>" for regaining control over my own PC.
Just yesterday I learned how to Run-As TrustedInstaller, and that let me remove a lot of unwanted bullshit on my windows 10 install."
I understand Linux, Mac, FreeBSD, Magic-Pony-OS is not everyone's cup of tea or they might not be in a position to choose their OS (Work etc)
But DAMN that quote above is really showing me how bad it is out there ! Sure it can/does happen on other OS as well, but I'm betting Windows is the leader in "my-pc-is-not-my-pc-anymore" :/
I've been spending the last 48 hours strongly pondering Linux as a daily driver. If it wasn't for my crippling visual studio addiction, I'd probably be able to swap all my PCs over, with the exception of the one bastard stepchild win10 that I will keep in the closet for when BF2042 is released. Virtualization is another option that I am investigating actively now.
I could even see the path for getting our product off the Windows platform and onto Linux (while still using Microsoft's dotnet toolchain). There are only 2 DLLs keeping us locked to Windows and I have a very solid hypothetical answer for both.
All of this is so depressing because it doesn't have to be this way. A few small changes to the OS (that would incur negligible impact to Microsoft's cashflow or margins) could mean life changing improvements in the user experience.
If profit must be obtained, then Microsoft should consider a "hacker" build of windows that starts as a bare-ass powershell prompt that you have to tack on what you want to use. I'd pay a fucking premium. Microsoft, are you out there? Charge me $1000. I swear I'll pay it if you promise to not shove updates, telemetry, defender or cortana down my throat ever again.
> with the exception of the one bastard stepchild win10 that I will keep in the closet for when BF2042 is released
For what it's worth, all recent Battlefield games run flawlessly through Proton, including multiplayer with anti-cheat, D3D12, and soon (if not already), ray tracing. This includes at least BF:BC2, BF3, BF4, BF1, and BFV. There's no reason to think BF2042 will be any different.
I've found VSCode and dotnet 5/core be amazingly liberating from the the slow bloated mess that is Visual Studio and the old .NET Framework. This is the way it should have always been, but I'm happy we finally got here.
No more need for VS really or any other proprietary bloatware.
First thing I do on new machine is `choco install vscode` then it synces my extensions and I am ready to roll. As extra benefit `code` is usable ASAP in CLI and I can pipe anything to it.
Is LTSC still offered? That was a pretty minimal (though still GUI) install last time I tried it. Also I think it only gets security updates, and only when you initiate the update process.
> Microsoft, are you out there? Charge me $1000. I swear I'll pay it if you promise to not shove updates, telemetry, defender or cortana down my throat ever again.
Count me in too. Give me minimal install then shut up and take my money.
Man i feel your pain ! Was there once myself ! Company-focused Win-products :/ But hte last 10 years I've been lucky no such requirements ! It really is nice :)
My entire team uses VS and I have no problems loading the same projects in vscode and being equally productive (or better). Had to fix few quirks here and there before solution would load but nothing too complicated.
IMO if you expand PC to cover mobile computing, the real tragedy is iPhone. No sideloading, very restrictive app store policies, and no custom OSes at all. At least with a Windows desktop or laptop, you can run Linux or one of the other actually free OSes. Modern MacOS is also pretty unfriendly for developers and power users, but at least Apple is somewhat aligned with users on privacy and security, unlike Microsoft.
> Modern MacOS is also pretty unfriendly for developers and power users.
It has become somewhat unfriendly, but I really appreciate that you can still do whatever you want.
To run self-signed apps, run `sudo spctl --master-disable`
To turn off System Integrity Protection, run `csrutil --disable` from recovery mode.
To modify the root filesystem, do all of the above and run `csrutil authenticated-root disable` from recovery mode.
To disable library validation, do all of the above and run `sudo defaults write /Library/Preferences/com.apple.security.libraryvalidation.plist DisableLibraryValidation -bool true`
To disable AMFI, do all of the above and add the boot argument amfi_get_out_of_my_way=0x1
(Some steps may be a bit different on Apple Silicon Macs, I don't own any so I'm not as familiar.)
---
You now have the same privileges Apple does. You can grant yourself whatever entitlements you like, inject your own code into any process, load your own kernel extensions, or just replace the whole kernel with your custom build of XNU.
I actually think a decent chunk of macOS's perceived "unfriendliness" comes from Mac users being less willing to hack around than users of other OSs. The common refrain in Mac circles seems to be that System Integrity Protection should never be switched off under any circumstances. I agree, if you're a normal user—but if you're not, and the handcuffs are annoying you, just unlock them already. (But do leave everything else in place until such a time as it presents a roadblock.)
Also, method swizzling in Objective-C is fun, try it!
There’s a safer way to run self-signed software on macOS, for anyone that prefers not to do the master disable. First, try to run the program. When it fails, open Settings.app and go to the security section. You’ll find the most recently blocked program name mentioned and an Allow button that will remove the block. Then, you can run the program. You need to do this only once per program.
Right click open. Fail. Right click open again, hit okay, and it will succeed. It remembers your decision. This has been the magic incantation since signing was introduced.
I’m so tired of seeing folks parroting no sideloading on iOS. That’s not been true for a long time. Yes, the conditions of side loading (needs a free developer account, must have app signing refreshed weekly, etc) might not be palatable for your taste (which I’d generally agree), but to say it’s not possible to sideload apps on a stock iOS device is just wrong.
IMO, saying "no side-loading" is as good as correct, and getting technical about it just creates confusion and muddies the waters. Unless you're paying $99 per year for a developer account, what little sideloading Apple offers is completely useless for anything but limited testing. Who wants to reinstall an app they actually use every seven days?
The semi-exception is Altstore, which is a fantastic project... but it's a major hack which sometimes breaks, and which Apple is liable to kill at any time. You also need to keep a server running on a PC or Mac on your wifi network, which isn't workable in a lot of situations.
I mean, my iPhone can run unsandboxed sideloaded apps, because it's jailbroken. But I wouldn't say that Apple allows third-party unsandboxed apps.
I don't see how you can say with a straight face that getting technical just creates confusion and muddled waters when side-loading is already something that mainly technical users do. It just seems like a lazy way to dismiss valid criticism. The vast majority of users don't side-load on their phones or have any interest in learning to do so. Side-loading is already technical.
Those are two different definitions of technical. When you accuse someone of "getting technical", it has a very specific meaning: It means that they're overemphasizing the dictionary definition at the cost of more practical considerations. That's exactly what's happening here, by calling what Apple allows on iPhone "sideloading". Yes, technically, you are able to get an app on your phone without going through the app store. But without a paid developer account, the fact that you have to reinstall weekly is intentionally designed to make that impractical for actual use.
Sideloading is a made up term anyway with a loose meaning. The most common variant of the definition is:
> install apps that were not approved by the OS vendor and/or delivered via said company’s app store
iOS meets every letter of that.
The weekly resigning limitation is explicitly not about blocking code you wrote for your device, but about blocking piracy. That same feature that allows you to sideload an app you wrote, also allows you to take many paid apps and resign it for your device allowing you to skirt payment. I wish Apple would relax the signing for code that could be provably unique, but I’m sure there’s ways that would be exploited still and it would turn into a constant cat and mouse battle which Apple is choosing to not engage in. Does that suck, yes. Does it mean you can’t side load, no.
Long story short, I would not object to anyone who says iOS sideloading was useless without paying (even though that would be wrong in some folks’ eyes), but trying to claim it doesn’t exist when in reality it just doesn’t meet your (or my) needs feels important enough to say to lose karma over if necessary.
Yes, in the same way that tomatoes meet the definition of a fruit. (And before you say "but tomatoes are a fruit"—exactly.†)
I respect your desire to be precise, but the problem is that it makes conversations super difficult. Detailing Apple's convoluted policies every time the topic comes up is tiresome and needlessly derails the conversation.
> I respect your desire to be precise, but the problem is that it makes conversations super difficult.
Respectfully, this isn’t about being precise, it’s about being factually correct. I feel your tomato example is off the mark. A more fair (albeit not precise) analogy would be someone saying “there is no sun in the sky” and someone correcting them by saying “yes there is, it’s just behind that cloud” and then the person arguing back that “only suns that aren’t behind clouds count”.
I built myself a custom calculator 5 years ago for my Android phone. I've reinstalled it once in that time frame, and that only after switching phones. Other than that, it's just there when I need it, with 0 maintenance in 5 years.
Were I to switch to an iPhone, I would have to either list my calculator on the app store (and pay the yearly developer fee) or have to remember every single week to "refresh" my app, otherwise it won't work the next time I need it.
Android has side loading. iOS has the bare minimum concession to allow developers to build something at all, and even that has unnecessary friction built in explicitly so that people don't try to use it to sideload.
> > Yes, the conditions of side loading (needs a free developer account, must have app signing refreshed weekly, etc) might not be palatable for your taste
> have to remember every single week to "refresh" my app, otherwise it won't work the next time I need it
Did I not fully state that up front? Just because it doesn’t work for your needs (or mine for that matter) doesn’t change that my point is 100% correct, to say that sideloading isn’t possible on iOS is fundamentally wrong. Fake imaginary points (aka HN votes) be damned, I’m not going to cave to the Android fanboys. Apple/iOS has many faults, so I don’t get why folks need to focus on something that isn’t factually correct.
First, just to clear this up: I am not an Android fanboy, and not an iOS hater. My wife has an iPhone and an iPad and they are great for her use case, and I have a lot of respect for the consistency of the experience on an iPhone. I reluctantly have an Android phone because it's the only thing out there that meets my needs at the moment, but I'm under no illusions as to its flaws.
On to the question of side loading: technically, Apple does provide a way to load code not from the app store. Some might call that side loading. However, when most people say that they want to be able to side load apps on their phone, they expect that their apps will function as first-class citizens. Apple's version of side loading is more like a very temporary work visa than a grant of citizenship, which makes it structurally different than what is being asked for.
> First, just to clear this up: I am not an Android fanboy, and not an iOS hater.
Just to be clear, wasn’t calling you that specifically. That was expressing a frustration against the general type who responds whenever I jump in to share info on what exists and doesn’t in reality.
In your case, I made exactly your point up front and even stated it didn’t meet my needs personally. AltStore does a decentish job of smoothing along the process, but it’s still too much burden for me. But I feel I am very correct in saying it meets the technical definition of side-loading and even the “common knowledge” definition as long as you acknowledge the caveats, which I do.
So what do I do? Well, as much as I’ve spent on phones, laptops, tablets, cell service, internet service, etc I find adding another $99/year on top is just noise. I’m fortunate enough that my career allows me that option, otherwise I don’t know what I’d do as Android has dealbreaker faults for me (I do own a few Android phones, but none would remotely be my daily driver).
> (Nearly?) All ChromeOS devices use CoreBoot. You really can't get much more open than that.
Last time I looked, it was really hard to install anything other than ChromeOS on Chromebook hardware. You can install a chrooted Linux on them, yes, but on the device itself you can't even execute unsigned binaries.
Impossible? No. Harder than executing an installer with elevated rights? Yes. Plus, they also come with pre-installed software like Google Docs.
> Android is open source and if you don't buy a locked down device from a carrier,
That's quite a big if. Android itself is open source, yes, but >90% of the ecosystem rely on Google Play services, which are anything but. And, when talking about pre-installed apps that the user can't remove without a lot of effort, Android basically invented that.
> the bootloader is unlockable and the system easily rootable.
If you wipe your device and void your warranty. And then install a third-party binary to actually use those rights, while similarly loosing the ability to use quite a few apps (like banking). That is, if the manufacturer makes it that easy (Xiaomi, for example, needs you to sign up and wait for that - it's possible, but anything but frictionless).
> Now, if you were to mention MacOS and iOS... then you definitely would have had a point
I can't talk about MacOS, to be honest. Though, as far as I know, getting a root shell is not hard and running own software is not a problem.
We agree on iOS, but the grandparent talked about PCs - iOS really does not fall into that category (that's why I explicitly mentioned smartphones).
> Your two examples of something more 'not my pc anymore' than Windows aren't exactly good ones.
Windows is not a good example of that. Don't get me wrong, I don't like windows. But it's by far not the worst example of a locked-down, vendor-owned system and it would be even less bad if the administration UX would be simpler.
I mentioned that exclusion in the first comment. I re-emphasized it in the second comment. If we don't limit ourselves to PCs, I raise you my PS1 - could not even play a burned CD without hardware modifications, let alone customize anything. Predates iOS by 13 years.
> Android is open source and if you don't buy a locked down device from a carrier, the bootloader is unlockable and the system easily rootable.
Yes but it's a subpar experience compared to the closed Android.
I use GrapheneOS since about a year, and I can't do much with my phone anymore. I stay on it for the same reason I have Kubuntu on my PC: it's a relief to know it's not Microsoft's / Google's all seeing eye.
If there was never an "old way" of doing things that didn't involve the new TrustedInstaller system, then would we even be thinking twice about these new restrictions? Or would we just see the restrictions as part of the design of the APIs?
Just because they took a part of the system that used to be externally facing and made it internally facing, I don't think that is the same as making "your PC not your PC anymore". If they were blocking administrators from executing arbitrary code or having arbitrary access to I/Os, that would be a different story.
> But DAMN that quote above is really showing me how bad it is out there !
Actually Windows is quite awesome nowdays. I was using mentioned OSes for years during periods of Windows downs, and since Satya Nadella took the leadership I was very happy with Windows (I primarily spend my time in PowerShell, browser, vscode and using dev tools but have different dedicated installations for games, media etc.)
Now with this can't-turn-off-helicopter attitude I am really considering switching to some Linux variant again. Mac is totally out of question due to similar concerns.
I understand Linux, Mac, FreeBSD, Magic-Pony-OS is not everyone's cup of tea or they might not be in a position to choose their OS (Work etc)
But DAMN that quote above is really showing me how bad it is out there ! Sure it can/does happen on other OS as well, but I'm betting Windows is the leader in "my-pc-is-not-my-pc-anymore" :/