It's important to understand that we could genuinely lose general purpose computing. I don't think it's in serious danger at the moment, but we've been in the midst of a slide in that direction for the last 10-15 years. Part of it is mobile phones, part of it is TPM, part of it is market forces. The latest turn is strictly political. We've really foolishly built the technology necessary for authoritarianism just a few years head of a general global trend towards authoritarianism. At the moment, anyone can use Linux; it's better and easier than ever. Will the laws of your country make it harder or more difficult to avoid? Will major vendors lock you out of basic functions? Will age verification require an agent run on your Windows or macOS computer? (or worse, require the use of a smart phone just to use the internet?)
We're not anywhere there yet, but we're closer than we've ever been, and things keep moving in the wrong direction.
Alternate take: it's exactly as bad as you expected, but your timeline was off.
And even so, perhaps it's later than you realize. Device attestation in the browser is the final nail in the coffin, and it's a question of "when" not "if" major sites start requiring it in the name of "safety" from bots.
PC was an anomaly thanks to IBM not being able to go with their plans.
On UNIX, Sun was the vendor that introduced the concept of SDK SKU, thus for having developer tools, an additional SKU had to be bought, and the until then largely ignored GCC sundenly got a new focus of attention.
Mainframes and micros always needed having a group of folks from the vendor professional services for specific kinds of configurations.
I still remeber working on traditional timesharing UNIX systems, one single server for all teams, what you get to do is decided by IT for your role.
There are plenty of examples from the past on how this has been happening already.
But the "walled garden" on mobile (iOS mostly, but now also Android) isn't really about trusted computing at all. Trusted computing (locked bootloaders) is but a small part of it.
Trusted computing and even remote attestation have legitimate use cases. It's good, great even, that they exist. But just like everything, they can be used against you.
it's in the name, but it's open source and it's replacing a hodgepodge of other stuff (the point isn't why it's replacing it, or how well it's going; the point is there are replacements).
if the computer won't allow to install or use other software until you install a vendor-signed version of systemd on a vendor-signed kernel we'll be there. it's about hardware attestation, not signed software, though.
The future is likely bifurcated trust: Official, encrypted, attested systems; and unofficial, unencrypted, unattested systems.
The GNU freedoms never specified the right to run free software side by side with proprietary software on the same hardware; so the FSF should actually be fine with such an outcome.
The problem with bifurcated trust is the ongoing efforts to force people into carrying a “trusted” pocket spy. Cashless payments, mobile train tickets, and digital ID are making it extremely difficult to live without a pocket spy in some places.
If my bank requires me to use a phone for transfers (mine doesn’t), it might be acceptable to leave one in a desk drawer powered off as you would do with a hardware authentication token. It’s a special device for occasionally accessing a service. Fine. But when governments and industry collude to force citizens to carry these devices in order to live life normally, that’s not OK.
My intent is to be as stubborn and obnoxious as possible in resisting this until they either give up and provide an alternate path or lock me away for noncompliance. Fortunately there is still an alternate path available for most things, primarily thanks to elders who have trouble with new tech. (Thank you elders!)
Or… acknowledge this is a fear of a future 30, 40, 50 years away that may never happen, which is never an argument.
It’s like saying the government, because they have power, and the SCOTUS, because they have power, could decide to kill all children. Yes, they could. No, it’s absurd to let that power keep you up at night, or say the solution is to abolish their power.
Ha! Let me know how to achieve that and I will. I’ve advocated, donated, and volunteered for years on behalf of a number of causes, some with excellent organizations promoting them, and yet things continue to get worse. The only minor victories have been temporary delays of bad policy.
No, the best response for the average citizen is stubborn noncompliance and constant passive resistance. Drag your feet until the whole thing comes crashing down. And encourage your friends to do it too! (But don’t stop trying through conventional politics, maybe one day it will work. Just don’t get your hopes up.)
That seems to be either an oversimplified take on the FSF's position, or argument in bad faith. The FSF wants people to be able to run free software for all purposes, as they fight for user freedoms. If said free software cannot be used, because of all kinds of vendors limiting their services to proprietary software or platforms, then this should be a major concern to the FSF, because their advocated kind of software is being sabotaged.
In fact FSF specifically exempts special purpose hardware like microwaves from its purview. The philosophy is targeted at software the user has a choice to install. If the hardware provider does not intend the user to choose to install an alternative version of the system software, software freedom doesn't come into play.
> Vote with your wallet
Doesn't work when the only options are bad. Every Android OEM embraces the closing of android because it'll allow them to ship all the spyware they already do without the user being able to remove them (or disable them soon enough). Having 2 or 100 options has no difference if they're all bad.
Won't matter. Remote hardware attestation means they will know you're trying to bypass their control. You'll be denied service at every turn. Can't even log into your bank account.
IMO, I don't see how remote hardware attestation avoids being spoofed. Yes, TPM is involved, but the end of the day, it's an API request/response. There are so many ways the request could be spoofed, and the attestation likely requires coordination with hardware vendors that have proven to be Highly Secure TM with the history of secure boot leaks.
Only as long as Google doesn't force Web Environment Integrity through. Running a custom OS won't help if important websites refuse to load unless they're running in an approved browser with a set of approved extensions, on an approved OS, on top of approved hardware.
There are plenty of smartphone companies locking down their bootloaders, but there are others that will let you unlock your bootloader by just running the basic command.
A much bigger problem for running Linux on phones is that standard Linux runs like crap on phones. It doesn't have the mainline driver support amd64 computers have, and the battery life optimizations that make Android usable need to be reimplemented on top of Linux to get a day's worth of use out of your phone. Unfortunately, most Linux applications are written for desktops where they expect the CPU to be running all the time, the WiFi to be accessible whenever they want, and for sleep/suspend to be extremely incidental rather than every two minutes.
Roms face a different problem: bootloader locking. But the more Android changes drastically, the harder it is to integrate the AOSP changes into the different open projects
In my opinion, the biggest problem that comes with this, is the fact that google play independent apps will become A LOT less popular. To a point where alternative roms are even less interesting to people which in return makes developing apps for them even less interesting.
This idea that protecting users is worth the cost of giving up your ownership rights is fallacious.
Protecting 1 million grannies is an entirely different risk class than the security implications of stopping everyone from using their devices as they see fit.
Protecting 1 million grannies means everyone loses ability to install apps that:
-allow encrypted chat
-allow use of privacy respecting software
-download art/games/entertainment that is deemed inappropriate to unelected parties
-use software to organize protests and track agents of hostile governments
-download software that opposes monopolistic holds of controlling parties
Using Linux is also not a real choice. To access my bank and health services in my country, I require a mobile device that is remote attested by either Apple or Google which are American countries. Hell, it's becoming closer to reality that playing online video games requires remote attestation either to "prevent" cheating or for age verification.
Thus the risk widens to the sovereign control a nation has over its own services. A US president could attempt to force Google and Apple to shutoff citizen access of banks and health services of an entire nation. Merely the threat could give them leverage in any sort of negotiations they might be in. For some nations in the future, the controlling nation may be China I imagine.
I think the real regulatory solution here is to break up monopoly practices. While the EU's DMA is all well and good in some ways, the EU is also pushing Chat Control... In a more fragmented market it becomes impossible for a bank or health service to mandate specific devices for access (they lose potential customers) so you could theoretically move to a device that doesn't do draconian style remote attestation that breaks if you go off the ranch. We need more surgically precise regulatory tools than sweeping legislation that would keep using alternatives like Linux or FreeBSD or whatever actually viable. It also makes it much harder for that same legislative body to enforce insane ideas like Chat Control.
The answer is not protect users from themselves. The answer is more freedom, with a legal framework that helps all users have more choices while helping victims acquire restitution.
> To access [...] health services in my country, I require a mobile device that is remote attested by either Apple or Google
I knew of banks, but how is it that health services need remote attested mobile devices? Do clinics not support setting appointments through calls anymore, or what?
In my country, the same verification service is used to access banks, health services (private and public), taxes, and even verify online retail purchases. This verification app on Android requires Play Integrity on first time activation so fresh installs of something like GrapheneOS will not let you use the app. It's still currently possible to use a hardware token alternative to the app. It is only getting less convenient and possible to opt out of the digital verification systems even if there's technically still workarounds. In the past, even when such verification systems existed, they were less user constricting (no requirements on remote attestation for example).
I believe if we look at the past compared to now, and then extrapolate towards the future, without proper action, we will keep slipping down the slope.
it's usually to see the results of your lab work, message doctors about refills, etc. You'd probably be able to get some of that mailed instead at the cost of time certainly.
What happened was people ended up putting a lot of money and sensitive data on their computers and desired a system which wouldn’t expose that just because they ran the wrong software.
Also, "want the milk without buying the cow", but I like "don't get me wet" because it highlights not wanting the result without the unpleasant step of the process. Then again, we have "dry cleaning" and ozempic....
https://english.stackexchange.com/questions/429316/wash-me-b...
And by "people" we mean Hollywood. A great deal of this was created to enable DRM, then exploited for other purposes. For instance, it's illegal (by contract) to let a device without Secure Boot play a 4K stream from any mainstream studio. This is why Windows requires Secure Boot.
Ah yes, the good old freedom for security tradeoff. Of course, in this case it's the security of trillion dollar corporations at the cost of our freedoms...
The better answer is to build better OSes with better security models.
I should be able to run a crypto wallet I downloaded from a Kim Jong Un fan site while high and it shouldn’t be able to do anything I don’t give it permission to do.
It’s totally possible. Tabs in a web browser are basically this.
I can do it with VMs but that’s lots of extra steps.
> The moment gaming became genuinely profitable, console manufacturers realized they could control their entire ecosystem. Proprietary formats, region systems, and lockout chips were all valid ways to ensure companies could levy hefty licensing fees from developers.
This is historically inaccurate. All console games were originally produced in-house by the console manufacturers, but then 4 Atari programmers got wind that the games they wrote made tens of $millions for Atari while the programmers were paid only a relatively small salary. When Atari management refused to give the programmers a cut, they left and formed Activision. Thus Activision became the original third-party console game development company. Atari sued Activision for theft of trade secrets, because the Activision founders were all former Atari programmers. The case was settled, with Atari getting a cut of Activision’s revenue but otherwise allowing Activision to continue developing console games. I suspect this was because the 4 programmers were considered irreplaceable to Atari (albeit too late, after they already quit).
The licensing fee business model was a product of this unique set of circumstances. The article author's narrative makes it sound like consoles switched from open to closed, but that's not true. The consoles (like the iPhone) switched from totally closed to having a third-party platform, after the value of third-party developers was shown.
> Consumers loved having access to a library of clean and functional apps, built right into the device.
How can you say they're "built right into the device" when you have to download them? Moreover, you were originally able to buy iPhone apps in iTunes for Mac, and manage your iPhone via USB.
> Meanwhile, they didn’t really care that they couldn’t run whatever kooky app some random on the Internet had dreamed up.
I'm not sure how you can say consumers didn't really care. Some people have always cared. It's a tradeoff, though: you would have to care enough to not buy an iPhone altogether. That's not the same as not caring at all. Also, remember that for the first year, iPhone didn't even have third-party apps.
> At the time, this approach largely stayed within the console gaming world. It didn’t spread to actual computers because computers were tools. You didn’t buy a PC to consume content someone else curated for you.
I would say this was largely due to Steve Wozniack, who insisted that the Apple II be an open platform. If Steve Jobs—who always expressed contempt for third-party developers—originally had his way, the whole computing industry might have been very different. Jobs always considered them "freeloaders", which is ridiculous of course (for example, VisiCalc is responsible for much of the success off the Apple II), but that was his ridiculous view.
> Sadly, over the years, Android has been steadily walking back that openness. The justifications are always reasonable on their face. Security updates need to be mandatory because users are terrible at remembering to update. Sideloading apps need to come with warnings because users will absolutely install malware if you let them just click a button. Root access is too dangerous because it puts the security of the whole system and other apps at risk. But inch by inch, it gets harder to run what you want on the device you paid for.
As much as I want to agree with this author (and do, to an extent) they are also providing the exact and honestly-pretty-good reasons for why this is happening: computers have breached containment, and they did it a long time ago. Computers are not just for us weird nerds anymore and they haven't been for some time; they're tools for a larger, more complicated, more diverse userbase, many of whom are simply not interested in learning how to computer. They just want shit to work, reliably. Random software on the Internet is not a path to reliability if you also don't know how your thing actually works.
I mourn this too but let's not pretend it's simply what happened because corporations are evil (though they are for sure that).
It's particularly hard to swallow these justifications when advanced by Google considering how much malware there is on the Play Store. I have never once had an issue with malware installed via F-Droid but have had multiple issues with apps from the Play Store. But apparently it's F-Droid I need to be protected from. (Granted, the Play Store malware I experienced was in the nature of "pop up ads on your phone randomly", not stealing your bank credentials, but it shows how little actual vetting goes on.)
I do understand the broader point. I know a few elderly people in particular who are walking targets for cybercrime. But I wish we had more differentiation. Locked down, easy to use phones for those who want or need that, and more open phones that act similar to laptops for those who know what they're doing (or, in any case, are willing and able to bear the risk).
I mean, we did. We had iOS and Android. The issue is Apple makes more money via these practices per user than Google did, and Google is therefore imitating them and their products.
Exactly: smartphones and tablets are designated safe spaces for 'normies'. If you want to do serious computing, serious machines (laptops, desktops, servers) are still available.
there are plenty of "honestly-pretty-good reasons" we plebs shouldn't have access to general purpose computers, and we're only a few decades away from them reclassified into the equivalent of fully automatic rifles.
The security argument is the best one to shove all this monopoly practices, but I doubt there are real proof of that somewhere. These days, I think I have most trust in a small app developed by a folk in a garage than something produces by Meta or Google
Doing evil things under the guise of good intentions (with reasons that appear valid on the surface) has always been the playbook. All you're doing is excusing it - let's not.
If this was genuinely about security and UX then they would continue to provide viable "escape hatches", but it isn't and so they don't. That's what's being criticized.
I disagree, I don’t think I’m excusing it at all and your argument hinges on the restriction of software running on hardware to be evil. I wouldn’t describe it that way. I think it’s frustrating certainly but I don’t think you have an inalienable right to run code of your choice.
I would characterize it more as Google is responding to the needs of the vast majority of its users, most of whom do not care to run unsigned software, certainly don’t write it, and have no need of escape hatches. Escape hatches are great, but each also represents a security weakness waiting to be exploited.
And not to leave it merely implied: they are also responding to large development organizations who want locked down platforms in which they can distribute, and more importantly crack down on those who would pirate their, software.
> I don’t think you have an inalienable right to run code of your choice
> more importantly crack down on those who would pirate their, software.
If you represent the interests of corporations then try leading with that next time.
> Escape hatches are great, but each also represents a security weakness waiting to be exploited.
Besides being a broad statement that lacks citations and no doubt relies on contrived examples where this was implemented poorly, it's also clearly a violation of the EU Digital Markets Act.
> If you represent the interests of corporations then try leading with that next time.
I don't. I'm just saying Google and whichever boogeyman you'd care to slot into position 2 share the same interests. Far more than you or me and Google anyway.
> Besides being a broad statement that lacks citations and no doubt relies on contrived examples where this was implemented poorly
To a laymen user, any software that is running without code signing has a much much much higher chance of being something that has gone wrong rather than Joe Public found a cool image editing app that doesn't want to be distributed via the Play store. Are there exceptions? Sure, I'm certainly a big one. Does that mean I don't understand Google's position here? No.
> it's also clearly a violation of the EU Digital Markets Act.
If true, they'll end up in court, same as Apple did.
This is a recurring pattern: people make bad choices, mostly out of ignorance, but no one blames the public because we always assume that in a democracy the costumer and the voter are always right.
Behind every corrupt politician or every greedy corporation there are thousands or millions of negligent and ignorant voters and costumers.
And like, with the ubiquity of this tech, I have to kind of concede at least some of the point. A smartphone is just shy of essential for modern living these days. Banking, purchase of goods and services, managing your relationship with your city and state, filing taxes, getting directions, ALL communications, all occur via your phone. Your phone is not MERELY a computer, a CPU with memory attached that you can make do things, for most people, I'd say it's an essential piece of IT hardware. Most people would prefer, I think, to lose their computers, TV's, consoles, etc. far before their phone. A phone is CRITICAL now, for better and worse.
So it sucks ass that a greater and greater share of what we consider computing has to occur in platforms that are utterly locked down to the core, but again, at the same time, putting my "regular user" hat on here: I don't want my phone to run anything from an untrustworthy source. My computer? Shit yeah, I'll try just about anything with a healthy skepticism as required, but not my phone. Losing a computer is irritating. Losing a phone is a fucking MESS.
Real world parallels to this abound. You cannot build whatever house you want on your own property, for example; it must meet strict building codes and be verifiably structurally sound. What ever happened to building what you wanted on your own land?
Because there are liabilities issues for others. What if your structure falls down on visitors? You cant repair some heath damage or death. Since this kind of problems is easily prevented by professional review, legal constraints make lots of sense.
That is not universally true; even today in some states there are areas (and perhaps even entire states) where building codes do not apply, sometimes even to the main structure. Often you only need to comply over a certain size, for human habitation, or to connect to utilities.
The best argument “for” building codes is the same as “for” secure platforms; that people should be able to expect a certain level of competence when buying a structure or phone.
But if you want to do it yourself, there should be a path.
The codes exist but I think what they are saying is that in some places codes are not enforced or even checked. I live in somewhat of a "middle ground" where codes do exist and electrical is checked on a brand new build. They will also nag about septic inspections but will never actually get off their butts and do the inspection. Many such places do exist but they are usually places I would never want to reside. I know of places that I can literally build anything and never once be nagged by inspectors or state/county governments. They are happy enough and lazy enough to receive the property tax revenue.
The TPM and secure boot conversation for gaming has shifted my perspective a lot. This technology is having a positive impact on player experience. It has become quite clear to me that there are wheels that will squeak regardless of the amount of lubricant used. I've begun to consider the position of being able to run anything my way at any time on any machine as being a bit extremist. Especially, in a game theoretic setting with other participants expecting some degree of fair play.
I am allowed to own multiple computers. Many do. I've got a Linux hand held, a windows desktop, an iPhone and a MacBook. All with varying degrees of freedom and function. I don't feel like I'm constrained right now.
HDCP is an example of the other thing in my mind. It adds zero value to anyone's experience. Any potential value add is hypothetical. You can't survey a person after they watch an unprotected film and receive a meaningful signal. It's pure downside for the customer. There's no such thing as competitive Netflix lobbies.
If I want to run arbitrary code, I'll do it on my windows box or fire up a Linux VM in the cloud somewhere. I don't need weird problems on my phone. If you are trying to touch all platforms at once, try using the goddamn web. I've been able to avoid Apple enterprise distribution hell with a little bit of SPA magic and InTune configuration for business customers. For B2C I just don't see it anymore. You need to follow the rules if you want to be in the curated environments.
That same box that lets me play Battlefield 6 is also the only box powerful enough to run the game that doesn't have enough accessibility options that requires me to use CheatEngine to fix.
It's important to understand that we could genuinely lose general purpose computing. I don't think it's in serious danger at the moment, but we've been in the midst of a slide in that direction for the last 10-15 years. Part of it is mobile phones, part of it is TPM, part of it is market forces. The latest turn is strictly political. We've really foolishly built the technology necessary for authoritarianism just a few years head of a general global trend towards authoritarianism. At the moment, anyone can use Linux; it's better and easier than ever. Will the laws of your country make it harder or more difficult to avoid? Will major vendors lock you out of basic functions? Will age verification require an agent run on your Windows or macOS computer? (or worse, require the use of a smart phone just to use the internet?)
We're not anywhere there yet, but we're closer than we've ever been, and things keep moving in the wrong direction.
I was there, 3000 years ago, when we started ringing the bell about “trusted computing”. Honestly it’s not as bad as I expected
Alternate take: it's exactly as bad as you expected, but your timeline was off.
And even so, perhaps it's later than you realize. Device attestation in the browser is the final nail in the coffin, and it's a question of "when" not "if" major sites start requiring it in the name of "safety" from bots.
> it’s not as bad as I expected
yet :D
Mobile is where it’s bad. It never took hold fully on desktop since desktop is used for development and too many other things.
PC was an anomaly thanks to IBM not being able to go with their plans.
On UNIX, Sun was the vendor that introduced the concept of SDK SKU, thus for having developer tools, an additional SKU had to be bought, and the until then largely ignored GCC sundenly got a new focus of attention.
Mainframes and micros always needed having a group of folks from the vendor professional services for specific kinds of configurations.
I still remeber working on traditional timesharing UNIX systems, one single server for all teams, what you get to do is decided by IT for your role.
There are plenty of examples from the past on how this has been happening already.
But the "walled garden" on mobile (iOS mostly, but now also Android) isn't really about trusted computing at all. Trusted computing (locked bootloaders) is but a small part of it.
Trusted computing and even remote attestation have legitimate use cases. It's good, great even, that they exist. But just like everything, they can be used against you.
Mobile is where it is all going. PCs will be like android in the near future.
what? windows 11 was just for new features right? ... right?
I have an ugly hunch that systemd gonna be Google Play Services of Linux at some point.
I beg history to prove me wrong.
it's in the name, but it's open source and it's replacing a hodgepodge of other stuff (the point isn't why it's replacing it, or how well it's going; the point is there are replacements).
if the computer won't allow to install or use other software until you install a vendor-signed version of systemd on a vendor-signed kernel we'll be there. it's about hardware attestation, not signed software, though.
Well systemd is open source so it could just be forked at any point. I don't forsee this happening.
Trusted computing is just another name for vendor lock-in. It was never about security.
The future is likely bifurcated trust: Official, encrypted, attested systems; and unofficial, unencrypted, unattested systems.
The GNU freedoms never specified the right to run free software side by side with proprietary software on the same hardware; so the FSF should actually be fine with such an outcome.
The problem with bifurcated trust is the ongoing efforts to force people into carrying a “trusted” pocket spy. Cashless payments, mobile train tickets, and digital ID are making it extremely difficult to live without a pocket spy in some places.
If my bank requires me to use a phone for transfers (mine doesn’t), it might be acceptable to leave one in a desk drawer powered off as you would do with a hardware authentication token. It’s a special device for occasionally accessing a service. Fine. But when governments and industry collude to force citizens to carry these devices in order to live life normally, that’s not OK.
My intent is to be as stubborn and obnoxious as possible in resisting this until they either give up and provide an alternate path or lock me away for noncompliance. Fortunately there is still an alternate path available for most things, primarily thanks to elders who have trouble with new tech. (Thank you elders!)
Then get a law passed. Today.
Or… acknowledge this is a fear of a future 30, 40, 50 years away that may never happen, which is never an argument.
It’s like saying the government, because they have power, and the SCOTUS, because they have power, could decide to kill all children. Yes, they could. No, it’s absurd to let that power keep you up at night, or say the solution is to abolish their power.
> Then get a law passed. Today.
Ha! Let me know how to achieve that and I will. I’ve advocated, donated, and volunteered for years on behalf of a number of causes, some with excellent organizations promoting them, and yet things continue to get worse. The only minor victories have been temporary delays of bad policy.
No, the best response for the average citizen is stubborn noncompliance and constant passive resistance. Drag your feet until the whole thing comes crashing down. And encourage your friends to do it too! (But don’t stop trying through conventional politics, maybe one day it will work. Just don’t get your hopes up.)
That seems to be either an oversimplified take on the FSF's position, or argument in bad faith. The FSF wants people to be able to run free software for all purposes, as they fight for user freedoms. If said free software cannot be used, because of all kinds of vendors limiting their services to proprietary software or platforms, then this should be a major concern to the FSF, because their advocated kind of software is being sabotaged.
In fact FSF specifically exempts special purpose hardware like microwaves from its purview. The philosophy is targeted at software the user has a choice to install. If the hardware provider does not intend the user to choose to install an alternative version of the system software, software freedom doesn't come into play.
https://www.fsf.org/campaigns/free-bios.html
> Vote with your wallet Doesn't work when the only options are bad. Every Android OEM embraces the closing of android because it'll allow them to ship all the spyware they already do without the user being able to remove them (or disable them soon enough). Having 2 or 100 options has no difference if they're all bad.
Executive Summary: run Linux
Won't matter. Remote hardware attestation means they will know you're trying to bypass their control. You'll be denied service at every turn. Can't even log into your bank account.
IMO, I don't see how remote hardware attestation avoids being spoofed. Yes, TPM is involved, but the end of the day, it's an API request/response. There are so many ways the request could be spoofed, and the attestation likely requires coordination with hardware vendors that have proven to be Highly Secure TM with the history of secure boot leaks.
Answer: companies realized that they can milk you for more money by restricting your options and alternatives.
The one word answer to this?
Linux.
As long as common PCs can boot an iso we should be good to go.
Only as long as Google doesn't force Web Environment Integrity through. Running a custom OS won't help if important websites refuse to load unless they're running in an approved browser with a set of approved extensions, on an approved OS, on top of approved hardware.
The article is largely about phones, where the barrier to install a truly open Linux system are high and getting higher.
There are plenty of smartphone companies locking down their bootloaders, but there are others that will let you unlock your bootloader by just running the basic command.
A much bigger problem for running Linux on phones is that standard Linux runs like crap on phones. It doesn't have the mainline driver support amd64 computers have, and the battery life optimizations that make Android usable need to be reimplemented on top of Linux to get a day's worth of use out of your phone. Unfortunately, most Linux applications are written for desktops where they expect the CPU to be running all the time, the WiFi to be accessible whenever they want, and for sleep/suspend to be extremely incidental rather than every two minutes.
Have an optimised web browser for the OS and you don't really have to worry about 3rd party software performance any more or not that much
systemd devs: "lol. lmao."
Will LineageOS and other similar ROMs have this limitation as well, or will it be baked into the hardware?
Roms face a different problem: bootloader locking. But the more Android changes drastically, the harder it is to integrate the AOSP changes into the different open projects
> Roms face a different problem: bootloader locking.
Is that a problem these days? It was over a decade ago that I last needed to jailbreak a phone, nowadays it’s just "I’d like to unlock" "Ok".
They will not, but the hardware will (as it already does) do its best to stop you from installing LineageOS and other similar ROMs.
In my opinion, the biggest problem that comes with this, is the fact that google play independent apps will become A LOT less popular. To a point where alternative roms are even less interesting to people which in return makes developing apps for them even less interesting.
This idea that protecting users is worth the cost of giving up your ownership rights is fallacious.
Protecting 1 million grannies is an entirely different risk class than the security implications of stopping everyone from using their devices as they see fit.
Protecting 1 million grannies means everyone loses ability to install apps that:
Using Linux is also not a real choice. To access my bank and health services in my country, I require a mobile device that is remote attested by either Apple or Google which are American countries. Hell, it's becoming closer to reality that playing online video games requires remote attestation either to "prevent" cheating or for age verification.Thus the risk widens to the sovereign control a nation has over its own services. A US president could attempt to force Google and Apple to shutoff citizen access of banks and health services of an entire nation. Merely the threat could give them leverage in any sort of negotiations they might be in. For some nations in the future, the controlling nation may be China I imagine.
I think the real regulatory solution here is to break up monopoly practices. While the EU's DMA is all well and good in some ways, the EU is also pushing Chat Control... In a more fragmented market it becomes impossible for a bank or health service to mandate specific devices for access (they lose potential customers) so you could theoretically move to a device that doesn't do draconian style remote attestation that breaks if you go off the ranch. We need more surgically precise regulatory tools than sweeping legislation that would keep using alternatives like Linux or FreeBSD or whatever actually viable. It also makes it much harder for that same legislative body to enforce insane ideas like Chat Control.
The answer is not protect users from themselves. The answer is more freedom, with a legal framework that helps all users have more choices while helping victims acquire restitution.
When they say users need to be protected they don't mean the people. They mean the database record.
> To access [...] health services in my country, I require a mobile device that is remote attested by either Apple or Google
I knew of banks, but how is it that health services need remote attested mobile devices? Do clinics not support setting appointments through calls anymore, or what?
In my country, the same verification service is used to access banks, health services (private and public), taxes, and even verify online retail purchases. This verification app on Android requires Play Integrity on first time activation so fresh installs of something like GrapheneOS will not let you use the app. It's still currently possible to use a hardware token alternative to the app. It is only getting less convenient and possible to opt out of the digital verification systems even if there's technically still workarounds. In the past, even when such verification systems existed, they were less user constricting (no requirements on remote attestation for example).
I believe if we look at the past compared to now, and then extrapolate towards the future, without proper action, we will keep slipping down the slope.
it's usually to see the results of your lab work, message doctors about refills, etc. You'd probably be able to get some of that mailed instead at the cost of time certainly.
What happened was people ended up putting a lot of money and sensitive data on their computers and desired a system which wouldn’t expose that just because they ran the wrong software.
"Wash me but don't get me wet." (Is this a saying in english?)
I guess you are trying to say: "You can’t have your cake and eat it too." ?!
Also, "want the milk without buying the cow", but I like "don't get me wet" because it highlights not wanting the result without the unpleasant step of the process. Then again, we have "dry cleaning" and ozempic.... https://english.stackexchange.com/questions/429316/wash-me-b...
And by "people" we mean Hollywood. A great deal of this was created to enable DRM, then exploited for other purposes. For instance, it's illegal (by contract) to let a device without Secure Boot play a 4K stream from any mainstream studio. This is why Windows requires Secure Boot.
Ah yes, the good old freedom for security tradeoff. Of course, in this case it's the security of trillion dollar corporations at the cost of our freedoms...
The better answer is to build better OSes with better security models.
I should be able to run a crypto wallet I downloaded from a Kim Jong Un fan site while high and it shouldn’t be able to do anything I don’t give it permission to do.
It’s totally possible. Tabs in a web browser are basically this.
I can do it with VMs but that’s lots of extra steps.
Web pages have a lot of restrictions even if you consider the gradual adoption of the project Fugu APIs
Isn't that what Qubes is all about?
Yes but IMHO that approach is a hack. “Fix our 1970s OS by putting it in a box in our 1970s OS.”
> The moment gaming became genuinely profitable, console manufacturers realized they could control their entire ecosystem. Proprietary formats, region systems, and lockout chips were all valid ways to ensure companies could levy hefty licensing fees from developers.
This is historically inaccurate. All console games were originally produced in-house by the console manufacturers, but then 4 Atari programmers got wind that the games they wrote made tens of $millions for Atari while the programmers were paid only a relatively small salary. When Atari management refused to give the programmers a cut, they left and formed Activision. Thus Activision became the original third-party console game development company. Atari sued Activision for theft of trade secrets, because the Activision founders were all former Atari programmers. The case was settled, with Atari getting a cut of Activision’s revenue but otherwise allowing Activision to continue developing console games. I suspect this was because the 4 programmers were considered irreplaceable to Atari (albeit too late, after they already quit).
The licensing fee business model was a product of this unique set of circumstances. The article author's narrative makes it sound like consoles switched from open to closed, but that's not true. The consoles (like the iPhone) switched from totally closed to having a third-party platform, after the value of third-party developers was shown.
> Consumers loved having access to a library of clean and functional apps, built right into the device.
How can you say they're "built right into the device" when you have to download them? Moreover, you were originally able to buy iPhone apps in iTunes for Mac, and manage your iPhone via USB.
> Meanwhile, they didn’t really care that they couldn’t run whatever kooky app some random on the Internet had dreamed up.
I'm not sure how you can say consumers didn't really care. Some people have always cared. It's a tradeoff, though: you would have to care enough to not buy an iPhone altogether. That's not the same as not caring at all. Also, remember that for the first year, iPhone didn't even have third-party apps.
> At the time, this approach largely stayed within the console gaming world. It didn’t spread to actual computers because computers were tools. You didn’t buy a PC to consume content someone else curated for you.
I would say this was largely due to Steve Wozniack, who insisted that the Apple II be an open platform. If Steve Jobs—who always expressed contempt for third-party developers—originally had his way, the whole computing industry might have been very different. Jobs always considered them "freeloaders", which is ridiculous of course (for example, VisiCalc is responsible for much of the success off the Apple II), but that was his ridiculous view.
ReactOS needs donations NetBSD is running a new round of donations F-Droid needs donations
There are more
AROS, GNU-HURD and more
you can always contribute code, maintain an app, report a bug
You can buy HW to run AOSP, like Raspberry-PI or RISC-V
We are the consumers, we have the wallet.
> Sadly, over the years, Android has been steadily walking back that openness. The justifications are always reasonable on their face. Security updates need to be mandatory because users are terrible at remembering to update. Sideloading apps need to come with warnings because users will absolutely install malware if you let them just click a button. Root access is too dangerous because it puts the security of the whole system and other apps at risk. But inch by inch, it gets harder to run what you want on the device you paid for.
As much as I want to agree with this author (and do, to an extent) they are also providing the exact and honestly-pretty-good reasons for why this is happening: computers have breached containment, and they did it a long time ago. Computers are not just for us weird nerds anymore and they haven't been for some time; they're tools for a larger, more complicated, more diverse userbase, many of whom are simply not interested in learning how to computer. They just want shit to work, reliably. Random software on the Internet is not a path to reliability if you also don't know how your thing actually works.
I mourn this too but let's not pretend it's simply what happened because corporations are evil (though they are for sure that).
It's particularly hard to swallow these justifications when advanced by Google considering how much malware there is on the Play Store. I have never once had an issue with malware installed via F-Droid but have had multiple issues with apps from the Play Store. But apparently it's F-Droid I need to be protected from. (Granted, the Play Store malware I experienced was in the nature of "pop up ads on your phone randomly", not stealing your bank credentials, but it shows how little actual vetting goes on.)
I do understand the broader point. I know a few elderly people in particular who are walking targets for cybercrime. But I wish we had more differentiation. Locked down, easy to use phones for those who want or need that, and more open phones that act similar to laptops for those who know what they're doing (or, in any case, are willing and able to bear the risk).
I mean, we did. We had iOS and Android. The issue is Apple makes more money via these practices per user than Google did, and Google is therefore imitating them and their products.
If only they did work reliably though…
When the software on these locked down devices breaks down, and it does, everyone is helpless.
When a zero day is found, again everyone is helpless.
If we cannot understand how something works on all layers, stability and security are only promises.
Exactly: smartphones and tablets are designated safe spaces for 'normies'. If you want to do serious computing, serious machines (laptops, desktops, servers) are still available.
Even as someone who “knows what they are doing” I still want one secure computer to do my banking, hold all my most personal data, etc.
Then I have raspberry pi and steam deck which I use for messing around with and running whatever weird software.
for now.
there are plenty of "honestly-pretty-good reasons" we plebs shouldn't have access to general purpose computers, and we're only a few decades away from them reclassified into the equivalent of fully automatic rifles.
The security argument is the best one to shove all this monopoly practices, but I doubt there are real proof of that somewhere. These days, I think I have most trust in a small app developed by a folk in a garage than something produces by Meta or Google
Doing evil things under the guise of good intentions (with reasons that appear valid on the surface) has always been the playbook. All you're doing is excusing it - let's not.
If this was genuinely about security and UX then they would continue to provide viable "escape hatches", but it isn't and so they don't. That's what's being criticized.
I disagree, I don’t think I’m excusing it at all and your argument hinges on the restriction of software running on hardware to be evil. I wouldn’t describe it that way. I think it’s frustrating certainly but I don’t think you have an inalienable right to run code of your choice.
I would characterize it more as Google is responding to the needs of the vast majority of its users, most of whom do not care to run unsigned software, certainly don’t write it, and have no need of escape hatches. Escape hatches are great, but each also represents a security weakness waiting to be exploited.
And not to leave it merely implied: they are also responding to large development organizations who want locked down platforms in which they can distribute, and more importantly crack down on those who would pirate their, software.
> I don’t think you have an inalienable right to run code of your choice
> more importantly crack down on those who would pirate their, software.
If you represent the interests of corporations then try leading with that next time.
> Escape hatches are great, but each also represents a security weakness waiting to be exploited.
Besides being a broad statement that lacks citations and no doubt relies on contrived examples where this was implemented poorly, it's also clearly a violation of the EU Digital Markets Act.
> If you represent the interests of corporations then try leading with that next time.
I don't. I'm just saying Google and whichever boogeyman you'd care to slot into position 2 share the same interests. Far more than you or me and Google anyway.
> Besides being a broad statement that lacks citations and no doubt relies on contrived examples where this was implemented poorly
To a laymen user, any software that is running without code signing has a much much much higher chance of being something that has gone wrong rather than Joe Public found a cool image editing app that doesn't want to be distributed via the Play store. Are there exceptions? Sure, I'm certainly a big one. Does that mean I don't understand Google's position here? No.
> it's also clearly a violation of the EU Digital Markets Act.
If true, they'll end up in court, same as Apple did.
100% agree.
This is a recurring pattern: people make bad choices, mostly out of ignorance, but no one blames the public because we always assume that in a democracy the costumer and the voter are always right.
Behind every corrupt politician or every greedy corporation there are thousands or millions of negligent and ignorant voters and costumers.
And like, with the ubiquity of this tech, I have to kind of concede at least some of the point. A smartphone is just shy of essential for modern living these days. Banking, purchase of goods and services, managing your relationship with your city and state, filing taxes, getting directions, ALL communications, all occur via your phone. Your phone is not MERELY a computer, a CPU with memory attached that you can make do things, for most people, I'd say it's an essential piece of IT hardware. Most people would prefer, I think, to lose their computers, TV's, consoles, etc. far before their phone. A phone is CRITICAL now, for better and worse.
So it sucks ass that a greater and greater share of what we consider computing has to occur in platforms that are utterly locked down to the core, but again, at the same time, putting my "regular user" hat on here: I don't want my phone to run anything from an untrustworthy source. My computer? Shit yeah, I'll try just about anything with a healthy skepticism as required, but not my phone. Losing a computer is irritating. Losing a phone is a fucking MESS.
Part of the cycle .. https://www.goodreads.com/book/show/8201080-the-master-switc...
It is just a prequel to "what thoughts you can or cannot think in your mind", which is a future of technofascism.
Real world parallels to this abound. You cannot build whatever house you want on your own property, for example; it must meet strict building codes and be verifiably structurally sound. What ever happened to building what you wanted on your own land?
Because there are liabilities issues for others. What if your structure falls down on visitors? You cant repair some heath damage or death. Since this kind of problems is easily prevented by professional review, legal constraints make lots of sense.
That is not universally true; even today in some states there are areas (and perhaps even entire states) where building codes do not apply, sometimes even to the main structure. Often you only need to comply over a certain size, for human habitation, or to connect to utilities.
The best argument “for” building codes is the same as “for” secure platforms; that people should be able to expect a certain level of competence when buying a structure or phone.
But if you want to do it yourself, there should be a path.
Regulations are at least as old as Code of Hammurabi, naturally they have become less drastic throughout the centuries.
The codes exist but I think what they are saying is that in some places codes are not enforced or even checked. I live in somewhat of a "middle ground" where codes do exist and electrical is checked on a brand new build. They will also nag about septic inspections but will never actually get off their butts and do the inspection. Many such places do exist but they are usually places I would never want to reside. I know of places that I can literally build anything and never once be nagged by inspectors or state/county governments. They are happy enough and lazy enough to receive the property tax revenue.
The TPM and secure boot conversation for gaming has shifted my perspective a lot. This technology is having a positive impact on player experience. It has become quite clear to me that there are wheels that will squeak regardless of the amount of lubricant used. I've begun to consider the position of being able to run anything my way at any time on any machine as being a bit extremist. Especially, in a game theoretic setting with other participants expecting some degree of fair play.
I am allowed to own multiple computers. Many do. I've got a Linux hand held, a windows desktop, an iPhone and a MacBook. All with varying degrees of freedom and function. I don't feel like I'm constrained right now.
HDCP is an example of the other thing in my mind. It adds zero value to anyone's experience. Any potential value add is hypothetical. You can't survey a person after they watch an unprotected film and receive a meaningful signal. It's pure downside for the customer. There's no such thing as competitive Netflix lobbies.
If I want to run arbitrary code, I'll do it on my windows box or fire up a Linux VM in the cloud somewhere. I don't need weird problems on my phone. If you are trying to touch all platforms at once, try using the goddamn web. I've been able to avoid Apple enterprise distribution hell with a little bit of SPA magic and InTune configuration for business customers. For B2C I just don't see it anymore. You need to follow the rules if you want to be in the curated environments.
That same box that lets me play Battlefield 6 is also the only box powerful enough to run the game that doesn't have enough accessibility options that requires me to use CheatEngine to fix.