I have a similar feeling, but with modern smartphones.
Owning my computer is still relatively possible. I can build a computer from parts which I can choose, and have a choice in which operating system to install on them. Laptops are slightly more closed, but even on those I can choose the OS myself.
Modern smartphones however, seem like walled gardens in which I have no control at all. I cannot choose any of the parts, and even doing simple reparation tasks like replacing a battery is a nightmare these days. I am locked into a single OS on my smartphone, which either spies on you or is locked down even more. Every iteration a bit more control is taken away from the user. And its increasingly hard to step away from them, since a lot of normal interactions such as banking almost requires you to have such a phone.
Both Android and iOS suck. I've made my own Android phone tolerable with F-Droid and trying to ungoogle it as much as possible. But unfortunately I find myself locked into using google play services since solutions like MicroG just don't cut it. They lock me out of slightly too much of my daily smartphone usage (note that this is definitely not the MicroG's developers fault, they have done amazing work).
Well it is early days but Librem and System76 (and several others like Pine64) are making huge headway in the open hardware space. I know there have been lots of failures in this area but I think we are getting to a threshold point where building on top of these companies acheivements is quite possible.
Linux on Mobile and open EC and Coreboot etc. are all making rapid progress at the moment. I would still say we are talking in terms of years before more general Linux Phone adoption would be possible, and still the fact your online bank etc. doesn't make an app for Linux would be prohibitive to many (although anbox might help), so I understand pessimism here, but I think the excitement around Linux mobile and open hardware is sufficient that it will at least be revolutionary that it is possible to run open hardware and Linux phones etc. same as SteamOS was a failure if you look only at numbers of Steam Machines, and a revolution in Linux gaming if you look at Proton, GamerOS and all the improvements that came with it.
Viable alternatives affect the behavior of others, even if they "fail".
And if you're already a desktop Linux user like me, open hardware is already a reality. Only thing that's stopped me trading Dell XPS 13 for Purism 14 is that I will miss the QHD+ screen, as it is standard HD res. Still really tempted though.
> desktop Linux user like me, open hardware is already a reality
Power or RISC-V ISA hardware are in low stock, have very few, specialised vendors and are not affordable. I have great sympathy for people who refuse to pay the outrageous difference to off-the-shelf hardware that can be bought anywhere just to gain a level of privacy that they should have in the first place.
AMD and Intel have rootkits in their hardware which are designed to be exceedingly difficult to remove. If the customer is a spy agency, they will ship with the rootkit disabled. If the customer is just a normal person like the one writing the article, one will not be able to have one for money or good words.
I seriously doubt either Intel or AMD ship different silicon to the NSA or whoever else. At least from what I've read, the only difference (at least on Intel) is the "NSA bit", that can actually be turned on on any chip these days. System76 actually ships machines with it enabled by default.
If you're going through all that effort, then why bothering with hardening Chrome? Why wouldn't you start with Firefox, which doesn't require unGoogling to be considered secure?
OpenBSD's Chrome had pledge() first, but you're right, I should consider Firefox.
However, there was a recent Firefox bug in OpenBSD, and the patches weren't applied uniformly. It does seem that Chrome is more consistent, and gets more attention.
The issue with open hardware is that DRM vendors don't support it. A fully open phone doesn't have hardware DRM keys so you won't get FullHD in Netflix. And now you've lost 90% of the market.
Yeah, even when you boot up into Netlfix in Epiphany browser or something and discover you can't. It's not a great OOTB experience for new Linux users, never mind being locked out entirely. But that said, I don't really know how to fix the DRM problem without first making progress on open hardware. Viability and market share in spite of the adversity is the only chance I can see.
It still might fail. We try because we feel it is too important to simply do nothing, not because we expect mass success.
Maybe this is something that is a bit facile of me to say, but I like to try to compartmentalise, such that I have a little tablet for media stuff which I use to cast to TV via Chromecast. The other stuff not having Netflix access (both phone and laptop) doesn't bother me so much, and keeps a distinction between open and closed at home. The nice perk is that Chromecast is now doable from laptops under GNOME and will likely become available on phone OSes like PureOS etc too in time.
Not great for normies, but that's my tip anyway. Media consumption is a wedge issue and if you're prepared to spend money for privacy, there are a few ways it can be done.
I think the solution is to convince more people that we can live happy lives without access to big-budget entertainment. I've been mostly going without for about two years now, though I've wavered a few times.
IDK, many people spend their whole lives glued to the TV or movies. it feels like it has only gotten worse. it also feels like people don't have hobbies these days. I think to convince people of what you're saying, we need to get people back into having more hobbies. or at least reading or something
The only solution I know is very labor intensive process (and kind of not covid friendly atm), Call up said friend and meet them in person for coffee / hikes / whatever you two like. Refuse invites to do "screen time" things...
I think the trick is to start viewing the problem through the lens of anti-trust/pro-competition law. Something like mandating compulsory licensing of DRM technologies so that the DRM manufacturer and Hollywood studios don't get to be kingmakers in the browser or operating systems markets.
IANAL but seems to me like laws along the lines of "you can reverse engineer DRM without being arrested" and "the patent holder/whatever of the DRM cannot deny you a license to use this without a good reason" seem like the right direction to me. Then the linux distros or anyone else can go off and build/integrate the DRM to the extent that they wish.
Copyright violations would continue to be illegal. I am not proposing that they be legalized (though copyright law could use several reforms as well). I am proposing that for instance Google ought to be required to license Widevine to anyone who wants to build an implementation for it.
Because Widevine is so widespread and acts as a gatekeeper for content (for example Netflix), if Google doesn't bless your platform with Widevine support you're essentially dead as a consumer media platform.
Google should not have this kind of power because competition is good.
Seriously, I have slowly become subscribed to all of the streaming services; and I still use a system that automatically obtains rips of the content I actually want to consume. Having everything served to me in Plex instead of needing to remember/look up where something was streaming, load up that app, be at the mercy of my shitty connection, etc.
I fantasize of forced HDCP resulting in anti-trust action over what they forced upon thr market. The needless wasteful complexity of not being able to use a splitter and encrypting and decrypting both ends is clear consumer harm. Sadly that is unlikely to see a push.
For me Lenovo have been in between the pure and wonderful but too expensive for me of System 76 and the Pinebook Pro which I own but is too slow and low end to use for my daily get stuff done machine, which instead is an ideapad 3 with ubuntu 20.04.
I agree with this so much. It would be so convenient if I could just flash Arch Linux or something onto a modern smartphone and be able to use all the applications and settings and data I use on my desktop, but on my mobile phone. Android is markedly better than iOS when it comes to customization, but it's a far cry from a (real) Linux distribution. I've started getting OS-level push notification ads from Google News and other bullshit on my Samsung Note 9, and it makes me want to set the thing on fire.
It also makes me pretty pessimistic when it comes to privacy. I can uninstall Windows/MacOS on my laptop, coreboot it, use FOSS/privacy-centric software, etc. but it doesn't really mean much when my phone (which is basically attached to my body 24 hours a day, and is my main conduit of communication with others) is a privacy/security nightmare.
It's not quite a modern smartphone, but it's the best we have at the moment; have you looked into the PinePhone? I have mine running openSUSE Tumbleweed.
Some people will tell you that the Pinephone is daily-driver ready. They're right, but only in the sense that using a feature phone is daily-driver ready. It's only feasible if your lifestyle permits it, if you're willing to go without sometimes, if leading by example, and voting with not just your wallet, but whatever you value (be it time, money, or uncertainty) is a deal you're happy to make.
I love my Pinephone. It is undoubtedly my own, with no strings or trillion-dollar corporation helping steer. It's lots of fun to play with, but unless people already half-jokingly compare you to RMS due to your extremism, it's not ready.
Android circa 2009 would be a reasonable comparison: the potential is clear, the software is rapidly evolving, and there's a benevolent dictator at the helm. And that's enough for me to be happy with it :)
I'm really heartbroken that I can't use a Pinephone as a daily driver because of the simple fact that it doesn't have a 5ghz wifi antenna. Where I currently live there's just too much interference on 2.4ghz. It's literally the one feature I need. As soon as they come out with a model that has 5ghz wifi I'm happy to jump right on board, especially since they're coming out with a keyboard attachment.
The battery time, at 3–5 hours, and the inability of the phone to charge while turned on, they called "A stark reminder of the Librem 5's beta status".
You should be able to just put wifi USB dongle into the USB-C port. These things can be small. Though there are no USB type-c wifi dongles apparently (now that I'm searching the web for them), so you'd need an otg adapter too, and there goes the size benefit.
It's about the same quality as a budget Android 2-4 phone.
The basics are pretty much down. Kernel support is solid. It can make calls, send texts (MMS mileage may vary), and use data pretty reliably. Web browsing is actually pretty fast with Angelfish. You technically have access to the full repository of Linux ARM software, and some of it even resizes properly to the phone. The camera is usable but terrible. Anbox works for Android apps but is painfully slow and can't share data with the rest of the phone to my knowledge.
Battery life is terrible, I don't think that the phone has power states of any kind, so it's either with the screen on, on with the screen off, or off altogether. Updates frequently break my install, although updating through SSH has been working for me recently on Tumbleweed without breaking anything. Little things like Plasma not having a way to exit the keyboard, apps taking up full screen with no way to exit them, etc.
Performance is painfully slow, but has also improved (for KDE anyways) by leaps and bounds. It used to be completely unusable but now it's merely very slow.
I would say it's somewhere between for developers, and usable, at this point. You could use it with some sacrifices, and still have a functional wireless communication device. It absolutely is nowhere near replacing my OnePlus running Android, however.
How about going at it the other way around: There are laptops with SIM cards / card slots already, for wireless data connectivity. Does it take additional hardware to use that for telephony / SMS, or can the already-present hardware be used for that too, with only a software component to enable it?
Sure, not quite as handy — or Handy, for the German-speakers among us — as a physical phone... But, say you keep your laptop with you in a backpack (Rucksack ;-) ) or such, and a Bluetooth hands-free headset clipped to your ear...? I hear lots of youngsters listen to music continually nowadays, so they already have some kind of earbuds in all the time anyway. Or maybe even some kind of Bluetooth "satellite" handset, to make it easier to initiate outgoing calls / read and write text messages?
Money: Pine64 is a small operation with limited resources, factories have minimum order quantities among other commitments.
Most Pine64 products have pre-alpha software and are aimed at volunteers who can improve it. Lots of people are willing to buy a product for <$150 and "see how it goes". $400 filters out a lot of people who might otherwise chip-away at software bugs on weekends. Additionally, people are less tolerant of dead pixels on a $400 laptop, and Pine64 would rather not deal with returns.
The reason I've seen for the phone hardware is that they simply can't source hardware that is more performant but still open enough to sufficiently develop for.
I would suggest looking into Sharkbait[1].
Although full-disclaimer, I like to say that I am a part of the team and we are lazily trying to self-host Android.
Have you taken a look at Ubuntu touch? I came across it while researching for my next device. From what I recall, it gives you a full Ubuntu environment on your phone.
Didn't go that route though because of the unavailability of the supported models where I'm at
Canonical supported versions were based on snaps-predating app framework (click packages). There were a couple of phones released with it out of the factory (bq aquarius 4.5 and meizu mx4) and a bq tablet, but rest of the supported phones use android kernels for hw enablement.
Ubutouch has forked the software when Canonical pulled out and even runs an app store, but I think the best hw you can get is Oneplus 6t and then mx4.
I used mx4 as my daily driver for years prior to switching to Android for the first time 3 years ago. While not the fastest phone, mx4 was usable (things I hated most were sharp edges and how it would register touches in my pocket, and then get locked for 10 mins because of wrong passcode).
To be honest, I quite prefer the Ubuntu Touch over Android (and Nokia Meego/Maemo is up there too, but Palm Pre WebOS takes the cake as the best basic phone UX I've experienced).
I think Mobian has the biggest potential to be the pure GNU/Linux system in your pocket, so I am hoping it'd get Unity included too.
I've been wanting to cobble together a phone using a microcontroller hooked up to a 4g/5g module. Anyone have a module recommendation? I think everything currently available on sparkfun and adafruit won't work for me.
Many 4g/5g modules are basically stripped down/headless smartphones in themselves, running Linux + modem firmware, etc. You don't need the microcontroller, you just need to patch the firmware.
Yes. I was looking for an answer along the lines of a particular model from Telit/whoever. I'd rather use the external micro to control the module with AT commands.
I have yet to find a satsifactory way to disable them - it's pretty easy to disable notifications from userspace apps like Instagram or Snapchat or whatever, but disabling notifications or altogether uninstalling vendor apps is a huge pain in the ass.
Most advice I've gotten has been flash a custom Android kernel or a de-Googled distro. This would definitely solve my problems, but this removes the ability to install Play Store apps which are a necessity for me. Not to mention that it gives the possibility of bricking my phone, which is way outside my risk tolerance for just getting rid of some annoying ads.
In case you do want to install a custom Android distribution (ROM) to clean out the Samsung bloat more thoroughly, the risk of hard-bricking your phone is almost non-existent nowadays. The worst that can happen is usually a soft-brick which can be fixed by reinstalling the original OS. As for Play Store, most custom ROMs either include or support installing Google services and Play Store with full functionality.
Worth noting that Samsung doesn't allow the bootloader to be unlocked in most (if not all) of its flagship devices released in the US. Although, there's paid services that could unlock the bootloader.
It doesn't remove your ability to install apps from the Play Store. You can use the Aurora Store app to install those apps. For the apps that also require Google Play Services, microG usually suffices.
I'll play the (intentional) Devil's Advocate here to present an alternative viewpoint.
I like iOS, but not Android. Let me explain why.
I personally love Linux, Unix philosophy (I'm even sometimes an old beardy zealot about POSIX standards and the old way), and inherent customization possibilities.
On the other hand, I don't want to manage my phone like a desktop or laptop computer, or a server because of a plethora of reasons. First, user interface is not very suitable for that. Second, there's a lot more finicky things to manage. Last but not the least, that management task is continuous.
iOS takes all of these away. Complete backups are built-in (I know android has it, but I don't know how bulletproof is this). Defaults are sensible. Settings do not change spontaneously. OS behavior doesn't change drastically from device to device (Every android vendor tunes their OS and background process policy differently, creating a lot of WTH moments and more finicky management tasks). Updates are not slowed down by the vendor, the operator, the distributor and today's weather.
While iOS is a pretty strict walled garden, devices are set-up and forget. Even you forget that you have an iOS device, because you use it without thinking.
Radio security, isolation and its reasonable and unreasonable parts are discussed here extensively. As a HAM radio operator, I can only say that, radios can do wreak a lot of havoc even with informed tinkering, without any bad intentions. If you take a relatively cheap SDR and listen to your neighborhood spectrum (just see the traffic, not decode anything) your jaw will drop. It's a very crowded up there, and there's a lot of non-public traffic.
Another stuff about custom ROMs and Stock ROMs is SIM services. Yes, many of the SIM menus just sit here unused, but there are useful ones like mobile e-signatures. I carry my e-sig with my phone, in my SIM. So using it requires a verified and official software stack. As far as my experience goes, no custom ROMs run these services (intentionally or unintentionally).
I manage my family's Android phones, and I personally use an iPhone. As far as I can see, it's much easier to leave an iOS device on its terms and it'll fare better.
Feel free to discuss, counter or just burn this comment down. :)
> iOS takes all of these away. Complete backups are built-in (I know android has it, but I don't know how bulletproof is this)
Not to burn you down, but to burn Android down: no, Android does not allow you to take complete backups. Let alone "built-in". The only backups that are made are forced to Google cloud and only backs-up apps that where downloaded through Google Play and app settings for Google stuff. It is an extremely limiting almost non-backup if you're used to going around Google. When switching phones it's still a process of hours / days to get everything set-up the way you had it on a previous phone. Especially if it was rooted.
The only way I know to take a full backup image of an Android phone involves unlocking (not possible on all phones), rooting (not possible on all phones), installing Nandroid and pulling an image over USB. To restore to a "fresh" phone, you need to go through all of those steps again.
This would take hours to weeks depending on who does it and the puzzle your phone manufacturer sets up for you to unlock your phone.
This to me is one of the many absolutely mind-blowing facts about the trash Android OS (disclaimer: I'm still an Android user, because I can't accept a phone without a physical keyboard. Never used Apple products in my life).
Want to wipe your phone and restore an image after you travel into a "spy-state"? Nope. You simply can't with an Android phone.
You know a phone that was able to do this out of the box? My 2013 Blackberry Passport. No rooting or fiddling around required. Just install a desktop app, plug the phone into USB and press "full system backup".
It is ongoingly stunning to me given all Google's BS that Android has no backup option which will get my apps, their data and the state of my home screen back exactly the way I left it if my phone is destroyed.
I run a custom honescreen: it's just another Android app! And yet everytime I have to set that back up again manually.
Yes, I was going to say the same thing. My samsung galaxy s10+ has a cracked screen and I need to take it to repair but the thought of the work needed to backup everything stops me from doing so.
I have very little trust in Google so I don't want to backup to google cloud (I just researched and it seems they do provide end to end backup encryption without Google having the key anywhere since Android 9, is that really the case now?)
Your definition of complete backup exceeds even the definition the parent is using for IOS. There are some things like downloaded files that don't get backed up to the cloud. (Some of them probably do get backed up via iTunes backups, but even there, I'm quite certain that not quite everything gets backed up. Instead it contains nearly everything that an non-jailbroken user might care about.)
Things like the set of apps, settings (both app and system level), game progress, the set of open tabs, etc can be backed up, and IOS is even able to restore old app versions specified in the backup by downloading them from the store.
All that said, both IOS backup options are more comprehensive than the built-in android options.
> IOS is even able to restore old app versions specified in the backup by downloading them from the store.
iOS even restores your open applications and task manager state when you restore from the backup. Even more so, theoretically, it can restore every apps state at the point of backing up. It's a feature ported from macOS.
local backups (used to be iTunes, now it’s just done from the Finder) do indeed backup everything. And as another commenter pointed out, your application state is also backed up and restored.
#1. Local backups are still itunes based on windows.
#2. Stateing everything is still not quite true. The OS is not backed up, since old versions cannot be restored. and unless things have changed since a few versions back, local backups deliberatly omit some data if it can be downloaded on restore. For example, the actually apps just have their names and versions recorded so they can be redownloaded. Which is not really a problem, except in those rare cases where an app has been completely deleted from Apple's servers, which typically only happens for malware or for legal reasons. (I suspect that any apps not in the store at the time of the backup are included in the backup, so hitting this case should be incredibly rare.)
Backups are a total black pattern where you either pay Apple for ever or the respective APIs are horribly broken.
It would require zero effort on Apple's side to integrate backup to other servers using the OS or other Apps. That means without silently stopping them or even worse slowing them down to kb/s once in the background.
You can backup your iPhone anytime you want to your own computer. iCould makes it pretty easy to do settings and config backups that will be included in their free tier.
There is no way Apple is going to let 3rd party could providers do backups directly. I doubt exposing the iPhone as a USB device over the internet with a VM running iTunes would work efficiently.
Assuming you've already paid Apple for the device and you don't want to make use of the 5GB free iCloud storage for backups, you could backup iPhone to iTunes on your laptop (encrypted) and then ensure your laptop was backed up locally also. This way you avoid paying Apple for ever.
So yes you also need to install itunes to backup on your computer, because why directly mount it as a usb drive without an apple app?
That would also need zero effort from apple, but I was talking about an online backup with since forever established protocols.
"I can't back it up completely" and "I can't back it up completely the way I want to" are two different arguments. It's fine if the second is the argument you actually want to make, just be clear you're making it.
"When switching phones it's still a process of hours / days to get everything set-up the way you had it on a previous phone"
From my experience this is completely false. I just switched from Galaxy S8 to S20, and I transferred everything and had the new phone setup exactly like the old one, with all apps (that would allow it, LINE wouldn't) and even ringtones and text tones set how I had them in about 20 minutes.
1) You don't want to risk dumping a mounted filesystem because of inconsistencies
2) Good luck getting the right device - in the end it's devicemapper all the way down with a lot of layers (ecryptfs, sdcardfs, bind mounts, ...) stacked between your shell and the device.
3) Unrooted phones don't allow access to raw Unix devices
4) You can't restore these backups anywhere if your phone (like almost all, I think it's a Netflix requirement) uses hardware key storage - simply because the key is in the secure element of your phone. Rooting a Samsung phone kills the HSM and switches over to software key management though.
5) Assuming encryption keys don't get in your way, you can only restore the dump on exactly the same model and firmware of device you have, because every manufacturer does stuff slightly different.
Makes me wonder if you can just dump the Flash storage chips through JTAG or similar - assuming the JTAG ports are accessible without completely dismantling the phone.
And even if you do root your phone and dd the storage, you'll only be able to conveniently restore to an identical (or the same) phone. I generally prefer Android to iOS, but they're not even on the same planet in terms of backups.
"developer mode" is typically a custom recovery environment that requires an unlocked bootloader to be flashed. A nandroid backup is effectively a dd image.
It's a bit messier if your data also lives on an internalized sd card.
> Android does not allow you to take complete backups. Let alone "built-in".
Android has had full system backup capabilities through `adb backup` for years. It does not require removing carrier locks or rooting and has been available since Android 2.x iirc.
I've used this to transfer all of my apps, app settings, and system settings between all of my Android phones:
Nexus One -> Galaxy Nexus -> Note 3 -> Galaxy S6 -> Galaxy S8 -> Galaxy S9 -> Galaxy S10 -> Z Fold 2, all with one continuous chain of backup and restores via `adb backup` and `adb restore`.
These restores sometimes even worked flawlessly across different Android OS versions! Sometimes this has caused a lot of weird issues wrt system settings, so admittedly this process can be quite buggy.
> This is false. Android has had full system backup capabilities through `adb backup` for years.
Apparently this is false, because apps can "opt out" of ADB backup and many do (see other comments), furthermore it doesn't backup the entire phone, but only the system image (partly). Does it backup the root state of the phone? Nope. Does it backup the restore partition of the phone? Nope. Making it a "maybe full system backup but not full system image backup that is kind of buggy". In other words, like I wrote earlier: not a -full- system backup at all.
I was specifically talking about effortlessly backing up and restoring a full system image. Blackberry OS10 style: plug in phone, press "backup system image" and get a carbon copy of EVERYTHING that runs on the phone that can be restored to a new or existing phone with 1 click. Your post confirms that this is not possible in Android: using ADB is not "effortlessly" and it's not a full system image backup.
Even if I would backup and restore from and to the exact same rooted phone (that's all I'm asking), the restored backup would not be the same as whatever was on the phone when the ADB backup was pulled. Nandroid can do this, in theory, with a lot of hassle (but not on my phone, because TWRP for my phone doesn't support decryption of the system partition).
Many apps opt out of including their state in "adb backup" or act oddly when restored. Maybe this changed in the past few years, but it is still nowhere as complete as any automated or manual iOS backup.
It can if you charge from your PC and set up some very convoluted scripts (not recommended).
I use `adb backup` solely as a means of transferring my settings & app library between devices.
These are full system backups including potentially gigabytes of APKs, so I wouldn't want to run it every night. It is possible to use `adb backup` to only backup settings (no app files) if you want a lighter backup, but those backups aren't as useful for my purposes.
Thanks for the answer. I just wanted to highlight that, I can just take my phone for the day, throw it under a bus, go to an apple store, get a new phone and continue where I exactly left off (minus a couple of 2FA keys, which I have backups of).
This is what I like about iOS. I tested this method a couple of times (with less destruction though), and it just works.
You just described the whole iOS value proposition. Even Macs are basically "set-up and forget". My dad, a 76 year-old with no computer chops, was always losing his track on his computer (my old Windows desktop). I became tired of the permanent parental helpdesk service and I got him a late-13 Macbook Air and it's still running happily.
> iOS takes all of these away. Complete backups are built-in
They’re not. Backups are built-in but they’re not complete. For example google Authenticator data is not backed up. Microsoft Authenticator can be backed up, but you need to go through a few extra steps (and have a Microsoft account). Other secrets are not included either - my banks PhotoTAN app doesn’t store any credentials etc. There are reasons why this is so, but it’s really important to handle if you use your phone for 2FA.
> Authenticator data is not backed up. Microsoft Authenticator can be backed up, but you need to go through a few extra steps (and have a Microsoft account). Other secrets are not included either - my banks PhotoTAN app doesn’t store any credentials etc.
AFAIK, applications allow their secrets to be backed up or not, and I'm not mad that my 2FA keys are no backed up and shipped overseas. I keep another copy of my 2FA codes in another application, so it's not a very big problem from my PoV, though.
> I keep another copy of my 2FA codes in another application, so it's not a very big problem from my PoV, though.
It's not a problem if you took measures to make sure you have a copy. It's a problem if you just take "full backups" for granted until you figure out that some things don't get included in "full".
It’s not “some things”. Its things where the app developer explicitly chose to tag them to not be included.
And yes, for years one had to do the physical cabled backup restores for this, then these same app developers learned how to exclude their data from those as well. However, as of iOS 12, 13 and 14, there seems to be decreasing to zero effective difference in what’s included between tethered (with password), local WiFi (with password), and OTA iCloud backups.
You may be able to forcibly back these up using a third party tool that also lets you back up sandboxed temp files and the like, tools like iExplorer:
I have Google Authenticator with 5 or 6 2FA accounts. Am I to understand that I can use another app like 1Password for those same accounts? I distinctly remember some of them explicitly telling me to use Google Authenticator.
You should be able to, yes. Google Authenticator is pretty basic where it's simply scanning a QR code to get the TOTP token and storing that locally. It's apps like Authy which screw you over by forcing you to use them and ONLY them for 2FA for websites who opt to use it in their service. They don't make it possible (iirc) to get the token out so you can use your preferred authenticator app.
But back to your point: I used to backup to Google Authenticator and LastPass's Authenticator to prevent me from losing access when I migrated to a new iPhone since they don't backup. They both worked just fine interchangeably.
I switched to authy because I can use 2 devices (same "keys") and backup codes easily. I'm too clutzy not to have at least one backup device. I suppose most humans are.
Pretty much noone should be using any of the authenticator apps.
Get Keepass2Android, and it'll track TOTPs just fine. Throw Syncthing on their and you can securely get those to any device you own without involving Google.
2FA is about having a factor which changes everytime you use it so if the medium is intercepted somehow the account isn't permanently compromised.
It's protection for when using untrusted computing devices, or because most people have their passwords in some way visible or shared.
TOTPs can't be reasonably made much longer then they are while still usefully entered, but my password database never leaves my own devices and neither does the password to it.
If someone compromises my phone to the level they can get that database, then they've already got my Google Authenticator or whatever DB as well anyway.
IMO this reduces the protection of 2FA significantly. For me 2FA is primarily not having a single device that's enough to compromise to get access to your important accounts. This means that I never have both factors (password and TOTP key in our case) on a single device. That's why
> they've already got my Google Authenticator or whatever DB as well anyway.
is of course good for them, but they still need to get my password from my other device.
If your device is compromised to the point that someone is reading out the content of non-online, encrypted DBs, or keylogging aggressively, then they've also got your email and can much more easily just send a password reset to 90% of everything out there.
2FA as the internet uses it has always been about dealing with accidental disclosure and public PCs.
As an owner of Xiaomi phone I consider all data on it to be available to mid- and high-profile parties at least in China. Which might eventually leak into my country as well.
That's why my phone doesn't have any bank software installed and doesn't have any password saved. It is logged into my google account though to which you probably can restore some passwords, but for all resources I care about (banking, investements, crypto, etc.) it's not possible. I also use separate email for those. If my HN or reddit account will be compromised via my phone - so be it, I don't really care. I can also tolerate compromised 2FA app as it's useless without passwords which are stored on another machine.
For most of us 2FA as it is works fine. Until I become a CIA operative or drug dealer I suspect the current setups are fine via companies like authy, 1Pass, and google auth.
It's a bit ironic to criticize Apple's mobile solution via an app built by its direct competitor.
Google made the choice of not implementing backups for Google Authenticator, so that's really on them.
I would recommend Authy for 2FA. It supports backup straight out of the box.
Exactly opposite feedback of a colleague who switched from Android to Apple flagship few years back. After few days, he became frustrated how little the phone allows to tweak. I don't mean some low level tinkering, just normal things he got used to being able to change. He regretted the move since then but what happens people get often comfy with their choices and over time lose the will to do a big change again, so did he.
You mention setup & forget, that's how probably 98-99% of Android phones operate. Same for me, all the people and family I know. Initial install&setup after purchase, and then just running 1-click updates if one chooses to. After 3-4 years, switch to another one.
Hardware is +-same, what differences there are are invisible to user (apart from basic things like dual sims and memory card slots, which Apple lacks desperately... and bigger zoom for photos). Some like the smooth Apple UI, some feel they have the same on Android, most don't care. Some care about privacy which Apple seems to be the champion, most of the world simply doesn't care and isn't even aware. Some realize privacy is an illusion even with Apple, if you are 95% of the world that lives outside USA, various 3-letter agencies can do whatever they want and abuse your data in numerous ways without any recourse.
Its all relative, the most important is if one is happy with whatever one has and doesn't have unrealistic expectations.
Honest question: is it simply the fact you can't use a Gecko engine on iOS that makes it useless to you?
My impression is that the Firefox shell offered is still able to provide the various anti-tracking privacy features that many would point to Firefox for, and the variety of browser shells available should mean that you'd be able to find a UI to your liking if Safari's isn't.
At that point, the only thing I can see missing is a non-webkit engine. I get that that's an annoyance and definitely on the same anti-competitive level as 00s era IE, but by and large web developers account for it and it works acceptably. As much as I'd need it to for mobile browsing.
Would just be interested to know if there's something more I'm missing.
Gotcha, that's completely fair and not something I'd considered. Thanks!
As a vague counter point, I use Firefox Focus[0][1] which touts the tracker blocking and ad blocking I'd rely on extensions for normally. It meets my needs as the only additional extensions I use on desktop are for tab and session cookie management, both of which are moot points in a browser without tabs and a "clear cookies after each session" policy.
>That was supposed to be an honest question with an honest answer. There was no need for a snarky remark.
Well, somewhat snarky. It's still a legimate question.
Why would one "need" plugins on a mobile browser? What kind of functionality that mobile Firefox doesn't provide?
>The topic is about owning your own hardware/software combo - so having addons/customization is the definition of it.
Well, the topic is about owing your computer. Which has some merit (even though owing is a kind of a weasel word: you do own it, even if the OS enforces this or that measure. You can sell it at any time, for example, break it and nobody will ask you to return it, etc.).
So, the real topic is "doing whatever you want with your OS, with the ability to disable all checks, protections, etc, install custom everything etc".
Which I can see the appeal in some cases.
For a mobile phone what exactly is the great appeal?
There are ad blockers for Safari. There may be folks waiting to pounce with absolutely true complaints about how unsophisticated they are compared to what's possible in other browsers, but in practice they do a sufficient job.
There are certain extensions that I use on Firefox on the desktop. I would like to have some of those extensions available for my mobile device, in such a way, that I can enhance the usability of my mobile browser.
Because you usually work on a desktop, and might have all kind of handy extensions to help you.
You usually view webpages in a very minimal interface, small screen, often on the go or leisurly, and with limited interaction on a mobile phone. So, aside from something like an adblocker (for which there are solutions), what would one use?
AdGuard works pretty well on iOS. I don’t think there is a way to do a ‘dark reader’ specifically though perhaps pages honour the OS’s ‘dark mode’ setting these days? I would guess support is spotty.
Sites that use the prefers-color-scheme media query honor the OS setting on iOS, but it obviously doesn't work on sites that haven't implemented it - Dark reader[0] takes a invert-colors approach and makes it a little easier on the eyes.
well adguard only have ip, domain names etc. I mean it has less context? Addon has more context about the webpage lets say it can remove ads belonging to DOM with id #ads-1 ?
And in Europe, cookies / nag-popup-removers for all those GDPR compliance dialogs (though vanilla Firefox is becoming better in blocking trackers by default).
The main issue was (I guess still is), iOS does not allow JIT compilation - in order to keep control over the apps available (having JIT would allow running any code effectively).
Of course, nowadays the assets of apps have to be part of the deployable, itself. So it's common to run localhost web server.
Oh I totally agree. I treat my phone as purely a consumption and communication device. It's a dumb brick that should do those things well, including being secure. The more walled garden the better, in my opinion, as long as it's doing those things well and maintaining my privacy.
On the other hand, it's useless for creation. But that's fine, the trade offs are worth it in my opinion. I have dedicated hardware running Linux/Windows for that purpose.
Yeah exactly. I sometimes use it to view documents in a pinch but vast majority of everything I do is on a desktop/laptop. When I backup all I have to do is copy one folder over to my desktop and that folder also gets backed up to icloud. Iphone also obviously will reinstall the apps that I use if I need to switch devices. It works pretty well. my phone isn't the center of my world and in general I don't care about keeping old conversations on chat apps and such. Some people want to keep all their data into perpetuity but I don't.
I'm similar and for the most part don't really use the iPhone as computer. It just acts as a hotspot for the laptop and I use it to take photos so I don't have to worry so much about proprietary stuff running on it.
I agree with you overall, but felt the need of commenting as I thought "Settings do not change spontaneously" was true as well but it is not! I just discovered the other day that you cannot turn off WiFi or Bluetooth. If you do try to disable either of them, they will be turned off but only for a day. The next day they enable themselves automatically.
So much for not changing settings by themselves :)
The control center toggles specifically tell you what’s happening (“disconnecting from X until tomorrow”).
If that isn’t what you want to happen, you go to the Settings app and turn off those toggles. (But I wish they would have a matching statement on screen that clarifies their changes are permanent until you change them again.)
Temporary toggles being in the control center is great. Most of the time that I quickly disconnect from WiFi or Bluetooth, it’s to solve some immediate, temporary issue.
The settings aren’t “changing themselves” — they’re doing what you asked them to do. The written message tells you what you asked them to do in order to teach new users what these buttons do.
I can somewhat relate to you, but in different aspect. I own iPhone and I'm thinking about some home automation. I can program iPhones, I tried to find out some way to put my code onto my phone without restrictions and I did not find any. I can use web app, but it's restricted and I might need some API that's not available for web. I can install my development build, but it'll expire in a few days and I don't want to reinstall it over and over again. That's an absurd situation when I'm as a programmer can't put my own program onto my own device.
I love iOS in almost every way except sideloading restriction.
If I missed some way to implement what I want, I'd love to hear how can I do that. I don't need much, but I need push notifications from server and I need push notifications when I'm close to some particular location (like open a door when I'm near it). I might need NFC push notification, I'm not sure.
I don't agree that Android suck, I have second phone for testing and while I love iOS more as it feels more polished, I probably will switch to Android in the future, just because I want to run my code on my device.
All those Apple apologists should go and take a look at the world; I live in Iran, and here Iranian apps just use a business profile to install. There are even alternative app stores using device management profiles. And these apologists keep bullshitting that the monopolist walled garden actually keeps people safe. The walls don’t keep out anyone powerful, they just enforce rents.
All the Apple haters keep missing the point for why Apple users prefer “walled gardens”: They are fucking beautiful respites from all the crap outside their walls.
Apple has refunded me without question whenever an app tried to scam me, no matter how big people popular it was, whereas apps using third-party payment systems almost never give any refunds.
Imagine actually using free and open-source apps from free and open source app stores&operating systems instead of buying an overpriced rehash of open source software.
That's surprising as Apple is supposed to revoke those kinds of certificates pretty quickly. Enterprise certificates are for use inside enterprises, not for outer users.
Iran is under embargo by the US. Consequently, Apple doesn't do business in Iran. If someone buys an Apple product in Iran they're getting smuggled hardware that has likely been jailbroken. It won't be connected to anything Apple or iCloud unless they're going through some kind of VPN. Certainly nobody is getting developer certs there and they can't do any payment processing so most regular apps are gonna be out of the question.
Please stop opining on what you have zero knowledge on. The Apple devices in Iran are never sold jailbroken (in fact, I have never seen a jailbroken Apple device in my life). They can usually connect to all the Apple services without a VPN. There are apps that use Iranian payment processors in the App Store itself (e.g., https://apps.apple.com/us/app/fidiketabi/id1464658470 is an app that sells ebooks and audiobooks, its real name being Fidibo), and others have apps as direct installs that need the user to accept their profile, or use one of those Iranian app stores. There was a brief period after the Facebook VPN scandal that Apple did make a show of blocking these Iranian certificates, which caused a surge in web apps (which I liked a lot), but that didn’t last long. What is super clear is that Apple gives not a single fuck about privacy, security, US laws, or anything except PR. They do exactly what generates the most money for them, and have no principles. Every single big stunt they have done costed them nothing and further consolidated their monopolies. It is always others who shoulder the costs, never Apple.
If your app is using any payment processor that's not Apple within the App Store that app is not in compliance with Apple's own App Store policies. Epic Games would be very interested to learn this is happening. If you're using self-signed certificates or an "Iranian App Store" to install things you are also operating outside the bounds of App Store policy.
You're using Apple services in a region that is not officially supported by Apple. I don't understand how you think security and privacy protections are going to be in place when using smuggled hardware that's intentionally compromised and taking active measures to circumvent what protections Apple has, either by jailbreaking or rerouting requests to Apple to some other mirror.
You’re full of assumptions. Nobody is tampering with the hardware, nobody is routing Apple IPs to fake mirrors, nobody is using “self-signed” certs. People use stock iPhones, without a VPN (not that enabling a normal VPN is at all relevant here, but still), to enable profiles signed by Apple, to run Iranian software. All these can happen in the US as well, except Iranian app websites usually check the IP and sometimes the phone number before they give you links to install the app.
That Fidibo app is obviously not “compliance with App Store policy.” Said policy has never been followed consistently. Feel free to email Epic if you think this changes anything. My magic ball says the best result you can expect is that Apple says, “Oops, they lied, and we didn’t notice.”
Your article is also just an article. App Store is usually fine in Iran, but sometimes there are connection problems. This is not even always a ban from Apple, the Islamic Republic is all too happy to ban foreign services.
Instead of giving me all these made-up stories, give me a list of all the major sacrifices Apple has made for user security. I can’t think of a single one. The nearest thing to a sacrifice they have done is supposedly not selling your data to 3rd parties (except China and friends), but this isn’t that lucrative for them and the PR it generates translates directly into profits. Most privacy choices aren’t this PR-able.
I both hate and love both of Android and iOS. Currently I'm on iOS has the hardware is nicer but damn if the UX isn't confusing and downright dangerous sometimes (looking at you CarPlay).
I also looked into getting some of my own programs into my iPhone but rather than getting stuck on not being able to keep it there for a long time, I got stuck on how to even get the program into the phone. Turns out you need Apple hardware to push the code, so I'm stuck before even being able to try it.
To your point, Apple Developer does not require the $100/year Apple Developer Program fee to load software on your iPhone, but does by default require a weekly cert refresh.
However, the $100 is less a permission slip, and more buys you access to Apple services infrastructure that is largely worth the money so you don’t have to do it yourself and so your users can trust a single brand experience.
(For example, notifications before Apple’s notification service were insane, the app “Growl” made a lot of money just trying to tame the dozens of different ways confounded users’ expectations with notifications. Similarly, updating apps was crazy-making for users, then there was Sparkle, now you get the app hosting and distribution included in the $8/month.)
Just these few services are well worth $8 a month if you compare what you get to any other SaaS we’re buying all the time from HackerNews startups:
- App discovery, hosting, distribution, updates
- CloudKit, iCloud Documents, iCloud K/V Store
- Push Notifications
- Sign-in with Apple
- etc. (NFC is also in the list)
See this link for detailed differences between free Apple Developer and paid Apple Developer Program (also compares Enterprise distribution):
Since you specifically mention push notifications which of course require an infrastructure to run reliably for you 24/7, there’s a good value for the $8/month. The systems behind making these “just work” for users are complex and expensive.
It’s frustrating to have to pay, but I think you can shell out something like a 100 bucks to get an Apple developer account and it allows you to install your own code on your own phone. I hope it’s a 100 bucks forever and not once per year…
But I also need a mac for signing, don't I? Like, a Mac Mini? That's the most annoying part, tbh. I feel fine-ish for paying 8 $ a month for my dev account (if you calculate it that way), but buying additional, expensive hardware? No, not really.
Long story short, you pay $100/year or $8.33/month for access to a suite of services that make apps frictionless for your users, and easier for you as a developer to offer high end features like authentication, notifications, and sync:
- App discovery, hosting, distribution, updates
- CloudKit, iCloud Documents, iCloud K/V Store
- Push Notifications
- Sign-in with Apple
- etc. (NFC is also in the list)
You do not have to pay anything if you do not want any of those services, however you will have to “refresh” your test app cert weekly or work around that.
I can pay, but, as I said, my apps will expire in a few days, so I would need to rebuild and reinstall them every day to keep them working. The only way to have non-expiring apps is to submit them to AppStore which is obviously not possible, as it's only for me.
You can use AltStore to easily sideload apps to your iPhone without a developer account[0]. You only need to be on the same WiFi network as your computer once every 7 days to "refresh" the sideloaded app.
> I cannot choose any of the parts, and even doing simple reparation tasks like replacing a battery is a nightmare these days.
There is the https://www.fairphone.com/en/ which is a modular and easy to repair smartphone. They also make it easy to install alternative operating systems like Sailfish or an OSS version of Android.
The company itself only supports stock Android, although they do foster (some) community efforts for ports. Sailfish doesn't seem available for the Fairphone 3; /e/OS is, but to get it preinstalled you need to order from E, not Fairphone itself: https://esolutions.shop/shop/e-os-fairphone-3-plus/
Unfortunately they don't seem to work in the US, and from what I've seen they are mainly focusing on selling and making sure their phones work in Europe.
It seems like a lot of these problems at the core stem from corporations or the government not being held accountable. How do we fix regulatory capture so these privacy issues are a non sequitur?
I have increasingly come to the conclusion that the society’s average IQ matters an order of magnitude more than your own in your well-being. An obvious example would be to compare the life of a person with mental illness to that of a roughly similarly smart animal.
Not ever... when we vote corporations out of controlling the government, or "we the corporations". Red/Blue is for strawmanning, both parties are $green.
Genuinely curious: Has change of this magnitude ever been achieved entirely by voting? It feels to me like it can only be achieved by revolution (ie, replacing the government entirely with a new government that does what the people actually want). I very well could be wrong.
A problem is, that there's no such thing. There's a common denominator (punishing killers, rapists, thiefs), but this is what punish all governments anyway.
When you go past this point, people's interests are atomized.
indirectly thru elected representatives, legislation, I think so but I'm no political historian. Problem we've got now that you touch on is the judiciary gave this to corps through a 50 year push. Can we get citizens united overturned...
You will never own your smartphone. That would require you to be the licensed operator for the radio transmission. Instead the radio is licensed to the telco (or related) and the telcos have every regulatory and monetary incentive to prevent users from being able to access or control the radio. The government regulators demand the user not have control and the baseband modem manufacturer(s) demand their licensed intellectual property is not exposed.
Don't let perfect be the enemy of good. There are valid reasons to lock down the radio, that doesn't mean we have to accept every smartphone vendor, app author and cloud service provider violating your privacy in every possible way they can think of.
This isn’t the slam dunk that people think it is, unfortunately.
You see, in addition to controlling the cellular radio and all of those details, the bass band processor also does real time noise cancellation and a variety of other call quality functions that you would immediately miss if they were not there.
That processor is actually doing a lot of different things and is difficult to remove from a phone and maintain what most people would consider an acceptable user experience.
My point was more that if you can have a fully free PC except for the cellphone modem, then you can also have a fully free cellphone except for the modem. There's nothing about the rest of the cellphone that's any different from any other computing device.
As another commenter pointed out - the Pinephone is device attempting to do that.
Can I just have a wifi only phone and then have a separate wifi hotspot that actually does the connecting to the cell network? The hotspot wouldn't be "owned" but the phone could be.
You’ve drilled down to the critical issue - batteries. For better or worse, we have observed there’s a limit as to how much stuff people will willingly carry on the regular. Current phones barely fit in that space envelope. Make a phone twice as big or require a separate device, and for most users this is equivalent to not carrying a cellphone.
I don’t think the current dominance of the big two can end until the hardware and software requirements of making a good phone are much much more accessible to normal developers/engineers than they are today.
I never understood why they don't sealed box the wireless stuff then.
I could imagine a family of cellular and Wi-Fi devices that present as Ethernet bridges. They'd offer a configuration interface reminiscent of home routers (go to a magic IP either with a REST API or a browser-controllable menu). This eliminates a lot of the delicate, externally facing configuration options and has the side benefit of eliminating a lot of driver development hassle, especially on low-popularity OSs.
It is an isolated peripheral in many smartphones. Whatever you do, there is of course a risk malicious code could break out of the isolation, true for your Ethernet proposal too.
Having a malicious device on the other other end of a Ethernet connection is much less of a problem than having a malicious device that can DMA into main memory, which is something the baseband in Apple/Android phones at least allegedly can do.
Well I have completely degoogled mine [1], but it comes with problems like reversing banking application as it uses safetynet. Luckily I am quite profound at that.
Bottom line, it is doable, but I want a working linux phone, where camera and calls/sms/mms work and I dont use any newage communication software, so I dont care. Again, this is completely my use case as I practically consider the phone applications as mostly useless, dont play games and prefer paying in cash.
I hoped Cosmo Communicator[2] would be it but they didn't support the camera and since I am using it for taking notes, it is vital for me. Actually I even went into making degoogled rom for CC but I got stuck at selinux blatantly abused to prevent modifications and maybe some day I will recompile the kernel to kick it out or find time to reverse and binary patch the selinux checking.
Actually PinePhone is becoming more and more interesting option but they should really pump up the specs, again, at least for camera. The second possibility would be sailfish os [3] but again it has some closed source blobs.
I love the PinePhone. It is an amazing project, and I'm definitely considering buying one. However, it does not solve my main problem. For most scenarios I still need a "normal" smartphone with either iOS or Android. Apps like WhatsApp and banking apps are unfortunately needed for a large part of my daily life. At risk of either socially isolating myself or bringing major inconveniences without having them. All unavailable outside of the walled gardens.
I really want the PinePhone to be a solution here, but unfortunately I know it isn't.
>Apps like WhatsApp and banking apps are unfortunately needed for a large part of my daily life
That is the opposite of what they want. Do you think whatsapp and a banking app will allow installations that let them track users less? With banking I can sort of understand it, they have to protect the lowest denominator (reused password, no 2fa), so barring different installation methods that are used for "anonymous" purposes I can sort of understand the reasoning behind.
but something like whatsapp where the main commodity is your data? Hardly their priority.
The (not cost effective) solution is to carry both.
Shut off the 'normal' smart phone when you don't need it (for banking or what have you).
Use the web version of Whatsapp (https://web.whatsapp.com/) if you must use it. You could even consider having a WhatsApp specific phone if you have an older model that you've upgraded from that contains no other data.
I do similar. Just use my previous Android (eg Pixel2) with the apps on it and my current phone (Pixel3) is trimmed (disable what you can, no apps but Firefox). I leave the 2 in a known safe location.
Not a 100% solution but is dead simple and better than 0%
A way to mitigate this is to just accept having multiple devices. This doesn't solve issues like unaccountable microphones, but does give you at least one device that you do control and the no-nonsense software benefits that brings.
I'm at the point in my life where I don't really need proprietary apps on the go, so my "full take" device is a tablet that mostly stays home.
My bank’s app is essentially a wrapper around their mobile site. I can’t think of any specific features it has that require it to be an app, both technically, and in their implementation.
Check deposit may be the only feature not available in the mobile site. It’s certainly not a technical requirement that they can’t implement that though.
Probably the most noticable feature of banking apps that I've noticed is real-time payment authorization.
Sometimes when making a card payment online (not necessarily on the phone), my phone shows a notification from the app asking me to confirm the transaction.
Ah, I hadn’t thought of that. Several of my credit cards have that same feature and it never shows up until I leave the US and don’t have connectivity and get locked out of my card.
The PinePhone is definitely more open and trustworthy, but it also feels pretty useless for the time being. Its Allwinner A64 processor is antiquated, about like a lower-end Android phone from half a decade ago and with only 2–3GB of RAM, but the Phosh software stack isn’t optimized well for these limitations and the device moves at a crawl. Just opening the screen to turn the wifi on or off takes over five seconds. (Yes, there is also UBports, but that is based on 2014-era Ubuntu-specific software that even Ubuntu moved away from, and the whole thing feels like it is bitrotting now.)
I also worry that there isn’t enough of a development community behind the PinePhone to bring it to a basic level of polish. Instead of being the resurrection of the Nokia N900 as a hackable Linux phone, the PinePhone might actually be a repeat of the ill-fated Openmoko Freerunner.
So far we're struggling with some really basic issues with our recent Pine Phone- including severe echo on calls, slow ui etc. Its a WIP and will undoubedly improve over time, but its definitely not a turnkey daily-driver type of experience.
If you want to stay with Android, maybe have a look at CalyxOS. They integrate microG and flawless system updates while keeping the bootloader locked. Only works on Pixels and the Xiaomin A2 though. Imho it's the one Android distribution that has the right balance of privacy and usability. I flashed it for my mum and my sister and there wasn't one complaint yet.
No? Your link says nothing about "completely," you just made that up. What it does say is that they remove the "nonessential" bits, plus flip the HAP bit. You can do both of these things yourself with me_cleaner, but it's not good enough. Exploitable vulnerabilities have been found in the bits that cannot be removed.
Great stuff. First time I flashed a chip with SPI or started learning and playing with surface mount chips. Old ThinkPad are still very capable and empowering if you like playing with software and hardware.
With regards to changing parts on a phone, ifixit made a comparison of different phones and how easy they are to change parts for. Something to consider taking a look at when buying a new phone. https://www.ifixit.com/smartphone-repairability
Your average desktop/laptop CPU runs a blackbox like Intel AMT or AMD PSP which is basically an always active mini-CPU that runs in the background and is OS-agnostic. If you consider your OS max privilege level as ring 0, this is ring -1.
If/when someone manage to conpromise those, they can basically take over your computer, and Intel/AMD doesn't provide any sort of killswitch or physical way of disabling it.
Alas, it is so. Graphics cards have much the same going on. It's part of why Nvidia will likely never opensource or mainline their drivers... They have a huge need for blobs and hardware backed secrecy in order to enable most systems to be compatible with HDCP. That means they need to be able to attest to their cards having not been compromised since leaving the factory.
As someone could in theory cobble together an HDCP compliant rig and good heavens, might be able to intercept and decode HD content!
So much of what makes the tech giants so lucrative is that they act as centralization points for industry level orchestration of what user behavior to support.
You can bet that if an industry working group is stoked, there's likely hidden in there somewhere an implementation detail intended to curb an undesirable user freedom or general capability.
The biggest difference is that graphics cards don't have network access. Without network access, proprietary code can be an annoyance, but won't be an outright compromise.
(sure the code could still do nasty stuff like facilitate tempest or other sidechannels, but that's leaps and bounds ahead of the built in assumed-RCEs of ME/PSP).
It can be used for 'out of band' management of your system, including firmware/bios rollouts and updates. Allows remote hijacking of attached hardware devices. Basically can puppeteer your entire system.
> why can't we do anything about it?
Because there is no ability to update or modify this code. It is only updatable by the hardware vendor as it is encrypted, signed and checked during update.
I guess they mean the freedom (or lack thereof) of the software license that comes with your OS, ie. 'you should be able to hit the software with a metaphorical hammer', which technically isn't possible with the Windows 10 license.
I also think selecting parts is limited by the fact that there are so few manufacturers. Processors these days mostly come down to AMD or Intel and nothing there is transparent or audit-able. "trusted computing" and backdoors make even your hardware suspect.
I own a 5-years old Moto G4 Play running a de-googled Android 7.1. It works just fine, and I can install apps from either the F-droid or the Aurora stores.
To me it makes more sense to continue with this phone, as I can find all the replacement parts I need on AliExpress, rather than investing in a new Librem 5 or a PinePhone. While I appreciate being able to use an open mobile OS, there's the problem of apps, and there's still the hardware problem - it's both more expensive (in the case of the Librem 5 at least) and has the same problem of eventual obsolescence.
One of the biggest and most overlooked issues with privacy on any cellphone, "open hardware" or otherwise, is the phone part. The baseband processor (BBP) will be a proprietary black box until at least one of the carriers decides to allow an open source BBP to access their network and exchange data. Even once that happens, if it ever does, the second your BBP accesses the network you are vulnerable to snooping, tracking, and spoofing like everyone else on the planet.
At the end of the day you are relying on a suspect network connection, hosted by a profit seeking corporation, regulated by a privacy hostile government, to maintain your connection to the world. No matter how "free" your device is, the network itself will never truly be free.
> since a lot of normal interactions such as banking almost requires you to have such a phone.
I can get by without carrying a microphone-and-camera equipped computer controlled by someone else around, and so I don't; but, if I want to return something I bought on the Internet, I don't get a receipt; and, if I want to go to a bar, there's a risk I won't be allowed to pay. (There is a law against the latter problem, but it is not enforced.)
> and, if I want to go to a bar, there's a risk I won't be allowed to pay.
Are there situations where paying without a smartphone is not practically possible? In the Netherlands people sometimes pay with smartphones, but these use the same infrastructure as the ubiquitous debit cards, so it is not an issue here. (Cash on the other hand…)
In Norway, some businesses use Corona as a pretext and say that credit cards are dirty too. What's the cash situation in the Netherlands? Aren't businesses legally bound to accept cash?
Supermarkets, sure, but plenty of small businesses require one of the so-called contactless payment methods these days — a trend that started pre-corona. This means either a debit card or a smartphone with a virtual debit card on it. It is a point of concern that this excludes people without a bank account, but as this doesn't impact essential services it is tolerated. I don't think we have a law that mandates cash, but of course supermarkets would face criticism if they closed the last cash register (there is always one that accepts both kinds of payment).
These payment terminals and the Dutch debit cards are by now all suitable for this type of contactless payment: you either lay the card on top of the terminal or hover it there, or hold it near the side (depending on the model); it can be done completely without terminal and card touching, and of course only the card carrier touches the card (i.e., you don't hand it over as is sometimes done with credit cards).
Credit cards are rarely used for payments in shops here, and are often frowned upon by merchants (and often refused). It's all debit cards (either as a physical card or virtual in a smartphone) and some cash — although covid may well proof to put cash that much closer to the grave.
This may be an ignorant question, but how do we know what every part in a computer does? Yes, we can choose the OS, but do we all know what every single chip does on a motherboard? Like, EVERY chip, not the CPU or main ones, but the innocuous chips that are strewn across a motherboard. Now, I know some of you will go "yes, I know what they do", but do you inspect every motherboard you own in detail to see what they do?
What am I getting at? Well, I know it's totally paranoid, but what if some agency out there in other countries who build these things are putting things on the boards to send telemetry data back. Perhaps something small and quick now and then while the computer is online. Something that you don't even notice unless you're constantly monitoring the internet traffic in and out. And the traffic itself could be something innocuous also. Something that slips under the radar.
I know I know, I'm totally paranoid here. But does anyone here worry about that at all?
> and even doing simple reparation tasks like replacing a battery is a nightmare these days
I went ahead and bought a SM-T575 tablet a couple weeks ago. The only tablet I could find in the 8-inch range that had a somewhat decent CPU/GPU, a camera with light, NFC and a replaceable battery - while still being waterproof. And it's not made out of hard plastic that will shatter at the first fall. For all that joy however, it was a fucking PITA to root it and I only succeeded because of a helpful soul messaging me on Reddit of all places.
Seems like the only place one can find stuff supposed to live longer lives is in the expensive Enterprise section of manufacturers for a hefty premium - similar to "smart TVs" where the only "dumb TVs" available are "digital signage" type. And that's not good. We need regulation in this space, and fast.
> Owning my computer is still relatively possible. I can build a computer from parts which I can choose
This is insufficient according to conditions of TFA. It is widely assumed in the security industry (based on evidence from the various state-sponsored attacks we can see) that the NSA and/or other government agencies have backdoors and/or zero-day exploits for both the CPU secure execution modes and common networking hardware. It is very likely that there are "magic packets" which you can send to such devices which install a rootkit payload.
If security against even government intrusion is something you care about, it really difficult to buy or make a modern computer that is configured like computers were in the 80's and 90's: just running code we have complete access to, with no hidden interfaces.
"simple reparation tasks like replacing a battery is a nightmare these days"
Had a recent experience with a Motorola phone with this. And there was no obvious technical reason they couldn't have held the battery down with something other than a shite ton of glue.
I'd like to quickly plug Fairphone here. They've made a phone which does everything you'd expect of a smartphone, but is also very easy to disassemble. Replacing the battery is extremely easy, same with the screen itself. The other "modules" tend to have a few different components on them, e.g. USB plug and vibration motor are on the same module AFAIR.
I've been using the Fairphone 2 for a bit over 5 years and while it's not an outstanding phone, it's lasted well enough. The challenge for me in Australia is getting spare parts, as they only ship to Europe sadly.
I just bought a 3+, shipped to Australia via a friend in Austria. I'm glad to hear that your 2 has lasted, albeit the phone I replaced was also about 5 years old (a Samsung, from the days when those had replaceable batteries and uSD slots. And on battery number three, although I am pretty sure battery number two was a fake because it never worked properly)
I'd love to run a more open software stack, but even just Linux on the top layer would mean not running the apps I need to get through daily life... it's why I had to retire my perfectly working Android 3 phone, so many things stopped working (the Covid tracking app FFS). But under linux are the various radio, camera, wifi etc modules and a lot of those have their own firmware. Pinephone has really struggled with that.
There should be just a phone for hackers and hardware/open source enthusiasts. They would have a toy to play with without a need to bash other “walled garden” platforms which isn’t for them apparently. As ordinary consumers don’t want to or do not have a knowledge on how to do those advanced tasks most HN users want.
And, that’s great! They shouldn’t know that, maybe there will be some cultural shift in the future, where everyone will be tech-savvy, and companies like Apple starts changing their approach. Until then HN users need to accept that most of those solutions are made for ordinary consumers, and embrace the niche for them. :-)
I have a PinePhone. It's much fun being around the guys who are making the next evolution of phone. Hackers gonna hack.
I'm still here bashing the walled gardens because no matter what the non-techies want to do, they need protecting from themselves by either the .gov or by being given alternatives.
Every day we get closer to giving them another usable option.
The only thing I will say is that I encourage you to get involved with hardware engineering. You will quickly find that small personal electronics have extreme design constraints that are quite unlike a custom-built PC (it's like complaining that you can't just buy RAM, a CPU, enclosure, etc and build your own ECM for your car).
People don't drop their battery-powered custom-built PC into 6ft of water and expect it to keep working (then dunk it again after two years of abuse, 4 floor drops, etc have worked against the case, seals, and so forth). They don't take it from freezing temperatures into the warm indoors and expect it to keep on trucking. They don't expose it to extreme temperatures on car dashboards in the summertime and expect it to still perform (it would absolutely hard-lock due to overheating if you tried it). Compared to a phone it doesn't matter very much how much a custom-built PC weighs +/- 1kg; phones fight for grams. If a custom-built PC uses an extra 15w who cares? But that might be more than the entire power budget of a phone SoC. People expect a phone not to spew EM that breaks the ability of anyone around them to use data or make calls. People also expect their phone to be able to complete a 911 call in an emergency so long as some kind of signal exists.
Modularity IS NOT FREE. STOP ACTING LIKE IT IS.
Modularity costs space, weight, and complexity (which often translates into user time spent troubleshooting).
If a user-replaceable screen means giving up waterproofing do you expect that to be a popular tradeoff? If making the battery replaceable reduces battery life by 40% is that a good tradeoff?
It is clear to me some people complaining haven't spent any time researching this topic and have no idea just how much engineering goes into modern electronics nor what the tradeoffs are. If they actually had to live with the results of their claimed preferences a lot of them would hate it and switch back immediately. At best I see people hand-waving half the battery life or double the weight as if it such things were trivial for devices people hold or carry on their person for hours a day.
I'm 100% serious when I say if you are working on your own company or product please make sure you approach these things with eyes open. If you are deliberately going to serve a different part of the market know that going in. It's fine to go after a niche - a niche can be profitable - but understand your customers and what they really value (not just what they claim to value). Don't let a bunch of contrarians on HN convince you there's a market for 10 million modular cell phones. You'll lose a lot of money when your "customers" skewer your product for all the compromises necessary to give them what they claimed to want.
I don't think those are the actual trade offs for modularity. If I want waterproofing, I use waterproofed modules and a specific case. If I need more battery life, I use a bigger battery module.
The real tradeoff is size. The ultra thin electronics are the benefit of not having modules. Related to that is performance - the performance you can get is well correlated to how nicely you can put your traces on the PCB connecting the two. Having to go through a connector adds another competing constraint
Source: have done some modular and non modular designs of the same. Not nearly to the same precision and performance requirements as building a phone, but not that far off
Even with unlockable bootloaders, you're still never completely getting rid of what I call predatory code signing. The code you're able to run on an Android phone after unlocking the bootloader runs with EL1 — the privilege level sufficient for an OS kernel. Problem is, there are higher privilege levels aka ARM TrustZone (I think they go up to EL3?), and you're never getting access to those. And there's a "secure OS" that runs in those, and that, among other things, manages DRM and SafetyNet.
Is there a good layman’s guide on how to do this? I’ve heard about things like f droid or cyanogen but really have no idea how those paths compare to “open source” phone operating systems from Mozilla or Ubuntu or other choices like Purism. What’s a reliable route to get a smartphone that can do calls, texts, and browsers without relying on Google or Apple?
My hope is that as smartphone hardware gets commoditized we'll see a meaningful third-party alternative. Linux on desktop, for example, may not have the marketshare that matches commercial offerings (like MacOS, Win, ChromeOS) but it is viable, and it is there for people who want it. I want to see something like that for phones.
> Owning my computer is still relatively possible. I can build a computer from parts which I can choose, and have a choice in which operating system to install on them.
Where can I find, how can I build a computer---that isn't 13 years old---with open firmware of which one doesn't reasonably suspect that the NSA put a backdoor into it?
Don't worry about NSA. If the NSA finds your computer interesting, they can remotely hack it using one of a 100 zero-days exploits, without ME. And if you are running non-ME system, it's even easier for them to hack you unless you are working with the CounterNSA.
Surely this depends on the system being run and the programs running on it. Are you claiming that a basic installation of OpenBSD is wide open to the NSA? Even if that is true, I would think that fewer vulnerabilities are better than more, and that vulnerabilities that cannot be found because their source is secret are worse than those that can be found.
From experience, no matter what you do, your phone will still continue to ping 1e100.net every few minutes. This may just be something innocuous, but there just is no way to get rid of this behavior (or to understand where it's coming from).
You might want to check out https://e.foundation/ - It's a de-googled Android + MicroG, but ships with its own app store and tries to be a generally integrated experience.
The type of programming you need to get your phone to dynamically manage a mesh of access points makes the brain melt. At what level do you want control? After the network connection manager already does its thing or do you want to govern that too?
Some time ago, this topic prompted me to rethink how I used smartphones in general. Once you get more intentional with the way you use your devices, it's often the case that you can discover habitual patterns that took over without you noticing.
I've always dreamed of something like an open-source iOS clone. The benefit would be that developers wouldn't have to change much, and this new system could take advantage of the exiting iOS app eco-system.
I have been lucky with TextNow web-based phone number so far - all my banks (and the IRS) accept it. But it's probably only a matter of time until they force me to use a "real" phone.
Yes. I feel i am not trusted by any OS vendor to be given access to all my system folders. I feel that my computers OS is like the proverbial, pushy "bodyguard" whose job is to stop you seeing too much and going places "they" don't want you to go.
KaiOS is sponsored in part by Google, and includes Google software. I know because I have the yellow banana phone (Nokia clone). I bought that with exactly the expectation that it's free of trackers and so on, but no. Apps on KaiOS cannot be uninstalled.
This feels like it was made to get to the top of somewhere like HN but I'm actually very confused.
>I want it to be, but which can also be used to communicate securely with anyone on the planet without being observed by a third party. I don't want to be spied on by Microsoft or Google.I don't want the NSA intercepting my conversations or even their metadata.
I don't see what this has to do with the actual computer honestly. You don't want Microsoft to be involved so I'm going to assume you are going to install Linux on whatever you get, awesome, this doesn't stop the NSA or Google from harvesting your data because that doesn't really have anything with the computer. Seems like you want a search engine and ISP that you own as well.
Yeah, I think the parent started with some good concepts like "a computer I own" and "not being spied on", but then missed the lack of relation between the two.
You can have a computer that does not connect to the Internet, or connects to the Internet very little, or only connects to the Internet through specific communication channels you open in a firewall. That's all very attainable.
However, as soon as you communicate with third parties, be it your ISP, a cloud provider, or your end communication partner, you are potentially sharing with more than you intend. It's a "the only way to keep a secret between three people is if two of them are dead" problem. You can't control what other people choose to share.
Postal mail and telephone were ... relatively secure, inasmuch as that bulk surveillance was expensive.
Wiredtapping and postal interception, as well as metadata (pen-trace and postal covers) are possible, but scale poorly when individual lines must be listened to by individual agents, or individual letters carefully opened and resealed.
Digital permits surveillance at mass scale. It seems ultimately a fundamental property of the medium, less a bug than simply a feature.
There is also a fairly robust tradition of privacy in postal mail (in most countries), and after some false starts, eventually applied to telephony, at least in theory. The situation for email is far less evolved.
These days, if you do want secure communications, postal probably offers some real benefits. I'm somewhat surprised that postal remailing services (send an outer message to a central point who deposits the enclosed prepaid inner envelope(s) to final destination(s)) isn't a thing, or at least not one that has any appreciable awareness.
The capabilities of voice-to-text and handwriting / optical character recognition make the viability of intercepting virtually any spoken conversation, or any _observed_ written communication, quite high. The costs are much greater than with straight machine-readable character text (ASCII/UTF-8/Unicode), but pretty tractable.
My view is increasingly that privacy is an emergent phenomenon responding to ever-increasing surveillance and observation capabilities. The modern discussion began in the 1890s (Warren & Brandeis: https://www.cs.cornell.edu/~shmat/courses/cs5436/warren-bran...), as technologically-mediated intrusions were increasing greatly in capability. Though what the end-game is I do not know.
I would argue that postal remailing exposes the remailer to legal risk, and (if done with few remailers) gives the surveillers few points of particularly interesting mail hubs.
If anything, postal remailing would probably only work in a TOR-like manner, with many, distributed, non-for-profit remailers - but that opens a whole set of new problems, like who pays for the service, what prevents the remailer to just take the delivery for themselves (as undoubtedly such a service would be used to remail illicit substances and other valuables), and how would such a network of legitimate, trustworthy remailers know each other to do some tunnelling?
There are numerous potential issues, yes, though some provisos (e.g., no detectable traces of illicit substances, limited to standard envelope-sized postage) would tend to limit much of that.
Even as an informal practice, the option could have some value. The question of whether to used a two-hop (source, mix, recepient) or three-hop (source, mix-1, mix-2, recipient, as with Tor) exists (the three hop system would triple postage, if messages were sent individually, though bulk distribution is another option, with break-bulk at the 1st or 2nd hop).
Again, what has surprised me previously is that I'd found no mention of the concept at all. Though I am finding several now, specifically emphasizing anonymity / location obscuring:
But a pidgeon leaves a trail of metadata on the ground as it carries your message, so this communication channel is still vulnerable to bulk network analysis by some Advanced Persistent Threat.
I'm not sure if it's ironic or intentional, but I find it funny that they talk about these points while not having HTTP redirect to HTTPS on their own site, presumably because it's using a self signed certificate.
It may have something to do with the fact that in another rant the author complains about how HTTPS makes webmasters dependent on certificate-issuing bodies.
And he is not wrong about that. The HTTPS/SSL infrastructure is byzantine and less concerned with actually encrypting information, but establishing trust that whoever you as the browser are communicating with is in fact the server that you expect them to be. This is not an easy problem to solve...
For the longest time, this introduced the ecosystem to professional certification authorities, which are essentially profit-oriented organisations that gauged prices.
Let´s Encrypt made some of the situation slightly better, opening up small websites to encryption, but you are still dependent on an external CA and the goodwill of the browser manufacturer to distribute their root certificate with their browsers.
At least in Linux distributions it's up to the distro, not the browser. Not to say you can add your own root certificates you trust if you don't trust your distro. You have to trust someone eventually, that's for sure, nothing can be done here.
And every other country's government to not spy on internet traffic crossing their borders. Good luck communicating with somebody in China. If you use TOR or a VPN or any kind of tunnel over some other service, they'll figure out what you're doing eventually even if they can't read the content.
"surveillance-for-profit business models to be forbidden"
Are you going to ban TV networks and credit card companies next? Grocery store loyalty programs? Practically every company these days collects about their users and customers.
Credit companies would do just fine if they couldn't sell your data. Loyalty programs don't need to sell your data, they existed before it was even possible. TV networks ... wait, how is broadcast TV even collecting your data.
None of these businesses NEED to collect and sell your behavioural and demographic data to exist. TV and newspapers would probably start doing OK if precision targeted ads were not possible.
Not broadcast per se but cable company set top boxes monitor your viewing habits and correlate them with your account which has a bunch of demographic data.
In a just world — where the basic human right of privacy counts as much as the basic human rights of free speech, free travel, free reproduction, not being tortured or enslaved etc. — they would be forbidden. Let them figure out a way to be profitable without infringing.
Unfortunately, the Americans, the Russians and the Chinese are against pervasive privacy and pay only lip service to the UDHR at best.
Not sure if this is what the author had in mind, but Chrome OS has over 50% of edu market share. Effectively, a lot of kids in the US are forced to Google's products.
> Except for a handful of very over-priced models that I can't afford to buy.
This statement here made me pause for a bit. He wants a computer with specific features, but doesn't want pay for the models that offer those features because they are too expensive?
Everyone wants to have their cake and eat it too, but unfortunately, reality has constraints.
They're not overpriced, they're expensive. And they are expensive because they are rare. And they are rare because vendors stopped manufacturing them. And vendors stopped manufacturing them because most people do not refuse to buy a device "that is designed largely to maximize the profits of the computer industry".
>...And [the computer industry] stopped manufacturing [a computer that is not designed to maximize computer industry profits] because ...
When you read it back, it sounds silly to expect any company to make products that ever fit this criteria. Except expensive ones, of course, which maximize profits in their own way.
Not only for-profit companies may build computers; non-profit organisations, cooperatives, governments may, too. I think that's a good way out of the problem described in the article.
Most people don't know the anti-features present, and even if they did, the price hike to get rid of them is so big they wouldn't buy. Some may call it the market working as intended, but I see it as a problem - this is very far from "voluntary transaction between informed parties", and there's little ability for customers to use money to voice their preferences. It's a purely vendor-driven market: vendors get to dictate features and anti-features, with little to no way of opting out.
I'd like to see this fixed, but I don't think there's an easy way to do it. The issue dovetails with intellectual property laws - situation could've been different if money could be made in gutting hardware, firmware and software and removing anti-features at scale. But we can't have that, because every single piece of a computer is its own IP minefield.
I hate using the word "privilege", but I think it takes a particular mindset/history to equate "can't afford" with "doesn't want to pay".
For many people even in wealthy countries "can't afford" really does mean "I cannot purchase this without at least going into debt or foregoing necessities" even for <$1000 items
Exactly. I want these things too. But I'm also willing to pay for them.
Everyone wants the best stuff for free. That's not controversial. But it is controversial to complain that the best stuff is more expensive than the cheap stuff. Of course it is. That's the type of stuff they sacrificed to make it cheap.
If they want low end free btw, they do have that too. Pinebooks are super cheap.
It's more connected than just that - people can't afford housing and food, let alone computers. A small sliver (~2-5%) of people can afford to do e.g. organics, fair trade commodities, free range animal products, small business, locally owned/sourced, etc.
Of course, not to say the above are all panacea, but something much more directly measurable and visible, like your health, local economy/ecology welfare, people can barely afford. The invisible, like the privacy affecting where your precious wallet gets spent, the habits which can be used to target and manipulate you, that's the invisible hidden behind marketing promising "great performance at a low price".
You get what you pay for, and the moral of this story is that what most people can afford, shit, is what they get (shit).
At least, until people decide to take control and dethrone the tyrants from their thrones. That's why govt and big biz can't stand a message to be private, they are well aware they stand to lose, well, everything, from anyone ever bothering to unseat them. Not to lump all biz or govt together, there are some worse than others.
The same situation can be spotted on services. E.g. people already forgot that running email service costs money and they take the free GMail account as given. But around the corner they blame Google for poor support then free GMail account is randomly closed.
It is not only email. But if you want (support|control|freedom|insert-yourself) - pay for it.
> But it is controversial to complain that the best stuff is more expensive than the cheap stuff.
Nah. Technically, and in terms of manufacturing cost, it would be even easier to make a simpler computer, without all those bells and whistles that can be turned against the user, without the Intel Management Engine, TPM, and what have you.
> That's the type of stuff they sacrificed to make it cheap.
No, it's economies of scale which make one expensive, and the other one cheap. And human greed, and the human need to control other humans.
Don't forget that a lot of those features weren't put on there to spy on people, or control them, they were put on there to make non-technical users safer.
Non-technical users can and will be tricked into doing all sorts of ridiculous things to their computer, and then they will blame the computer manufacturer for letting them do that. Computer manufacturers responded by not letting them do that.
Mainstream computers are designed for mainstream users... the common clay of the land... you know... morons. They have to be protected from doing stupid things to their computers (because otherwise that's how you get botnets).
As the OP says, there are computers that don't have these features, and that you can do whatever you like with. But they tend to cost more, in part because they're not mainstream so they don't get economies of scale.
> Technically, and in terms of manufacturing cost, it would be even easier to make a simpler computer, without all those bells and whistles that can be turned against the user,
That's true. However, vendors don't look at manufacturing costs in isolation - they care about profit. All these user-hostile additions generate more in profit than they cost in manufacturing.
This way, the best stuff costs more, even if it has less - because "value-add" garbage has negative total cost.
Businesses want and will pay for management-engine features. It's more profitable to have them, therefore it is more expensive (in an opportunity cost sense) not to have them, even if you personally do not want them.
You're right that it is all about economies of scale. Economies of scale say that it doesn't make sense to tape out a whole separate die just for non-business consumers. They just don't sell that many units that it's worth it. It's cheaper to make one die for everyone and then sell one die with AMT turned off, even if it involves wasting a small amount of silicon for each chip produced.
Incidentally, this is why (apart from a few noxious exceptions like ECC) consumers are generally the beneficiaries of market segmentation. Businesses will pay a lot more, locking these features behind higher-priced models lets the consumer models be cheaper. Without market segmentation, the outcome isn't that you get a Xeon at the price of a Pentium, it's that you get a Xeon at the cost of a Xeon.
Yes and no. Companies don't exclusively decide what they design based on the expected manifacturing cost. The decide based on the return of investment.
> Technically, and in terms of manufacturing cost, it would be even easier to make a simpler computer...without the Intel Management Engine, TPM, and what have you
Maybe I'm missing something here but how is it possible that on-die features like IME affect the manufacturing cost and complexity of a laptop for e.g. Dell?
The issue is there is no true demand. Yeah, everyone kinda want a device they own - when faced a very direct question and explanation how things really really work. But typically most people don't even think about ownership of the devices they buy - or even falsely assume they "own" those. And those who are aware about the issue have to either pay premium for their rarity (if that's even available in their market - which is not always the case), or agree to not own a device.
So, yeah, ideally everyone should own what they buy, if they want so - and they should be aware what exactly they buy and what are the gotchas. But... how? I believe this "caveat emptor" informational disparity is a multimillenia-old issue.
(Fine print, obviously, doesn't work - because human nature.)
Homestly, this started going downhill with car or any technology advanced enough for documentation to split between user vs. Admin docs. Once manufacturers were offthe hook for being able to transition all relevant info with regards to operation, maintenance, and servicing along with the thing bbeing sold, it created the ignorance/info-asymmetry marketplace that entrenched engineered knowledge scarcity as a profitable business model.
Remember back when you could get "free" dial-up internet by accepting ads? And later Facebook did much the same thing?
I see the whole personal data/tracking industry as that model. You can get a tracking-supported smartphone for $50 or with almost no tracking for $150. This whole thread is people saying they don't want to pay $150 to own a smartphone when they can get that phone for $50 with tracking.
I have a similar problem with slavery. I don't like it. But the smartphone market is utterly dominated by people who are just fine with slavery so there's just one company making a "less slavery" phone and that phone barely sells. Their forums have multiple threads with people complaining quite openly "why does it cost more to make a phone with less slavery" and suggesting that the company could provide more features for a lower price if they just forgot this whole "fairphone" business.
Smartphones are expensive to make and expensive to run. You pay that price either with money, or a mix of money and social/ethical cost.
This. We haven't really had software until just slightly more than half a century - and now everything but a kitchen sink has a microprocessor, running some sort of firmware. Which is never sold, merely leased^W licensed.
That's one reason, but economies of scale are another. If the movement to reject technology you don't own gained traction, the cost of joining that movement would also come down.
During what period was income not a barrier to “having technology that you own completely”?
Given that the only people frothing at the mouth in desire of “having technology that [they] own completely” seem to be rich computer programmers, why wouldn’t companies jack the price up?
I think there are two ways to look at that. 1) The relevant characteristics of these models shouldn't be specialist. 2) Cheaper, constrained portals to the internet may be subsidized by Google, Facebook, etc.
Euh, could be. There are other manufacturers of computers out there, in the USD market "laptops" are retailing at e.g. Walmart, Amazon for 200-300$.
1G+ has been the traditional price to break into "worthwhile" computing, "worthwhile" here usually meaning computing you get a choice on how to configure.
To give a bit of context, a "pay-day loan", typically something targeted at the majority of lower-working class folk who struggle to make it from rent check to rent check, goes for normally ~300-600$.
For a "lower-middle class" individual making ballpark 60-80k and making housing or rent payments, the norm in even lower cost cities is 1-2k. We aren't talking addl. living expenses, but already someone has to deal with the un-pleasantries of extreme poverty (gangs, illegal activities, never-ending debt and the prison pipeline) in the lower classes, and in the "middle" classes they are facing potentially tanking credit scores, getting behind on rent by a month (most Americans are living paycheck to paycheck), just to have a shot at getting one of these laptops.
Goodness help anyone in so called "3rd-world" countries.
> He wants a computer with specific features, but doesn't want pay for the models that offer those features because they are too expensive?
Correct. He wants a computer with less complexity and less spying "features", and the market is failing hard at that.
> reality has constraints
No, these are entirely artificial restrictions. Companies invested very significant efforts to implement DRM, management engine, AMT, all sort of telemetries and backdoors.
The emerging model of "privacy for the rich, surveillance for everybody else" is it expected consequence.
EDIT: wow, downvoted to -3 already? Truly shining the hacker culture in "hacker" news /s
Surveillance is profitable for the computer manufacturers. The “barebones” version therefore costs more. SmartTV’s, cellphones, etc don’t make a lot per person but it’s enough you need to go up market to find any real privacy.
This is literally something that NEVER crosses the mind of the average consumer. We should have a HackerNews version of "first world problems" and call it "HackerNews Problems".
You now have a computer that is 10,000 times faster than one you had 30 yrs ago at half the price. Oh and it fits in your pocket. A lot of time and money went into creating that. Those people need to get paid. And yes you pay for it with some loss of privacy.
The reason why this product doesn't existing on the market is because because NOBODY (except the odd 4000 people on HN) wants this product. Most people don't even use a VPN or know what TOR is. If you don't want it, then design and fab your own chips and write your own software from scratch.
> This is literally something that NEVER crosses the mind of the average consumer. We should have a HackerNews version of "first world problems" and call it "HackerNews Problems".
Should we call lead toxicity a "chemist's first world problem"? Should we call material flammability a "fireman's first world problem"? Equipment sterilization a "doctor's first world problem"?
We think about this, so that regular people don't have to. That's the point of specialization of labor. It's our moral duty to be aware of these problems, and to ensure end-users aren't hurt by these problems. As an industry, we've not only failed at this duty - we've been actively doing the opposite. Harming users of technology on purpose, making their lives worse in pursuit of extra profit.
It's not that users should care about whether or not they own their technology. Technology that isn't owned by the end-user, and actively exploits them instead, shouldn't be available on the consumer market in the first place.
Perhaps because most people don't know what we know.
I don't think about my car's airbags all that often because I'm not a mechanic or frequently in contact with sources of the latest airbag news. Two weeks ago I take my car in for some work and the mechanic walks out to me with this puzzled look on his face and asks why I have yet to have my airbags replaced; talks about how dangerous this brand is and goes on about the recall.
Now I'm interested. I had no idea. I've driven my nephews around in this car without any idea of the airbag issue. I've now been made aware and will act accordingly.
It's time for us to find a new source of analogies. Why is it always cars?
Regardless, cars increasingly feature the same sort of profit maximising nonsense: subscription-based services, problems that can only be solved by authorised dealerships, systems that can disable the car remotely, planned obsolescence etc.
There is an equivalent demand for Just A Car from people who don't want to fall into this trap.
I agree that privacy is a problem - and yes it is a first world problem.
The specific privacy problem espoused by this post is not just a first world problem, it's an HN problem. I am being disingenuous - this request is pure insanity and I absolutely promise you that this "computer you fully own" will have such a very small market that it doesn't have a chance of breaking even.
> I agree that privacy is a problem - and yes it is a first world problem.
Where a right for privacy really matters is not in the part of the world where your google searches are used to pick an etsy ad, but where typing the wrong thing against the wrong person could land you in jail, or at the morgue.
It’s only a problem because people in general are not willing to pay for it.
You and the OP have the same problem you want a solution but are not willing to pay the price. And you think that what you want is what most people want, but from what the market tells us they are pretty happy with what is being offered right now.
So let's say I'm willing to pay double or triple rate or more if needed, then show me a flagship phone with the same capabilities as a normal Android flagship phone but without the loss of privacy and ownership. You can't and you never have been able to. No completely free phone on par with flagships have ever been released.
It does not run on top of java virtual machine, so it does not require huge resources like latest Android. See also how smooth first iPhone with 256 MB RAM was.
HN may be larger than 4000 people, but it feels like a disturbingly large portion of the HN community seems to be in favor of anti-owner and anti-privacy policies. Forced obsolescence, razor/blades business models, selling user "behavior" data, and out-right spying on individual communications all seem to be big moneymakers, and some significant portion of HN's audience is more about "IPO and get rich" than "hacking".
HN is large enough that it has many factions, the one you describe definitely exists, as does the 'bro' faction, the 'get rich quick' faction, the racists and the idiots. That doesn't mean that any of these factions are dominant, and besides that HN has many more lurkers than posters and I suspect that the division is not identical between those groups on either side of the lurker/contributor divide.
most people have never heard of Tor, but by now most non-techies are suspicious of tech. They've noticed that they're not in control, that it does weird things they don't want, that it spies on them, that it sneaks advertising in, that they're never sure if something is private, that they can't tell if something is real or a scam, or if a service is fine now but is going to turn into something harmful in a a few years.
so let's keep on screwing them over, I'm sure there will never be any consequences as we poison society
Those that use a VPN for privacy are the "average consumer". Those, let's say more geeky, know that the VPN for privacy that are sold by lots of companies are a fallacy as using a VPN from home gives you zero extra privacy. It only moves the problem from your ISP to the VPN company, which likely isn't covered by the same laws. It is in almost all cases worse.
> This is literally something that NEVER crosses the mind of the average consumer.
I think it happens more than you think, but people view this as eating healthy and exercising - should do more about it, but the world makes it easier to eat poorly and do things that aren't exercise.
What would help is if there are people with the capability to help aligned with solutions.
> You now have a computer that is 10,000 times faster than one you had 30 yrs ago at half the price.
Actually, I think Apple has caused the prices of pocket computers to go up in the last few years (relative to features). And many of these features, I could do without (I.E.: I don't need so many sensors on my daily phone, this is dangerous from a privacy point of view). They removed the physical keyboard though...
> And yes you pay for it with some loss of privacy.
Why? You can pay $1,000 for your pocket computer and they still won't let you be administrator of it in the name of your own protection.
To tell you the truth, I don't like where today's computer designs are going.
You're right; freedom of computing is a non-issue for most people.
What I don't agree upon is that "NOBODY" would want open platforms; there's probably a larger market for that than there was a personal computing market in the 70's. There's businesses like Raptor that sell fairly open workstations, and they simply wouldn't if there wasn't a market for it.
The main issue is the disconnect between engineers/programmers and users. If there's growing amount of people who won't use the products they build themselves, then the idea of a war on general computing might snowball into a self-fulfilling prophecy where average users no longer has access to general computing through normal consumer devices.
It doesn't cross their mind because they don't know and don't understand. Once it impacts them, will they know and once they research, will they understand. Do you want to wait around until the public understands? What do you think the world will look like if we just wait?
Imagine we applied your "disregard until it becomes a bigger issue" approach and ridiculed every warning as a "your group problem is not a problem". Look around you. How is that working out?
Climate change for one: "eh... scientists are worrying about things that aren't even a problem yet, we'll tackle it when it becomes a problem, if ever".
This is not even remotely "first world problem". This is a problem that deals with democracy, anti authoritarian and such.
> The reason why this product doesn't existing on the market is because because NOBODY (except the odd 4000 people on HN) wants this product. Most people don't even use a VPN or know what TOR is.
The general public wants it and even uses at times of mass protests and government censorship. They don't know the technical details but they do use it all over the world, albeit infrequently.
* Nothing about "average consumer" was mentioned.
* Speed and size aren't relevant to topics of ownership and trust.
* People may pay with privacy, but it should be a consenting relationship.
* 4000 > 0
* Whatever "most people" are into, there is yet a market for good VPN services, and people do use Tor.
It's nice to want things, the question is what are you willing to contribute or give up to get them. The author wants to be free of Microsoft and then says he wants something like DOS on x286. Well, DOS was not free of Microsoft. To really be sure corporations and government are not spying on you, you need 100% open source for all software and firmware, if not chip schematics. This means slower hardware and less software, because people don't do as much work for free / on donations vs paychecks paid by copyright royalties and ads (that can be easily stripped from open source). Want to keep your photos if you drop your phone into the lake? Well, then a copy is on someone's servers. Want traffic information in your map app? Someone knows where you have been driving then.
Running desktop/laptop Linux is a relatively minor sacrifice in terms of available software, especially if you consider Wine and Steam emulation. Yet market share is tiny. People do not seem to own a computer enough to do anything about it.
Probably he meant that Microsoft was not the same Microsoft as it is now. In the same way as having @gmail.com account let us feel "special" 15 years ago and Google was operating under "Don't be evil" flag. Things are changing.
Well ... TCP/IP was not yet the standard, the Internet was very different there. Microsoft then and Microsoft today is the same deal: They want to earn money. And most likely, then, they were more ruthless than today.
What he wants is simplicity he can understand. 286 had a processor architecture with a security model everyone could understand.
If only it were "voting with your wallet". It's more like voting with your time. And running browsers and other rando software in VMs to not compromise your nice secure system. And doing the work of being different when friends send you an invitation to some proprietary crap and you have to talk them into something Free. And explaining how you're not excited for "features" like WebGL and Faceboot APIs.
It does exist, it's all eminently doable, and I encourage people to explore this road. But it does cost more than mere money. Going against the grain always does.
Sure, you can own that computer, but then you have to get online which requires another pile of knowledge to even hope at reducing now much you're tracked. This is not a reasonable solution.
> People have to vote with their wallets and pressure vendors.
I disagree. Expected someone with very little knowledge of the topic to make an informed choice here is highly unlikely to work. You could say the same about clothing created by child labour, but most people aren't going to spend a couple hours researching if the shirt they like is okay to buy, nor should they be expected to.
I believe the solution to this problem has to ultimately come from regulation.
Why on earth would they use re-imaged Lenovo laptops when that company has a history of hiding malware in firmware so that even a reinstall can't remove it? Why should anyone trust they haven't shoved something nefarious in a chip somewhere. If you want a trusted system you have to start from trustworthy hardware or at the very least avoid manufacturers that are already known to be both untrustworthy and unethical
Those machines are wiped and the low level firmware and boot loader is replaced. The specific models available are chosen because newer machines prevent you from doing this. You can’t easily get a computer more fully free than these. They link to some new processors and motherboards for desktop builds too, good companies making those who deserve some support
So they've independently discovered the tenets of the Free Software movement. They make valid points, but that's all they've done. I'm surprised there's no mention of this in the comments here.
> I must rely on encryption algorithms that are designed with subtle flaws that can take years, if not decades, to come to light.
Cryptography is an extremely technical field, so yes, you do. That's not really relevant to the matter of truly owning your computer. If you want to personally validate modern theoretical physics, that would also take years of study.
> Even open source encryption algorithms that some claim are above reproach are repeatedly being shown to have major flaws, and the fixes to those flaws have their own major flaws.
Again, a separate issue. That's not a matter of having a computer you truly own, that's a matter of software quality.
> Will this ever end? Will I ever have a computer that I own?
They pose this question as if it's a rhetorical one. The Free Software movement already exists. You can support it with code contributions, documentation, testing effort, money, or advocacy/activism. See [0]. If you don't like the FSF specifically, you can support other initiatives.
> Perhaps I am looking for something like the x286 DOS computer I had in the early 1990's
You can do an almost fully GPL compliant Linux desktop by building it yourself today. I can already see people thinking "but what about the closed source binary blobs? my video card? my network interfaces?"
But even your 12 MHz 286 or 386SX/20 had closed source AMI or Phoenix BIOS firmware on it. The motherboard manufacturer in Taiwan and American Megatrends sure weren't handing out the source code to that. And if you had a video card, or a soundblaster, its drivers loaded in config.sys were also closed binary blobs.
While the BIOS and VBIOS of a typical 286/386 machine was indeed a closed-source binary blob, there were several factors that helped keep this in check:
1. The underlying hardware interfaces (I/O ports, memory addresses, etc.) was considered part of the IBM PC "standard" and many programs would bypass the BIOS and talk directly to the hardware.
2. The software interface to the BIOS and VBIOS was also part of the IBM PC "standard", and so the firmware couldn't diverge too far from the expected behaviour without risking compatibility issues.
3. Once the PC entered protected mode, the BIOS essentially turns into a useless brick, and ceases to have any influence on the operation of the CPU. (That is, once in protected mode, the OS kernel in ring 0 had full control of the system, and none of the BIOS code remained active.)
The difference with modern systems is stark: binary blobs often provide the only means to operate the hardware devices, CPUs have special execution modes (such as SMM) which continue to execute binary firmware even after the OS has booted, and even the CPU itself holds binary blobs (such as microcode patches).
You have (almost?) no way to verify how the transistors inside the computer chips are wired. And even if you design your own chips, you can't really know if the design you specified has been faithfully followed at the fab facility. It's a tough problem.
The question then, really, is how far are you willing to go down the stack of software on hardware, in pursuit of true ideological purity? How can, even the Pinephone manufacturers, be absolutely sure that their design is being implemented in hardware as they specced it, without backdoors?
If you have a near infinite amount of money and resources, you can be absolutely certain (the hardware that runs NSA approved type 1 crypto goes through a very thorough vetting process), but such a concept is economically unrealistic for anything that normal people can buy.
Hardware level trust would be really cool. It seems theoretically possible because all you need is an accurate measurement of some physical property that is hard to forge when changing transistors orders etc. Practically though, anything like that would be most likely affected by manufacturing tolerances for the transistors, so you’d have to find something that allows a certain amount of error when individual transistors change, but will reveal unknown transistors and connections.
Even if this was achieved, the rabbithole would continue though, because the thing you measure with could now have a backdoor. Remind me of the classic paper about the same problem with software: https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_Ref...
As the paper points out, ultimately you have to trust the people. This is why vetting processes exist for access to some critical things. And why I have a fairly high degree of confidence that certain reputable people can be relied upon to take a firm stand on principles and ideology (example: if somebody was trying to pressure Moxie Marlinspike to backdoor Signal).
Definitely, but in the pre 1995 time frame for both MS/DOS and Unix derived workstation stuff, the default was for everything to be closed source and proprietary. Vendor lock in for high performance systems was much greater than the open hardware platforms and interoperable things we can piece together today.
If you had a time machine and gave some developers in 1991 the massive cpu, ram, storage and bus i/o throughput that we have today in a $1200 desktop PC, I don't doubt that they would have made those binary blobs a lot bigger and more complicated. Something about the typical software environment expanding to fill all available resources, seemingly as an inevitability.
There was no management engine, no "phone home" functionality. And those drivers you mention were often handwritten assembly to the point that reading the disassembly would be as good as having the source code.
In the olden days of real mode MS-DOS, if you want to gather keystrokes from the user securely (e.g. a password) the program could simply take over the IRQ1 (keyboard interrupt) vector and that was sufficient. The extra paranoid could also revector the other interrupts (or disable interrupts entirely) and ensure they had exclusive control of the entire machine.
> Governments seem to be universally terrified of even the slightest possibility of anyone in the world having a private conversation.
We used to make fun of the countries behind the iron curtain for their lack privacy. The thought of living in a surveillance state seemed horrible as well as unrealistic in "the west". Freedom / democracy loving people like us would never have that kind of problem. Now it seems the whole world has gone mad, and it seems that people looking for privacy, are just considered as people looking to do something terrible that the state needs to stop anyway.
There are approaches that can deliver large portions of this; run an open source linux distribution, running open source browser with open source tracker blocking software. You can run this on an inexpensive system and wipe out all external communication except what you specifically want.
This is obviously unrealistic for most people. You can toggle off automatic feedback & updates in a modern OS and you can install Firefox with tracker blocking and you are 99% of the way there, plenty enough in practice.
I want to point out both of these approaches introduce legitimate security holes (either from not using a production grade OS or from disabling updates on it) which are vastly more likely to have real impact on your life versus privacy tracking.
I think this is an inherent contradiction - if you want to be in total control of your computer while not knowing how totally control your computer, you are never going to get what you want. You are always going to have to put your trust in someone else to manage your computer. Some of those people might be more trustworthy than others, but you are still trusting in someone else to manage your computer.
Even if a browser is FLOSS, I wouldn't say a user can truly "own" a browser any more than an absolute ruler can govern a country alone. Browser engines are complex beasts that have grown beyond what anyone can hope to understand, re-create, or even maintain without billions of dollars of annual funding.
Software needs to be simple for users to be in control.
Qubes is a great distro for this, so is Kali; but support boot to USB. But even anonymizers like the TOR Router can still have their entrypoints snooped by hostile nation states to target dissidents. It is extremely hard without the help of non-US ISP to be completely anonymous and un-identifiable. And let's not forget your chips may have Intel Managent Tech which is spyware you really can't shut off that monitors/injects directly into the north/south bridge (I forget which).
One of the fun parts about hitting DefCon every year is how easy it is to learn about what's new in this space. I hope they don't cancel this year: the social information sharing aspect is the best part.
> Except for a handful of very over-priced models that I can't afford to buy, our computers are increasingly designed to be little more than advertising platforms and vehicles for maximizing the cloud revenues of their true owners
Huh? You can buy a very cheap used ThinkPad for <$200 and run GNU/Linux on it. In fact, I don’t see any mention of Linux in this article.
This is a "have my cake and eat it too" rant, it has nothing to do with reality. He wants it to run Excel, he wants to be able to use google/fb/whatever. He just wants to be able to do it in a way that costs nothing or next to nothing and that somehow still gives him "full autonomy and control". Or, more accurately, the ILLUSION of full autonomy and control. Why an illusion? Because no matter how much control he has over his own computer, it doesn't matter the minute it talks to another computer. By definition he doesn't control that computer, and he is by definition trusting it to treat whatever personal info he discloses correctly. So his dream of a fully autonomous and controlled computer won't even give him what he really wants.
Then by extension any kind of communication with someone who isn't yourself is automatically untrustworthy and subverts ones goals of control. Even shouting across the hall to your roommate or family member.
This is a ridiculous premise.
If he exercises that control to limit what the computers are discussing -- which is the subject of the article -- then how does that subvert the premise?
Apparently that's not safe either. "Even open source encryption algorithms that some claim are above reproach are repeatedly being shown to have major flaws, and the fixes to those flaws have their own major flaws."
The author claims that, but I don't know of evidence of it being at all widespread. Dual_EC_DRBG is the one instance I know of, and I thought barely anyone used it.
Not the author, but I would hazard an uninformed guess at three levels of security:
(1) a government is already specifically interested in you or the person you're talking to when you have your conversation: both the fact of the conversation and the content of the conversation can probably be captured pretty easily.
(2) no government is specifically interested in you prior to your conversation, but you take no special precautions: the content is probably secure, it's probably not being recorded, but your location is probably recorded so if you later become a target of interest then the fact of your meeting is likely to be recoverable.
(3) no government is specifically interested in you prior to your conversation, and you take precautions (being careful about when and where you meet, and not bringing your phone): probably your conversation is reasonably secure.
That depends on a lot of things.
But some realistic concerns might include evesdropping using parabolic microphones, covert listening devices deployed at the meeting point etc.
Not to mention a) arranging the meeting and b) getting to the meeting need to be performed some how.
Getting from point A to point B is, in today's society, not a surveillance free affair. Everything you carry can be used to track you, and even if you carry nothing, hundreds of CCTV cameras can likely follow you along the majority of your chosen route.
Thus the 'metadata' of your meeting is still known, even if the contents of your meeting isn't.
Yes and as you pointed out, there is much more metadata being generated and collected nowadays. It would be prohibitively difficult not to leave a trace nowadays.
I'm thinking of cellphone tracking, automated plate reading, good old surveillance cameras, bank transactions, and whatever your computers are collecting unless you actively fight to stop them.
Not the author, but I would say they might not be very secure, but importantly, they are _auditably_ so. You can look around to see if anyone shady is within earshot, and in many situations you can choose a (contextually) private location if you so desire.
Plus, it is a bit harder to mass surveil people, even with voice recognition, as one can go into a crowded place (or, well, could, barring current circumstances...) so most of the audio is drowned out.
I felt this way about iPhone. My compromise was to only connect using a VPN. The goal wasn’t to keep my traffic private — it was so that I could have complete visibility and control over what the iPhone was talking to.
The idea was that my iPhone could be as nefarious as it wanted to be — it could never talk to anyone I didn’t want it to talk to because iptables stopped it, or something.
The project didn’t pan out, but I did end up using pihole a lot which felt like a good compromise.
I also discovered that iOS and cell carriers have a some kind of partnership to silently send each other text messages containing lots of unique looking identifiers, which was fun (REG-RESP?v=3&r=...&n=+555994321&s=FB87CD658A...etc). I used a niche IOT carrier for a while that showed me the complete SMS logs, including all these messages being sent multiple times a day.
I’m sure there’s some banal engineering reason for it but it’s not exactly heartening to find “secret” text messages being snuck out, by the dozen.
My computers are cerebral prostheses. They are deeply personal, I know them, they know me. They are a part me. Without them I would have a different character. Please, indeed, allow me to have one that has me as it's only priority.
In practice I strive for this. I run all the backend services I can get my hands on from my basement (Home Assistant, NextCloud). But getting to the 100% mark indeed seem impossible today without mayor inconveniences, compared to other people, in this time frame at least..
I know how much HN loves Urbit /s, but it's the only attempt to create a computer that you can own that I'm aware of and (1) shows the scale of the endeavor and (2) proves it's possible https://tlon.io/
I think that by "computer" most people mean a device that stores and processes information, not a cloud service that in some opaque way may allow users to share computational resources from such devices.
Who is going to make this mythical computer which neither benefits any government nor lines the pocket of any corporation? At a cost that makes it accessible to the author? Real question. Maybe it's possible. Who's going make it.
I think the best bet is for citizens of powerful and influential governments insist on legal privacy constraints for software and hardware manufacturers, as well as place limits on their own governments' snooping.
I assume you are getting downvoted for not adding context so I’ll help; urbit is literally designed around the principle of total ownership. The community (purposefully) does a terrible job of explaining it because of some enlightenment complex but the promo video put out by Tlon does a pretty good job of summarizing. https://youtu.be/M04AKTCDavc
I believe urbit is the solution, just waiting for the implementation to get polished up.
What I find rather puzzling is the increasing secrecy of hardware manufacturers; search the part numbers of all the ICs on a motherboard from the first IBM PC/XT/AT (for which schematics and BIOS source were available) up to the 486/586 era, and chances are very good that you'll find the full datasheets. Try that with a modern motherboard, however, and you may find that something as seemingly mundane as the CPU voltage regulator controller or temperature monitoring/superIO has next to no public information available. Wouldn't a company making data on how to use its products easily available be more likely to earn new customers and have better sales?
> Our computers are increasingly designed to be little more than advertising platforms and vehicles for maximizing the cloud revenues of their true owners
This applies so much to modern Windows operating systems that it's frankly disgusting. I think most phones are also solidly in this space as well.
Apple is marginally better, but their efforts to ram iCloud services down your throat at every available opportunity is pretty obvious as well. Plus the amount of things that mysteriously call home. On the plus side, they don't actively send you ads baked into your lock screen or start menu.
The style of writing in that article[0] is utterly infuriating to read or even skim for facts.
For anyone else unlucky enough to want to know what happened here:
- Microsoft Edge on macOS is apparently a thing that exists (I was not aware of this)
- If you install and open Edge on macOS, a notification titled “Try the new Safari” appears on the top right of the display, claiming Safari is “Fast, energy efficient, and with a beautiful design”
- The linked article is basically a tweetstorm made worse by being surrounded by distractions.
Yes, my thoughts exactly. You can't quite escape concerns about motherboard and cpu manufacturers baking in little security holes, but it's better than buying some pre-packaged system or laptop. Chuck Linux or a BSD on there and boom you've got back most of your general purpose computational freedom.
Of course, you can't change the crappiness of the broader infrastructure, but "give me wisdom to accept what I cannot change" and all that. Choose your battles.
> Except for a handful of very over-priced models that I can't afford to buy, our computers are increasingly designed to be little more than advertising platforms and vehicles for maximizing the cloud revenues of their true owners.
I don't quite get what the author is talking about. There are some concerns about what proprietary BIOS firmware does, but otherwise pretty much any PC on the market can run whatever software (including the OS) the user installs on them. Or can the author only afford a smartphone?
For an article about privacy and not being snooped on, some HTTPS would be nice!
But then again, the author could understandably reply that TLS is an example of a system that has evolved to require "checking in" with a central authority - the opposite of what they want. So fair enough.
It is interesting thought, especially as few days back someone in HN wrote completely opposite view, that everything should be controlled and spied on (and for the love of universe I cannot find it again, it was on first page of HN I would appreciate link ...), because with progress we are becoming more powerful and more destructive - so any human in future with enough knowledge, would have ability to destroying entire humanity.
Where is the middle ground between those two ends?
It's basically fighting the inevitable. Technical progress is relentless and basically impossible to control. You can unilaterally choose to not participate. But that just means giving more control to exactly those people you are most afraid of. The best way to stay ahead of that game is to be a part of it.
I take it as a given that a few generations from now, every move, expression, twitch, etc. will be recorded, persisted (in perpetuity), analyzed, etc. by many mutually hostile parties. Even right now, we're never far away from dozens of active microphones (i.e. phones) that may or may not be live streaming an audio feed over the network. Many cities are covered in cameras. A lot of financial traffic is electronic already. So, you could argue that although incomplete, it's already getting hard to cover your tracks. Tin foil hats don't really suffice anymore.
In fact, I believe we are just living through a very narrow window of time where this is all technically feasible but not common practice or practical yet on a global scale. I'm talking about a cradle to grave thing. It's not going to be opt in or opt out for anyone ultimately. It's basically an arms race.
However, I take some comfort from the notion that there will be many parties doing that and watching each other and thus keeping each other honest. The irony of that is that this applies equally to dictators, corrupt politicians, criminals, terrorists, military, etc. as well. They may be empowered to misbehave but they won't be able to do so covertly. If you are powerful enough, you get to rewrite history. But in the future that will require access to the digital archives of all your enemies. And you can never be sure that you got every bit of that.
I agree, google's search certainly peaked a long time ago. It's great for anything highly popular but between marketing bullshit and spam results for anything else have just gotten worse
I think there is a market niche which is being overlooked: pay-to-use search engines.
Infinity Search (https://infinitysearch.co) is something like what I have in mind, but they only charge $5 per month, and search results are noticably less comprehensive than Google.
Kind of like how there are various pay-to-use email services which market themselves on their security, I'd like to see a lot more competitors in the paid search engine space. Eg instead of paying $5 per month, let's pay $200 a year for a search engine which consistently returns superior results to Google.
I understand the author. While I'm more suspicious about the hardware companies than the governments. But care about both. And look pure software companies, which try to sell you services instead of code, executable and support. When hardware- and software are integrated be extremely wary - usually you only get an appliance.
I try to follow these guidelines:
1.) Used and buy only general purpose computers, where you can swap hardware and operating-system. Or even better, firmware.
2.) Avoid Big Tech: Apple (literally all), Microsoft (Surface) and Google (Pixel)
3.) Laptops: Invest into vendors which allow all purpose computing or especiall Linux. Big ones are Lenovo and Dell, small ones are {System76, Purism, Tuxedo, ...}.
4.) Desktop: Built it yourself or order some from a shop which built it for you.
Actually the Pixel Phones are rather good. But Google is not better than Apple. Miracast is really complicated but good. Google? Disables Miracast in the Pixel phones and tries people to lure into Chromecast, which is inferior and requires practically always Internet. If you want send content two meters across the room you don't want Internet! And Pushmail? Only with GMAIL on Pixel. We are in 2021 and this phones don't provide Pushmail for IMAP servers which actually provide this feature. Even Apple is better there, and Apple also provides CalDAV and CardDAV. But Apples doesn't provide file system access nor allow you to use your devics as you want!
Lenovo and Dell improved their Linux support a lot in recent years - so I consider them pretty positive. But nothing is perfect.
PS: Probably I receive downvotes because saying negative things about Apple is not well received here. Silicon Valley Clique?
What does it mean to own something? In the extreme, do you own anything that you don’t understand? In the extreme does owning something become a kind of performance art?
Ownership can also be seen as a gradient of more or less specific, but separate thought models along axes like "level of personal control" and "level of personal interest". I think it's fair to say you can "own" something you don't understand, maybe more fair, the more you're willing to clarify your ownership stake and ownership needs, if you have them...
Certainly the author of the article could clarify a few different areas for better leverage though, for example their desired state of the "mine"-ness of their data in transit vs. their data at rest on their client's side of things. Do they need to "own" their ISP?
And what's a hidden agenda from the factory--are we meant to intuit that without the author's help? Does it include software feature choice influenced by profit motives, or is the author talking about their subjective workflow being interrupted by something that is meant to fit a broader type or category of user?
I think the author could use at least a few different methods to organize and arrange some precise outcomes, and would then be well on their way to achieving what they want without needing to burden their imagination so much (286? Yikes, my PS/2 Model 30 was so nice to be done with...maybe excepting the keyboard) from the outset.
>> Modern smartphones however, seem like walled gardens in which I have no control at all.
By design, I think.
>> I am locked into a single OS on my smartphone, which either spies on you or is locked down even more. Every iteration a bit more control is taken away from the user.
I got so fed up with this, I abandoned the whole mobile infrastructure and built my own phone with a Raspberry Pi 3B+. The Raspberry Pi is pretty open hardware (yes, I'm aware it's not perfect). For software I used Python 3, C and GTK. It does voice and SMS/MMS only, but that is enough for me.
I built it for myself. It's stable enough that I use it as my daily driver.
For people asking why Urbit created new programming languages and architecture, this is big reason why.
Owning something should mean that you are able to fix it.
A single person can peak under the hood of the entire OS and know what's going on (provided they learn the language). This is inconceivable even in something like Linux.
One way to get closer to this goal is to buy an liberated X200 or similar machine, which can run on only free software, install a free software OS like Trisquel and only ever install free software on it. Buying such a laptop from people in the free software community will also support them and their work. There are a few shops.
On the web you will still need to deal with how everything these days is behind the currently hip and trendy CDN, but you can choose not to use such websites. You can have a main machine and your freedom respecting machine. You choose your own compromise.
I did that some time ago and I have to say I love my freedom respecting mostly distraction free X200 for writing or coding. It is a great machine to work with, if you can accept old hardware and the implied worse performance.
I've done this with a black 2007 MacBook 2,1 ("BlackBook") - ironically it's about the easiest laptop to install Libreboot on (all in software, no H/W intervention needed). Runs Trisquel Lite, the only thing that doesn't work is the webcam, but that's a privacy bonus.
You can't have a "computer that you own" because a computer is no longer an independent device. It's an access point - what used to be called a terminal - into a complex information ecosystem.
You won't get what you want with different hardware and an open OS unless you also fix the ecosystem.
And that means fixing ad tech, cloud services, DNS, open packet inspection, location tracking, security at multiple levels, and any number of other technologies, only the last of which is the local OS.
Worrying about the item in your hand or on your desk is almost literally looking through the wrong end of the telescope.
Get an old lenovo laptop and install openbsd on it. This post is legitimately a bit confusing to me since what they're describing sounds like a pretty standard sort of BSD/linux machine.
I don't believe what the author is asking for exists. The answer to his question, in my opinion, is a definitive "No." Even his 286 was arguably full of components which were probably backdoored in some manner. And even if your hardware and software stack is somehow fully private, having to work with the web as we all do, almost guarantees compromise.
This is not to say our efforts at privacy are completely in vain, just that this perfect endpoint doesn't exist.
I got a bunch of FPGAs and I'm building my own 68k/6502 machine to run my C programs and to tinker with assembly. Seems that I have a bunch of these chips so it will rapidly grow into a multiprocessor thing.
This is likely the only way forward other than RISC-V on FPGA. But they aren't exactly well defined. Or open. Solid hardware RISC-V is interesting and medium term viable but I foresee a world of blobs waiting in the wings. Time will tell.
Owning sthg. vs. renting has economical comsequences. If you own sthg. you will keep it for longer. If you rent you will keep it shorter. Plus all sorts of assurances can form as an ecosystem around that.
Therefore economy will push us to goods we don't own. If you would like to own something you will have to pay the surplus for reduced turnover at the economies side.
I call bs on that article. A guy wants to do nothing and get the stuff for cheap. We'll guess what, even if you get your thing for cheap once you get on the internet you'll be open for all kind of malice and there's ain't anybody but you to deal with it.
Get a free hardware or hardware with crippled anti-features, they're plenty of vendors that supply it, slap Linux on it, PGP encrypt your email and use secure chat. Oh, your want all of that to be done for you? Well you'll have to pay then.
Or that another argument - that encryption is workaround. It's like saying that food is not solution for being hungry but a workaround, a ridiculous statement. How are you supposed to stay private and anonymous if you communicate in the open? Are you going to have a private cable line to every correspondent you talk to?
>I must rely on encryption algorithms that are designed with subtle flaws that can take years, if not decades, to come to light.
There's Dual_EC_DRBG . Are there any other instances where this happened? And I thought barely anyone even used Dual_EC_DRBG because it was super slow. Did the author ever use it?
Get a pinephone and a pinebook pro and be done with it. When you want to get online, use a public WiFi like mcdonalds or starbucks and connect to tor or i2p and do your thing.
Attempting to hide in a world full of people who could care less about their privacy will make you stand out to those watching, however.
My daily driver is a thinkpad X200 that I librebooted myself.
I kid you not when I say that I derive immense pleasure from using it. Apart from a few (equally freedom respecting) devices I find, I literally never feel like I'm wanting for anything.
I can't recommend it enough. I don't have the words.
Under-acknowledged here is the relationship between the networks that make our devices useful and the increased homogenization of the devices themselves.
When I last truly owned my computer, connectivity (if it existed) was via dial-up.
The other thing I'd note is that we have more and better ways to communicate securely today than ever before. In the world I grew up in, we had phones, and Ma Bell knew who you called and how long you talked, and possibly even what you talked about. There was no real privacy or encryption possible; we all just pretended like those calls were private.
Private communication is possible now on Windows, Linux, Mac, iOS, Android, and I assume ChromeOS, right?
There are many, many more people who don't want you to have that computer than there are yous. So you have to want it more at least as many times over as they don't.
There certainly are other people who also want that computer. (E.g. me.) Maybe there are as many or more who do than don't want any of you, or us, to have them.
We have the advantage that what we want is just like the computers everybody else has, except with things taken out.
The software is doable. The CPUs have "management engines" that, at least in some cases seem possible to disable. The wi-fi chips are a problem; we might need SDR to bypass those.
But the cell phone system is going to be a problem.
I feel the same way but I quickly realize that as soon as all of those walled gardens and advertising networks are gone, a lot of the "free" or "cheap" tools and programs I like no longer are available. This is a combination of the fact that most people simply aren't willing to pay for the stuff they use and would rather have ads and the fact that the remaining pool of people willing to pay is too small to split the cost to something reasonable.
Until we reach a point where we can break that cycle, getting a machine like he's describing is going to either be really expensive or impossible.
Most of the tools we already have materialized out of no small degree of voluntary labor and charity...
In fact, I think you havethe effect straight up backwards. It wasn't the ads or walled gardens that created those free tools you like... It was the presence of those tools and the cleverness of users that made the formation of ad networks and walled gardens a thing.
I assure you, the Free part of Free Software is one heck of a force multiplier.
No, I agree that the open source movement and free software has helped immensely with organizations that create these environments. However, the key thing is those environments still need to be paid for in order to keep them operational and pay for improvements, etc.
This is why Facebook is inherently free except for the ads. Same with Google. People have not demonstrated a will to pay for a search engine, or for a social network for that matter. The closest thing that I've seen to a Social Network that is paid for by the users is one that is quite politically oriented and isolated, and honestly that's more of a political statement than actually the regular public paying for something.
What do you, the customer, allegedly willing to pay, get from a search provider? Especially once everyone else piles on?
What you get is a simple tool, that then requorements bloats as soon as the rest of the economy notices you're a growing centralized control point.
You start getting DMCA pipelines. You start getting hosting amd analytics, and monetization. You get your supplier suddenly weighing everyone else's interests against yours.
You start getting manipulated results streams when all you wanted wss reasonably consistent and well organized search results according to your query.
And in today's age? You, the customer, will always lose. So people are willing to pay for search engines, they exist, but just aren't willing to pay for "someone else's" search engine. Many may even go as far as starting their own, and not advertising or commercializing it to minimize the number of entrenched filters between them and the Net. As impractical as it sounds.
Not a lot of normal folks grok it enough to articulate yet, but nevertheless I see the pattern starting to coalesce.
For Search, you can deploy a meta search engine or use one someone else has deployed; you still have the mainstream indexes at your disposal that way, but you tend to get less filtered results. You get the truest representation of the rest of the Net via the set up of your own index by writing and cultivating a web crawler. No, I won't suggest it's easy because it isn't. Nor will I suggest any type of paid service, because to be honest, once the rest of the world figures out you've got a successful business model around something they find inconvenient, welcome to legal troubles.
Each and every internet staple started as a bunch of folks doing a project. Keep an eye out for those, or become one of them. Do it for you. Nobody can tell you not to, or hold you to task for doing so. It's only when you start building up enough network effect driven inertia that you start to become that leverage point ripe for the co-opting.
Knowledge asymmetry is big business. The only way to keep people from pulling the wool over your eyes is to build what you need and have a good ole look yourself.
Be warned it isn't for the light of heart, hard-drive, or net link, and your results are only as good as your crawler.
There are also a lot of risks by perniciously going out and connecting with everything under the sun. I'd recommend keeping your forays constrained, or at least on a well insulated network.
You should consider trying Urbit. There's a large community of people who have had this desire for decades, and most of the good ones are settling there.
While there are some nice open solutions out there, pine64 etc, one thing I'd like to see in more open projects is high quality.
I have a Pinebook Pro & an System76 Darter laptop. I use neither because the build quality is weak. Things like a proper trackpad, decent resolutions etc. Basically, I want a Macbook Air, but open-ish. And I'd gladly pay the 'premium' for it. Hell, that Darter was more expensive than a pretty decked out MBA & it is a heap of cheap plastics.
If the hardware was there, I wouldn't mind having to out some more effort in to getting a proper Linux distro running properly/
This separation of ownership and control is discussed at length in James Burnham's The Managerial Revolution (1941). The central idea, if I'm not butchering it too badly, is that, as our technological society becomes increasingly complex, the owners of things no longer have control over them, and, therefore, the "owners" of those things no longer actually own them. The true owners, according to Burnham, are an emerging "managerial class" consisting of, e.g., bureaucrats, administrators, and technical managers.
If you vibe with this article, you might be interested in the framework device ecosystem. They're about to release a laptop, and a mobile device is also in the plans.
While this will not provide the kind of freedom on the software side that the thread seeks, at least you get the freedom to choose the hardware components that run your device.
There's something wrong, though, when the feeling is based on ignorance. Hardly anyone knows about constantly being spied on by strangers in foreign countries, or that it is not normal that the product one dearly paid for shows advertisements, or that it restricts one's basic freedoms of using the product for any purpose, and studying and changing it.
I liken the happy Windows useds to the people held captive in Plato's cave: if they knew about the sun-lit real world, they would realise their misery. We the enlightened have a moral duty and should strive to educate and unshackle them.
Just FYI, you can make a functional system for way less than 7k. I pieces together my system for a little over 2k, and I could have gone cheaper for some of my parts. I probably spent around 1.3k on parts from Raptor themselves. (the prices have increased since then but the point remains)
Happy user of RCS Talos II and Blackbird for several years here. It really does live up to all the hype. There's also a very close knit community of users and an IRC channel (#talos-workstation on Freenode) if you want to drop by and chat. :)
It remains an interesting question. Is there any way to reclaim the autonomy and ethos of freedom from the earlier part of the digital era?
I'm not sure how that would look. I don't mean in terms of a set of hardware and software solutions.
I mean technology that's actually for the end users, available to everyone with curiosity as the only barrier to entry. It sounds like a utopian delusion even though it existed not so long ago.
I'm not sure there's a realistic way to get there from here. I'd love to be wrong about that though.
Windows has been the mainstream OS for nearly 25 years (probably more, had a hard time getting good historical stats). The desktop has never been free, just simpler and less 'rent seeking after the fact'.
I don't get it. For the "affordable" argument, you can buy a Raspberry Pi with Linux. Or any NUC with Linux. For everything else, system76, purism, think penguin, libiquity...
I want to add that while the complexities of building a PC or understanding fundamentals of open source and licences is steep... For anyone who wants these constraints but is unwilling to be curious enough to learn the ways of DIY/makers is gonna get smashed on this forum IMO. I would hope to see a sub-thread of OP asking for "advice" on how to achieve a solution solo (unless I missed it...) . I am a huge advocate for [devs] building their own PC's for fundamental understandings..
As long as you remain a human being, there will always be things you'd prefer be otherwise if you just wait a while. If we take that as an axiom, we can stop trying to react to every discontent with thoughts of wanting the world to be different. Once you accept that things are the way they are and there ain't a thing to do about most of 'em, maybe that's better than owning a computer you own. I dunno, works for me :)
I understand why people find Stallman irritating, but my word, he does tend to be right with terrifying frequency. (Come to think of it, that's probably part of _why_ people find him irritating.)
Expensive? Depends on where you are looking. I am writing this from 10 year old 4-core AthlonII (pre-PSP) PC. These is surplus of these widely available for pennies. Will do everything I need except 4K video (might be solvable by GPU upgrade). I only regret I have not built Phenom system with ECC memory.
I am worried more about software. I'd like to have a compatible privacy-oriented browser with governance that puts quality and transparency first.
Computers have come a long way in a short time and are very complex. Maybe the diffuse ownership (that OP bemoans) is necessary for that complexity, or at least for it to develop so quickly.
If I want a typewriter, car or handgun I “truly own”, I might be able to build one, as a last resort. But building a satisfactory computer without the global supply chains (that impose the bemoaned limitations) seems impossible.
The unspoken statement here is “what do you want the computer to do?” A typewriter or gun both have very narrow application. Any computer can do what any other computer can do provided the right software, data, and time. An Apple I can be built with discrete components pretty easily. But what utility does having an Apple I give you?
Right on. A “computer I own” seems to presuppose that this computer does all these millions of things, many of which (I fear) can’t be provided practically for less than a compromise in ownership.
You can build (and own) the Apple I but you can’t reasonably write a Chrome-compatible browser for it, if Google aren’t interested.
Thus I find asking for a “computer you own, like any other tool” is a bit nonchalant wrt. the scope of the request.
This reminds me of my stress in finding a high end TV without a major company watching my TV habits. It doesn't seem you can buy a high end TV without having Android or some other company watching what you are doing. Are there any high end TVs that have more open software? Or is profit such a high priority that we basically have to supplement tech companies through TVs?
> Except for a handful of very over-priced models that I can't afford to buy
This is an implicit admission that the technology itself really doesn't matter. If it did, the author would have scrounged and saved to get the expensive tool they need to start getting the results they desire, the same way musicians scrimp and save to get the instrument their ear tells them they need.
Looking through some of the points above, I was somehow reminded of Johnny Mnemonic, where he puts together a computer to get online. Based on today's reality he wouldn't need all the most modern, hard core parts, but actually as retro as possible - break into a computer museum and fire up some kind of antique running code he writes himself.
Lost me at “that the NSA won’t intercept...”
Sorry, it’s a spy agency, you can’t beat it because it’s sole purpose is to defeat whatever barriers you put up.
Furthermore, “no metadata” that is the data required to be public in order to be routed through a publicly accessible network. And, it may be possible to anonymize that data, but...
In light of the recent attempted overthrow of the government, I’m now firmly against giving away government monitoring of the internet. In fact, it’s time we give it some teeth.
We’ve been the victim of foreign propaganda to the point where the people have been driven mad by lies and the destruction of the American culture. We need defense in cyberspace the same way that we need defense against any invading forces. Few, sane, people argue against having a Navy or an Army; it’s just by the nature of the internet as a new technology that we’ve neglected it this long.
And, before you give me the “those who would give up freedom for security...“ line: we already don’t have freedom, we already don’t have security. I often wish that people could recognize that the government of the people and by the people is for the people. And quit treating out greatest tool against tyranny as a whipping boy for whatever personal crap they are going through.
If you can't beat the NSA then you accept you can't beat any foreign governments spy agencies, right? That's part of the premise of the original article, that you can't have a private conversation.
And your suggestion that mass surveillance is a reasonable solution to domestic terrorism is quiet terrifying to me. Mass surveillance is far too easy to abuse. Sure you can have a 'for the people' government and it not be abused, but a 'for the people' government needs a healthy amount of fear of the people to remain so. Your country already has issues with gerrymandering, do you think that's made better or worse by the government collecting more information about the people?
To follow your overthrow path, would more surveillance have helped? Would less have hindered? I'd say no to both accounts. The government already had information on when/what was going to occur and that was obtained not with mass surveillance but with simply in infiltrating the communities involved.
We should also consider if mass surveillance is the best solution to the issues you mentioned. Perhaps you could get the same thing you wanted by increasing education funding. Perhaps the same could be accomplished by building better cyberspace communities where you can be closer to your neighbours rather than the much more filter-bubble communities we commonly have now.
Damocles was an obsequious courtier in the court of Dionysius II of Syracuse, a fourth century BC tyrant of Syracuse. Damocles exclaimed that, as a great man of power and authority, Dionysius was truly fortunate. Dionysius offered to switch places with him for a day, so he could taste that fortune first-hand. In the evening a banquet was held, where Damocles very much enjoyed being waited upon like a king. Only at the end of the meal did he look up and notice a sharpened sword hanging directly above his head, held only by a single horse-hair. Immediately, he lost all taste for the festivities and asked leave of the tyrant, saying he no longer wanted to be so fortunate. Dionysius had successfully conveyed a sense of the constant threat under which a powerful man lives.
The powerful are perpetually terrified. They are scared of each other. They are scared of the populace. If someone created a perfectly secure computer or phone with secure messaging capabilities, from the hardware up, that company would immediately be told to play ball or face blackballing.
In a way you can achieve that. Microsoft and google, they don't know who exactly you are, they just treat you as a behavior pattern, not a human. So they don't know you personally. You're good.
If you talk to anyone, the other person will know what you texted them and who you are, so it's not anonymous already.
A collection of ice40 FPGAs built into a computer? surface mount transistor implementation of a pdp8 with regular semiconductor memory and an FPGA MMU that handles gigabyte memory sticks? I was thinking a forth computer, but the applications are sparse: gForth spreadsheet and word processor, both text based.
Since phones are nothing else than computers nowadays: I want a phone that I own!
The mobile phones are by far more limiting and take away control of the owner.
A simple example would be the possibility to edit the HOSTS file on Android. I am the owner and administrator of this device, yet I am unable to do basic controls of my device.
Or just troubleshooting things, even if you don't want to change anything. You're not even allowed to view what's stored on your phone.
My gf asked me why her Android can't install new apps (gplay says it doesn't have enough space to install 14MiB app, phone says it has 200MiB free).
So I go to adb shell to see what's taking up space, df says 700MiB free on user data filesystem (so the stupid gplay app is lying). `ls` and `du` says permission denied almost everywhere.
To unlock/root the phone, it needs to be erased, or needs some apk installed (which doesn't work). Even Windows 95 20 years ago had less shitty debugging experience.
Just makes me glad I never bought a smartphone, personally.
Other time we needed access was just to back up the list of contacts. Also not possible without a stupid possibly closed source apk. It's not even part of adb backup. But many regular apps are allowed to steal your contact list and send it anywhere they want. Bleh.
"User hostile" doesn't even cut it, when you lose access to your data the moment app installation breaks, and can't get to your data via debug tools.
My approach to getting a computer I own has been influenced by the esolangs website and I am implementing a single instruction set computer using random ttl chips. I don't care that it won't run preexisting software. Networking will be implemented using hand-couriered one time pads.
I find it ironic that the author points out in the first part of the post that companies are the real culprit but later puts the blame on governments. I wouldn't do such differentiation. They are equally wrong. Regarding free speech too. Case in point are the recent de-platformings.
"Perhaps I am looking for something like the x286 DOS computer I had in the early 1990's [...] Instead, I have a computer that is designed largely to maximize the profits of the computer industry."
Who's going to tell him who made the x286 and DOS? Not exactly 501(C) organisations...
DOS and PCs were, of course, always commercial products, but they still had the user's best interests at heart to a far greater degree than most modern machines; for starters, it often lacked the ability to phone home and report on your activity or download ads.
I'm going to push back a bit when the author is both comparing what they want to an 80s 286 PC and complaining that the only models today that meet their needs are too expensive.
The inflation-adjusted price of an IBM AT when it was introduced in 1984 was about $15k.
It's probably very difficult to be 100% sure, even if we create the hardware and software on our own. Therefore, be mindful of your actions and always assume it's being monitored. Running linux on raspberry pi might be a good start though.
You still own the computer. But, but, the root of the problem is actually the web. The browser is essentially a operating system nowadays, there are very few browser engines and even less browser engines without links to corporate overlords.
I'm already some ways along with program that allows secure communication over TCP/IP between clients. I'm sure there are many like it, but this one is mine. :) Not sure how you'd cooperate on such a project though.
The author didn't define what owning means, but my guess is that, the computer must not run code without his approval, and must be able to run any code he wants.
Yeah my guess is that OP is on Windows, judging by the way they mention advertising. This is the way I used to think and now that I am solely on macOS and Linux for my personal computing tasks, I don’t feel like that any more, though I am not foolish enough to believe that even on those systems you can’t be spied on at a hardware or OS level. Even if you’re on a theoretically 100% secure OS, any third-party software such as, oh, a browser, could be phoning home or have analytics hooks that track all kinds of things. If you’re super paranoid, I suppose you could always install Kali Linux on a VM and run TOR on that for covert communications. Or use smoke signals and manual OTPs.
> Yeah my guess is that OP is on Windows, judging by the way they mention advertising. This is the way I used to think and now that I am solely on macOS and Linux for my personal computing tasks, I don’t feel like that any more,
I don't think either are immune from the problem. Even Ubuntu was sending people's local disk searches to their servers so that they could push amazon ads. Everything I've ever touched from Apple seemed to push you to their own apps/ecosystem. If you want to put music on your iphone, you can't just plug it in and open it like a drive, they'll push you to itunes. They also seem to very heavily push their cloud stuff.
You can own a computer, but you have to go back to the days of MS-DOS and floppy disks to really be sure. Once a program is running on MS-DOS, it essentially owns the machine until it makes a DOS or BIOS call. There isn't really enough room in the system to fit any advanced back doors, and you can have your operating system on a hardware write protected disk. You can make backups that you can verify, and write protect those, and keep them offline.
-- The key advantage of an old MS-DOS / floppy based computer is that you can always bring your system back to a known safe state--
Once you adopt any operating system that is always running, the OS has to protect the hardware from everything, if you want to be able to trust it. This rules out Linux, Mac-OS, Windows, etc. I'm hoping that Genode does a good enough job to be able to trust it, but it's a bit beyond my learning curve right now.
If you have a secure OS, which isn't stupid about trust, then you're back in the saddle again, and can build upon this foundation, being careful to never give any executable you run more privilege than it needs to do the job. Linux, Windows, and Mac-OS all have stupid defaults (allow everything the user is permitted)... Genode and systems that implement capabilities don't do that. (No, "access your contacts" on your tablet or phone is not a proper "capability", "you can read this file", and "you can write this folder" are proper capabilities).
-- A secure system lets you assign capabilities using dialog boxes like you're used to using, except they call them a "power box". The OS then enforces your decisions, not the application. No matter how rogue or confused your program gets, it can't access anything outside of the files or folders you've given it access to. 8)
We're a few years out before awareness of the stupid defaults we're all living with take hold, and the inertia of everything then has to be overcome. We'll get there eventually, if we can keep the idea at least an open option before big business closes it down for good.
My main point to all of the above is that you need a better OS, the hardware can mostly be ignored once a proper OS is running that can keep the hardware from being hijacked.
You will get there you just need to wait. The latest computers are driven to improve because of the profit it seems you hate in your post, but Moore’s law is on your side.
First, you're mixing population with the author. He wants his own private computer, maybe the global population doesn't.
Second,participating in a ubiquous system does not mean you support a part or all of it. If I buy chicken from the supermarket, that does not mean I support all the atrocities in chicken farms. I could avoid buying chicken and going vegan, but then the same argument can be made for pretty much any other industry. Someone is getting screwed either way, doesn't mean I like it.
While it might be possible for individuals to solve this problem with money, I feel you may be missing the forest for the trees.
OP could just not connect to the internet, job done, right? The issue isn't so much they want privacy, it's that they want us all to have privacy.
It's not reasonable to expect average-joe to know about coreboot, seek out hardware that specifically supports it, then find a collection of browser extensions and communication tools just to have a private conversation with a friend.
Instead we should have regulations in place that make it possible to buy the computer at the local store and talk to your kids online without being monitored every step of the way.
Obviously several problems exist there - only Linux has an available FPGA toolchain, so you need a linux computer to bootstrap Oberon onto the FPGA, and DASH7 won't run on the same device (it runs on STM32 boards mainly).
So, to get a completely open design, you'd need to port DASH7 stack and the FPGA tools to Oberon to allow self-hosting and fully open radio. Add to that the fact that this board doesn't supply any video output so your development is over ssh/terminal and you have a way to go to get a fully open system.
Other pain points are that Oberon is a systems language that uses GC, so for deterministic/realtime (radio) operation it is not usable - you'd need to use it's cousin Composita to have a deterministic memory managed OS.
Lastly, Oberon doesn't have any formal verification tools which would be ideal for verifying the entire self-hosted stack. I suspect you'd need to use a LISP of some sort to be able to verify things from the ground up. Of course most LISPs have GC so you'd need to migrate the Composita+Oberon (A2) architecture to LISP to be able to build higher-level verifiable constructs.
However... this is almost possible. There are a few key things to work out here, but it's closer than at any point previously :)
Do I own my M1 MacBook Air? Did I own my TRS-80 Model 4, an 8-bit, Z80-based computer circa 1983? Well, I didn't lease either one of them, I bought them outright. Apple can't demand their hardware back now any more than Radio Shack could have demanded theirs back then. So that's owning, right? No?
You say I don't own my Mac because I can't put a different operating system on it. It's true, I could run multiple operating systems on the TRS-80. Sort of. There was TRSDOS, CP/M, and... several nearly-interchangeable TRSDOS clones. Of course, I can run a lot more on the M1 if you count virtual machines (including all the TRS-80 operating systems), but I know that's not what you mean. You can run any OS that's been ported to the Mac on the Mac, though, and there's already work being done to port Linux and NetBSD. Do I not own the Mac because Apple's security measures make it difficult to do that porting?
You say I'm dependent on the largesse of Apple and they can "take things away" from me as long as I'm using the Mac. And, it's true they have a potential level of control over what I can run on macOS that Radio Shack didn't have over TRSDOS. Yet for practical purposes I depended on the largess of Radio Shack, too, and when that stopped, the writing was on the wall for that compuer line. Not the same thing? No, not exactly, but I bet you can't name a Mac application that you can't run because Apple pulled a hidden switch that stopped it from running. You can name a few that you could run a decade ago -- or in a very few cases, a year ago -- that you can't now because the OS changed, or the hardware changed. I can't run my once-beloved crazy writing brainstorming app, Dramatica Story Expert. But that's because its developer is legendarily terrible at keeping up with modern Apple hardware. It isn't because I don't own my computer.
You say that things aren't "private" on the Mac. What's that mean? The local data on the Mac is more protected than the local data on the TRS-80 was, I can tell you. Forget encryption, stuff rarely had plain text passwords! Data that isn't local is a question mark now, but it was a question mark then, too -- to the degree it was possible to have non-local data on places like BBSes and Compuserve and even the early Internet. I have way more data "in the cloud" now, but in many ways it's a lot more secure, because we weren't just thinking about security in the same way three or four decades ago. As for ad tracking, I'd argue that's a really important conversation about privacy, but it's not a conversation about "owning my computer" unless we're really stretching the metaphor.
And in the final analysis, "you don't own your own computer" is a metaphor, a semantic sleight of hand. I'm surely playing a semantic game here myself, but my issue with a lot of these arguments is that they're presenting as something that they maybe aren't. They're maybe less about liberté, égalité, fraternité than they are about nostalgia for a (remembered as) simpler, more tinkering-friendly time.
Perhaps we're going to return to a time where it's difficult to put an OS on your computer other than the one sanctioned by its manufacturer. Is that great? No. Does it mean we don't really own our computers? I'm just not sure I buy that.
[To vainly try to head off the "but iOS" responses: I'm explicitly talking about Macs in this example. And no, I don't expect Macs to ever be locked down to the degree iOS is. That's a rant for another time, though.]
Agree with most of the comments, but it's worth mentioning that you will never get those things for cheap.
The reason most of the things you buy are cheap is due to economies of scale - you want something a lot of people want.
Want a bicycle with 2 wheels? Cheap. Want one with 7 wheels? Expensive.
Unfortunately for you, almost none of the things you say you want in a laptop are things you're aligned with most of humanity in terms of priority. Sure, most people might tell you they want those things, but they're not willing to give up the benefits of centralization, or pay a few bucks to get rid of ads.
Tldr: if you want something few people will buy, expect to pay more.
I assume they're referring to Rand Paul (and also Ron Wyden) who have both made assertions that the executive branch has it's own secret interpretations of the laws that were passed post-9/11. The laws themselves are not secret, but what the government thinks they authorize is.
> Snowden cited this as the reason he came forward.
yep. Once he realized that the NSA was outright lying to congress and the American people had no ability in law to actually know or address the abuses going on leaking the truth was the only way anyone would ever hear about it.
> I want a computer that can be completely autonomous when I want it to be, but which can also be used to communicate securely with anyone on the planet without being observed by a third party.
I think this is the rub of the problem, because it's a contradiction: "I want secure software with no vulnerabilities, but don't you dare force me to update". This kinda sorta worked in the early 90's because most people weren't on the internet and few were actively thinking of exploiting anything -- it was a time of plaintext protocols and unauthenticated commands. The world has moved on, and our tradeoffs balance in a different place today.
Owning my computer is still relatively possible. I can build a computer from parts which I can choose, and have a choice in which operating system to install on them. Laptops are slightly more closed, but even on those I can choose the OS myself.
Modern smartphones however, seem like walled gardens in which I have no control at all. I cannot choose any of the parts, and even doing simple reparation tasks like replacing a battery is a nightmare these days. I am locked into a single OS on my smartphone, which either spies on you or is locked down even more. Every iteration a bit more control is taken away from the user. And its increasingly hard to step away from them, since a lot of normal interactions such as banking almost requires you to have such a phone.
Both Android and iOS suck. I've made my own Android phone tolerable with F-Droid and trying to ungoogle it as much as possible. But unfortunately I find myself locked into using google play services since solutions like MicroG just don't cut it. They lock me out of slightly too much of my daily smartphone usage (note that this is definitely not the MicroG's developers fault, they have done amazing work).