Hacker News new | past | comments | ask | show | jobs | submit login

Again, this is something the sysadmin can configure. Reread my comment.



It doesn't really matter to me that it's possible to configure your way out of Microsoft's botnet. They've created a culture of around Windows that is insufficiently concerned with user consent, a consequence of which is that the actions of a dubiously trusted few have impacts that are too far and wide for comfort, impacts which cannot be mitigated by the users.

The power to intrude on our systems and run arbitrary code aggregates in the hands of people that we don't know unless we're clever enough to intervene. That's not something to be celebrated. It's creepy and we should be looking for a better way.

We should be looking for something involving explicit trust which, when revoked at a given timestamp, undoes the actions of the newly-distrusted party following that timestamp, even if that party is Microsoft or cloudstrike or your sysadmin.

Sure, maybe the "sysadmin" is good natured Chuck on the other side of the cube partition: somebody that you can hit with a nerf dart. But maybe they're a hacker on the other side of the planet and they've just locked your whole country out of their autonomous tractors. No way to be sure, so let's just not engage in that model for control in the first place. Lets make things that respect their users.


I'm specifically talking about security updates here. Vehicles have the same requirement with forced OTA updates. Remember, every compromised computer is just one more computer spreading malware and being used for DDOS.




Consider applying for YC's Summer 2025 batch! Applications are open till May 13

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: