Choice 2. Empowered user. The end user is free to CHOOSE to delegate the hardware's approved signing solutions to a third party. Possibly even a third party that is already included in the base firmware such as Microsoft, Apple, OEM, 'Open Source' (sub menu: List of several reputable distros and a choice which might have a big scary message and involved confirmation process to trust the inserted boot media or the URL the user typed in...)
There should also be a reset option, which might involve a jumper or physical key (E.G. clear CMOS) that factory resets any TPM / persistent storage. Yes it'd nuke everything in the enclave but it would release the hardware.
I like the way Chromebooks do things, initially locking down the hardware but allowing you to do whatever if you intentionally know what you're doing (after wiping the device for security reasons). It's a pity that there's all the Google tracking in them that's near impossible to delete (unless you remove Chrome OS).
> I like the way Chromebooks do things, initially locking down the hardware but allowing you to do whatever if you intentionally know what you're doing
Did you hear? Google's not allowing "sideloading" (whitewashing the meaning of installing) third party apps by unknown developers.
I wonder if full device wipe would be the solution to "annoying enough that regular users don't do it even when asked by a scam, but power users can and will definitely use it".
If that comes to pass I hope that one would be able to install a regular firmware with full DRM support / banking app support which only differs by allowing one to install apps freely. I don't think that's the case currently with firmwares that allow root. The security implications are somewhat different (root is more permissive) but I guess that the kind of person that wants to run arbitrary apps also prefer root access (maybe not at the cost of access to everyday apps with bullshit protections however).
I agree, if Google's going to disallow "normal users" from installing apps from unknown sources, I'd like there to be some escape hatch other than the (increasingly blocked) nuclear option of rooting/bootloader unlock.
Consider the possibility of an evil maid type attack before a device is setup for the first time, e.g. running near identical iOS or macOS but with spyware preloaded, or even just adware.
We already have that today. And locked down systems don't prevent it, because you can always exploit some part of the supply chain. A determined actor will always find a path.
Right now you'd need a zero-day bootrom exploit to do something like this - still a possibility for the average high-level intelligence operative, but not the average white collar citizen. The proposal is making such a thing a feature.
Stuxnet did not require a bootrom zero day. Just people's propensity to plug in USB devices out of curiosity.
You don't need the NSA to target someone and replace their device with a malware driven one. Just a porch pirate and your own delivery - two to three years and you're almost guaranteed an attack window.
It's possible to make this detectable, and chromebooks already do.
On a chromebook, if you toggle to developer mode you get a nag screen on early-boot telling you it's in developer mode every time, and if you're not in developer mode you can only boot signed code.
Basically, just bake into device's firmware that "if any non-apple keys have been added, forcibly display 'bootloader not signed by Apple, signed by X'", and if someone sees that on a "new" device, they'll know to run.
With the root of trust and original software wiped, what used to be, say, an iPhone stops being an iPhone. It becomes a generic computer with the same hardware. All the software designed to run on iPhones like the App Store is likely to stop working. You won't fool the user for long.
And this attack is already doable by simply replacing the iPhone with a fake. It won't fool the user for long either, but you get to steal a real iPhone in exchange for a cheap fake.
> Please don’t let me go back to the early days of the internet where my mother had 50 toolbars and malware installed
I removed hundreds of toolbars from my mother/grandmother/anyone computer.
I still prefer that to techno-fascism where it's ok for companies to brick my hardware remotely, to lock me out of all my hardware because I have a picture of my kid in a bath, to read all my messages for whatever reason, to extract value from my personal files, pictures, musical tastes, to not allow me to install an app I bought because it have been removed from the store, to not allow me to install an app my friend created, to not allow me to create an app and sell it myself, to not allow me to not do the action ever but just "Later this week", and so on and so on.
This toolbar thing is a wrong excuse. And it was 90% because Windows was shitty.
Most mothers would have easily downloaded and installed crapware embedded with whatever they downloaded, but most mothers aren't doing to go to "Settings > About > Tap 10 times on OS version > Bootloader > Disable Bootloader protection > "Are you sure because your phone will become insecure ?" > Yes > Fucking yes.
And if they still do it to purposefully install malware, I'm sorry to say they are just stupid and I cannot care less about the toolbars.
- The devices all of society has standardized upon should not be owned by companies after purchase.
- The devices all of society has standardized upon should not have transactions be taxed by the companies that make them, nor have their activities monitored by the companies that make them. (Gaming consoles are very different than devices we use to do banking and read menus at restaurants.)
- The devices all of society has standardized upon should not enforce rules for downstream software apart from heuristic scanning for viruses/abuse and strong security/permissions sandboxing that the user themselves controls.
- The devices all of society has standardized upon should be strictly regulated by governments all around the world to ensure citizens and businesses cannot be strong-armed.
- The devices all of society has standardized upon should be a burden for the limited few companies that gate keep them.
Keep in mind one of these third parties would almost certainly be Meta (because users want their stuff), and that would almost certainly be a privacy downgrade.
Always fun to interact with some internet Thomas Jefferson giving freedom speeches from his mother's basement.
Reality is that people pay a lot of money because they 'trust' Apple (and to a lesser extent Google), but Meta is the sleaziest one of them all. (And I don't use their shit either.) But people want Whatapp and Instagram, and so you are telling them now they have sell-out and go to the "Meta App Store" to talk to their friends. That fucking sucks. And I think you agree with that.
Under such topics there are always comments about each vendor making their own store, yet it didn't happen on Android, where it's currently perfectly possible.
Sorry, I haven't had an Android phone since the original Nexus, so hopefully you can clarify. Could you install some hypothetical 'Meta Store' from the Google Store? Or do you mean more like Meta could just sell their own phone (eg Amazon)?
You can have alternative app stores on Android without any restrictions — the most famous example would be F-Droid which hosts free software. Nothing stops Epic, Meta or any company from also having such a store.
When you ship a certified Android, it has to come pre-installed with the Google Play Store but some vendors like Amazon and Huawei ship an alternative OS with their own stores to replace the Google one. It's not officially Android but can be based on the Android Open Source Project.
Very few companies have chosen to do either and it was usually because they were forced to (Huawei).
And yet you're apparently not losing your mind over Mark Zuckerberg having his products on the web? He's doing everything you claim on the open web - third party trackers embedded on other websites, etc. Do you want to lock down the web?
I think you have a reason for defending Apple. Maybe you love the company, maybe you've got their stock, maybe you've worked for them.
Apple is a trillion dollar behemoth that has distorted the market and removed freedom and choice. They're a menace that needs to be regulated. Period.
I also think Zuckerberg's tracking needs to be regulated, but that's a battle for another day. It's one we haven't so egregiously lost yet.
People don't need Meta. People need smartphones. And smartphones are draconian dictatorships that the government has been too asleep and too lax to regulate.
Guilty as charged. My parents had a Windows laptop and all sorts of evil shit was "sideloaded", and when I started reformatting it, some indian 'microsoft tech support' guy was actually screaming at them through the speakers. This is what happens in your world.
I bought them an iPad (and another) and it's now been almost 15 years with zero tech support calls, zero problems, zero scammers. That is fucking great for me. Money well spent. So yeah, I wish you guys could just buy a free software phone with no ABI and go away to recompile your software. But it is fucking terrible idea on a societal level.
We keep mocking and laughing at the "internet Thomas Jefferson"s of the world but they seem to be getting increasingly prescient about the dystopian world where we are giving bad actors disproportionate control over our lives on the pretext of keeping us or children safer.
I will agree with your point, and will also say a lot of the "bad actors" are actually in the house here. So don't take anything on face value. Hacker news has some straight computer criminals, adware types, cryptobros, dubious startup types, whoever is vibe-coding these crawlers, and etc. So of course they all believe in "maximum freedom" (to scam people).
Their R&D budget is at the expense of a free market that would have delivered the same or better products.
Did you ever see how wild and innovative the Japanese mobile phones were before iPhone monoculture took over?
I want crazy stuff like a smartphone that has the form factor of a Raspberry Pi. Or a smartphone with e-Ink. Crazy new categories of devices.
Sadly, the Apple/Google monopoly has turned smartphones into one of the shittiest, most locked down device categories. It's a death place for innovation.
Nobody is forcing you to buy their products, so they haven’t taken away anything from you.
If you do decide to buy their products, nothing has changed since the day of your purchase, so they haven’t taken away anything from you.
Their “monoculture” didn’t “take hold” - it beat the Japanese offerings through innovation and a better product.
They operate in a free market, their R&D budget is made possible by their market success. If things change in the market (e.g. AI) the market will vote the way it always does.
The market has forced us all to buy Apple or Google. There is not a vibrant field of alternatives, and there is certainly a desert of hobbyist tech.
The market is now so depressed that everyone has to jump through these companies' hoops to participate in the most important computing form factor in the world.
Don't apologize for trillion dollar hyperscalers. They don't need your love, adoration, or apology. They do not care about you at all.
Too much power has accrued to these two and it's being leveraged against all of society and the open market. Competition is supposed to be difficult, ruthless, challenging, and frenetic. I see two companies resting on their laurels that are happy to tax us into the next century while we wear their little straightjackets.
They operate in the illegal duopoly, where you have the "free choice" between a tiny amount of freedom with unlimited telemetry and no freedom with convenience for a big buck.
> Do you honestly believe "a free market" would only produce two alternatives
No. A free market will eventually produce a single monopolistic winner.
If you have ability to buy your competition, and most of people consider it a job and not some religious calling, monopoly is the most logical outcome.
Same way a black hole is the most logical outcome of gravity.
Technically for US residents Apple can throw you in prison for attempting to maintain and use your freedoms, thanks to the anti-circumvention parts of the DMCA.
Any idea on making it so difficult that grandma isn't even able to follow a phisher’s instructions over the phone but yet nearly trivial for anyone who knows what they’re doing?
Sure. You ship the device in open mode, and then doing it is easy. The device supports closed mode (i.e. whatever the currently configured package installation sources are, you can no longer add more), and if you put the device in closed mode, getting it back out requires attaching a debugger to the USB port, a big scary message and confirmation on the phone screen itself, and a full device wipe.
Then you put grandma's device in closed mode and explicitly tell her never to do the scary thing that takes it back out again and call you immediately if anyone asks her to. Or, for someone who is not competent to follow that simple instruction (e.g. small children or senile adults), you make the factory reset require a password and then don't give it to them.
I’m sure I’m missing a problem with the following approach: shipping in _closed_ mode with a sticker on the front notifying the person they should do a factory reset immediately to make sure they can do everything they want to do. During the reset, include a scary message for those who opt in to get to open mode.
Everyone simply goes by defaults so it would only be technical people presumably who would even get into the open mode in the first place. And then require the debugger to leave closed mode like you said.
Edit: this comment worries about solo/asocial/“orphaned” members of our society
The problem with that is the owner has to choose which package sources they want to allow before the device is in closed mode, because after that adding more requires the scary reset, and the vendor of course has the perverse incentive to ship the device in closed mode with only their own store enabled, which has to be prohibited because it's anti-competitive.
Make it an obscure option in the first time setup so all the users that click next next next will end up with the secure mode, while the open mode requires fiddling.
This isn’t a gdpr opt out where both alternatives need to be equally easy. We (as a society) absolutely need the devices to default to the current model when purchased.
> This isn’t a gdpr opt out where both alternatives need to be equally easy. We (as a society) absolutely need the devices to default to the current model when purchased.
I feel like this is completely the opposite. The case for closed devices is that if grandma is senile she can't be trusted to make sound choices and needs a piece of hardware to limit her options, whereas that isn't the case for random chemists and college students and farmers, i.e. the general population.
It's one of the cases where tech people can't see the forest for the trees. The vast majority of people can make reasonable decisions about their own lives, but then if a tiny percentage make mistakes, those are the ones who come to you with problems and then it seems like everyone who comes to you is having problems because only the people having problems come to you.
Then megacorps use that false perception that everyone is incompetent to try to weasel their way in as a middle man taking a thick margin while locking the doors so the average person can't go to the competition, which is the option that needs to be not just preserved but actually used by ordinary people.
And not just because of the margins. Centralizing everything is a skeleton key for authoritarians. If you want to ban a social media app because people are using it to find out about something you want to censor or organize opposition to your administration and having it banned from Google Play and Apple makes it so 99% of people can't use it, you'd win when we need you to lose.
I don't think the centralization and security must be mutually exclusive. So long as the alternative is _also_ secure, it's a win-win. But that's the big problem.
Suppose Apple makes devices and has an app store, but you're not required to use their app store, and then if someone can coerce Apple to censor something, anyone can route around it by using one of the others who can't be coerced, e.g. because they operate in a different jurisdiction. That's not centralized; there is no single party who can serve as a chokepoint for the bad guys to set up their nefarious surveillance/censorship apparatus.
Now suppose that only one company has an app store for a given platform, or the alternatives only exist on paper because there are too many barriers for ordinary people to use something else and then the one store still has 99% market share, or they use their control over the device to exclude apps even if you use a different store. That's still centralized and that type of centralization has to be broken in order to solve the problem.
Fix the phone system so calls must positively identify themselves.
There is no reason anyone purporting to be from a business or the government should be able to place a call without cryptographically proving their identity.
I like that! I’m sure it would take a little bit of time for folks to stop trusting calls from personal numbers where highly-capable social engineers do their best work, but eventually I expect nearly all of us would learn the lesson.
And presumably we could set up notifications so our elderly relatives’ phones would alert us to calls from unverified numbers not in their contact list lasting longer than a minute or two.
Stop gatekeeping actually useful apps. Nobody should never need to see the message to do anything they actually want to do, otherwise it leads to normalization of deviance.
False positives from PC virus scanners are very rare.
Which is crazy, since that's the only service that even PARTLY filters some of the insane level of spam that gets sent to my unused prepaid number that everyone contacting is clearly an automated spambot.
I remember as a kid they were really good. Like some of the best ice cream I ever ate. Wide selection too.
Can't help but feel like they got the private-equity squeeze deal to turn them into a zombie.
Some MBA comes in and cuts all the corners, all the costs that made them a first class market leader. Turning them from the best out there into just another ice cream shop with nothing distinctive that Washington and Lincolns everyone for all their money. (We're long past nickles and dimes these days)
What more harmful is probably not having a set of guilds / unions (that both work together, share the same collective bargains, but also compete for members) to cut a lot of the annoying for ALL sides involved interview process out.
Why do they ask about Big O? Because it works as a filter. That's how bad some of the candidates are.
What would I rather they do? Have a non-trivial but obviously business unrelated puzzle that happens to include design flaws and the interviewee is given enough time and latitude to 'fulfill the interface, but make this the best it can be'.
I was extremely dismayed when that supermarket simulator game that got popular on Twitch called 'pizza' something along the line of 'frozen dessert pie'...
At least the way it tends to get made in the US, a sugary pastry that's stuffed full of sugar, carbs, fats and cheese? Ok yeah, my favorite foods are _all_ terrible for me and I can't eat them anymore. This makes me very sad.
Pizza at home is my pet peeve. Lots of work working the dough, lots of waiting, super messy. Needs expensive oven and tons of electricity. All of this work to get one of the cheapest meal available.
Now compare to a steak - add salt, 5 minutes on pan, rest. Better than $50 steak at most restaurants.
I get that pizza at home is a whole hobby, yes. And if you don't want to do it, it's all of those things that you say.
1) My pizza oven runs on gas not electricity. Not that this is better environmentally. Some run on wood.
2) I'm getting better results than I can get in a local pizza place. Cheap pizza is not great pizza. Home pizza making has a learning curve, it's more of a niche thing than e.g. cooking a steak or burger.
For grandparent post, Pizza is of course not a "dessert", it's a savoury main course. Full of white flour, cheese fats, and salt. So also not health food.
Not just in the US. NIMBY looks almost exactly the same in the US, in New Zealand, in Israel, in Italy, in Czechia or in the UK.
Basically, as long as you allow other people to veto new construction, it is almost guaranteed that a few bitter fighters will devote their lives to stopping anything to be ever built again. Roads, trams, housing, anything at all. A veritable vetocracy, not too dissimilar from the legendary Polish-Lithuanian Commonwealth, where every noble could veto anything agreed upon by the Sejm by simply standing up and saying "I disagree".
The "community participation" ideal which looked very positive once turned out to empower the worst reactionaries.
The few countries that got this problem under control did so mostly by limiting the legal abilities of such people to throw wrenches into everything.
The problem with community participation is it can only work when significant numbers of people participate. Most people have too much in life as it is to get involved. On any given night there are 50 different events in my city I could go to - (knitting circle, bible studies, softball, DnD, book club, girl scouts, gymnastics...), plus I have my own hobbies at home I'm trying to work on: I don't have time to attend the community meetings as well - and neither does most people in my community. What is left with the "busy bodies" who decide to make time - but they don't represent the community and shouldn't get input (I went to one: Some women was asking a lot of questions on why the road department decided to not replace a road grader with 14900 hours on it even though the policy was replace it at 15000 hours - that is trying to micromanage the whole county as if the leaders are not competent to make decisions).
Don't forget they're saying these things for valid reasons, and a balance has to be struck. For example, (this is not a perfect rule, just a rough draft) if you can only build an apartment block next to another apartment block, high-density areas can exist radiating outwards from existing centers (where you'd want high density and where people who want to live in high density want to live). Or you can build one surrounded by farmland, probably. Apparently that's popular in America though I don't understand why.
My experience with the Czech NIMBY crowd is that when I talk to them directly, they are quite open about "we don't want anything to change and we don't like new people".
More constructive reasons like "there is not enough buses to the area" can be usually solved by reasonable compromise, but this sort of intense conservatism "wait until I am dead, then build something" cannot.
Would you rather go back to the modem days and call a 'Transfer' a 'Baud'?
PAM encoding is already analog, and also correspondingly more expensive (power, silicon size, etc) for the increase in speed.
It really wouldn't surprise me if even on workstation platforms only a subset of core lanes were Gen6+ and the common slots were redriven Gen5 or less off of a router / switch chip.
> Would you rather go back to the modem days and call a 'Transfer' a 'Baud'?
We don't have to go back, baud is still in use. I would expect transfers per second to be a synonym for baud though, and for bits per second per pin to use a different word.
> However at the same time, not even offering a fallback path in non-assembly?
There's probably not any hand-written assembly at issue here, just a compiler told to target x86_64-v2. Among others, RHEL 9 and derivatives were built with such options. (RHEL 10 bumped up the minimum spec again to x86_64-v3, allowing use of AVX.)
Or even, a compiler told to target nothing in particular, and a default finally toggled over from "Oh, we're 'targeting x86'? So CPUs from the early 2000s then" to "Oh, we're 'targeting x86'? So CPUs from the mid-2010s then."
This is a bit of vicious circle. How much of that money goes even into keeping those servers running? The electricity bill alone, geez. They could do a dedicated fundraiser to get themselves two boxes that are a decade old and still have spare parts available, coming from Broadwell era, they will have enough instruction set support to cover the baseline towards which multiple distros are converging (Haswell and up).
Given their target audience, they could probably just request a hardware donation. Some sysadmin out there is probably getting rid of exactly what they need.
I am 100% sure that if they put out a call for action and asked for hardware donations they would be able to get newer stuff. Ryzen 7 1700 goes for as cheap as 50$, DDR4 ram at supported speeds (2133 MHz) is also dirt cheap.
The problem with offering fallbacks is testing -- there isn't any reasonable hardware which you could use, because as you say it's all very old and slow.
Choice 2. Empowered user. The end user is free to CHOOSE to delegate the hardware's approved signing solutions to a third party. Possibly even a third party that is already included in the base firmware such as Microsoft, Apple, OEM, 'Open Source' (sub menu: List of several reputable distros and a choice which might have a big scary message and involved confirmation process to trust the inserted boot media or the URL the user typed in...)
There should also be a reset option, which might involve a jumper or physical key (E.G. clear CMOS) that factory resets any TPM / persistent storage. Yes it'd nuke everything in the enclave but it would release the hardware.
reply