be approved when you ask for permission next year? Or ten years from now?
If someone can restrict how you use your device, you then they are de facto the actual owner of the device. Do you want to own the products[2] you buy, or do you want a future where property rights are rare and you have to lease everything?
The War On General Purpose Computing continues, and the people that wish the Turing machine could be stuffed back in its bottle have been wining small but important battles over the last few years. Apple deserves a lot of blame here, as the walled garden was previously limited to stuff like game consoles, but the the big problem has been the many developers that chose shiny tech, promises of easy development, end-user convenience, and short-term profit over the freedom to tinker with products you actually own.
Of course there will be costs and risks. Fighting this trend toward walled gardens, like any war, will probably require certain sacrifices. I suggest paying those costs now, as price of freedom will only increase.
[1] https://www.fourmilab.ch/documents/digital-imprimatur/ (note: this is originally about publication, but the ideas apply similarly to the War On General Purpose Computing. Also, consider when the essay was written; some technology has changed, but the basic idea is still important)
[2] Many products, not just your "phone" (portable computer). Just look at the rush to throw a CPU and 802.11 PHY into absolutely everything. There are many example, but the current attempt by John Deere ( http://ifixit.org/blog/7192/john-deere-mess/ ) to circumvent the "first-sale doctrine" is a perfect example of what is going to happen to most products if we give up ownership.
What general purpose computers (even phones and tablets) do you see going this direction, other than Apple's iOS? My Mac will run anything I want, my Surface will do the same, and my Android tablet has both side-loading and an unlocked bootloader. Hell, even my router is unlocked, and it's from ASUS, not some small open-source oriented manufacturer.
You claim that if we even allow companies to put out products with locked firmware, it will lead to a dystopian future. So when is this slippery slope going to start? The iPhone was released in 2007, and pretty much nothing has become more restrictive since then (especially considering that pretty much all phones were already locked down). The threat of any computers being TPM locked by the manufacturer, let alone all of them died in its cradle. If anything, we're moving in the opposite direction, since Apple now allows sideloading on iOS devices[1].
And what about users who want a phone that is locked down for security purposes? Why shouldn't we be able to choose the phones we want, while those who want sideloading/flashing choose the many options that support that? If either laws or market collusion actually removes this as an option, I'll join the fight. But for right now, it looks like this war on general purpose computing isn't even brewing.
> What general purpose computers (even phones and tablets) do you see going this direction
Windows. Microsoft, as usual, is late to the party, but Win10 is clearly a step towards the walled garden model. It's not there yet, but stuff like their built in app store and removing choice form the user betray the direction MS intends to take Windows.
Intel CPUs. Why do you think there has been a push for SecureBoot and the new SGX instructions? Hardware support is needed if you want to change WinTel boxen form a General Purpose Computer into a locked down appliance. That hardware support now exists in Skylake and later Intel CPUs. Intel even says on their website that the SGX instructions are about creating "trusted" enclaves that software vendors can use that cannot be accessed by someone with physical hardware access.
> So when is this slippery slope going to start?
It started many years ago. Some of us have been warning about these problems for almost twenty years. When we warned that these technologies were coming, we were laughed at because the threat didn't exist yet. When implementations started to show up, we were ignored because nobody was using those tools yet to lock down systems. Now they are slowly starting to turn on, and you've been given yet another warning. Do you intend to wait until the OS is fully locked down? Or do you want to start to fight for your right to run a General Purpose Computer while you s till have the ability to do so?
Today there was even a thread on HN about homebrew having to work around OSX "System Integrity Protection". Sure, you can disable SIP by jumping through a few technical hoops most people won't understand. Are you going to fight back against this trend, or are you going to wait until you cannot disable SIP "for security reasons"?
Just because you've been ignoring these steps doesn't mean they are not happening.
> TPM
The TPM is only key storage and hashing to check the bootstrap chain-of-trust. The TPM never had any "locking" features. Why are you ignoring all the other hardware changes that have happened after the TPM? Active Management Technology (AMT), Software Guard Extensions (SGX), and UEFI SecureBoot have all happened after the TPM.
> And what about users who want a phone that is locked down for security purposes?
You know what would work a lot better? A hardware switch that had to be flipped to install (sudo) software, and had to be flipped back to boot as normal.
> Why shouldn't we be able to choose the phones we want
Of course you have that choice. That doesn't mean it's a smart choice. You're pushing the (incorrect) assumption that security is in conflict with the end user being able to control their own property. Locking your car door does not require giving up your ability to modify the car's engine. There are other ways to provide security. More importantly, the concept of freedom means that some people will do stupid things with that freedom, but we respect their right to make those mistakes. The answer to malware apps isn't removing everybody's right to use the products they buy as they like, but to educate users and write better UIs that help guide novices.
edit: (accidentally clicked submit before I was done)
Show me a way to prevent people from getting viruses and malware that doesn't involve the equivalent of requiring everyone to know how to service the entire engine on their car by themselves.
It doesn't exist. There is no way to prevent evil from happening when your opponent is a sentient actor that can see your defenses.
Also, stop conflating basic computer literacy (which includes common security knowledge) with the knowledge required to "service the entire engine". We expect people to learn how to drive a car safely. This doesn't require learning how to repair the car or other technical knowledge.
This belief that we should keep users ignorant is highly offensive. If there isn't a clean way for someone to learn the basics of how to use use software safely and securely, that is entirely the fault of the software vendors. Unfortunately, instead of addressing these problems (which is probably hard and expensive), it has become fashionable to blame the victim.
My point is that things that are "easy" for the tech elite are not so easy for the general public. People have a hard time figuring out how to (e.g.) "program the VCR" let alone use the computer.
I know that's what you believe, and it's a perception that must change in the tech industry, because it gets in the way of important things like education and it breeds contempt. When you treat people like idiots, they will respond like idiots and learn to hate you because of it.
The "VCR blinking 12:00" problem is a good one, because it is absolutely not caused from a lack of capability. The clock on the VCR is often a very low priority for most people, and while those of us that understand technology think it's a simple thing to set it and move on to other problems, for a lot of people, they estimate that it would require finding the manual, reading it for a while, some trial and error, etc, and they judge it's not worth their time. They have more important things to do. The much easier solution is to either ignore it because they really don't care, or wait until the local nerd stops by and bug them to do it. I would even suggest it's a very good evaluation of opportunity cost.
Now, computer security is very important, but it suffers from a pandemic problem: most people are ignorant (which is not their fault) of just how common security problems are, the cost of failure, and the novel problems that technology has created (e.g. automated attacks that make questions like "am I a target?" irrelevant.
You will never solve those problems by taking people's capabilities away. All you've done is give them a false sense of security, because they trust devices based on an incorrect threat model. Educate them, and they will adjust their behavior. This is significantly less technical than learning how to set a VCR's clock.
As for UI - consider the example I used in another comment: include a hardware switch that must be flipped to allow "sudo"-style access for things like installing software. People understand this (I knew a LOT of non-technical people that regularly used the write-protect switch on 3.5" floppies when they didn't want to erase their homework. Simple metaphors like this, when applied consistently (they shouldn't have to use the switch very often) can help a lot.
You will never solve everything; if you had a truly foolproof way make a safe OS for everybody, I suspect you would have solved the Halting Problem. So use technology to catch the obvious stuff and provide tools for people, educate them well (this will take a few generations), and most people will be safe enough.
What you absolutely shouldn't do is limit everybody in a futile effort to try to make it safe for everybody. This is an impossible task, so you will inevitably end up in a cycle where you remove more and more features, as clever people find ways to abuse them.
Do you want a General Purpose Computer? Or do you want an appliance that is ultimately controlled by someone else, where you have to get permission[1] if you want to use it in any way that wasn't pre-aproved? What are the odds that the things you want to do will continue to be approved when you ask for permission next year? Or ten years from now?
If someone can restrict how you use your device, you then they are de facto the actual owner of the device. Do you want to own the products[2] you buy, or do you want a future where property rights are rare and you have to lease everything?
The War On General Purpose Computing continues, and the people that wish the Turing machine could be stuffed back in its bottle have been wining small but important battles over the last few years. Apple deserves a lot of blame here, as the walled garden was previously limited to stuff like game consoles, but the the big problem has been the many developers that chose shiny tech, promises of easy development, end-user convenience, and short-term profit over the freedom to tinker with products you actually own.
Of course there will be costs and risks. Fighting this trend toward walled gardens, like any war, will probably require certain sacrifices. I suggest paying those costs now, as price of freedom will only increase.
[1] https://www.fourmilab.ch/documents/digital-imprimatur/ (note: this is originally about publication, but the ideas apply similarly to the War On General Purpose Computing. Also, consider when the essay was written; some technology has changed, but the basic idea is still important)
[2] Many products, not just your "phone" (portable computer). Just look at the rush to throw a CPU and 802.11 PHY into absolutely everything. There are many example, but the current attempt by John Deere ( http://ifixit.org/blog/7192/john-deere-mess/ ) to circumvent the "first-sale doctrine" is a perfect example of what is going to happen to most products if we give up ownership.