What is to prevent school WiFi from one day requiring a Pluton assertion that your Windows PC hasn’t been tampered with before you can join the network?
Remote attestation is the true enemy of your freedom. The power of the authoritarian corporatocracy to force you to use only the (entire) systems they control. It's worth reading https://www.gnu.org/philosophy/right-to-read.en.html again just to see how prescient Stallman was.
It's so true, but I'm trying to imagine a normie's reaction to reading this, and all I'm coming up with is, "This guy is a paranoid schizo, back to TikTok for me...", and so unfortunately, I don't see us steering away from this fate anytime soon.
These people won't respect you until you start taking their money. Become one of their techno-corporate overloads. Demonstrate how you're controlling/profiting off them, why it's bad. Maybe then they'll start listening. Or not. At least you'll have made a nice profit.
You can take their money and still they won't care.
Think about how many devices in a typical users home are incompatible for business reasons - for example that Chromecast that refuses to play Amazon prime movies. Or the iPhone charger cable that won't fit into an android. Users just live with it.
"My weird laptop doesn't support the school WiFi" is the same.
We should thank widespread technical illiteracy for this: "Devices are from different vendors? Of course they can't share the same services or charger!" Marketers just love this, for enabling them to sell multiple times the same thing. What if basic technology familiarity (which has absolutely nothing to do with knowing how to use the latest gadget) and resistance to manipulative advertising was taught in school? That would be quite a change, but I guess it's going to remain a dream.
There is no objective proof that Charger A is better than B. Not typically. There are preferences, and those will lead way to eventually a market that picks a winner - maybe, typically, IDK, free market works when it's actually free. Which it isn't a lot times people rant about it.
The absolute worst thing we could do is go to Apple or anyone else and say "You need to use this x or y, because someone else does". That isn't going to breed innovation, ever.
Do I wish Apple used USB-C on phones? Definitely. Does it actually change anything for me day to day except I need a specfic cable if my phone runs dead? Not really because my chances aren't a ton better running into a USB-C on demand. I want Apple to. I would buy an Apple phone with it if given the option. I would never sign-on to force Apple to do it.
> There are preferences, and those will lead way to eventually a market that picks a winner - maybe, typically, IDK, free market works when it's actually free.
Exactly! We saw precisely this thing with cell phone chargers. Not enough people recognize this.
A healthy dose of market realism is in order - if the market doesn't deliver what people want, it's not the market, it's the people who are wrong.
An economic niche supports one or two overlords, not a bunch of them. You and I aren't overlords. We need a different strategy.
People have become aware and angry that tech monopolies are exploitative. The winning strategy will involve focusing this fuzzy, ambient anger at a concrete target.
Once Pluton outs itself as an exercise in naked monopolistic power covered by a fig leaf of security -- and it will, as all hustles must eventually involve monetization -- the bad optics will be our opportunity to act. Any strategy on our side that involves putting down TikTok is doomed to failure, but if we put the bad optics in front of people, make the connection, and get them to briefly agree "yeeah, f** the monopolies! F** Pluton!" then a political solution becomes possible. Not easy, but possible.
It's a pity that this dialog has to be so reactive and simplistic, but communication at scale cannot function any other way.
I don’t have a problem with central organization of effort; mathematician by education; there a real efficiencies in material
use and lack of redundancy.
The real problem is continued deference to old ownership memes; that a minority must be empowered due to past contract none of us were even alive to see signed. How do we know in real terms the truth given a past we can never experience?
Historical trends are one thing; that Bezos specifically is that special is another. This is the first period in history where the elders could hold power this long. It’s tacit ageism and everyone is too scared to say that to old people who would collapse in shock at the slightest whiff of real pushback, they’re so used to being coddled; they’re hardly a real threat.
Start telling your elders their past success does not give them ownership of the future.
I think it’s also worth asking why he didn’t have more impact despite pretty clearly seeing this problem. Part of the answer has to be resource disparities but I don’t think it’s just that - Linux didn’t really capitalize at all on Microsoft’s lost decade, and much of the innovation in security has happened on other platforms. I think there’s also some kind of blind spot in the open source community where a lot of people see this as something other people need, not them personally.
The reason the OSS community has had no impact is that it's never managed to produce software that regular non-tech-geeks want to use. The reason it's never managed to do that is lack of an economic model to finance the incredible amount of work required to make software usable by normal people.
I've been saying this ad nauseum forever and I'm not the only one.
A related problem is that the OSS world is mostly tech enthusiasts. It's like having car people design cars. They'd be full of special switches and options and stuff that car people want. Car people don't understand that most people hate cars. What they like is mobility. Same goes for computers. Most people hate computers. They just like what computers let them do: communication, making content, getting their work done, etc.
> the OSS community [...] never managed to produce software that regular non-tech-geeks want to use
That's true, barely, only if you equate "software" with "things that draw stuff presented on a display to a user". Regular non-tech-geeks are using open source software (in the real sense, meaning instructions given to a computer to make it do something) pervasively, everywhere, every day, on all their devices (yes, even the Apple ones, but especially all the devices they use that aren't in their pockets).
Open source certainly isn't a failure, it literally won the war.
You are totally right that open source is powering countless things people use regularly but I expect most people don't even know what open source software is, much less care about it.
Then why is everything on the consumer side becoming more closed?
The reality is that proprietary just moved to the cloud in the form of SaaS-as-DRM and we-own-your-data. Open source runs everything, but few things are open. The availability of the source for components of the stuff they use is irrelevant to 99% of users.
You're correct, of course. I think the point that was being made was more about people actively choosing to use open source.
If you were to approach a non-tech person and ask them how many open source apps they use on a daily basis, they would probably say "none", even if it's not the case.
I'll point out that you're still doing the thing where you equate "software" with "apps".
But even so, that doesn't seem informative. Ask any user how many "Qualcomm apps" they use, or "Meta apps", or "Intel apps". No one knows where this stuff comes from. They buy a phone with a label on the box and then download stuff from an app store.
That's not a statement about how the software is produced, it's just how the market presents products to consumers. People don't know where the gas that goes into their cars comes from either, but that's not an argument that petroleum distillation technology is a failure.
You literally exercised huge amounts (seriously: millions of lines!) of open source code just now, in the process of posting that very comment and transmitting it to me to read.
yeah, over the last few years I've seen more and more companies launching open source software, and hosting it as a service. it seems to be working well. on the software side they don't sell a product, but a service.
Most "car people" would agree that changing the oil in your car is super easy. To me, it is not easy. It's not something I'm willing to do, even though I know the steps of how to do it. I just don't know what I don't know. When I have my oil changed, the mechanic tells me what I should be concerned about. He tells me what upcoming work I need to have done, how much it will cost, and what could happen if I don't do it. He has experience, expertise, and specialized tools. He had knowledge gathered over years to be highly proficient in his profession.
I could do those things. I could read, and listen, and learn. I could be under my car every day learning new things about how to install this, or replace that. But I don't really have the drive or inclination to do so. I'd rather leave it to the pro. I also have the added novice-worry of screwing something up, and hurting myself or others as a result. I don't want that kind of pressure. I don't want my car breaking down while doing some long journey - I just want it to run when I need it to run, without any scary warning lights coming up on my dashboard.
To bring the analogy back to computers, I still know people - people in their 20's or 30's - who do not know how to copy and paste with keyboard shortcuts. I will sit there and see them highlight, right-click, click copy, move their cursor, left-click, right-click, choose paste. I'll tell them how much time they could save if they "just did ..." and get a basic "Yeah...I just don't really care though, ya know? This works." The thing is, there is no investment on their part to want or need to do that more efficiently. They get by well enough with not bothering.
They could get super into computers, and learn something as "technical" as `git clone https: //github.com/some/repo` and follow the process to configure and run a script. They could learn to do those things. But they don't really have that time to invest in it, or don't have that passion for it, or have a professional investment in needing to do it.
They want it to work. They want to not get hacked. They want to not have to think about computers at all. Computers are the interface to do "the thing" more easily. And if the computer breaks? They want it fixed so it won't happen again. The computer "does the internet thing". And I can respect that because they focus their energy into knowledge into other topics that I don't have a clue about, the same way I don't have a clue about cars, even if I know oil changes are "easy".
> I still know people - people in their 20's or 30's - who do not know how to copy and paste with keyboard shortcuts
The great majority of people don't know or understand the difference between single click and double click. This baffled me the first time I found out. Age or education don't matter.
If you dig a little deeper you discover that most people think double-click is a kind of equivalent of "clicking louder". As if sometimes, for some reason, the computer becomes hard-of-hearing. It's both a little sad and quite funny.
This atrocious attitude is absolutely why software is such a hellscape of shitty UI and lack of features.
Normies should be eating our table scraps, not dictating how the software is written.
Normies learned how to drive a car. They can learn how to properly compute. And if they don't like the tech, they don't have to use the tech.
OSS is the last bastion of computing for people who know/like computing, because the armies of "designers" aren't selfless enough to donate their time like programmers are. And frankly it is better off that way, the prevailing trends in design seem to be all about limiting options.
Hard, powerful software over push-button appliances any day.
And, to use the car analogy, BMW gets away with this approach just fine.
"No one in this world, so far as I know ... has ever lost money by underestimating the intelligence of the great masses of the plain people." - H. L. Mencken
I know plenty of people, myself included, who lost money overestimating peoples intelligence.
All these folks trying to "pay their bills" have laid waste to a verdant field of possibility.
Everything nice that they offer eventually gets changed or taken away.
Yes, I'm bitter. We could have a much better world, one that actually empowers anyone willing to step up to the plate, but instead we grab all the low-hanging fruit so we can make them smile and step on workers' rights to deliver them burritos, instead.
If smart people were smarter they’d open their wallets and support the things they like. Instead the reaction is often, why would I pay so much for something that I could build myself.
So the real market is for the very smart people and that’s an even smaller minority.
I built super advanced tech but was intentionally screwed over by my large corporate customers, just because they could, so I quit the industry and that super advanced tech doesn’t exist anymore. Unfortunately a lot of really cool things will live and die with me. I’ve fought the good fight and failed.
We can lament that people are not smarter but there isn’t anything we can do about it.
I'm not convinced this is about smartness, so much as an ability and willingness for people to learn.
Learning is hard, it makes people uncomfortable, sadly. Which means that the easy road is to stoop to their level, which is what we're seeing.
It sucks that you got screwed by large corporations, and I don't know the story, but that sounds more like standard business fuckery than "software for smart people"?
I used to think exactly that. That those who were incapable of learning were simply just lazy. I eventually saw enough evidence to be convinced that raw intelligence is basically almost entirely genetic.
Certainly the businesses were not as smart as they thought they were, which is a common problem. But they indeed have very hard valuable problems and basically everyone involved was much smarter than the average person. Just not smart enough to know their own limitations and accept outside help.
Driving a car is far, far easier than administrating a Linux system (beyond a stock distro install that is working properly). The latter requires a ton of deep complex knowledge. It's more like rebuilding an engine than driving.
I'd argue that most FOSS devs just have amnesia about certain things, like dual-licensing that lets you sell licenses to companies but keep things open for humans. For example an Office competitor could sell licenses to companies in this way, but allow individuals to use the software on their personal machines.
Say you have a game, you can make the source available and still charge money for the game, and it doesn't get any easier to pirate than before. You even get tons of people modding your game and contributing to its appeal.
There are also techniques like 'selling support' for your software.
Consider that the one whose comment is currently at the top is pro-cancel-Stallman, and he also works on "free" software related to secure boot --- not as in breaking, but instead aiding its adoption.
The FSF was strongly against secure boot, then inexplicably started seeming to be in favour of it.
Why don’t you spell out the conspiracy theory directly? It’s not relevant to this thread even if true but leaving the details vague makes it seem like you don’t think it would stand up.
You only think it's a "conspiracy theory" because that's what they have told you to believe. The organisations of OSS have been infected with those whose ultimate goal is to EEE, and they will do it by whatever means they have available to them.
No, I think it’s a conspiracy theory because it’s poorly argued and full of insinuation, following the classic pattern of expecting the reader to fill in the gaps. This is how it magically becomes a negative when someone works to make free software compatible with modern hardware in a way most users want.
That's character assassination and it has nothing to do with Stallman's prescient warnings, which have proven more or less true. Also, Stallman != Linux.
Also also, his "rape" remarks have been mischaracterized but also came pretty late in the game, and had nothing to with with Linux's alleged lack of impact. Linux existed and was successfully deployed decades before any of these remarks.
I really expect better from comments on HN. This is tabloid level.
The statement was why Stallman specifically has not had much of an impact, not Linux writ large. and, you're right. The rape comments came late. But let me remind you that it's emblematic of a larger... issue with Stallman's ability to communicate effectively. If you don't think the way Stallman behaves is at least partly to blame for people's ability to take him seriously, I don't know what to tell you.
Not a fan at all of Gruber. But more importantly, Stallman's lack of hygiene is not terribly relevant to his points. We're not talking about being friends with Stallman, after all.
I also think when RMS made his more salient and prescient points, most people weren't familiar with him personally, just with his remarks. The world was less connected back then. So his personality flaws really didn't make a huge impact (nor should they have).
I think it's a pretty good explanation of why he didn't gain more traction than he had -- he's always been a zealot with a proclivity of misguided rants that he proclaims loud and far.
I don’t think it’s simple character assassination: the question isn’t just “did he have some good points?” but, critically, “why did those points not reach more people?” and that underscores the degree to which a leader for a movement needs social skills at least as much as technical. Having trouble connecting with people outside of a certain MIT CS bubble, making sexist jokes or - especially - being on the whisper list women use to protect themselves for 3+ decades, choosing not to participate online or in person in ways which are effective for getting favorable media coverage or direct reach, are (with the exception of the creeper allegations) personal choices anyone is free to make but not great for building a movement.
Even if all of the harassment claims are the social awkwardness his defenders claim, turning off that many people is a terrible way to build a movement. Maybe we say many open source developers are willing to overlook that, and there aren’t many developers deterred (citation needed, but let’s ignore that for now), but that’s still a problem if it means that reporters and people who are not developers say “this guy’s a weirdo” and that leads to skepticism or simply not investing energy promoting those ideas.
He is a character with certain arrogance and some of his jokes might not be too funny, but these are basically smears and his detractors don't seem convincing at all to be honest.
Windows security models and policies are the enemy, not remote attestation (RA).
RA is a technology that has its fair use, and can be desired for other systems, like in Linux. With a pure RA system your services can decide to trust or not those devices on your network that can be compromised, and report to other devices that there is something suspicious.
As anything, this can be used properly to increase the security of your edge architecture, or wrongly to limit the users actions.
Let me put another example. With RA I should be able to authorize validated systems in my R&D VPN. If you are using your own laptop with the company certificate, and the verifier tag the systems as "unknown" or "unhealthy", it will not allow the access to the internal network, but sure you can still use your laptop for anything else. This, IMHO, is a fair use of this technology.
Yes, lots of Linux devices apply it like that today: You can't use your banking app or consume DRM crippled media on your Android phone if you have root or run a open source Android distribution.
Yep! Basically, it's safer if you don't own your PC. Think about users with a million toolbars and Bonzi Buddy installed.
Of course, the system for it is rudimentary, and puts a disproportionate amount of control in the hands of providers. And that works very well for them too.
> Yep! Basically, it's safer if you don't own your PC. Think about users with a million toolbars and Bonzi Buddy installed.
And it is a pretty terrible solution to the problem.
- It is also keeping the good guys outside too: Anyone that want to analyse and understand the security of the system for good reasons cannot. Excepted if explicitly allowed by the corporation X and that is a terrible security property.
- No root access also means very little control or ability to scan the system itself if your are not the X corporation controlling it. That means no possibility to mandate reviewer corporation Y to check that corporation X is doing the right thing.
TPMs currently make that even worst by design, they are undocumented and complex, therefore rely on blind trust that company X do the rthe ight thing. And since the Intel management engine fiasco, we do know they are not doing the right thing.
- Bonzi Buddy and toolbar type of problem can be easily avoided by separating properly the normal user account from any admin account(the unix way). It should be painful to be admin but not impossible, just to make sure your grandma do not install a rootkit by mistake when she want her 20% coupon.
In summary: That is mainly bullshit from company X to keep full control on the entire user device, and not for their own good.
I agree. In a proposal like this, security is basically a byproduct, and sometimes not even that[0]. This is also a ___domain where the governmental and corporate powers have a similar goal, which is wresting away the control from the public / individual. They basically work in synergy, only to a point of course, but still.
Regarding Bonzi Buddy, I disagree. I think user data is as important, if not more important, than root access - which is why I'm dumbfounded when ancient server security features, like Linux's sudo system, are applied to the consumer device like a PC or a smartphone. These contexts are much better server by a sandboxing, permission-based whatever that seems to pick up steam, like the current permission systems on smartphones. Grandma's logins and bank data will be stolen from her own user account just the same as an admin account. Related XKCD[1]
> like the current permission systems on smartphones
Ugh, except that one goes overboard in the completely opposite direction, and often doesn't let me properly share data between apps even when I want to.
Think about users with a million toolbars and Bonzi Buddy installed.
I say let them be. As long as they also have the freedom to remove or not install such software, it's a good thing. Instead we have locked-down devices with the functional equivalent of such unwanted software, protected so that you cannot remove it without somehow getting root.
"Those who give up freedom for security deserve neither."
My parents grew up in a non English speaking developing country, and they cannot be reasonably expected to learn the nuances of malware laden links to figure out which English text link is good or bad.
Do they deserve to not be able to shop online without fear of having their payment information stolen? Or mistyping a URL in their non native language and ending up at a scam website that installs malware? Or simply having a device that comes to a crawl such that they cannot reliably video call their grandkids?
I can assure you that the upcoming generations aren't much better at any of this, on average.
And no, it's not smartphones' faults. Most people just don't "get" desktop OS paradigms, or how web pages work, or any of that, and they don't really care to.
In a sane society these features would allow secure voting.
In this one... that's not what they'll be used for.
This is the end game for the corporate internet. Not only can all your activity be logged, but if any of it is unwelcome - on any scale, from family to school to work to country to world - you can be locked out.
I feel like it's flawed. Voters and politicians abuse it left and right - pun intended. I don't think we ever came up with anything more humane though, and I don't wish to change it for anything other - to be honest, for the simple reason of not wanting the responsibility that goes along with it.
Choosing a party is not like choosing an OS for your PC, though. Choosing the OS would be like choosing the political system - and recognizing the incredible privilege I have by being born into a democracy, I very much wouldn't like other people to change it.
Going further into democracy, while you might put an X on a paper sometimes, still forbids a very high number of actions. I'd liken it to having the power of choosing between Apple's App Store and Google's Play Store for your phone. Which, getting back to the point, is safer for the users than installing any third party software. Like how in a well functioning democracy, I'm forbidden to do a great many things, but also I can feel safe in the thought that others have the same restrictions too.
So, putting it all together, someone should choose and restrict which OS can be installed on your PC, so that you can feel safe in the thought that everyone has the same restriction?
At least that's how I managed to understand your comment to the best of my abilities, so hopefully I'm missing something. Though if there is such a something, the point did not get across successfully.
I think if I pick two groups: all iPhone users, and all PC users, PC users en bloc are in greater general digital danger than iPhone users. By digital danger, I'm thinking of malware, ransomware, phishing and successful hacking. And I think this is because of how tightly Apple controls their devices. And so, I'd consider an iPhone a safe choice - for example a safe recommendation for someone who doesn't want to spend time managing their device.
This makes sense to entities providing a service, and also for many who doesn't mind not having control over their something, which is, I think, very similar to how we don't really have control over a great many of things. This is the point I wanted to get across to the original commenter, who protested "god forbid you have control of your own PC?".
> [...] which is, I think, very similar to how we don't really have control over a great many of things.
This is a very handwavey sentence and is doing far too much work in your reasoning. Yes, you don't have control "over a great many things", because the point is so vague so as to be meaningless. But it doesn't at all follow from that vague sentence that we should allow total corporate/government control over our personal digital devices.
In this case, the proposed cure is far worse than the disease.
I agree. It's basically appointing a dictator and hope that they'll stay benevolent.
With my reasoning I wanted to capture what people might think, while accepting something that they have no control of. I have a hard time with this, because I got a PC in my formative years and I loved to tinker with it, and hated, and still do, everything that stood in the way of that. But the general population doesn't share this experience. And if I look at my own life, I only have this experience with computers (and smartphones), all the other things are, even if not centrally managed, out of my control. At the first wrong noise I have to call an expert who hopefully fixes it and is hopefully benevolent to me, because I have no clue what happens to the device I own. Or even my own body, now that I think about it. And so, the PC and the phone is just in a long list of things that people depend on, but not control.
The addendum being here, and what most people miss who feel the way I described above, is that our ever-connected devices make a "paper trail" unprecendented in history. And it can be centrally managed, activated, replayed, assembled, or even more tracking could be remotely controlled to an extent[0] - and to an even larger extent with a specialized application[1]. This is where the otherwise similar level of "not being controlled" can lead to a much worse situation than ever before. And I wish I could point this out empathetically to people without sounding like a lunatic.
Oh, modern democracies solved this nasty problem of voters possibly making the wrong choice by simply providing only the right choices to chose from: you get two slightly different brands of shit whose policies mostly coincide, enjoy your right to vote.
This is the root of the pro market / mainstream market split.
For the pro market people want control. Pros also generally know a bit more about how to use that control and tend to be less likely to end up getting pwned immediately.
For regular users people just want shit that works. Not having control is a feature, because if you have control then the malware you are tricked into installing from "ɡeτflrêfox.com" also has control.
You can see it in the Apple ecosystem with iOS vs. macOS. Macs and iPads are now almost the same hardware. (The M chips are just A chips on 'roids.) But Macs can run other OSes and you can "sudo root." That's because Macs are for pros.
For me that’s a problem for the average user? That’s everyone else’s problem that idiots don’t care to control their technology and need big tech to do so with an iron fist
Calling the problem is “idiots” is a cognitive trap which prevents you from meaningfully dealing with it. Everyone is at risk from zero-days, almost anyone can be phished (yes, this includes you), many people have no way or time to investigate whether some well-known vendor is misrepresenting their product, and even security experts have to trust other people on a daily basis because they don’t have time to reverse-engineer every software update. Most people who get snide about this are a single malicious package in their favorite programming language away from a big mess!
The best progress we’ve seen in decades came from most people using locked-down phone operating systems, followed by stricter desktop OSes. If you don’t like that trajectory, you should be focused on how to get the benefits with other trade offs. One of the first steps is respecting people enough to understand their needs rather than calling them idiots.
Well that's the problem.... the next step would be requiring users to use MS Edge, because a malicious version of firefox could capture/modify banking/transaction data. Want to pay bills? Give money to microsoft first.
Are you saying the bank doesn’t have the right to define what kinds of software are permitted to access its systems?
We’re not just talking about the freedom to run software on your own device here, we’re talking about interacting with outside systems. There is an important distinction in context.
If this was the reason they'd be blocking access from phones that are not up to date on security updates and are being actively exploited by malware to get root.
But it's the other way around, if you improve your old device by installing a up to date Android on your vendor-abandoned previously vulnerable device, you go from working banking to banned from banking.
Those are independent. Having root access does not mean that other parties do, but more importantly, NOT having root does not mean AT ALL that other parties don't.
Uhm, these things don't really take away your control, rather, they shift it from you to you.
The software you boot sets up some state and then toggles a bit, and after that something can't be changed. The state is secure against much modification after that time, but not before that time.
The "you" that boots the device are in control, and the "you" that uses the device after that have exactly what "you" set up at boot time, neither more nor less. If both "you" are the same person, then there's no loss of control.
But of course they're often not really the same person. If you want to boot a Microsoft-signed image, the party that boots is more or less Microsoft, not you personally. But in that case, you also want to use that Microsoft-signed OS, right? So the shift towards boot-time control is then a shift from mostly-Microsoft use-time control to mostly-Microsoft boot-time control. Mostly Microsoft here, mostly Microsoft there, even if the two mostlies aren't quite the same percentage it's difficult to regard this as a significant loss of control.
How so? Redefines from what to what? Please elaborate.
Perhaps you mean that if you, as owner and legitimate user of a device, are able to perform a particular change only during a brief window of time rather than at any time of your choosing, then that limits your control over the device? If so, then my answer is yes, certainly it does. But it also limits the access of anyone who impersonates you (such as the evil exploity javascript I make your browser execute).
You're wrong because the bootloader is more often locked than not, and there are various other nefarious controls in place that prevent you from doing it without voiding your warranty, such as one-time fuses.
In theory, yes, you could implement it like you said, but that's not what happens in practice nor the direction we've been tending towards in recent times.
> The "you" that boots the device are in control, and the "you" that uses the device after that have exactly what "you" set up at boot time, neither more nor less. If both "you" are the same person, then there's no loss of control.
How is it orthogonal? Okay, we're not strictly speaking of only bootloader locking, but of boot-time-control locking.
That CPU is set up by the kernel at boot time, given the code to run, then some hardware bits are toggled such that the main CPU can't write later, it can only access the separate CPU via a defined API.
The kernel could do the same with an in-kernel process. It wouldn't have quite the same depth of defense against userspace sandbox escapes, but could be done. That's roughly how /dev/random was implemented for many years.
Look at the APIs provided — it's nothing new. It's nothing OSes haven't provided before, it's just further removed from a Chrome/FF/Safari sandbox escape, because overcoming the write-once hardware toggles is harder than getting kernel read/write primitives for a sandbox privilege escalation.
Same with TPM and why it had so many critics. Some people still seem adamant to say that boot viruses are the greatest threat in the 21st century, but the economic interest are far more dangerous for general computing in my opinion. And it isn't even close.
Kernel rootkits are going to be redundant pretty soon.
There are cheats out there that use video captured by capture cards as input for an AI on a separate computer to actually play the game like a human would. Once that becomes widespread there is no way to stop it, save from banning capture cards entirely.
The remote proctoring stuff is downright dystopian. I bought an extra laptop to do tests; most people can’t do that and have to install this garbage on their daily driver.
It really doesn’t. I took an exam in a meeting room at work with huge TVs on the wall… they made me show them the TVs were “unplugged”, so I just unplugged some random thing from the wall and they were happy.
The TVs are hardwired, it’d be trivial to have an accomplice show answers or whatever on them.
I get the issue with Pluton but TPM is only a dedicated and certified secure key and random number generator that does a better job than CPUs doing it in software, and it's also a secure enclave for storing your encryption keys. Would you rather store the keys in memory where they can be easily grabbed by malicious apps like Mimikatz? Macs had the same feature for years in the T2 chip.
It's the exact system that enables wireless payment and other strong security features on your phone.
So having TPM on PCs and using it for its interested purpose is a boon for everyone's security so I don't see the issue, just FUD.
Among that, the TPM enables verification of a particular state of your system, i.e., a particular set of binaries and OS configuration.
Simplifying the description of the process a bit - at every bootup it checks the checksum of all programs loaded at every boot stage (UEFI, kernel, userspace) with respect to one that is known to be approved - process called "attestation".
So in worst case, if your attestation server is very strict, any new binary installed on your machine will prevent it from booting or satisfying the attestation.
This is the main concern that TPM enables.
> the TPM enables verification of a particular state of your system, i.e., a particular set of binaries and OS configuration
That is a bit misleading. The TPM is a passive device, it cannot verify any state. It is the OS who measure the system (in Linux via the IMA system). And is the Linux kernel the one that, if you have a TPM, can produce a process where a 3rd party can be sure that the measurements are "true" and "legit" (via PCR#10 extension).
As you state later, it is this 3rd party the one that assert (verify) if you are state considered OK or not.
Maybe I am too simplistic, but I do not see the evil in the TPM here, but only in the 3rd party policy.
TPM can be abused but, as a developer, I am happy that we can use the TPM for good and fair goals in open source projects.
It is the user who can decide to use the TPM or not, and should be noted that in the TCG specification it is stated that the TPM can be disabled and cleared by the user at any moment.
>
Maybe I am too simplistic, but I do not see the evil in the TPM here, but only in the 3rd party policy.
The evil is that the "Trusted" in "Trusted Computing" and "Trusted Platform Module (TPM)" means that one deeply distrusts the user (who might tamper with the system), but instead the trust lies in the computing (trusted computing) or TPM. In other words: Trusted Computing and TPM means a disempowerment of the user.
I'm not sure if I understand your argument. As long as you can put your own things on your TPM and use it for your own good it's not too bad right? And in corporate environments it's reasonable to not own your own device right?
Sure Infineon can probably get my data, but that's far beyond the scope of my threat model.
As long as the system is open to putting your own keys on there I'm fine with it.
> I'm not sure if I understand your argument. As long as you can put your own things on your TPM and use it for your own good it's not too bad right?
As long as software that uses the TPM cannot detect whether you tampered with the TPM or not, it is principally all right.
But as I wrote down: this is exactly the opposite of what trusted computing was invented for: make the machine trustable (for the companies that have control over the TPM/trusted computing), because the user is distrusted.
Indeed, so the user should not buy a computer where they're not in control of the TPM, if you can't disable it/add your own keys, then don't buy that computer
> That rapidly converges on "you can't buy a computer and use it", because economic interests favor trusted computing devices.
I would rather argue that it converges to "you become more and more morally obliged to learn about hacking (and perhaps become a less and less law-abiding citizen) if you buy a computer and use it".
TPM is part of the system that means I can't my phone for wireless payment or use all sorts of other apps if I also want to do something outlandish like record phone calls, change the theme or delete Facebook... and everything it achieves can be done by other means anyway, making the device's owner a 2nd class citizen is a lazy solution.
TPM has features like remote attestation and is in general a mechanism to bind data to hardware, which is interesting for DRM purposes.
Sure, there are theoretical attacks on memory, but they are far less relevant for security than the penalties I have to accept with TPM being widely established.
Not that there aren't different means, but TPM also creates unique hashes of your system which only reinforces the problems around fingerprinting.
> It's the exact system that enables wireless payment and other strong security features on your phone.
Phones suck as computing devices on every conceivable metric and are heavily locked down devices. And it is not true that you need a TPM chip to create secure transfers. I constantly do business transaction on my PC just fine.
It doesn't. Your system creates hashes and appends to lists signed by TPM. And the point of those hashes is to be not unique, but verifiability matching known values.
No, I meant TPM. Media could be bound to have the TPM report certain hashes of the configuration registers that are either already set or TPM sets on system boot. Same mechanism that allows you to only open a document on specific hardware basically or allows an application to check if the system was perhaps compromised.
I don't think it's going to be useful this way for DRM. TPM is useful for verifying your boot chain is secure and validating this to an external party. But locally you can lie to apps all you want. You can emulate the TPM device (https://qemu-project.gitlab.io/qemu/specs/tpm.html) - it can tell you whatever you want. Locally it's as useful as hiding the DRM in a driver. Rising the bar a bit, but you can still work around it.
As someone who was here from day two, this is not how old HN was. It was many things to many people, and it’s very difficult to break out of the illusion that rose-tintedness tends to give us. (Guilty of it myself.)
HN has been consistently contrarian. That’s about all that you can say without quickly becoming mistaken.
>HN has been consistently contrarian. That’s about all that you can say without quickly becoming mistaken.
until recently. Just like reddit, it has become less niche and more mainstream. For eg: HN majority opinion on covid's origin. It matched the official US govt lines as it switched back and forth between market and lab.
Presumably, HN will turn into reddit, but nobody will believe it's happening because people have been predicting it's turning into reddit for over a decade.
I've been around for a while too, and I've learned a lot from this forum. I can't tell if now I'm learning less here because I've leveled up or if there's just less tech talk.
As far as hn being contrarian, the only thing I see hn being consistently contrarian on is crypto. Any other examples?
What fascinates me is that for many here software and tech is their livelihood. You should be able to take care of access and ensure future generations still have the same opportunities.
Sure, you can sell yourself and make good money with software on some proprietary app store with proprietary tools. You are a freelance employee of the company providing that infrastructure at that point.
It is short-sighted, lazy and stupid in my opinion. There is merit for such security mechanism, especially for cloud applications, but it should be crystal clear that there are secondary motivations here. And that the security argument often falls short if you take a good look at current threats.
> Damn, now I'm nostalgic for the older days of hacker news where RMS was quoted every other post. The community is forgetting it's roots.
Keep in mind that now many of the people who post on HN earn a lot of money by working a company for which it is part of the business model to track users and collect data about them (officially for advertisement purposes).
Top-voted comments are linking directly to Right to Read and The Coming War on General-Purpose Computing, so I don't think the community has forgotten its roots.
You really wanna be scared? Go look at the multiple comments on the EU DMA announcement complaining that having a sideloading option is just a ploy for malware vendors to get into their iPhones. Or that someone else being able to sideload or jailbreak somehow hurts their security. These are coming from actual HN users!
Well, my comment that linked to RtR was highly voted... But now it's near the bottom and what's at the top is, for lack of better phrasing, a corporate mouthpiece.
Was it voted so high it triggered some bot detection? That would only explain the former, not the latter. Either way, there's something funny going on.
There was a time when someone ran a bot on /g/ where every post that mentioned just 'Linux' would get the full 'Excuse me...' copypasta interjected. Good times.
> Remote attestation is the true enemy of your freedom.
Technology is a tool. What is true however is that under the current way how the economy is structured remote attestation weakens freedoms of individuals mostly.
If Facebook was under remote attestation that private information was only used in limited and specific ways and even the NSA can not get to them without breaking the remote attestation, that would be a good thing. If firmware was under remote attestation we would have to worry a lot less about backdoors and the Diesel scandal would have never happened.
It is a tool, just like nuclear weapons are a weapon.
I'm definitely not on the "ban all crypto" side, but I see why the governments are in support of that, and for the longest time, strong crypto was (and still is?) classified as a munition; it's very powerful.
Well, I think governments are mostly concerned with people having secrets. Who would need secrets who isn't a terrorist? That it was classified as munition is probably more due to old war hawks and how they saw encryption employed.
This is almost the entire thesis of Zero Trust Networking principles. Somehow, the user AND the device need to attest to validity during the authorization process.
"Validity" for a device can mean many things (latest patches, is running anti-virus software, among other things).
A general user probably doesn't need to attest to these things. I would argue that anyone trying to access a corporate or some other organization's network SHOULD be required to attest to these things given the cyber threat landscape. The caveat: those same entities should provide or heavily subsidize the platforms they require (work computers). It's their IP at risk. I'm not so naive to think they would actually do this with BYOD initiatives, unfortunately.
For personal users on personal devices, I agree this might go too far (but some principles like MFA are best practices).
This was the case at my university. In order to use the dorm network, you had to download a software package that validated your setup. It would then add your computer (I assume MAC) to an allow-list.
In order to deal with it, I had to create a subnet with a router, use an old laptop to do the verification, and then the whole subnet was added to the allow-list.
...and before Stallman, Hayek. Hayek couldn't have seen the technological means, but he did see the "self-regulated monopolies" shaping up from anti-competition moves on the part of government (most of which are driven by lobbying).
Engineers could leverage their economic might via collective action; don’t open your wfh laptop today.
Updating the Upton Sinclair quote without the gender bias; it’s difficult getting a person to understand something when their investment portfolio valuation depends on them not understanding it.
Who are they if they’re not what they are now?
When you all stop posting on corporate forums and working their jobs, shopping their stores, I’ll take you all sincerely and seriously.
Remote attestation is the true enemy of your freedom. The power of the authoritarian corporatocracy to force you to use only the (entire) systems they control. It's worth reading https://www.gnu.org/philosophy/right-to-read.en.html again just to see how prescient Stallman was.