[HN Gopher] I want a computer that I own
___________________________________________________________________
I want a computer that I own
Author : bezelbuttons
Score : 920 points
Date : 2021-03-09 00:51 UTC (22 hours ago)
(HTM) web link (misc-stuff.terraaeon.com)
(TXT) w3m dump (misc-stuff.terraaeon.com)
| tern wrote:
| I know how much HN loves Urbit /s, but it's the only attempt to
| create a computer that you can own that I'm aware of and (1)
| shows the scale of the endeavor and (2) proves it's possible
| https://tlon.io/
| boomlinde wrote:
| I think that by "computer" most people mean a device that
| stores and processes information, not a cloud service that in
| some opaque way may allow users to share computational
| resources from such devices.
| tylershuster wrote:
| Urbit's underlying language nock can have hardware written
| for it, it just hasn't been yet.
| AnonsLadder wrote:
| Purism/Librem sell coreboot'd devices. It's worth checking out
| TheOtherHobbes wrote:
| You can't have a "computer that you own" because a computer is no
| longer an independent device. It's an access point - what used to
| be called a terminal - into a complex information ecosystem.
|
| You won't get what you want with different hardware and an open
| OS unless you also fix the ecosystem.
|
| And that means fixing ad tech, cloud services, DNS, open packet
| inspection, location tracking, security at multiple levels, and
| any number of other technologies, only the last of which is the
| local OS.
|
| Worrying about the item in your hand or on your desk is almost
| literally looking through the wrong end of the telescope.
| kebman wrote:
| I'm already some ways along with program that allows secure
| communication over TCP/IP between clients. I'm sure there are
| many like it, but this one is mine. :) Not sure how you'd
| cooperate on such a project though.
| jhoechtl wrote:
| Owning sthg. vs. renting has economical comsequences. If you own
| sthg. you will keep it for longer. If you rent you will keep it
| shorter. Plus all sorts of assurances can form as an ecosystem
| around that.
|
| Therefore economy will push us to goods we don't own. If you
| would like to own something you will have to pay the surplus for
| reduced turnover at the economies side.
| Koshkin wrote:
| What _do_ we own though? (Heck, we don't even own our bodies -
| they are "owned" by the nature, which can often be pretty
| "evil.")
| m1117 wrote:
| In a way you can achieve that. Microsoft and google, they don't
| know who exactly you are, they just treat you as a behavior
| pattern, not a human. So they don't know you personally. You're
| good. If you talk to anyone, the other person will know what you
| texted them and who you are, so it's not anonymous already.
| teekert wrote:
| My computers are cerebral prostheses. They are deeply personal, I
| know them, they know me. They are a part me. Without them I would
| have a different character. Please, indeed, allow me to have one
| that has me as it's only priority.
|
| In practice I strive for this. I run all the backend services I
| can get my hands on from my basement (Home Assistant, NextCloud).
| But getting to the 100% mark indeed seem impossible today without
| mayor inconveniences, compared to other people, in this time
| frame at least..
| guerrilla wrote:
| This is epitome of what free software is. Get a system76 system.
| It'll have a web browser and wine for when you feel like using
| non-free software.
|
| p.s. aren't Raptor Computing's systems pretty much free too?
| andred14 wrote:
| Well said well said
| milliams wrote:
| I realise that ISO 8601 is behind a paywall but using
|
| > 2-26-21
|
| as a date format is just wrong.
| marcodiego wrote:
| You can have computers that you own today. There is a list here:
| https://ryf.fsf.org/categories/laptops .
|
| If you want something more powerful, there're these:
| - https://ryf.fsf.org/categories/workstations-and-servers
| - https://ryf.fsf.org/categories/mainboards
|
| Also, Andrius Stikonas achieved a blob-free fully functioning
| (AFAIK) RockPro64 more than a year ago:
| https://stikonas.eu/wordpress/2019/09/15/blobless-boot-with-...
|
| People have to vote with their wallets and pressure vendors.
| kenmacd wrote:
| Sure, you can own that computer, but then you have to get
| online which requires another pile of knowledge to even hope at
| reducing now much you're tracked. This is not a reasonable
| solution.
|
| > People have to vote with their wallets and pressure vendors.
|
| I disagree. Expected someone with very little knowledge of the
| topic to make an informed choice here is highly unlikely to
| work. You could say the same about clothing created by child
| labour, but most people aren't going to spend a couple hours
| researching if the shirt they like is okay to buy, nor should
| they be expected to.
|
| I believe the solution to this problem has to ultimately come
| from regulation.
| autoexec wrote:
| Why on earth would they use re-imaged Lenovo laptops when that
| company has a history of hiding malware in firmware so that
| even a reinstall can't remove it? Why should anyone trust they
| haven't shoved something nefarious in a chip somewhere. If you
| want a trusted system you have to start from trustworthy
| hardware or at the very least avoid manufacturers that are
| already known to be both untrustworthy and unethical
| hertzrat wrote:
| Those machines are wiped and the low level firmware and boot
| loader is replaced. The specific models available are chosen
| because newer machines prevent you from doing this. You can't
| easily get a computer more fully free than these. They link
| to some new processors and motherboards for desktop builds
| too, good companies making those who deserve some support
| Daho0n wrote:
| And what is "trustworthy hardware"? Intel Me is more
| untrustworthy and unethical since you can't avoid those.
| mindslight wrote:
| If only it were "voting with your wallet". It's more like
| voting with your time. And running browsers and other rando
| software in VMs to not compromise your nice secure system. And
| doing the work of being different when friends send you an
| invitation to some proprietary crap and you have to talk them
| into something Free. And explaining how you're not excited for
| "features" like WebGL and Faceboot APIs.
|
| It does exist, it's all eminently doable, and I encourage
| people to explore this road. But it does cost more than mere
| money. Going against the grain always does.
| Romeo_ wrote:
| Thank you for this list from the fsf, I didn't know it existed.
| Usefull for selecting products like which bluetooth dongle to
| buy.
| asymptosis wrote:
| Thanks for the ryf links, I didn't know about that. Something
| to keep in mind the next time I'm looking for hardware.
| teddyh wrote:
| If you're looking for RYF-certified hardware, I suggest
| looking here: https://h-node.org/hardware/catalogue/en
| luxuryballs wrote:
| "CPU Intel Core 2 Duo SP9400 2.40GHz. Upgradable to SP9600
| 2.53GHz."
|
| Looks like more of the same.
| addicted wrote:
| Isn't Linux sufficient to achieve what the OP is asking?
| squid_demon wrote:
| Really looking forward to the C256 Foenix U
|
| https://c256foenix.com/
| dasf wrote:
| I got a bunch of FPGAs and I'm building my own 68k/6502 machine
| to run my C programs and to tinker with assembly. Seems that I
| have a bunch of these chips so it will rapidly grow into a
| multiprocessor thing.
|
| This is likely the only way forward other than RISC-V on FPGA.
| But they aren't exactly well defined. Or open. Solid hardware
| RISC-V is interesting and medium term viable but I foresee a
| world of blobs waiting in the wings. Time will tell.
| dbuder wrote:
| You do realise your FPGA is a black blob itself, even if you
| are using an OSS toolchain?
| gorgoiler wrote:
| I felt this way about iPhone. My compromise was to only connect
| using a VPN. The goal wasn't to keep my traffic private -- it was
| so that I could have complete visibility and control over what
| the iPhone was talking to.
|
| The idea was that my iPhone could be as nefarious as it wanted to
| be -- it could never talk to anyone I didn't want it to talk to
| because iptables stopped it, or something.
|
| The project didn't pan out, but I did end up using pihole a lot
| which felt like a good compromise.
|
| I also discovered that iOS and cell carriers have a some kind of
| partnership to silently send each other text messages containing
| lots of unique looking identifiers, which was fun (REG-
| RESP?v=3&r=...&n=+555994321&s=FB87CD658A...etc). I used a niche
| IOT carrier for a while that showed me the complete SMS logs,
| including all these messages being sent multiple times a day.
|
| I'm sure there's some banal engineering reason for it but it's
| not exactly heartening to find "secret" text messages being snuck
| out, by the dozen.
| greet11882 wrote:
| Apple devices are extremely chatty to the mothership. You can
| find many many comments on HN. The M1 included.
| solmanac wrote:
| My approach to getting a computer I own has been influenced by
| the esolangs website and I am implementing a single instruction
| set computer using random ttl chips. I don't care that it won't
| run preexisting software. Networking will be implemented using
| hand-couriered one time pads.
| hyko wrote:
| _Except for a handful of very over-priced models that I can 't
| afford to buy_
|
| What models are being referred to here? Sounds like the OP's
| problem can be solved with more money.
| kenmacd wrote:
| While it might be possible for individuals to solve this
| problem with money, I feel you may be missing the forest for
| the trees.
|
| OP could just not connect to the internet, job done, right? The
| issue isn't so much _they_ want privacy, it 's that they want
| _us all_ to have privacy.
|
| It's not reasonable to expect average-joe to know about
| coreboot, seek out hardware that specifically supports it, then
| find a collection of browser extensions and communication tools
| just to have a private conversation with a friend.
|
| Instead we should have regulations in place that make it
| possible to buy the computer at the local store and talk to
| your kids online without being monitored every step of the way.
| charlieroth wrote:
| https://urbit.org
| rlyshw wrote:
| I assume you are getting downvoted for not adding context so
| I'll help; urbit is literally designed around the principle of
| total ownership. The community (purposefully) does a terrible
| job of explaining it because of some enlightenment complex but
| the promo video put out by Tlon does a pretty good job of
| summarizing. https://youtu.be/M04AKTCDavc
|
| I believe urbit is the solution, just waiting for the
| implementation to get polished up.
| bogwog wrote:
| > Except for a handful of very over-priced models that I can't
| afford to buy
|
| Which models is he talking about here? Those Raptor Power9
| workstations that are like $7k are the only things that come to
| mind.
| spijdar wrote:
| Just FYI, you can make a functional system for _way_ less than
| 7k. I pieces together my system for a little over 2k, and I
| could have gone cheaper for some of my parts. I probably spent
| around 1.3k on parts from Raptor themselves. (the prices have
| increased since then but the point remains)
| justinjlynn wrote:
| Happy user of RCS Talos II and Blackbird for several years
| here. It really does live up to all the hype. There's also a
| very close knit community of users and an IRC channel
| (#talos-workstation on Freenode) if you want to drop by and
| chat. :)
| ncmncm wrote:
| There are many, many more people who don't want you to have that
| computer than there are yous. So you have to want it more at
| least as many times over as they don't.
|
| There certainly are other people who also want that computer.
| (E.g. me.) Maybe there are as many or more who do than don't want
| any of you, or us, to have them.
|
| We have the advantage that what we want is just like the
| computers everybody else has, except with things taken out.
|
| The software is doable. The CPUs have "management engines" that,
| at least in some cases seem possible to disable. The wi-fi chips
| are a problem; we might need SDR to bypass those.
|
| But the cell phone system is going to be a problem.
| rini17 wrote:
| Expensive? Depends on where you are looking. I am writing this
| from 10 year old 4-core AthlonII (pre-PSP) PC. These is surplus
| of these widely available for pennies. Will do everything I need
| except 4K video (might be solvable by GPU upgrade). I only regret
| I have not built Phenom system with ECC memory.
|
| I am worried more about software. I'd like to have a compatible
| privacy-oriented browser with governance that puts quality and
| transparency first.
| a5withtrrs wrote:
| > Our computers are increasingly designed to be little more than
| advertising platforms and vehicles for maximizing the cloud
| revenues of their true owners
|
| This applies so much to modern Windows operating systems that
| it's frankly disgusting. I think most phones are also solidly in
| this space as well.
|
| Apple is marginally better, but their efforts to ram iCloud
| services down your throat at every available opportunity is
| pretty obvious as well. Plus the amount of things that
| mysteriously call home. On the plus side, they don't actively
| send you ads baked into your lock screen or start menu.
| meowster wrote:
| Apparently Apple will display ads for Safari on the desktop if
| you run Edge.
|
| https://www.zdnet.com/article/i-opened-microsoft-edge-and-ap...
| samb1729 wrote:
| The style of writing in that article[0] is utterly
| infuriating to read or even skim for facts.
|
| For anyone else unlucky enough to want to know what happened
| here:
|
| - Microsoft Edge on macOS is apparently a thing that exists
| (I was not aware of this)
|
| - If you install and open Edge on macOS, a notification
| titled "Try the new Safari" appears on the top right of the
| display, claiming Safari is "Fast, energy efficient, and with
| a beautiful design"
|
| - The linked article is basically a tweetstorm made worse by
| being surrounded by distractions.
|
| [0]: https://www.zdnet.com/article/i-opened-microsoft-edge-
| and-ap...
| fctorial wrote:
| > Except for a handful of very over-priced models
|
| Which ones?
| Wolfenstein98k wrote:
| "Perhaps I am looking for something like the x286 DOS computer I
| had in the early 1990's [...] Instead, I have a computer that is
| designed largely to maximize the profits of the computer
| industry."
|
| Who's going to tell him who made the x286 and DOS? Not exactly
| 501(C) organisations...
| yjftsjthsd-h wrote:
| DOS and PCs were, of course, always commercial products, but
| they still had the user's best interests at heart to a far
| greater degree than most modern machines; for starters, it
| often lacked the _ability_ to phone home and report on your
| activity or download ads.
| zelphirkalt wrote:
| One way to get closer to this goal is to buy an liberated X200 or
| similar machine, which can run on only free software, install a
| free software OS like Trisquel and only ever install free
| software on it. Buying such a laptop from people in the free
| software community will also support them and their work. There
| are a few shops.
|
| On the web you will still need to deal with how everything these
| days is behind the currently hip and trendy CDN, but you can
| choose not to use such websites. You can have a main machine and
| your freedom respecting machine. You choose your own compromise.
|
| I did that some time ago and I have to say I love my freedom
| respecting mostly distraction free X200 for writing or coding. It
| is a great machine to work with, if you can accept old hardware
| and the implied worse performance.
| UncleSlacky wrote:
| I've done this with a black 2007 MacBook 2,1 ("BlackBook") -
| ironically it's about the easiest laptop to install Libreboot
| on (all in software, no H/W intervention needed). Runs Trisquel
| Lite, the only thing that doesn't work is the webcam, but
| that's a privacy bonus.
| alexisread wrote:
| So if we want to go with completely open arch, we'd be looking at
| something like this: https://www.hackster.io/news/a-feather-
| compatible-fpga-board...
|
| https://github.com/mcci-catena/HW-Designs/tree/master/Boards...
| https://github.com/mcci-catena/catena-riscv32-fpga
|
| ie. an FPGA you can put your own OS AND radio firmware on.
| Something like https://www.bunniestudios.com/blog/?p=5921 (and
| see the updates https://www.crowdsupply.com/sutajio-
| kosagi/precursor/updates) doesn't cut it fully as the wifi has a
| firmware blob, and in addition I'm not sure how open the xilinx
| toolchain is (might be, I know some xilinx chips are supported by
| open source toolchains).
|
| As an OS for the feather board, you could use DASH7 for the radio
| portion (https://en.wikipedia.org/wiki/DASH7), and Oberon as a
| general OS. (https://blog.gadgetfactory.net/2016/02/how-to-
| implement-the-...)
|
| Obviously several problems exist there - only Linux has an
| available FPGA toolchain, so you need a linux computer to
| bootstrap Oberon onto the FPGA, and DASH7 won't run on the same
| device (it runs on STM32 boards mainly).
|
| So, to get a completely open design, you'd need to port DASH7
| stack and the FPGA tools to Oberon to allow self-hosting and
| fully open radio. Add to that the fact that this board doesn't
| supply any video output so your development is over ssh/terminal
| and you have a way to go to get a fully open system.
|
| Other pain points are that Oberon is a systems language that uses
| GC, so for deterministic/realtime (radio) operation it is not
| usable - you'd need to use it's cousin Composita to have a
| deterministic memory managed OS.
|
| Lastly, Oberon doesn't have any formal verification tools which
| would be ideal for verifying the entire self-hosted stack. I
| suspect you'd need to use a LISP of some sort to be able to
| verify things from the ground up. Of course most LISPs have GC so
| you'd need to migrate the Composita+Oberon (A2) architecture to
| LISP to be able to build higher-level verifiable constructs.
|
| However... this is almost possible. There are a few key things to
| work out here, but it's closer than at any point previously :)
| fogetti wrote:
| I find it ironic that the author points out in the first part of
| the post that companies are the real culprit but later puts the
| blame on governments. I wouldn't do such differentiation. They
| are equally wrong. Regarding free speech too. Case in point are
| the recent de-platformings.
| Thorrez wrote:
| >I must rely on encryption algorithms that are designed with
| subtle flaws that can take years, if not decades, to come to
| light.
|
| There's Dual_EC_DRBG . Are there any other instances where this
| happened? And I thought barely anyone even used Dual_EC_DRBG
| because it was super slow. Did the author ever use it?
| aiisahik wrote:
| This is literally something that NEVER crosses the mind of the
| average consumer. We should have a HackerNews version of "first
| world problems" and call it "HackerNews Problems".
|
| You now have a computer that is 10,000 times faster than one you
| had 30 yrs ago at half the price. Oh and it fits in your pocket.
| A lot of time and money went into creating that. Those people
| need to get paid. And yes you pay for it with some loss of
| privacy.
|
| The reason why this product doesn't existing on the market is
| because because NOBODY (except the odd 4000 people on HN) wants
| this product. Most people don't even use a VPN or know what TOR
| is. If you don't want it, then design and fab your own chips and
| write your own software from scratch.
| m463 wrote:
| > This is literally something that NEVER crosses the mind of
| the average consumer.
|
| I think it happens more than you think, but people view this as
| eating healthy and exercising - should do more about it, but
| the world makes it easier to eat poorly and do things that
| aren't exercise.
|
| What would help is if there are people with the capability to
| help aligned with solutions.
| jes5199 wrote:
| most people have never heard of Tor, but by now most non-
| techies are suspicious of tech. They've noticed that they're
| not in control, that it does weird things they don't want, that
| it spies on them, that it sneaks advertising in, that they're
| never _sure_ if something is private, that they can 't tell if
| something is real or a scam, or if a service is fine now but is
| going to turn into something harmful in a a few years.
|
| so let's keep on screwing them over, I'm sure there will never
| be any consequences as we poison society
| nicbou wrote:
| You nailed it. An increasing proportion of laymen distrust
| technology. They know they're being spied on and losing
| control over their devices.
|
| People used to dislike computers because they're complicated
| (they still do), but now they dislike computers because
| they're actively user-hostile.
| jacquesm wrote:
| HN is substantially larger than 4000 people, besides, telling
| people to design and fab their own chips is disingenuous.
|
| The right to privacy is not a 'first world problem', it is a
| problem.
| aiisahik wrote:
| I agree that privacy is a problem - and yes it is a first
| world problem.
|
| The specific privacy problem espoused by this post is not
| just a first world problem, it's an HN problem. I am being
| disingenuous - this request is pure insanity and I absolutely
| promise you that this "computer you fully own" will have such
| a very small market that it doesn't have a chance of breaking
| even.
| thefz wrote:
| > I agree that privacy is a problem - and yes it is a first
| world problem.
|
| Where a right for privacy really matters is not in the part
| of the world where your google searches are used to pick an
| etsy ad, but where typing the wrong thing against the wrong
| person could land you in jail, or at the morgue.
| jacquesm wrote:
| You fail the principle of charity test on several levels.
| hellisothers wrote:
| Agreed, I care about privacy but this is fetishizing
| privacy, is pathological.
| EvanAnderson wrote:
| HN may be larger than 4000 people, but it feels like a
| disturbingly large portion of the HN community seems to be in
| favor of anti-owner and anti-privacy policies. Forced
| obsolescence, razor/blades business models, selling user
| "behavior" data, and out-right spying on individual
| communications all seem to be big moneymakers, and some
| significant portion of HN's audience is more about "IPO and
| get rich" than "hacking".
| jacquesm wrote:
| HN is large enough that it has many factions, the one you
| describe definitely exists, as does the 'bro' faction, the
| 'get rich quick' faction, the racists and the idiots. That
| doesn't mean that any of these factions are dominant, and
| besides that HN has _many_ more lurkers than posters and I
| suspect that the division is not identical between those
| groups on either side of the lurker /contributor divide.
| kmonsen wrote:
| It's only a problem because people in general are not willing
| to pay for it.
|
| You and the OP have the same problem you want a solution but
| are not willing to pay the price. And you think that what you
| want is what most people want, but from what the market tells
| us they are pretty happy with what is being offered right
| now.
| jacquesm wrote:
| > You and the OP have the same problem you want a solution
| but are not willing to pay the price.
|
| I don't think you can make statements about me with such a
| definitive tone without first asking some questions.
| Daho0n wrote:
| So let's say I'm willing to pay double or triple rate or
| more if needed, then show me a flagship phone with the same
| capabilities as a normal Android flagship phone but without
| the loss of privacy and ownership. You can't and you never
| have been able to. No completely free phone on par with
| flagships have ever been released.
| fsflover wrote:
| Not exactly same capabilities as Android phones yet, but
| getting there fast with software updates:
| https://puri.sm/products/librem-5.
| Daho0n wrote:
| It's not anywhere near flagship speed though (only in
| boot time!)
| fsflover wrote:
| It does not run on top of java virtual machine, so it
| does not require huge resources like latest Android. See
| also how smooth first iPhone with 256 MB RAM was.
| officehero wrote:
| Your post is proof that HN is far more than 4000 ppl. You
| represent the average consumer.
| fogihujy wrote:
| You're right; freedom of computing is a non-issue for most
| people.
|
| What I don't agree upon is that "NOBODY" would want open
| platforms; there's probably a larger market for that than there
| was a personal computing market in the 70's. There's businesses
| like Raptor that sell fairly open workstations, and they simply
| wouldn't if there wasn't a market for it.
|
| The main issue is the disconnect between engineers/programmers
| and users. If there's growing amount of people who won't use
| the products they build themselves, then the idea of a war on
| general computing might snowball into a self-fulfilling
| prophecy where average users no longer has access to general
| computing through normal consumer devices.
| rubin55 wrote:
| Raptor systems are not fairly open, they're fully open.
| Purism and to a lesser extent System76 could be classified as
| fairly open though.
| fogihujy wrote:
| Fair enough. My point is that there are open hardware
| available, and that there wouldn't be if there wasn't an
| actual market for it. :)
| TeMPOraL wrote:
| > _This is literally something that NEVER crosses the mind of
| the average consumer. We should have a HackerNews version of
| "first world problems" and call it "HackerNews Problems"._
|
| Should we call lead toxicity a "chemist's first world problem"?
| Should we call material flammability a "fireman's first world
| problem"? Equipment sterilization a "doctor's first world
| problem"?
|
| We think about this, so that regular people don't have to.
| That's the point of specialization of labor. It's our moral
| duty to be aware of these problems, and to ensure end-users
| aren't hurt by these problems. As an industry, we've not only
| failed at this duty - we've been actively doing the opposite.
| Harming users of technology on purpose, making their lives
| worse in pursuit of extra profit.
|
| It's not that users should care about whether or not they own
| their technology. Technology that isn't owned by the end-user,
| and actively exploits them instead, shouldn't be available on
| the consumer market in the first place.
| LockAndLol wrote:
| It doesn't cross their mind because they don't know and don't
| understand. Once it impacts them, will they know and once they
| research, will they understand. Do you want to wait around
| until the public understands? What do you think the world will
| look like if we just wait?
|
| Imagine we applied your "disregard until it becomes a bigger
| issue" approach and ridiculed every warning as a "your group
| problem is not a problem". Look around you. How is that working
| out?
|
| Climate change for one: "eh... scientists are worrying about
| things that aren't even a problem yet, we'll tackle it when it
| becomes a problem, if ever".
|
| Great strategy
| sto_hristo wrote:
| You pay for it with your money, the loss of privacy is the scam
| that is enabled by the mass consumer's apathy and lack of
| knowledge.
|
| I also want to own my device, not rent it from a manufacturer.
| Nicksil wrote:
| Perhaps because _most_ people don 't know what we know.
|
| I don't think about my car's airbags all that often because I'm
| not a mechanic or frequently in contact with sources of the
| latest airbag news. Two weeks ago I take my car in for some
| work and the mechanic walks out to me with this puzzled look on
| his face and asks why I have yet to have my airbags replaced;
| talks about how dangerous this brand is and goes on about the
| recall.
|
| Now I'm interested. I had no idea. I've driven my nephews
| around in this car without any idea of the airbag issue. I've
| now been made aware and will act accordingly.
| nicbou wrote:
| It's time for us to find a new source of analogies. Why is it
| always cars?
|
| Regardless, cars increasingly feature the same sort of profit
| maximising nonsense: subscription-based services, problems
| that can only be solved by authorised dealerships, systems
| that can disable the car remotely, planned obsolescence etc.
|
| There is an equivalent demand for Just A Car from people who
| don't want to fall into this trap.
| Daho0n wrote:
| >Most people don't even use a VPN
|
| Those that use a VPN for privacy _are_ the "average consumer".
| Those, let's say more geeky, know that the VPN for privacy that
| are sold by lots of companies are a fallacy as using a VPN from
| home gives you zero extra privacy. It only moves the problem
| from your ISP to the VPN company, which likely isn't covered by
| the same laws. It is in almost all cases worse.
| asymptosis wrote:
| Numerous argumentative fallacies here.
|
| * Nothing about "average consumer" was mentioned. * Speed and
| size aren't relevant to topics of ownership and trust. * People
| _may_ pay with privacy, but it should be a consenting
| relationship. * 4000 > 0 * Whatever "most people" are into,
| there is yet a market for good VPN services, and people do use
| Tor.
|
| I hope you enjoyed your exercise in hyperbole.
| Black101 wrote:
| > You now have a computer that is 10,000 times faster than one
| you had 30 yrs ago at half the price.
|
| Actually, I think Apple has caused the prices of pocket
| computers to go up in the last few years (relative to
| features). And many of these features, I could do without
| (I.E.: I don't need so many sensors on my daily phone, this is
| dangerous from a privacy point of view). They removed the
| physical keyboard though...
|
| > And yes you pay for it with some loss of privacy.
|
| Why? You can pay $1,000 for your pocket computer and they still
| won't let you be administrator of it in the name of your own
| protection.
|
| To tell you the truth, I don't like where today's computer
| designs are going.
| _pmf_ wrote:
| "You will own nothing, and you will be happy" is only getting
| started.
| fengor wrote:
| https://mntre.com/media/reform_md/2021-03-07-reform-producti...
|
| If you want to truly own your hardware I can recommend the mnt
| reform
| bokchoi wrote:
| This is such a cool project. I missed the crowdfunding but I
| love watching the progress.
|
| https://mastodon.social/@mntmn
| black_puppydog wrote:
| Came here to make sure this was mentioned. Unsure how that's
| not the top comment.
| bumbledraven wrote:
| This separation of ownership and control is discussed at length
| in James Burnham's _The Managerial Revolution_ (1941). The
| central idea, if I 'm not butchering it too badly, is that, as
| our technological society becomes increasingly complex, the
| owners of things no longer have control over them, and,
| therefore, the "owners" of those things no longer _actually_ own
| them. The true owners, according to Burnham, are an emerging
| "managerial class" consisting of, e.g., bureaucrats,
| administrators, and technical managers.
| chias wrote:
| > I want a computer that can be completely autonomous when I want
| it to be, but which can also be used to communicate securely with
| anyone on the planet without being observed by a third party.
|
| I think this is the rub of the problem, because it's a
| contradiction: "I want secure software with no vulnerabilities,
| but don't you dare force me to update". This kinda sorta worked
| in the early 90's because most people weren't on the internet and
| few were actively thinking of exploiting anything -- it was a
| time of plaintext protocols and unauthenticated commands. The
| world has moved on, and our tradeoffs balance in a different
| place today.
| Klwohu wrote:
| I suspect that the secret laws passed after 911, which Ron Paul
| among others have alluded to, make this a pipe dream.
| hemloc_io wrote:
| Hmm secret laws? Do you have a source for this. I feel like a
| secret law defeats the purpose of a law lol.
| abhorrence wrote:
| I assume they're referring to Rand Paul (and also Ron Wyden)
| who have both made assertions that the executive branch has
| it's own secret interpretations of the laws that were passed
| post-9/11. The laws themselves are not secret, but what the
| government thinks they authorize is.
| mo2art wrote:
| on the chance that I might sound naive, how does this
| supposedly work in regard to judicial review?
| sneak wrote:
| The court that reviews the interpretations is itself also
| classified, just like the interpretations and the
| verdicts.
|
| https://en.wikipedia.org/wiki/United_States_Foreign_Intel
| lig...
|
| Snowden cited this as the reason he came forward.
|
| This applies to communications and stored records
| however, not end user computers.
| autoexec wrote:
| > Snowden cited this as the reason he came forward.
|
| yep. Once he realized that the NSA was outright lying to
| congress and the American people had no ability in law to
| actually know or address the abuses going on leaking the
| truth was the only way anyone would ever hear about it.
| cortesoft wrote:
| Of course there is no source, they are secret! Are you even
| listening?!
| FpUser wrote:
| Try no fly list laws.
| mo2art wrote:
| where does ron paul allude to that? also, wouldn't secrecy
| defeat the idea behind laws, i.e. them being obeyed? (genuinely
| curious)
| [deleted]
| adolph wrote:
| What does it mean to own something? In the extreme, do you own
| anything that you don't understand? In the extreme does owning
| something become a kind of performance art?
|
| https://www.ted.com/talks/thomas_thwaites_how_i_built_a_toas...
| asymptosis wrote:
| Reminds me of the saying about how "if you want to make an
| apple pie from scratch, first you have to make the universe."
| themodelplumber wrote:
| Ownership can also be seen as a gradient of more or less
| specific, but separate thought models along axes like "level of
| personal control" and "level of personal interest". I think
| it's fair to say you can "own" something you don't understand,
| maybe more fair, the more you're willing to clarify your
| ownership stake and ownership needs, if you have them...
|
| Certainly the author of the article could clarify a few
| different areas for better leverage though, for example their
| desired state of the "mine"-ness of their data in transit vs.
| their data at rest on their client's side of things. Do they
| need to "own" their ISP?
|
| And what's a hidden agenda from the factory--are we meant to
| intuit that without the author's help? Does it include software
| feature choice influenced by profit motives, or is the author
| talking about their subjective workflow being interrupted by
| something that is meant to fit a broader type or category of
| user?
|
| I think the author could use at least a few different methods
| to organize and arrange some precise outcomes, and would then
| be well on their way to achieving what they want without
| needing to burden their imagination so much (286? Yikes, my
| PS/2 Model 30 was so nice to be done with...maybe excepting the
| keyboard) from the outset.
| imissmymind wrote:
| Get a pinephone and a pinebook pro and be done with it. When you
| want to get online, use a public WiFi like mcdonalds or starbucks
| and connect to tor or i2p and do your thing.
|
| Attempting to hide in a world full of people who could care less
| about their privacy will make you stand out to those watching,
| however.
| Naracion wrote:
| If you vibe with this article, you might be interested in the
| framework device ecosystem. They're about to release a laptop,
| and a mobile device is also in the plans.
|
| While this will not provide the kind of freedom on the software
| side that the thread seeks, at least you get the freedom to
| choose the hardware components that run your device.
|
| https://frame.work/
|
| HN thread: https://news.ycombinator.com/item?id=26263508
| chipotle_coyote wrote:
| What does it mean to "own a computer"?
|
| Do I own my M1 MacBook Air? Did I own my TRS-80 Model 4, an
| 8-bit, Z80-based computer circa 1983? Well, I didn't _lease_
| either one of them, I bought them outright. Apple can 't demand
| their hardware back now any more than Radio Shack could have
| demanded theirs back then. So that's owning, right? No?
|
| You say I don't own my Mac because I can't put a different
| operating system on it. It's true, I could run multiple operating
| systems on the TRS-80. Sort of. There was TRSDOS, CP/M, and...
| several nearly-interchangeable TRSDOS clones. Of course, I can
| run a lot _more_ on the M1 if you count virtual machines
| (including all the TRS-80 operating systems), but I know that 's
| not what you mean. You can run any OS that's been ported to the
| Mac on the Mac, though, and there's already work being done to
| port Linux and NetBSD. Do I not own the Mac because Apple's
| security measures make it difficult to do that porting?
|
| You say I'm dependent on the largesse of Apple and they can "take
| things away" from me as long as I'm using the Mac. And, it's true
| they have a potential level of control over what I can run on
| macOS that Radio Shack didn't have over TRSDOS. Yet for practical
| purposes I depended on the largess of Radio Shack, too, and when
| that stopped, the writing was on the wall for that compuer line.
| Not the same thing? No, not exactly, but I bet you can't name a
| Mac application that you can't run because Apple pulled a hidden
| switch that stopped it from running. You can name a few that you
| could run a decade ago -- or in a very few cases, a year ago --
| that you can't now because the OS changed, or the hardware
| changed. I can't run my once-beloved crazy writing brainstorming
| app, Dramatica Story Expert. But that's because its developer is
| legendarily terrible at keeping up with modern Apple hardware. It
| isn't because I don't own my computer.
|
| You say that things aren't "private" on the Mac. What's that
| mean? The _local_ data on the Mac is more protected than the
| local data on the TRS-80 was, I can tell you. Forget encryption,
| stuff rarely had plain text passwords! Data that isn 't local is
| a question mark now, but it was a question mark then, too -- to
| the degree it was possible to have non-local data on places like
| BBSes and Compuserve and even the early Internet. I have way more
| data "in the cloud" now, but in many ways it's a lot more secure,
| because we weren't just _thinking_ about security in the same way
| three or four decades ago. As for ad tracking, I 'd argue that's
| a really important conversation about privacy, but it's not a
| conversation about "owning my computer" unless we're _really_
| stretching the metaphor.
|
| And in the final analysis, "you don't own your own computer" is a
| metaphor, a semantic sleight of hand. I'm surely playing a
| semantic game here myself, but my issue with a lot of these
| arguments is that they're presenting as something that they maybe
| aren't. They're maybe less about _liberte, egalite, fraternite_
| than they are about nostalgia for a (remembered as) simpler, more
| tinkering-friendly time.
|
| Perhaps we're going to return to a time where it's difficult to
| put an OS on your computer other than the one sanctioned by its
| manufacturer. Is that great? No. Does it mean we don't really own
| our computers? I'm just not sure I buy that.
|
| [To vainly try to head off the "but iOS" responses: I'm
| explicitly talking about Macs in this example. And no, I don't
| expect Macs to ever be locked down to the degree iOS is. That's a
| rant for another time, though.]
| kjrose wrote:
| I feel the same way but I quickly realize that as soon as all of
| those walled gardens and advertising networks are gone, a lot of
| the "free" or "cheap" tools and programs I like no longer are
| available. This is a combination of the fact that most people
| simply aren't willing to pay for the stuff they use and would
| rather have ads and the fact that the remaining pool of people
| willing to pay is too small to split the cost to something
| reasonable.
|
| Until we reach a point where we can break that cycle, getting a
| machine like he's describing is going to either be really
| expensive or impossible.
| salawat wrote:
| Most of the tools we already have materialized out of no small
| degree of voluntary labor and charity...
|
| In fact, I think you havethe effect straight up backwards. It
| wasn't the ads or walled gardens that created those free tools
| you like... It was the presence of those tools and the
| cleverness of users that made the formation of ad networks and
| walled gardens a thing.
|
| I assure you, the Free part of Free Software is one heck of a
| force multiplier.
| kjrose wrote:
| No, I agree that the open source movement and free software
| has helped immensely with organizations that create these
| environments. However, the key thing is those environments
| still need to be paid for in order to keep them operational
| and pay for improvements, etc.
|
| This is why Facebook is inherently free except for the ads.
| Same with Google. People have not demonstrated a will to pay
| for a search engine, or for a social network for that matter.
| The closest thing that I've seen to a Social Network that is
| paid for by the users is one that is quite politically
| oriented and isolated, and honestly that's more of a
| political statement than actually the regular public paying
| for something.
| salawat wrote:
| See, the problem there is the "paying" part.
|
| What do you, the customer, allegedly willing to pay, get
| from a search provider? Especially once everyone else piles
| on?
|
| What you get is a simple tool, that then requorements
| bloats as soon as the rest of the economy notices you're a
| growing centralized control point.
|
| You start getting DMCA pipelines. You start getting hosting
| amd analytics, and monetization. You get your supplier
| suddenly weighing everyone else's interests against yours.
|
| You start getting manipulated results streams when all you
| wanted wss reasonably consistent and well organized search
| results according to your query.
|
| And in today's age? You, the customer, will always lose. So
| people are willing to pay for search engines, they exist,
| but just aren't willing to pay for "someone else's" search
| engine. Many may even go as far as starting their own, and
| not advertising or commercializing it to minimize the
| number of entrenched filters between them and the Net. As
| impractical as it sounds.
|
| Not a lot of normal folks grok it enough to articulate yet,
| but nevertheless I see the pattern starting to coalesce.
| julienb_sea wrote:
| There are approaches that can deliver large portions of this; run
| an open source linux distribution, running open source browser
| with open source tracker blocking software. You can run this on
| an inexpensive system and wipe out all external communication
| except what you specifically want.
|
| This is obviously unrealistic for most people. You can toggle off
| automatic feedback & updates in a modern OS and you can install
| Firefox with tracker blocking and you are 99% of the way there,
| plenty enough in practice.
|
| I want to point out both of these approaches introduce legitimate
| security holes (either from not using a production grade OS or
| from disabling updates on it) which are vastly more likely to
| have real impact on your life versus privacy tracking.
| Seirdy wrote:
| Even if a browser is FLOSS, I wouldn't say a user can truly
| "own" a browser any more than an absolute ruler can govern a
| country alone. Browser engines are complex beasts that have
| grown beyond what anyone can hope to understand, re-create, or
| even maintain without billions of dollars of annual funding.
|
| Software needs to be simple for users to be in control.
|
| (Plug: a section of an article of mine covered this previously.
| HN discussion: https://news.ycombinator.com/item?id=25982860)
| SavantIdiot wrote:
| Qubes is a great distro for this, so is Kali; but support boot
| to USB. But even anonymizers like the TOR Router can still have
| their entrypoints snooped by hostile nation states to target
| dissidents. It is extremely hard without the help of non-US ISP
| to be completely anonymous and un-identifiable. And let's not
| forget your chips may have Intel Managent Tech which is spyware
| you really can't shut off that monitors/injects directly into
| the north/south bridge (I forget which).
|
| One of the fun parts about hitting DefCon every year is how
| easy it is to learn about what's new in this space. I hope they
| don't cancel this year: the social information sharing aspect
| is the best part.
| realsimplesynd wrote:
| If anyone is interested in an extremely secure linux distro:
| https://tails.boum.org/
| a5withtrrs wrote:
| Great for specific purposes, but not exactly a computer 'you
| own' and want to do things with.
|
| Tails always starts from the same clean state and everything
| you do disappears automatically when you shut down Tails.
|
| Ie, nothing persists, which means you loose everything each
| time.
|
| OpenBSD is also an extremely secure operating system. But
| also not terribly practical as a long term desktop
| environment.
|
| Plus it doesn't solve issues with underlying hardware trusts.
| gautamcgoel wrote:
| Can you please comment a bit about why you think OpenBSD is
| impractical as a desktop OS?
| cortesoft wrote:
| > This is obviously unrealistic for most people
|
| I think this is an inherent contradiction - if you want to be
| in total control of your computer while not knowing how totally
| control your computer, you are never going to get what you
| want. You are always going to have to put your trust in someone
| else to manage your computer. Some of those people might be
| more trustworthy than others, but you are still trusting in
| someone else to manage your computer.
| koverda wrote:
| > Except for a handful of very over-priced models that I can't
| afford to buy.
|
| This statement here made me pause for a bit. He wants a computer
| with specific features, but doesn't want pay for the models that
| offer those features because they are too expensive?
|
| Everyone wants to have their cake and eat it too, but
| unfortunately, reality has constraints.
| dom2 wrote:
| Income shouldn't be a barrier to having technology that you own
| completely, a concept that until recently was common.
| hypertele-Xii wrote:
| Technology you don't own is cheaper because the provider can
| sell your data. I suppose it's a "good thing" there exists
| tech the poor can afford.
| [deleted]
| jbay808 wrote:
| That's one reason, but economies of scale are another. If
| the movement to reject technology you don't own gained
| traction, the cost of joining that movement would also come
| down.
| drdaeman wrote:
| The issue is there is no _true_ demand. Yeah, everyone kinda
| want a device they own - when faced a very direct question
| and explanation how things really really work. But typically
| most people don 't even think about ownership of the devices
| they buy - or even falsely assume they "own" those. And those
| who are aware about the issue have to either pay premium for
| their rarity (if that's even available in their market -
| which is not always the case), or agree to not own a device.
|
| So, yeah, ideally everyone should own what they buy, if they
| want so - and they should be aware what exactly they buy and
| what are the gotchas. But... how? I believe this "caveat
| emptor" informational disparity is a multimillenia-old issue.
|
| (Fine print, obviously, doesn't work - because human nature.)
| salawat wrote:
| Homestly, this started going downhill with car or any
| technology advanced enough for documentation to split
| between user vs. Admin docs. Once manufacturers were offthe
| hook for being able to transition all relevant info with
| regards to operation, maintenance, and servicing along with
| the thing bbeing sold, it created the ignorance/info-
| asymmetry marketplace that entrenched engineered knowledge
| scarcity as a profitable business model.
| sushisource wrote:
| Technology was also a hell of a lot less complicated until
| recently.
| Koshkin wrote:
| Perhaps. On the other hand, moving complexity from hardware
| (in whatever form) into software has proved beneficial.
| drdaeman wrote:
| This. We haven't really had software until just slightly
| more than half a century - and now everything but a kitchen
| sink has a microprocessor, running some sort of firmware.
| Which is never sold, merely leased^W licensed.
| vineyardmike wrote:
| Off topic but..
|
| > and now everything but a kitchen sink
|
| My kitchen sink has a processor in it.
| guntars wrote:
| That's hilarious. What is it processing?
| vineyardmike wrote:
| https://www.moen.com/smart-home/u-by-moen-smart-faucet
|
| Alexa controlled sink :)
|
| "Alexa, give me one cup"
|
| Stupid I know
| wott wrote:
| Like the others, I guess: streams of wata.
| nanomonkey wrote:
| Garbage disposals are often called food waste processors.
| paulcole wrote:
| During what period was income not a barrier to "having
| technology that you own completely"?
|
| Given that the only people frothing at the mouth in desire of
| "having technology that [they] own completely" seem to be
| rich computer programmers, why wouldn't companies jack the
| price up?
| Psychlist wrote:
| Remember back when you could get "free" dial-up internet by
| accepting ads? And later Facebook did much the same thing?
|
| I see the whole personal data/tracking industry as that
| model. You can get a tracking-supported smartphone for $50 or
| with almost no tracking for $150. This whole thread is people
| saying they don't want to pay $150 to own a smartphone when
| they can get that phone for $50 with tracking.
|
| I have a similar problem with slavery. I don't like it. But
| the smartphone market is utterly dominated by people who are
| just fine with slavery so there's just one company making a
| "less slavery" phone and that phone barely sells. Their
| forums have multiple threads with people complaining quite
| openly "why does it cost more to make a phone with less
| slavery" and suggesting that the company could provide more
| features for a lower price if they just forgot this whole
| "fairphone" business.
|
| Smartphones are expensive to make and expensive to run. You
| pay that price either with money, or a mix of money and
| social/ethical cost.
| eeZah7Ux wrote:
| > He wants a computer with specific features, but doesn't want
| pay for the models that offer those features because they are
| too expensive?
|
| Correct. He wants a computer with less complexity and less
| spying "features", and the market is failing hard at that.
|
| > reality has constraints
|
| No, these are entirely artificial restrictions. Companies
| invested very significant efforts to implement DRM, management
| engine, AMT, all sort of telemetries and backdoors.
|
| The emerging model of "privacy for the rich, surveillance for
| everybody else" is it expected consequence.
|
| EDIT: wow, downvoted to -3 already? Truly shining the hacker
| culture in "hacker" news /s
| Retric wrote:
| Surveillance is profitable for the computer manufacturers.
| The "barebones" version therefore costs more. SmartTV's,
| cellphones, etc don't make a lot per person but it's enough
| you need to go up market to find any real privacy.
| Koshkin wrote:
| I don't know, a $1200 for a phone sounds expensive enough.
| Retric wrote:
| Up market as in brands. Samsung can't exactly advertise
| less surveillance as a feature, this a "$5" feature ends
| up costing vastly more.
| m463 wrote:
| > Except for a handful of very over-priced models that I can't
| afford to buy.
|
| Yeah, that weakens his whole argument.
|
| That said, I would like to know what models these are? Because
| I think it's pretty much universal.
|
| I think the answer is linux.
| sanxiyn wrote:
| You should buy MNT Reform. https://mntre.com/
| rubin55 wrote:
| Wow, that's such a cool device, super cool.
| varenc wrote:
| There's System76 and Purism:
|
| https://system76.com, https://puri.sm
|
| Can't speak to the quality, but I suspect those are the
| expensive models the author is referring to.
| Klonoar wrote:
| Eeeeh, System76 is certainly not expensive (though they do
| have expensive models). Purism is.
|
| If we're talking desktops, Raptor Talos fits the bill
| better I think: https://www.raptorcs.com
| olddealer wrote:
| Euh, could be. There are _other_ manufacturers of computers
| out there, in the USD market "laptops" are retailing at
| e.g. Walmart, Amazon for 200-300$.
|
| 1G+ has been the traditional price to break into
| "worthwhile" computing, "worthwhile" here usually meaning
| computing you get a choice on how to configure.
|
| To give a bit of context, a "pay-day loan", typically
| something targeted at the majority of lower-working class
| folk who struggle to make it from rent check to rent check,
| goes for normally ~300-600$.
|
| For a "lower-middle class" individual making ballpark
| 60-80k and making housing or rent payments, the norm in
| even lower cost cities is 1-2k. We aren't talking addl.
| living expenses, but already someone has to deal with the
| un-pleasantries of extreme poverty (gangs, illegal
| activities, never-ending debt and the prison pipeline) in
| the lower classes, and in the "middle" classes they are
| facing potentially tanking credit scores, getting behind on
| rent by a month (most Americans are living paycheck to
| paycheck), just to have a shot at getting one of these
| laptops.
|
| Goodness help anyone in so called "3rd-world" countries.
| luxuryballs wrote:
| the answer is probably an entirely new computing architecture
| yjftsjthsd-h wrote:
| Why would you need that? Ex. Debian running on a Talos
| Raptor would be architecturally "normal" but be 100% user-
| controlled.
| pnt12 wrote:
| Is privacy thar expensive? Isn't each user's data worth 1 or 2
| dollar?
|
| From the consumer perspective: I want the 500-2000 euros device
| I bought not to spy on me. Were it not the status quo, this
| would sound ridiculous.
| marcodiego wrote:
| They're not overpriced, they're expensive. And they are
| expensive because they are rare. And they are rare because
| vendors stopped manufacturing them. And vendors stopped
| manufacturing them because most people do not refuse to buy a
| device "that is designed largely to maximize the profits of the
| computer industry".
| 0x008 wrote:
| Most people have very limited use cases with devices and very
| unspecific requirements. So the majority wins. Makes sense, I
| think.
| TeMPOraL wrote:
| Most people don't know the anti-features present, and even
| if they did, the price hike to get rid of them is so big
| they wouldn't buy. Some may call it the market working as
| intended, but I see it as a problem - this is very far from
| "voluntary transaction between informed parties", and
| there's little ability for customers to use money to voice
| their preferences. It's a purely vendor-driven market:
| vendors get to dictate features and anti-features, with
| little to no way of opting out.
|
| I'd like to see this fixed, but I don't think there's an
| easy way to do it. The issue dovetails with intellectual
| property laws - situation could've been different if money
| could be made in gutting hardware, firmware and software
| and removing anti-features at scale. But we can't have
| that, because every single piece of a computer is its own
| IP minefield.
| vineyardmike wrote:
| >...And [the computer industry] stopped manufacturing [a
| computer that is not designed to maximize computer industry
| profits] because ...
|
| When you read it back, it sounds silly to expect any company
| to make products that ever fit this criteria. Except
| expensive ones, of course, which maximize profits in their
| own way.
| bmn__ wrote:
| Not only for-profit companies may build computers; non-
| profit organisations, cooperatives, governments may, too. I
| think that's a good way out of the problem described in the
| article.
| andagainagain wrote:
| Exactly. I want these things too. But I'm also willing to pay
| for them.
|
| Everyone wants the best stuff for free. That's not
| controversial. But it is controversial to complain that the
| best stuff is more expensive than the cheap stuff. Of course it
| is. That's the type of stuff they sacrificed to make it cheap.
|
| If they want low end free btw, they do have that too. Pinebooks
| are super cheap.
| dirkt wrote:
| > But it is controversial to complain that the best stuff is
| more expensive than the cheap stuff.
|
| Nah. Technically, and in terms of manufacturing cost, it
| would be even easier to make a simpler computer, without all
| those bells and whistles that can be turned against the user,
| without the Intel Management Engine, TPM, and what have you.
|
| > That's the type of stuff they sacrificed to make it cheap.
|
| No, it's economies of scale which make one expensive, and the
| other one cheap. And human greed, and the human need to
| control other humans.
| TeMPOraL wrote:
| > _Technically, and in terms of manufacturing cost, it
| would be even easier to make a simpler computer, without
| all those bells and whistles that can be turned against the
| user,_
|
| That's true. However, vendors don't look at manufacturing
| costs in isolation - they care about profit. All these
| user-hostile additions generate more in profit than they
| cost in manufacturing.
|
| This way, the best stuff costs more, even if it has less -
| because "value-add" garbage has _negative_ total cost.
| culturestate wrote:
| _> Technically, and in terms of manufacturing cost, it
| would be even easier to make a simpler computer...without
| the Intel Management Engine, TPM, and what have you_
|
| Maybe I'm missing something here but how is it possible
| that on-die features like IME affect the manufacturing cost
| and complexity of a laptop for e.g. Dell?
| marcus_holmes wrote:
| Don't forget that a lot of those features weren't put on
| there to spy on people, or control them, they were put on
| there to make non-technical users safer.
|
| Non-technical users can and will be tricked into doing all
| sorts of ridiculous things to their computer, and then they
| will blame the computer manufacturer for letting them do
| that. Computer manufacturers responded by not letting them
| do that.
|
| Mainstream computers are designed for mainstream users...
| the common clay of the land... you know... morons. They
| have to be protected from doing stupid things to their
| computers (because otherwise that's how you get botnets).
|
| As the OP says, there are computers that don't have these
| features, and that you can do whatever you like with. But
| they tend to cost more, in part because they're not
| mainstream so they don't get economies of scale.
| 0x008 wrote:
| Yes and no. Companies don't exclusively decide what they
| design based on the expected manifacturing cost. The decide
| based on the return of investment.
| Pawka wrote:
| This is very correct thing you've mentioned.
|
| The same situation can be spotted on services. E.g. people
| already forgot that running email service costs money and
| they take the free GMail account as given. But around the
| corner they blame Google for poor support then _free_ GMail
| account is randomly closed.
|
| It is not only email. But if you want
| (support|control|freedom|insert-yourself) - pay for it.
| olddealer wrote:
| It's more connected than just that - people can't afford
| housing and food, let alone computers. A small sliver (~2-5%)
| of people can afford to do e.g. organics, fair trade
| commodities, free range animal products, small business,
| locally owned/sourced, etc.
|
| Of course, not to say the above are all panacea, but
| something much more directly measurable and visible, like
| your health, local economy/ecology welfare, people can barely
| afford. The invisible, like the privacy affecting where your
| precious wallet gets spent, the habits which can be used to
| target and manipulate you, that's the invisible hidden behind
| marketing promising "great performance at a low price".
|
| You get what you pay for, and the moral of this story is that
| what most people can afford, shit, is what they get (shit).
|
| At least, until people decide to take control and dethrone
| the tyrants from their thrones. That's why govt and big biz
| can't stand a message to be private, they are well aware they
| stand to lose, well, everything, from anyone ever bothering
| to unseat them. Not to lump all biz or govt together, there
| are some worse than others.
| monkeyingaround wrote:
| As someone who has watched the increasingly absurd price of
| laptops over many years in relation to what one should expect
| for the price, I'd say I have people like you to thank.
| jodrellblank wrote:
| As someone who has watched laptops get thousands of times
| faster, smaller, lighter, more battery life, clearer higher
| resolution screens, smaller chargers, faster connectivity,
| quieter fans, I flagged your comment for signing up a new
| account to post a personal attack.
| monkeyingaround wrote:
| time well spent then, sleep well
| google234123 wrote:
| Laptops do not have absurd cost now. There are good
| options from 300$ upto 2000$+
| jodrellblank wrote:
| https://hn.algolia.com/?query=downvoters%20should&sort=by
| Pop...
|
| https://hn.algolia.com/?q=downvoters+should
| xyse53 wrote:
| I think there are two ways to look at that. 1) The relevant
| characteristics of these models shouldn't be specialist. 2)
| Cheaper, constrained portals to the internet may be subsidized
| by Google, Facebook, etc.
| Smithalicious wrote:
| I hate using the word "privilege", but I think it takes a
| particular mindset/history to equate "can't afford" with
| "doesn't want to pay". For many people even in wealthy
| countries "can't afford" really does mean "I cannot purchase
| this without at least going into debt or foregoing necessities"
| even for <$1000 items
| holstvoogd wrote:
| While there are some nice open solutions out there, pine64 etc,
| one thing I'd like to see in more open projects is high quality.
|
| I have a Pinebook Pro & an System76 Darter laptop. I use neither
| because the build quality is weak. Things like a proper trackpad,
| decent resolutions etc. Basically, I want a Macbook Air, but
| open-ish. And I'd gladly pay the 'premium' for it. Hell, that
| Darter was more expensive than a pretty decked out MBA & it is a
| heap of cheap plastics.
|
| If the hardware was there, I wouldn't mind having to out some
| more effort in to getting a proper Linux distro running properly/
| p2t2p wrote:
| I call bs on that article. A guy wants to do nothing and get the
| stuff for cheap. We'll guess what, even if you get your thing for
| cheap once you get on the internet you'll be open for all kind of
| malice and there's ain't anybody but you to deal with it.
|
| Get a free hardware or hardware with crippled anti-features,
| they're plenty of vendors that supply it, slap Linux on it, PGP
| encrypt your email and use secure chat. Oh, your want all of that
| to be done for you? Well you'll have to pay then.
|
| Or that another argument - that encryption is workaround. It's
| like saying that food is not solution for being hungry but a
| workaround, a ridiculous statement. How are you supposed to stay
| private and anonymous if you communicate in the open? Are you
| going to have a private cable line to every correspondent you
| talk to?
| [deleted]
| jakearmitage wrote:
| I don't get it. For the "affordable" argument, you can buy a
| Raspberry Pi with Linux. Or any NUC with Linux. For everything
| else, system76, purism, think penguin, libiquity...
| kshitijgoel wrote:
| Well, you have your brain.
| realsimplesynd wrote:
| > Governments seem to be universally terrified of even the
| slightest possibility of anyone in the world having a private
| conversation.
|
| How secure do you think face-to-face conversations are? (not
| sarcastic or anything, just genuinely interested on measuring
| security of conversations)
| kroltan wrote:
| Not the author, but I would say they might not be very secure,
| but importantly, they are _auditably_ so. You can look around
| to see if anyone shady is within earshot, and in many
| situations you can choose a (contextually) private location if
| you so desire.
|
| Plus, it is a bit harder to mass surveil people, even with
| voice recognition, as one can go into a crowded place (or,
| well, could, barring current circumstances...) so most of the
| audio is drowned out.
| azornathogron wrote:
| Not the author, but I would hazard an uninformed guess at three
| levels of security:
|
| (1) a government is already specifically interested in you or
| the person you're talking to when you have your conversation:
| both the fact of the conversation and the content of the
| conversation can probably be captured pretty easily.
|
| (2) no government is specifically interested in you prior to
| your conversation, but you take no special precautions: the
| content is probably secure, it's probably not being recorded,
| but your location is probably recorded so if you later become a
| target of interest then the fact of your meeting is likely to
| be recoverable.
|
| (3) no government is specifically interested in you prior to
| your conversation, and you take precautions (being careful
| about when and where you meet, and not bringing your phone):
| probably your conversation is reasonably secure.
| gruez wrote:
| [deleted]
| samb1729 wrote:
| You appear to have missed that this is a discussion of in-
| person conversations.
| a5withtrrs wrote:
| That depends on a lot of things. But some realistic concerns
| might include evesdropping using parabolic microphones, covert
| listening devices deployed at the meeting point etc.
|
| Not to mention a) arranging the meeting and b) getting to the
| meeting need to be performed some how. Getting from point A to
| point B is, in today's society, not a surveillance free affair.
| Everything you carry can be used to track you, and even if you
| carry nothing, hundreds of CCTV cameras can likely follow you
| along the majority of your chosen route.
|
| Thus the 'metadata' of your meeting is still known, even if the
| contents of your meeting isn't.
| nicbou wrote:
| Yes and as you pointed out, there is much more metadata being
| generated and collected nowadays. It would be prohibitively
| difficult not to leave a trace nowadays.
|
| I'm thinking of cellphone tracking, automated plate reading,
| good old surveillance cameras, bank transactions, and
| whatever your computers are collecting unless you actively
| fight to stop them.
| userbinator wrote:
| What I find rather puzzling is the increasing secrecy of hardware
| manufacturers; search the part numbers of all the ICs on a
| motherboard from the first IBM PC/XT/AT (for which schematics and
| BIOS source were available) up to the 486/586 era, and chances
| are very good that you'll find the full datasheets. Try that with
| a modern motherboard, however, and you may find that something as
| seemingly mundane as the CPU voltage regulator controller or
| temperature monitoring/superIO has next to no public information
| available. Wouldn't a company making data on how to use its
| products easily available be more likely to earn new customers
| and have better sales?
| murftown wrote:
| For an article about privacy and not being snooped on, some HTTPS
| would be nice!
|
| But then again, the author could understandably reply that TLS is
| an example of a system that has evolved to require "checking in"
| with a central authority - the opposite of what they want. So
| fair enough.
| vladmk wrote:
| You will get there you just need to wait. The latest computers
| are driven to improve because of the profit it seems you hate in
| your post, but Moore's law is on your side.
| another_comment wrote:
| >> Modern smartphones however, seem like walled gardens in which
| I have no control at all.
|
| By design, I think.
|
| >> I am locked into a single OS on my smartphone, which either
| spies on you or is locked down even more. Every iteration a bit
| more control is taken away from the user.
|
| I got so fed up with this, I abandoned the whole mobile
| infrastructure and built my own phone with a Raspberry Pi 3B+.
| The Raspberry Pi is pretty open hardware (yes, I'm aware it's not
| perfect). For software I used Python 3, C and GTK. It does voice
| and SMS/MMS only, but that is enough for me.
|
| I built it for myself. It's stable enough that I use it as my
| daily driver.
|
| I am in the process of open sourcing the code and putting it out
| on github. https://github.com/another2020githubuser/thepyphone
|
| I truly hope an open hardware smart phone becomes available soon.
| Until then, I'll use my home grown PyPhone to get by.
| MikeTaylor wrote:
| Richard Stallman's got your back: see
| http://www.gnu.org/gnu/thegnuproject.en.html and skip down to the
| "Challenges in our future" heading.
|
| I understand why people find Stallman irritating, but my word, he
| does tend to be right with terrifying frequency. (Come to think
| of it, that's probably part of _why_ people find him irritating.)
| frobisher wrote:
| I'm curious, why is there no widespread Ubuntu for mobile?
| dhanvanthri wrote:
| My daily driver is a thinkpad X200 that I librebooted myself.
|
| I kid you not when I say that I derive immense pleasure from
| using it. Apart from a few (equally freedom respecting) devices I
| find, I literally never feel like I'm wanting for anything.
|
| I can't recommend it enough. I don't have the words.
| bsima wrote:
| give this guy an urbit
| literallyWTF wrote:
| This is probably one of the honest to god, lamest things I've
| read.
| vonwoodson wrote:
| Lost me at "that the NSA won't intercept..." Sorry, it's a spy
| agency, you can't beat it because it's sole purpose is to defeat
| whatever barriers you put up. Furthermore, "no metadata" that is
| the data required to be public in order to be routed through a
| publicly accessible network. And, it may be possible to anonymize
| that data, but... In light of the recent attempted overthrow of
| the government, I'm now firmly against giving away government
| monitoring of the internet. In fact, it's time we give it some
| teeth.
|
| We've been the victim of foreign propaganda to the point where
| the people have been driven mad by lies and the destruction of
| the American culture. We need defense in cyberspace the same way
| that we need defense against any invading forces. Few, sane,
| people argue against having a Navy or an Army; it's just by the
| nature of the internet as a new technology that we've neglected
| it this long. And, before you give me the "those who would give
| up freedom for security..." line: we already don't have freedom,
| we already don't have security. I often wish that people could
| recognize that the government of the people and by the people is
| for the people. And quit treating out greatest tool against
| tyranny as a whipping boy for whatever personal crap they are
| going through.
| kenmacd wrote:
| If you can't beat the NSA then you accept you can't beat any
| foreign governments spy agencies, right? That's part of the
| premise of the original article, that you can't have a private
| conversation.
|
| And your suggestion that mass surveillance is a reasonable
| solution to domestic terrorism is quiet terrifying to me. Mass
| surveillance is far too easy to abuse. Sure you can have a 'for
| the people' government and it not be abused, but a 'for the
| people' government needs a healthy amount of fear of the people
| to remain so. Your country already has issues with
| gerrymandering, do you think that's made better or worse by the
| government collecting more information about the people?
|
| To follow your overthrow path, would more surveillance have
| helped? Would less have hindered? I'd say no to both accounts.
| The government already had information on when/what was going
| to occur and that was obtained not with mass surveillance but
| with simply in infiltrating the communities involved.
|
| We should also consider if mass surveillance is the best
| solution to the issues you mentioned. Perhaps you could get the
| same thing you wanted by increasing education funding. Perhaps
| the same could be accomplished by building better cyberspace
| communities where you can be closer to your neighbours rather
| than the much more filter-bubble communities we commonly have
| now.
| coding-saints wrote:
| I want to add that while the complexities of building a PC or
| understanding fundamentals of open source and licences is
| steep... For anyone who wants these constraints but is unwilling
| to be curious enough to learn the ways of DIY/makers is gonna get
| smashed on this forum IMO. I would hope to see a sub-thread of OP
| asking for "advice" on how to achieve a solution solo (unless I
| missed it...) . I am a huge advocate for [devs] building their
| own PC's for fundamental understandings..
| pif wrote:
| > I want a computer that I own
|
| No, you don't. Or, at least, you didn't want it enough for too
| long enough!
|
| Each time you sent your friend a document which was not formatted
| in an open standard, you didn't want a computer that you owned.
|
| Each time you accepted DRM in order to access some nice content,
| you didn't want a computer that you owned.
|
| Each time you run a program or, God forbids, an OS which you
| didn't have the source code of, you didn't want a computer that
| you owned.
|
| Each time you accepted to be target by advertisers as a way to
| enjoy a "free" service, you didn't want a computer that you
| owned.
|
| Industry gave you what you wanted. Industry gives you what you
| still want.
| pnt12 wrote:
| First, you're mixing population with the author. He wants his
| own private computer, maybe the global population doesn't.
|
| Second,participating in a ubiquous system does not mean you
| support a part or all of it. If I buy chicken from the
| supermarket, that does not mean I support all the atrocities in
| chicken farms. I could avoid buying chicken and going vegan,
| but then the same argument can be made for pretty much any
| other industry. Someone is getting screwed either way, doesn't
| mean I like it.
| buzzert wrote:
| > Except for a handful of very over-priced models that I can't
| afford to buy, our computers are increasingly designed to be
| little more than advertising platforms and vehicles for
| maximizing the cloud revenues of their true owners
|
| Huh? You can buy a very cheap used ThinkPad for <$200 and run
| GNU/Linux on it. In fact, I don't see any mention of Linux in
| this article.
| Shebanator wrote:
| This is a "have my cake and eat it too" rant, it has nothing to
| do with reality. He wants it to run Excel, he wants to be able
| to use google/fb/whatever. He just wants to be able to do it in
| a way that costs nothing or next to nothing and that somehow
| still gives him "full autonomy and control". Or, more
| accurately, the ILLUSION of full autonomy and control. Why an
| illusion? Because no matter how much control he has over his
| own computer, it doesn't matter the minute it talks to another
| computer. By definition he doesn't control that computer, and
| he is by definition trusting it to treat whatever personal info
| he discloses correctly. So his dream of a fully autonomous and
| controlled computer won't even give him what he really wants.
| tomc1985 wrote:
| Then by extension any kind of communication with someone who
| isn't yourself is automatically untrustworthy and subverts
| ones goals of control. Even shouting across the hall to your
| roommate or family member.
|
| This is a ridiculous premise.
|
| If he exercises that control to limit _what_ the computers
| are discussing -- which is the subject of the article -- then
| how does that subvert the premise?
| tedunangst wrote:
| Apparently that's not safe either. "Even open source encryption
| algorithms that some claim are above reproach are repeatedly
| being shown to have major flaws, and the fixes to those flaws
| have their own major flaws."
| Thorrez wrote:
| The author claims that, but I don't know of evidence of it
| being at all widespread. Dual_EC_DRBG is the one instance I
| know of, and I thought barely anyone used it.
| ohiovr wrote:
| This is one of the reasons I built LibreStudio.
| jancsika wrote:
| > Except for a handful of very over-priced models that I can't
| afford to buy
|
| This is an implicit admission that the technology itself really
| doesn't matter. If it did, the author would have scrounged and
| saved to get the expensive tool they need to start getting the
| results they desire, the same way musicians scrimp and save to
| get the instrument their ear tells them they need.
| jpttsn wrote:
| Computers have come a long way in a short time and are very
| complex. Maybe the diffuse ownership (that OP bemoans) is
| necessary for that complexity, or at least for it to develop so
| quickly.
|
| If I want a typewriter, car or handgun I "truly own", I might be
| able to build one, as a last resort. But building a satisfactory
| computer without the global supply chains (that impose the
| bemoaned limitations) seems impossible.
| sircastor wrote:
| The unspoken statement here is "what do you want the computer
| to do?" A typewriter or gun both have very narrow application.
| Any computer can do what any other computer can do provided the
| right software, data, and time. An Apple I can be built with
| discrete components pretty easily. But what utility does having
| an Apple I give you?
| jpttsn wrote:
| Right on. A "computer I own" seems to presuppose that this
| computer does all these millions of things, many of which (I
| fear) can't be provided practically for less than a
| compromise in ownership.
|
| You can build (and own) the Apple I but you can't reasonably
| write a Chrome-compatible browser for it, if Google aren't
| interested.
|
| Thus I find asking for a "computer you own, like any other
| tool" is a bit nonchalant wrt. the scope of the request.
| olah_1 wrote:
| For people asking why Urbit created new programming languages and
| architecture, this is big reason why.
|
| Owning something should mean that you are able to fix it.
|
| A single person can peak under the hood of the entire OS and know
| what's going on (provided they learn the language). This is
| inconceivable even in something like Linux.
|
| Simplicity is required for true ownership.
| kokx wrote:
| I have a similar feeling, but with modern smartphones.
|
| Owning my computer is still relatively possible. I can build a
| computer from parts which I can choose, and have a choice in
| which operating system to install on them. Laptops are slightly
| more closed, but even on those I can choose the OS myself.
|
| Modern smartphones however, seem like walled gardens in which I
| have no control at all. I cannot choose any of the parts, and
| even doing simple reparation tasks like replacing a battery is a
| nightmare these days. I am locked into a single OS on my
| smartphone, which either spies on you or is locked down even
| more. Every iteration a bit more control is taken away from the
| user. And its increasingly hard to step away from them, since a
| lot of normal interactions such as banking almost requires you to
| have such a phone.
|
| Both Android and iOS suck. I've made my own Android phone
| tolerable with F-Droid and trying to ungoogle it as much as
| possible. But unfortunately I find myself locked into using
| google play services since solutions like MicroG just don't cut
| it. They lock me out of slightly too much of my daily smartphone
| usage (note that this is definitely not the MicroG's developers
| fault, they have done amazing work).
| fouuler wrote:
| > since a lot of normal interactions such as banking almost
| requires you to have such a phone.
|
| I can get by without carrying a microphone-and-camera equipped
| computer controlled by someone else around, and so I don't;
| but, if I want to return something I bought on the Internet, I
| don't get a receipt; and, if I want to go to a bar, there's a
| risk I won't be allowed to pay. (There is a law against the
| latter problem, but it is not enforced.)
| Freak_NL wrote:
| > and, if I want to go to a bar, there's a risk I won't be
| allowed to pay.
|
| Are there situations where paying without a smartphone is not
| practically possible? In the Netherlands people sometimes pay
| with smartphones, but these use the same infrastructure as
| the ubiquitous debit cards, so it is not an issue here. (Cash
| on the other hand...)
| fouuler wrote:
| In Norway, some businesses use Corona as a pretext and say
| that credit cards are dirty too. What's the cash situation
| in the Netherlands? Aren't businesses legally bound to
| accept cash?
| Freak_NL wrote:
| Supermarkets, sure, but plenty of small businesses
| require one of the so-called contactless payment methods
| these days -- a trend that started pre-corona. This means
| either a debit card or a smartphone with a virtual debit
| card on it. It is a point of concern that this excludes
| people without a bank account, but as this doesn't impact
| essential services it is tolerated. I don't think we have
| a law that mandates cash, but of course supermarkets
| would face criticism if they closed the last cash
| register (there is always one that accepts both kinds of
| payment).
|
| These payment terminals and the Dutch debit cards are by
| now all suitable for this type of contactless payment:
| you either lay the card on top of the terminal or hover
| it there, or hold it near the side (depending on the
| model); it can be done completely without terminal and
| card touching, and of course only the card carrier
| touches the card (i.e., you don't hand it over as is
| sometimes done with credit cards).
|
| Credit cards are rarely used for payments in shops here,
| and are often frowned upon by merchants (and often
| refused). It's all debit cards (either as a physical card
| or virtual in a smartphone) and some cash -- although
| covid may well proof to put cash that much closer to the
| grave.
| EVa5I7bHFq9mnYK wrote:
| I have been lucky with TextNow web-based phone number so far -
| all my banks (and the IRS) accept it. But it's probably only a
| matter of time until they force me to use a "real" phone.
| _peeley wrote:
| I agree with this so much. It would be so convenient if I could
| just flash Arch Linux or something onto a modern smartphone and
| be able to use all the applications and settings and data I use
| on my desktop, but on my mobile phone. Android is markedly
| better than iOS when it comes to customization, but it's a far
| cry from a (real) Linux distribution. I've started getting OS-
| level push notification ads from Google News and other bullshit
| on my Samsung Note 9, and it makes me want to set the thing on
| fire.
|
| It also makes me pretty pessimistic when it comes to privacy. I
| can uninstall Windows/MacOS on my laptop, coreboot it, use
| FOSS/privacy-centric software, etc. but it doesn't really mean
| much when my phone (which is basically attached to my body 24
| hours a day, and is my main conduit of communication with
| others) is a privacy/security nightmare.
| COGlory wrote:
| It's not quite a modern smartphone, but it's the best we have
| at the moment; have you looked into the PinePhone? I have
| mine running openSUSE Tumbleweed.
| westpfelia wrote:
| How is it for daily use though? Last I knew Pinephones were
| still mostly just for developers to work on to one day make
| it a daily driver.
| 29083011397778 wrote:
| Some people will tell you that the Pinephone is daily-
| driver ready. They're right, but only in the sense that
| using a feature phone is daily-driver ready. It's only
| feasible if your lifestyle permits it, if you're willing
| to go without sometimes, if leading by example, and
| voting with not just your wallet, but whatever you value
| (be it time, money, or uncertainty) is a deal you're
| happy to make.
|
| I love my Pinephone. It is undoubtedly my own, with no
| strings or trillion-dollar corporation helping steer.
| It's lots of fun to play with, but unless people already
| half-jokingly compare you to RMS due to your extremism,
| it's not ready.
|
| Android circa 2009 would be a reasonable comparison: the
| potential is clear, the software is rapidly evolving, and
| there's a benevolent dictator at the helm. And that's
| enough for me to be happy with it :)
| HideousKojima wrote:
| I'm really heartbroken that I can't use a Pinephone as a
| daily driver because of the simple fact that it doesn't
| have a 5ghz wifi antenna. Where I currently live there's
| just too much interference on 2.4ghz. It's literally the
| one feature I need. As soon as they come out with a model
| that has 5ghz wifi I'm happy to jump right on board,
| especially since they're coming out with a keyboard
| attachment.
| fsflover wrote:
| Librem 5 has 5ghz wifi.
| megous wrote:
| You should be able to just put wifi USB dongle into the
| USB-C port. These things can be small. Though there are
| no USB type-c wifi dongles apparently (now that I'm
| searching the web for them), so you'd need an otg adapter
| too, and there goes the size benefit.
| COGlory wrote:
| It's about the same quality as a budget Android 2-4
| phone.
|
| The basics are pretty much down. Kernel support is solid.
| It can make calls, send texts (MMS mileage may vary), and
| use data pretty reliably. Web browsing is actually pretty
| fast with Angelfish. You _technically_ have access to the
| full repository of Linux ARM software, and some of it
| even resizes properly to the phone. The camera is usable
| but terrible. Anbox works for Android apps but is
| painfully slow and can 't share data with the rest of the
| phone to my knowledge.
|
| Battery life is terrible, I don't think that the phone
| has power states of any kind, so it's either with the
| screen on, on with the screen off, or off altogether.
| Updates frequently break my install, although updating
| through SSH has been working for me recently on
| Tumbleweed without breaking anything. Little things like
| Plasma not having a way to exit the keyboard, apps taking
| up full screen with no way to exit them, etc.
|
| Performance is painfully slow, but has also improved (for
| KDE anyways) by leaps and bounds. It used to be
| completely unusable but now it's merely very slow.
|
| I would say it's somewhere between for developers, and
| usable, at this point. You _could_ use it with some
| sacrifices, and still have a functional wireless
| communication device. It absolutely is nowhere near
| replacing my OnePlus running Android, however.
| WildParser wrote:
| I use Mobian on the Pinephone as a daily driver. Other
| distributions I tried were not stable.
| ekianjo wrote:
| Terribly slow for modern usage though. And you are still
| missing essential apps on this kind of device.
| dekiphoros wrote:
| You can run android apps on it with Anbox. And while it's
| slow, it only costs a mere $150
| sangnoir wrote:
| user-controlled / cheap / fast - pick 2. There's no way
| around economies of scale for consumer products.
| Bancakes wrote:
| Why can't Pine64 make $400 pinebook pros? I'd happily
| purchase a device that does something in 21st century
| standards.
| pantulis wrote:
| Probably because then most potential buyers would be
| purchasing low-end windows laptops, I guess.
| sangnoir wrote:
| > Why can't Pine64 make $400 pinebook pros?
|
| Money: Pine64 is a small operation with limited
| resources, factories have minimum order quantities among
| other commitments.
|
| Most Pine64 products have pre-alpha software and are
| aimed at volunteers who can improve it. Lots of people
| are willing to buy a product for <$150 and "see how it
| goes". $400 filters out a lot of people who might
| otherwise chip-away at software bugs on weekends.
| Additionally, people are less tolerant of dead pixels on
| a $400 laptop, and Pine64 would rather not deal with
| returns.
| COGlory wrote:
| The reason I've seen for the phone hardware is that they
| simply can't source hardware that is more performant but
| still open enough to sufficiently develop for.
| CRConrad wrote:
| How about going at it the other way around: There are
| laptops with SIM cards / card slots already, for wireless
| data connectivity. Does it take additional hardware to use
| that for telephony / SMS, or can the already-present
| hardware be used for that too, with only a software
| component to enable it?
|
| Sure, not quite as handy -- or Handy, for the German-
| speakers among us -- as a physical phone... But, say you
| keep your laptop with you in a backpack (Rucksack ;-) ) or
| such, and a Bluetooth hands-free headset clipped to your
| ear...? I hear lots of youngsters listen to music
| continually nowadays, so they already have some kind of
| earbuds in all the time anyway. Or maybe even some kind of
| Bluetooth "satellite" handset, to make it easier to
| initiate outgoing calls / read and write text messages?
| coupdejarnac wrote:
| I've been wanting to cobble together a phone using a
| microcontroller hooked up to a 4g/5g module. Anyone have a
| module recommendation? I think everything currently available
| on sparkfun and adafruit won't work for me.
| megous wrote:
| Many 4g/5g modules are basically stripped down/headless
| smartphones in themselves, running Linux + modem firmware,
| etc. You don't need the microcontroller, you just need to
| patch the firmware.
| krmboya wrote:
| Have you taken a look at Ubuntu touch? I came across it while
| researching for my next device. From what I recall, it gives
| you a full Ubuntu environment on your phone.
|
| Didn't go that route though because of the unavailability of
| the supported models where I'm at
| necovek wrote:
| Ubuntu touch is not a full Ubuntu in your phone.
|
| Canonical supported versions were based on snaps-predating
| app framework (click packages). There were a couple of
| phones released with it out of the factory (bq aquarius 4.5
| and meizu mx4) and a bq tablet, but rest of the supported
| phones use android kernels for hw enablement.
|
| Ubutouch has forked the software when Canonical pulled out
| and even runs an app store, but I think the best hw you can
| get is Oneplus 6t and then mx4.
|
| I used mx4 as my daily driver for years prior to switching
| to Android for the first time 3 years ago. While not the
| fastest phone, mx4 was usable (things I hated most were
| sharp edges and how it would register touches in my pocket,
| and then get locked for 10 mins because of wrong passcode).
|
| To be honest, I quite prefer the Ubuntu Touch over Android
| (and Nokia Meego/Maemo is up there too, but Palm Pre WebOS
| takes the cake as the best basic phone UX I've
| experienced).
|
| I think Mobian has the biggest potential to be the pure
| GNU/Linux system in your pocket, so I am hoping it'd get
| Unity included too.
| sp332 wrote:
| Notifications are pretty easy to disable though, right?
| _peeley wrote:
| I have yet to find a satsifactory way to disable them -
| it's pretty easy to disable notifications from userspace
| apps like Instagram or Snapchat or whatever, but disabling
| notifications or altogether uninstalling vendor apps is a
| huge pain in the ass.
|
| Most advice I've gotten has been flash a custom Android
| kernel or a de-Googled distro. This would definitely solve
| my problems, but this removes the ability to install Play
| Store apps which are a necessity for me. Not to mention
| that it gives the possibility of bricking my phone, which
| is way outside my risk tolerance for just getting rid of
| some annoying ads.
| kdrag0n wrote:
| Universal Android Debloater can remove them without root,
| using ADB (Android Debug Bridge):
| https://gitlab.com/W1nst0n/universal-android-debloater/
|
| In case you do want to install a custom Android
| distribution (ROM) to clean out the Samsung bloat more
| thoroughly, the risk of hard-bricking your phone is
| almost non-existent nowadays. The worst that can happen
| is usually a soft-brick which can be fixed by
| reinstalling the original OS. As for Play Store, most
| custom ROMs either include or support installing Google
| services and Play Store with full functionality.
|
| (disclaimer: I work on custom kernels and ROMs)
| d3nj4l wrote:
| Worth noting that Samsung doesn't allow the bootloader to
| be unlocked in most (if not all) of its flagship devices
| released in the US. Although, there's paid services that
| could unlock the bootloader.
| robotnikman wrote:
| And if you do unlock the bootloader, you blow the Knox
| E-Fuse, meaning you can't use banking or payment apps
| cute_boi wrote:
| plus warranty is gone forever. Samsung has become so
| terrible that I would never purchase phone from them.
| boring_twenties wrote:
| It doesn't remove your ability to install apps from the
| Play Store. You can use the Aurora Store app to install
| those apps. For the apps that also require Google Play
| Services, microG usually suffices.
| smichel17 wrote:
| > a far cry from a (real) Linux distribution.
|
| They took all the trees, and put 'em in a tree GNUseum..
| pbourke wrote:
| And they charged the people a dollar and a half to C them
| wantguns wrote:
| I would suggest looking into Sharkbait[1]. Although full-
| disclaimer, I like to say that I am a part of the team and we
| are lazily trying to self-host Android.
|
| [1] https://wiki.gentoo.org/wiki/Android/SharkBait
| Aaronstotle wrote:
| I've always dreamed of something like an open-source iOS clone.
| The benefit would be that developers wouldn't have to change
| much, and this new system could take advantage of the exiting
| iOS app eco-system.
| superkuh wrote:
| You will never own your smartphone. That would require you to
| be the licensed operator for the radio transmission. Instead
| the radio is licensed to the telco (or related) and the telcos
| have every regulatory and monetary incentive to prevent users
| from being able to access or control the radio. The government
| regulators demand the user not have control and the baseband
| modem manufacturer(s) demand their licensed intellectual
| property is not exposed.
| jrm4 wrote:
| Except we have very literal and clear precedent for changing
| this, e.g. AT&T and the Carter Hush-a-Phone.
| p1necone wrote:
| You can buy a usb cellphone modem for a PC, the rest of the
| system still belongs to you.
| superkuh wrote:
| I agree. That's the best way to go. But it is not mutually
| exclusive with never being able to own your smartphone.
| p1necone wrote:
| My point was more that if you can have a fully free PC
| except for the cellphone modem, then you can also have a
| fully free cellphone except for the modem. There's
| nothing about the rest of the cellphone that's any
| different from any other computing device.
|
| As another commenter pointed out - the Pinephone is
| device attempting to do that.
| rsync wrote:
| This isn't the slam dunk that people think it is,
| unfortunately.
|
| You see, in addition to controlling the cellular radio and
| all of those details, the bass band processor also does
| real time noise cancellation and a variety of other call
| quality functions that you would immediately miss if they
| were not there.
|
| That processor is actually doing a lot of different things
| and is difficult to remove from a phone and maintain what
| most people would consider an acceptable user experience.
| mceachen wrote:
| While this may seem terribly ungainly, Nokia had a debian-
| based, smartphone-sized touchscreen tablet 18 months before
| the iPhone was released.
| https://en.m.wikipedia.org/wiki/Nokia_770_Internet_Tablet
| skizm wrote:
| Can I just have a wifi only phone and then have a separate
| wifi hotspot that actually does the connecting to the cell
| network? The hotspot wouldn't be "owned" but the phone could
| be.
| taneq wrote:
| You could essentially do just that using a small tablet or
| other device (Raspberry Pi?) and VOIP calling through a
| WiFi hotspot.
| xnyan wrote:
| You've drilled down to the critical issue - batteries. For
| better or worse, we have observed there's a limit as to how
| much stuff people will willingly carry on the regular.
| Current phones barely fit in that space envelope. Make a
| phone twice as big or require a separate device, and for
| most users this is equivalent to not carrying a cellphone.
|
| I don't think the current dominance of the big two can end
| until the hardware and software requirements of making a
| good phone are much much more accessible to normal
| developers/engineers than they are today.
| GoOnThenDoTell wrote:
| You can make the phone 5 times thicker though, I remember
| the late 90s and it was still carried everywhere
| fsflover wrote:
| That's what Purism did with Librem 5. Wifi and cellular
| modem are both removable.
| hakfoo wrote:
| I never understood why they don't sealed box the wireless
| stuff then.
|
| I could imagine a family of cellular and Wi-Fi devices that
| present as Ethernet bridges. They'd offer a configuration
| interface reminiscent of home routers (go to a magic IP
| either with a REST API or a browser-controllable menu). This
| eliminates a lot of the delicate, externally facing
| configuration options and has the side benefit of eliminating
| a lot of driver development hassle, especially on low-
| popularity OSs.
| mPReDiToR wrote:
| On PinePhone it's a USB attached modem.
|
| They do do this.
| detaro wrote:
| It is an isolated peripheral in many smartphones. Whatever
| you do, there is of course a risk malicious code could
| break out of the isolation, true for your Ethernet proposal
| too.
| a1369209993 wrote:
| Having a malicious device on the other other end of a
| Ethernet connection is _much_ less of a problem than
| having a malicious device that can DMA into main memory,
| which is something the baseband in Apple /Android phones
| at least _allegedly_ can do.
| saagarjha wrote:
| This hasn't been true on iOS devices for a while, and I
| would expect that Android device manufactures have been
| making improvements here as well.
| taneq wrote:
| Don't let perfect be the enemy of good. There are valid
| reasons to lock down the radio, that doesn't mean we have to
| accept every smartphone vendor, app author and cloud service
| provider violating your privacy in every possible way they
| can think of.
| superkuh wrote:
| Don't let good be the enemy of change. Don't use smart
| phones except when you literally are mobile. Use a real
| computer for computing.
| SilverRed wrote:
| There is no reason we can't have a proprietary radio chip
| connected to an open source phone.
| mPReDiToR wrote:
| As sibling comment says, PinePhone works like this FOR NOW.
| OSS version is being built, but like a few things on PP
| "not quite ready".
|
| When they are ready, get one. They'll be amazing no matter
| which OS you end up with.
| frosted-flakes wrote:
| I think that's how the Pine phone works. All of the
| components and software are open source, except the
| cellular radio.
| Scene_Cast2 wrote:
| With regular phones, the radio stuff is pretty darn
| separate, too (and in case of Snapdragon 865, on a
| separate chip).
| alexfromapex wrote:
| It seems like a lot of these problems at the core stem from
| corporations or the government not being held accountable. How
| do we fix regulatory capture so these privacy issues are a non
| sequitur?
| AshWolfy wrote:
| I dont think we can ever rely on people holding corporations
| or the government accountable
| ldbooth wrote:
| Not ever... when we vote corporations out of controlling
| the government, or "we the corporations". Red/Blue is for
| strawmanning, both parties are $green.
| gm wrote:
| Genuinely curious: Has change of this magnitude ever been
| achieved entirely by voting? It feels to me like it can
| only be achieved by revolution (ie, replacing the
| government entirely with a new government that does what
| the people actually want). I very well could be wrong.
| jiriknesl wrote:
| > that does what the people actually want
|
| A problem is, that there's no such thing. There's a
| common denominator (punishing killers, rapists, thiefs),
| but this is what punish all governments anyway.
|
| When you go past this point, people's interests are
| atomized.
| ldbooth wrote:
| indirectly thru elected representatives, legislation, I
| think so but I'm no political historian. Problem we've
| got now that you touch on is the judiciary gave this to
| corps through a 50 year push. Can we get citizens united
| overturned...
| AshWolfy wrote:
| They can be forced to do what we want, through means like
| protest and strike, at least in the short term
| chii wrote:
| > How do we fix regulatory capture so these privacy issues
| are a non sequitur?
|
| by making the general populous care more about it, and force
| the electorate's hands.
| psychlops wrote:
| So then...it's hopeless.
| ldbooth wrote:
| "A crisis is a terrible thing to waste."
| Siira wrote:
| I have increasingly come to the conclusion that the
| society's average IQ matters an order of magnitude more
| than your own in your well-being. An obvious example would
| be to compare the life of a person with mental illness to
| that of a roughly similarly smart animal.
| mschuster91 wrote:
| > and even doing simple reparation tasks like replacing a
| battery is a nightmare these days
|
| I went ahead and bought a SM-T575 tablet a couple weeks ago.
| The _only_ tablet I could find in the 8-inch range that had a
| somewhat decent CPU /GPU, a camera with light, NFC and a
| replaceable battery - while still being waterproof. And it's
| not made out of hard plastic that will shatter at the first
| fall. For all that joy however, it was a fucking PITA to root
| it and I only succeeded because of a helpful soul messaging me
| on Reddit of all places.
|
| Seems like the only place one can find stuff supposed to live
| longer lives is in the expensive Enterprise section of
| manufacturers for a hefty premium - similar to "smart TVs"
| where the only "dumb TVs" available are "digital signage" type.
| And that's _not good_. We need regulation in this space, and
| _fast_.
| Bakary wrote:
| Some time ago, this topic prompted me to rethink how I used
| smartphones in general. Once you get more intentional with the
| way you use your devices, it's often the case that you can
| discover habitual patterns that took over without you noticing.
| GoofballJones wrote:
| This may be an ignorant question, but how do we know what every
| part in a computer does? Yes, we can choose the OS, but do we
| all know what every single chip does on a motherboard? Like,
| EVERY chip, not the CPU or main ones, but the innocuous chips
| that are strewn across a motherboard. Now, I know some of you
| will go "yes, I know what they do", but do you inspect every
| motherboard you own in detail to see what they do?
|
| What am I getting at? Well, I know it's totally paranoid, but
| what if some agency out there in other countries who build
| these things are putting things on the boards to send telemetry
| data back. Perhaps something small and quick now and then while
| the computer is online. Something that you don't even notice
| unless you're constantly monitoring the internet traffic in and
| out. And the traffic itself could be something innocuous also.
| Something that slips under the radar.
|
| I know I know, I'm totally paranoid here. But does anyone here
| worry about that at all?
| Agr0tera wrote:
| That concern isn't actually as paranoid as it may seem, it's
| happened before https://www.dailymail.co.uk/sciencetech/artic
| le-6240195/Chin...
| grishka wrote:
| Even with unlockable bootloaders, you're still never completely
| getting rid of what I call predatory code signing. The code
| you're able to run on an Android phone after unlocking the
| bootloader runs with EL1 -- the privilege level sufficient for
| an OS kernel. Problem is, there are higher privilege levels aka
| ARM TrustZone (I think they go up to EL3?), and you're never
| getting access to those. And there's a "secure OS" that runs in
| those, and that, among other things, manages DRM and SafetyNet.
| marcodiego wrote:
| Owning a computer goes way beyond simply choosing its parts or
| OS.
| asymptosis wrote:
| I get the feeling you could be tempted to say more about
| that. Please elaborate?
| m-p-3 wrote:
| Your average desktop/laptop CPU runs a blackbox like Intel
| AMT or AMD PSP which is basically an always active mini-CPU
| that runs in the background and is OS-agnostic. If you
| consider your OS max privilege level as ring 0, this is
| ring -1.
|
| If/when someone manage to conpromise those, they can
| basically take over your computer, and Intel/AMD doesn't
| provide any sort of killswitch or physical way of disabling
| it.
| rubatuga wrote:
| I think you mean Intel ME not Intel AMT.
| m-p-3 wrote:
| Correct, my bad.
| m-p-3 wrote:
| Correct, my bad. I would edit my original comment but
| it's too late.
| marshmallow_12 wrote:
| Tell me more about this. What does this system do, and
| why can't we do anything about it?
| fsflover wrote:
| https://en.wikipedia.org/wiki/Intel_Management_Engine
| jart wrote:
| Faraday cage can do something about it.
| boring_twenties wrote:
| https://libreboot.org/faq.html#intelme
| silly-silly wrote:
| > What does this system do,
|
| It can be used for 'out of band' management of your
| system, including firmware/bios rollouts and updates.
| Allows remote hijacking of attached hardware devices.
| Basically can puppeteer your entire system.
|
| > why can't we do anything about it?
|
| Because there is no ability to update or modify this
| code. It is only updatable by the hardware vendor as it
| is encrypted, signed and checked during update.
| legends2k wrote:
| The first section of [1] explains that with references
|
| [1]: https://legends2k.github.io/note/clean_me
| marshmallow_12 wrote:
| oh my. I don't see why bloomberg got all busy with hidden
| Chinese chips. It looks like intel already have it
| covered.
| ekianjo wrote:
| Not just Intel. amd too.
| salawat wrote:
| Alas, it is so. Graphics cards have much the same going
| on. It's part of why Nvidia will likely never opensource
| or mainline their drivers... They have a huge need for
| blobs and hardware backed secrecy in order to enable most
| systems to be compatible with HDCP. That means they need
| to be able to attest to their cards having not been
| compromised since leaving the factory.
|
| As someone could in theory cobble together an HDCP
| compliant rig and good heavens, might be able to
| intercept and decode HD content!
|
| So much of what makes the tech giants so lucrative is
| that they act as centralization points for industry level
| orchestration of what user behavior to support.
|
| You can bet that if an industry working group is stoked,
| there's likely hidden in there somewhere an
| implementation detail intended to curb an undesirable
| user freedom or general capability.
| katbyte wrote:
| > HDCP compliant rig and good heavens, might be able to
| intercept and decode HD content!
|
| As if that even matters - pointless standard. can't think
| of any content that there isn't a torrent up hours after
| it's available lol
| mindslight wrote:
| The biggest difference is that graphics cards don't have
| network access. Without network access, proprietary code
| can be an annoyance, but won't be an outright compromise.
|
| (sure the code could still do nasty stuff like facilitate
| tempest or other sidechannels, but that's leaps and
| bounds ahead of the built in assumed-RCEs of ME/PSP).
| [deleted]
| anta40 wrote:
| Turn the power off. Unplug all cables.
|
| Problem is (temporarily) solved :D
| yjftsjthsd-h wrote:
| Yeah, until I want to actually do anything with it.
| 8note wrote:
| Solved until somebody invents some form of technology for
| storing energy over time,and another for communicating
| without wires
| judge2020 wrote:
| I guess they mean the freedom (or lack thereof) of the
| software license that comes with your OS, ie. 'you should
| be able to hit the software with a metaphorical hammer',
| which technically isn't possible with the Windows 10
| license.
| autoexec wrote:
| I also think selecting parts is limited by the fact that
| there are so few manufacturers. Processors these days
| mostly come down to AMD or Intel and nothing there is
| transparent or audit-able. "trusted computing" and
| backdoors make even your hardware suspect.
| fiddlerwoaroof wrote:
| There are capable desktop computers with open hardware,
| down to the silicon: you just have to pay for it.
|
| For example, for $4k, you can get this with specs roughly
| equivalent to a normal developer machine:
| https://www.raptorcs.com/content/BK1SD1/intro.html
| mixmastamyk wrote:
| Neat, should be on the front page.
| rubin55 wrote:
| Actually, for about 1700 you have the Blackbird BK1B01
| mainboard + cpu from Raptor, with 4 cores, 16 threads:
| https://www.raptorcs.com/content/BK1B01/intro.html
|
| I bought two of these last year and they're great, stuff
| your own memory in there, add some storage and off you
| go.
|
| Edit: clarified that this would be a mainboard + CPU.
| autoexec wrote:
| Not too shabby looking! Thanks for the link
| anw wrote:
| And the cool thing - it looks like there has been some
| interest[0] in supporting Power for WINE.
|
| [0] https://www.winehq.org/pipermail/wine-
| devel/2019-February/14...
| marcodiego wrote:
| Mainly not depending on closed source binary blobs or
| drivers.
| jamesrr39 wrote:
| With regards to changing parts on a phone, ifixit made a
| comparison of different phones and how easy they are to change
| parts for. Something to consider taking a look at when buying a
| new phone. https://www.ifixit.com/smartphone-repairability
| fsflover wrote:
| See also: https://www.youtube.com/watch?v=RCccpgposh4.
| emrah wrote:
| Choosing an OS doesn't mean you get to own it unless you choose
| Linux.
| missedthecue wrote:
| You could buy a flip phone
| approxim8ion wrote:
| Most old flip phones support up to 3G, which is being phased
| out.
|
| The 4G ones run either Android (so a worse experience with
| the same spyware) or KaiOS (which is still fine but not very
| available).
| FourthProtocol wrote:
| KaiOS is sponsored in part by Google, and includes Google
| software. I know because I have the yellow banana phone
| (Nokia clone). I bought that with exactly the expectation
| that it's free of trackers and so on, but no. Apps on KaiOS
| cannot be uninstalled.
| approxim8ion wrote:
| It's getting harder and harder to have free phones then.
|
| They're slowly tightening SafetyNet which makes it harder
| to use free custom android ROMs as well.
| gruez wrote:
| That solves the botnet/tracking aspect, but doesn't solve the
| "I want a computing device that I control" aspect.
| tvb12 wrote:
| Every flip phone I've come across has run a version of
| Android.
| throwawaysea wrote:
| Is there a good layman's guide on how to do this? I've heard
| about things like f droid or cyanogen but really have no idea
| how those paths compare to "open source" phone operating
| systems from Mozilla or Ubuntu or other choices like Purism.
| What's a reliable route to get a smartphone that can do calls,
| texts, and browsers without relying on Google or Apple?
| marshmallow_12 wrote:
| Yes. I feel i am not trusted by any OS vendor to be given
| access to all my system folders. I feel that my computers OS is
| like the proverbial, pushy "bodyguard" whose job is to stop you
| seeing too much and going places "they" don't want you to go.
| bayindirh wrote:
| I'll play the (intentional) Devil's Advocate here to present an
| alternative viewpoint.
|
| I like iOS, but not Android. Let me explain why.
|
| I personally love Linux, Unix philosophy (I'm even sometimes an
| old beardy zealot about POSIX standards and the _old way_ ),
| and inherent customization possibilities.
|
| On the other hand, I don't want to manage my phone like a
| desktop or laptop computer, or a server because of a plethora
| of reasons. First, user interface is not very suitable for
| that. Second, there's a lot more finicky things to manage. Last
| but not the least, that management task is continuous.
|
| iOS takes all of these away. Complete backups are built-in (I
| know android has it, but I don't know how bulletproof is this).
| Defaults are sensible. Settings do not change spontaneously. OS
| behavior doesn't change drastically from device to device
| (Every android vendor tunes their OS and background process
| policy differently, creating a lot of WTH moments and more
| finicky management tasks). Updates are not slowed down by the
| vendor, the operator, the distributor and today's weather.
|
| While iOS is a pretty strict walled garden, devices are set-up
| and forget. Even you forget that you have an iOS device,
| because you use it without thinking.
|
| Radio security, isolation and its reasonable and unreasonable
| parts are discussed here extensively. As a HAM radio operator,
| I can only say that, radios can do wreak a lot of havoc even
| with informed tinkering, without any bad intentions. If you
| take a relatively cheap SDR and listen to your neighborhood
| spectrum (just see the traffic, not decode anything) your jaw
| will drop. It's a very crowded up there, and there's a lot of
| non-public traffic.
|
| Another stuff about custom ROMs and Stock ROMs is SIM services.
| Yes, many of the SIM menus just sit here unused, but there are
| useful ones like mobile e-signatures. I carry my e-sig with my
| phone, in my SIM. So using it requires a verified and official
| software stack. As far as my experience goes, no custom ROMs
| run these services (intentionally or unintentionally).
|
| I manage my family's Android phones, and I personally use an
| iPhone. As far as I can see, it's much easier to leave an iOS
| device on its terms and it'll fare better.
|
| Feel free to discuss, counter or just burn this comment down.
| :)
| saiya-jin wrote:
| Exactly opposite feedback of a colleague who switched from
| Android to Apple flagship few years back. After few days, he
| became frustrated how little the phone allows to tweak. I
| don't mean some low level tinkering, just normal things he
| got used to being able to change. He regretted the move since
| then but what happens people get often comfy with their
| choices and over time lose the will to do a big change again,
| so did he.
|
| You mention setup & forget, that's how probably 98-99% of
| Android phones operate. Same for me, all the people and
| family I know. Initial install&setup after purchase, and then
| just running 1-click updates if one chooses to. After 3-4
| years, switch to another one.
|
| Hardware is +-same, what differences there are are invisible
| to user (apart from basic things like dual sims and memory
| card slots, which Apple lacks desperately... and bigger zoom
| for photos). Some like the smooth Apple UI, some feel they
| have the same on Android, most don't care. Some care about
| privacy which Apple seems to be the champion, most of the
| world simply doesn't care and isn't even aware. Some realize
| privacy is an illusion even with Apple, if you are 95% of the
| world that lives outside USA, various 3-letter agencies can
| do whatever they want and abuse your data in numerous ways
| without any recourse.
|
| Its all relative, the most important is if one is happy with
| whatever one has and doesn't have unrealistic expectations.
| bayindirh wrote:
| > Its all relative, the most important is if one is happy
| with whatever one has and doesn't have unrealistic
| expectations.
|
| That sums it pretty well. I don't have anything to counter,
| but wanted to just say thanks for the frank comment and
| another perspective.
| nvarsj wrote:
| Oh I totally agree. I treat my phone as purely a consumption
| and communication device. It's a dumb brick that should do
| those things well, including being secure. The more walled
| garden the better, in my opinion, as long as it's doing those
| things well and maintaining my privacy.
|
| On the other hand, it's useless for creation. But that's
| fine, the trade offs are worth it in my opinion. I have
| dedicated hardware running Linux/Windows for that purpose.
| xxs wrote:
| >I like iOS, but not Android. Let me explain why.
|
| No Firefox on iOS, hence useless.
| bayindirh wrote:
| That's another way to look at it. This is why we have
| choices and other mobile OSs.
| wallaBBB wrote:
| Then what have I been using on iOS for the past 4 years?
| (as long as I've been using iOS)
| bayindirh wrote:
| A Firefox shell running on iOS Safari Engine. I also use
| it and love it for its syncing capabilities, but the
| underlying engine is not Gecko.
| Daho0n wrote:
| A skinned Safari.
| Daho0n wrote:
| For those that aren't aware: Because only safari is allowed
| in iOS every other browser is basically just a skin.
| xxs wrote:
| The main issue was (I guess still is), iOS does not allow
| JIT compilation - in order to keep control over the apps
| available (having JIT would allow running any code
| effectively).
|
| Of course, nowadays the assets of apps have to be part of
| the deployable, itself. So it's common to run localhost
| web server.
| fsflover wrote:
| "This is for your security": https://docs.house.gov/meeti
| ngs/JU/JU05/20190716/109793/HHRG....
| shrew wrote:
| Honest question: is it simply the fact you can't use a
| Gecko engine on iOS that makes it useless to you?
|
| My impression is that the Firefox shell offered is still
| able to provide the various anti-tracking privacy features
| that many would point to Firefox for, and the variety of
| browser shells available should mean that you'd be able to
| find a UI to your liking if Safari's isn't.
|
| At that point, the only thing I can see missing is a non-
| webkit engine. I get that that's an annoyance and
| definitely on the same anti-competitive level as 00s era
| IE, but by and large web developers account for it and it
| works acceptably. As much as I'd need it to for mobile
| browsing.
|
| Would just be interested to know if there's something more
| I'm missing.
| xxs wrote:
| > Honest question: is it simply the fact you can't use a
| Gecko engine on iOS that makes it useless to you?
|
| No plugins/add-ons effectively.
| coldtea wrote:
| Because you need plugins on a mobile browser?
| worble wrote:
| Why would a mobile browser be different to a desktop one
| in this regard?
| coldtea wrote:
| Because you usually work on a desktop, and might have all
| kind of handy extensions to help you.
|
| You usually view webpages in a very minimal interface,
| small screen, often on the go or leisurly, and with
| limited interaction on a mobile phone. So, aside from
| something like an adblocker (for which there are
| solutions), what would one use?
| TuringTest wrote:
| Yes
| hypertele-Xii wrote:
| Adblock?
| TuringTest wrote:
| And in Europe, cookies / nag-popup-removers for all those
| GDPR compliance dialogs (though vanilla Firefox is
| becoming better in blocking trackers by default).
| GekkePrutser wrote:
| Indeed uBlock Origin is the #1 reason I use Firefox on
| Android.
|
| #2 is dark reader.
| tokamak-teapot wrote:
| AdGuard works pretty well on iOS. I don't think there is
| a way to do a 'dark reader' specifically though perhaps
| pages honour the OS's 'dark mode' setting these days? I
| would guess support is spotty.
| cute_boi wrote:
| well adguard only have ip, domain names etc. I mean it
| has less context? Addon has more context about the
| webpage lets say it can remove ads belonging to DOM with
| id #ads-1 ?
| lukec11 wrote:
| Sites that use the prefers-color-scheme media query honor
| the OS setting on iOS, but it obviously doesn't work on
| sites that haven't implemented it - Dark reader[0] takes
| a invert-colors approach and makes it a little easier on
| the eyes.
|
| [0] https://addons.mozilla.org/en-
| US/firefox/addon/darkreader/
| xxs wrote:
| That was supposed to be an honest question with an honest
| answer. There was no need for a snarky remark. But yes,
| totally.
|
| The topic is about owning your own hardware/software
| combo - so having addons/customization is the definition
| of it.
| coldtea wrote:
| > _That was supposed to be an honest question with an
| honest answer. There was no need for a snarky remark._
|
| Well, somewhat snarky. It's still a legimate question.
|
| Why would one "need" plugins on a mobile browser? What
| kind of functionality that mobile Firefox doesn't
| provide?
|
| > _The topic is about owning your own hardware /software
| combo - so having addons/customization is the definition
| of it._
|
| Well, the topic is about owing your computer. Which has
| some merit (even though owing is a kind of a weasel word:
| you do own it, even if the OS enforces this or that
| measure. You can sell it at any time, for example, break
| it and nobody will ask you to return it, etc.).
|
| So, the real topic is "doing whatever you want with your
| OS, with the ability to disable all checks, protections,
| etc, install custom everything etc".
|
| Which I can see the appeal in some cases.
|
| For a mobile phone what exactly is the great appeal?
| magikaram wrote:
| There are certain extensions that I use on Firefox on the
| desktop. I would like to have some of those extensions
| available for my mobile device, in such a way, that I can
| enhance the usability of my mobile browser.
| unethical_ban wrote:
| Why would you want to block ads on your desktop browser
| but allow them on mobile?
| chipotle_coyote wrote:
| There are ad blockers for Safari. There may be folks
| waiting to pounce with absolutely true complaints about
| how unsophisticated they are compared to what's possible
| in other browsers, but _in practice_ they do a sufficient
| job.
| shrew wrote:
| Gotcha, that's completely fair and not something I'd
| considered. Thanks!
|
| As a vague counter point, I use Firefox Focus[0][1] which
| touts the tracker blocking and ad blocking I'd rely on
| extensions for normally. It meets my needs as the only
| additional extensions I use on desktop are for tab and
| session cookie management, both of which are moot points
| in a browser without tabs and a "clear cookies after each
| session" policy.
|
| [0] https://play.google.com/store/apps/details?id=org.moz
| illa.fo... [1] https://apps.apple.com/gb/app/firefox-
| focus-privacy-browser/...
| bboygravity wrote:
| > iOS takes all of these away. Complete backups are built-in
| (I know android has it, but I don't know how bulletproof is
| this)
|
| Not to burn you down, but to burn Android down: no, Android
| does not allow you to take complete backups. Let alone
| "built-in". The only backups that are made are forced to
| Google cloud and only backs-up apps that where downloaded
| through Google Play and app settings for Google stuff. It is
| an extremely limiting almost non-backup if you're used to
| going around Google. When switching phones it's still a
| process of hours / days to get everything set-up the way you
| had it on a previous phone. Especially if it was rooted.
|
| The only way I know to take a full backup image of an Android
| phone involves unlocking (not possible on all phones),
| rooting (not possible on all phones), installing Nandroid and
| pulling an image over USB. To restore to a "fresh" phone, you
| need to go through all of those steps again.
|
| This would take hours to weeks depending on who does it and
| the puzzle your phone manufacturer sets up for you to unlock
| your phone.
|
| This to me is one of the many absolutely mind-blowing facts
| about the trash Android OS (disclaimer: I'm still an Android
| user, because I can't accept a phone without a physical
| keyboard. Never used Apple products in my life).
|
| Want to wipe your phone and restore an image after you travel
| into a "spy-state"? Nope. You simply can't with an Android
| phone.
|
| You know a phone that was able to do this out of the box? My
| 2013 Blackberry Passport. No rooting or fiddling around
| required. Just install a desktop app, plug the phone into USB
| and press "full system backup".
| XorNot wrote:
| It is ongoingly stunning to me given all Google's BS that
| Android has no backup option which will get my apps, their
| data and the state of my home screen back exactly the way I
| left it if my phone is destroyed.
|
| I run a custom honescreen: it's just another Android app!
| And yet everytime I have to set that back up again
| manually.
| mercurysmessage wrote:
| "When switching phones it's still a process of hours / days
| to get everything set-up the way you had it on a previous
| phone"
|
| From my experience this is completely false. I just
| switched from Galaxy S8 to S20, and I transferred
| everything and had the new phone setup exactly like the old
| one, with all apps (that would allow it, LINE wouldn't) and
| even ringtones and text tones set how I had them in about
| 20 minutes.
| jsmith45 wrote:
| Your definition of complete backup exceeds even the
| definition the parent is using for IOS. There are some
| things like downloaded files that don't get backed up to
| the cloud. (Some of them probably do get backed up via
| iTunes backups, but even there, I'm quite certain that not
| quite everything gets backed up. Instead it contains nearly
| everything that an non-jailbroken user might care about.)
|
| Things like the set of apps, settings (both app and system
| level), game progress, the set of open tabs, etc can be
| backed up, and IOS is even able to restore old app versions
| specified in the backup by downloading them from the store.
|
| All that said, both IOS backup options are more
| comprehensive than the built-in android options.
| bayindirh wrote:
| > IOS is even able to restore old app versions specified
| in the backup by downloading them from the store.
|
| iOS even restores your open applications and task manager
| state when you restore from the backup. Even more so,
| theoretically, it can restore every apps state at the
| point of backing up. It's a feature ported from macOS.
| EricE wrote:
| local backups (used to be iTunes, now it's just done from
| the Finder) do indeed backup everything. And as another
| commenter pointed out, your application state is also
| backed up and restored.
| Sephr wrote:
| > Android does not allow you to take complete backups. Let
| alone "built-in".
|
| Android has had full system backup capabilities through
| `adb backup` for years. It does not require removing
| carrier locks or rooting and has been available since
| Android 2.x iirc.
|
| I've used this to transfer all of my apps, app settings,
| and system settings between all of my Android phones:
|
| Nexus One -> Galaxy Nexus -> Note 3 -> Galaxy S6 -> Galaxy
| S8 -> Galaxy S9 -> Galaxy S10 -> Z Fold 2, all with one
| continuous chain of backup and restores via `adb backup`
| and `adb restore`.
|
| These restores sometimes even worked flawlessly across
| different Android OS versions! Sometimes this has caused a
| lot of weird issues wrt system settings, so admittedly this
| process can be quite buggy.
| bboygravity wrote:
| > This is false. Android has had full system backup
| capabilities through `adb backup` for years.
|
| Apparently this is false, because apps can "opt out" of
| ADB backup and many do (see other comments), furthermore
| it doesn't backup the entire phone, but only the system
| image (partly). Does it backup the root state of the
| phone? Nope. Does it backup the restore partition of the
| phone? Nope. Making it a "maybe full system backup but
| not full system image backup that is kind of buggy". In
| other words, like I wrote earlier: not a -full- system
| backup at all.
|
| I was specifically talking about effortlessly backing up
| and restoring a full system image. Blackberry OS10 style:
| plug in phone, press "backup system image" and get a
| carbon copy of EVERYTHING that runs on the phone that can
| be restored to a new or existing phone with 1 click. Your
| post confirms that this is not possible in Android: using
| ADB is not "effortlessly" and it's not a full system
| image backup.
|
| Even if I would backup and restore from and to the exact
| same rooted phone (that's all I'm asking), the restored
| backup would not be the same as whatever was on the phone
| when the ADB backup was pulled. Nandroid can do this, in
| theory, with a lot of hassle (but not on my phone,
| because TWRP for my phone doesn't support decryption of
| the system partition).
| bayindirh wrote:
| Does it automatically run when I leave my phone on the
| charger for the night?
| Sephr wrote:
| It can if you charge from your PC and set up some very
| convoluted scripts (not recommended).
|
| I use `adb backup` solely as a means of transferring my
| settings & app library between devices.
|
| These are full system backups including potentially
| gigabytes of APKs, so I wouldn't want to run it every
| night. It is possible to use `adb backup` to only backup
| settings (no app files) if you want a lighter backup, but
| those backups aren't as useful for my purposes.
| bayindirh wrote:
| Thanks for the answer. I just wanted to highlight that, I
| can just take my phone for the day, throw it under a bus,
| go to an apple store, get a new phone and continue where
| I exactly left off (minus a couple of 2FA keys, which I
| have backups of).
|
| This is what I like about iOS. I tested this method a
| couple of times (with less destruction though), and it
| just works.
| ntauthority wrote:
| Many apps opt out of including their state in "adb
| backup" or act oddly when restored. Maybe this changed in
| the past few years, but it is still nowhere as complete
| as any automated or manual iOS backup.
| nicolas_t wrote:
| When I last tried, a lot of apps opted out of adb backups
| rendering it pretty much useless.
| DaiPlusPlus wrote:
| > Android does not allow you to take complete backups
|
| Can't you enable developer mode, open a terminal and just
| run `dd`?
| coldtea wrote:
| Even if it id, is that an acceptable mechanism for users
| to take backups of their mobile phone?
| mschuster91 wrote:
| Out of a variety of reasons: no.
|
| 1) You don't want to risk dumping a mounted filesystem
| because of inconsistencies
|
| 2) Good luck _getting_ the right device - in the end it
| 's devicemapper all the way down with a _lot_ of layers
| (ecryptfs, sdcardfs, bind mounts, ...) stacked between
| your shell and the device.
|
| 3) Unrooted phones don't allow access to raw Unix devices
|
| 4) You can't restore these backups anywhere if your phone
| (like almost all, I think it's a Netflix requirement)
| uses hardware key storage - simply because the key is in
| the secure element of your phone. Rooting a Samsung phone
| kills the HSM and switches over to software key
| management though.
|
| 5) Assuming encryption keys _don 't_ get in your way, you
| can only restore the dump on exactly the same model and
| firmware of device you have, because every manufacturer
| does stuff _slightly_ different.
| DaiPlusPlus wrote:
| Makes me wonder if you can just dump the Flash storage
| chips through JTAG or similar - assuming the JTAG ports
| are accessible without completely dismantling the phone.
| mschuster91 wrote:
| That still doesn't solve the problem of getting the
| crypto keys.
| g_p wrote:
| Not without root. Assuming by developer mode you mean to
| enable adb connectivity, you'll still need root in order
| to gain access to dd the filesystem.
|
| To root "well made" phones, you need to unlock the
| bootloader, and this will erase the data on the device,
| to prevent data theft or compromise...
| tempestn wrote:
| And even if you do root your phone and dd the storage,
| you'll only be able to conveniently restore to an
| identical (or the same) phone. I generally prefer Android
| to iOS, but they're not even on the same planet in terms
| of backups.
| jiggunjer wrote:
| "developer mode" is typically a custom recovery
| environment that requires an unlocked bootloader to be
| flashed. A nandroid backup is effectively a dd image.
|
| It's a bit messier if your data also lives on an
| internalized sd card.
| nicolas_t wrote:
| Yes, I was going to say the same thing. My samsung galaxy
| s10+ has a cracked screen and I need to take it to repair
| but the thought of the work needed to backup everything
| stops me from doing so.
|
| I have very little trust in Google so I don't want to
| backup to google cloud (I just researched and it seems they
| do provide end to end backup encryption without Google
| having the key anywhere since Android 9, is that really the
| case now?)
| antman wrote:
| Backups are a total black pattern where you either pay
| Apple for ever or the respective APIs are horribly broken.
| It would require zero effort on Apple's side to integrate
| backup to other servers using the OS or other Apps. That
| means without silently stopping them or even worse slowing
| them down to kb/s once in the background.
| wil421 wrote:
| You can backup your iPhone anytime you want to your own
| computer. iCould makes it pretty easy to do settings and
| config backups that will be included in their free tier.
|
| There is no way Apple is going to let 3rd party could
| providers do backups directly. I doubt exposing the
| iPhone as a USB device over the internet with a VM
| running iTunes would work efficiently.
| cutthegrass2 wrote:
| Assuming you've already paid Apple for the device and you
| don't want to make use of the 5GB free iCloud storage for
| backups, you could backup iPhone to iTunes on your laptop
| (encrypted) and then ensure your laptop was backed up
| locally also. This way you avoid paying Apple for ever.
| antman wrote:
| So yes you also need to install itunes to backup on your
| computer, because why directly mount it as a usb drive
| without an apple app? That would also need zero effort
| from apple, but I was talking about an online backup with
| since forever established protocols.
| chipotle_coyote wrote:
| "I can't back it up completely" and "I can't back it up
| completely _the way I want to_ " are two different
| arguments. It's fine if the second is the argument you
| actually want to make, just be clear you're making it.
| antman wrote:
| I appears to me that my actual statement "backup to other
| servers" is clear enough.
| capableweb wrote:
| I agree with you overall, but felt the need of commenting as
| I thought "Settings do not change spontaneously" was true as
| well but it is not! I just discovered the other day that you
| cannot turn off WiFi or Bluetooth. If you do try to disable
| either of them, they will be turned off but only for a day.
| The next day they enable themselves automatically.
|
| So much for not changing settings by themselves :)
| bayindirh wrote:
| You can just go the settings and disable them if you want.
| I personally find temporary toggles very useful in daily
| life.
| coder543 wrote:
| The control center toggles specifically tell you what's
| happening ("disconnecting from X until tomorrow").
|
| If that isn't what you want to happen, you go to the
| Settings app and turn off those toggles. (But I wish they
| would have a matching statement on screen that clarifies
| their changes are permanent until you change them again.)
|
| Temporary toggles being in the control center is great.
| Most of the time that I quickly disconnect from WiFi or
| Bluetooth, it's to solve some immediate, temporary issue.
|
| The settings aren't "changing themselves" -- they're doing
| what you asked them to do. The written message tells you
| what you asked them to do in order to teach new users what
| these buttons do.
| pantulis wrote:
| You just described the whole iOS value proposition. Even Macs
| are basically "set-up and forget". My dad, a 76 year-old with
| no computer chops, was always losing his track on his
| computer (my old Windows desktop). I became tired of the
| permanent parental helpdesk service and I got him a late-13
| Macbook Air and it's still running happily.
| Xylakant wrote:
| > iOS takes all of these away. Complete backups are built-in
|
| They're not. Backups are built-in but they're not complete.
| For example google Authenticator data is not backed up.
| Microsoft Authenticator can be backed up, but you need to go
| through a few extra steps (and have a Microsoft account).
| Other secrets are not included either - my banks PhotoTAN app
| doesn't store any credentials etc. There are reasons why this
| is so, but it's really important to handle if you use your
| phone for 2FA.
| bayindirh wrote:
| > Authenticator data is not backed up. Microsoft
| Authenticator can be backed up, but you need to go through
| a few extra steps (and have a Microsoft account). Other
| secrets are not included either - my banks PhotoTAN app
| doesn't store any credentials etc.
|
| AFAIK, applications allow their secrets to be backed up or
| not, and I'm not mad that my 2FA keys are no backed up and
| shipped overseas. I keep another copy of my 2FA codes in
| another application, so it's not a very big problem from my
| PoV, though.
| antihero wrote:
| 1Password has built in authenticator which is obviously
| backed up to their cloud.
| WesleyJohnson wrote:
| I have Google Authenticator with 5 or 6 2FA accounts. Am
| I to understand that I can use another app like 1Password
| for those same accounts? I distinctly remember some of
| them explicitly telling me to use Google Authenticator.
| Terretta wrote:
| Absolutely 100% yes, anything that works with Google
| Authenticator works with 1Password.
|
| Arguably too well, as using 1Password to log in puts the
| 2FA on the clip board for the next step.
| henhouse wrote:
| You should be able to, yes. Google Authenticator is
| pretty basic where it's simply scanning a QR code to get
| the TOTP token and storing that locally. It's apps like
| Authy which screw you over by forcing you to use them and
| ONLY them for 2FA for websites who opt to use it in their
| service. They don't make it possible (iirc) to get the
| token out so you can use your preferred authenticator
| app.
|
| But back to your point: I used to backup to Google
| Authenticator and LastPass's Authenticator to prevent me
| from losing access when I migrated to a new iPhone since
| they don't backup. They both worked just fine
| interchangeably.
| XorNot wrote:
| Pretty much noone should be using any of the
| authenticator apps.
|
| Get Keepass2Android, and it'll track TOTPs just fine.
| Throw Syncthing on their and you can securely get those
| to any device you own without involving Google.
| demosito666 wrote:
| Congrats, you have just negated the second factor in 2FA
| by having all your keys at one place in one application.
| XorNot wrote:
| 2FA is about having a factor which _changes_ everytime
| you use it so if the medium is intercepted somehow the
| account isn 't permanently compromised.
|
| It's protection for when using untrusted computing
| devices, or because most people have their passwords in
| some way visible or shared.
|
| TOTPs can't be reasonably made much longer then they are
| while still usefully entered, but my password database
| _never_ leaves my own devices and neither does the
| password to it.
|
| If someone compromises my phone to the level they can get
| that database, then they've already _got_ my Google
| Authenticator or whatever DB as well anyway.
| demosito666 wrote:
| IMO this reduces the protection of 2FA significantly. For
| me 2FA is primarily not having a single device that's
| enough to compromise to get access to your important
| accounts. This means that I never have both factors
| (password and TOTP key in our case) on a single device.
| That's why
|
| > they've already got my Google Authenticator or whatever
| DB as well anyway.
|
| is of course good for them, but they still need to get my
| password from my other device.
| XorNot wrote:
| If your device is compromised to the point that someone
| is reading out the content of non-online, encrypted DBs,
| or keylogging aggressively, then they've also got your
| email and can much more easily just send a password reset
| to 90% of everything out there.
|
| 2FA as the internet uses it has always been about dealing
| with accidental disclosure and public PCs.
| Xylakant wrote:
| > I keep another copy of my 2FA codes in another
| application, so it's not a very big problem from my PoV,
| though.
|
| It's not a problem if you took measures to make sure you
| have a copy. It's a problem if you just take "full
| backups" for granted until you figure out that some
| things don't get included in "full".
| Terretta wrote:
| It's not "some things". Its things where the app
| developer explicitly chose to tag them to not be
| included.
|
| And yes, for years one had to do the physical cabled
| backup restores for this, then these same app developers
| learned how to exclude their data from those as well.
| However, as of iOS 12, 13 and 14, there seems to be
| decreasing to zero effective difference in what's
| included between tethered (with password), local WiFi
| (with password), and OTA iCloud backups.
|
| You may be able to forcibly back these up using a third
| party tool that also lets you back up sandboxed temp
| files and the like, tools like iExplorer:
|
| https://macroplant.com/iexplorer/mount-iphone-disk-mode-
| file...
|
| If you're jailbroken, that can backup anything under root
| of course.
| gdetassigny wrote:
| It's a bit ironic to criticize Apple's mobile solution via
| an app built by its direct competitor. Google made the
| choice of not implementing backups for Google
| Authenticator, so that's really on them. I would recommend
| Authy for 2FA. It supports backup straight out of the box.
| tim333 wrote:
| I'm similar and for the most part don't really use the iPhone
| as computer. It just acts as a hotspot for the laptop and I
| use it to take photos so I don't have to worry so much about
| proprietary stuff running on it.
| amelius wrote:
| Most developers: I want open hardware. But I need to buy a
| specific brand for my income.
|
| Ugh.
| intrasight wrote:
| Feel lucky that we can still build computers from parts. And
| just treat your smartphone as the appliance that it is.
| ForHackernews wrote:
| You might want to check out https://e.foundation/ - It's a de-
| googled Android + MicroG, but ships with its own app store and
| tries to be a generally integrated experience.
| worstenbrood wrote:
| Im using lineage with microg for 9 months now without missing
| anything. I'm curious what prevents you from using it for daily
| usage.
| xvector wrote:
| Librem 5? PinePhone?
| b0tzzzzzzman wrote:
| A push in the right direction.. But I have been waiting two
| years after payment at this point.
| mPReDiToR wrote:
| I ordered my PP (KDE CE) in mid December. It arrived early
| February.
|
| There's another round of sales coming up, keep an eye on
| the blog.
| jhoho wrote:
| If you want to stay with Android, maybe have a look at CalyxOS.
| They integrate microG and flawless system updates while keeping
| the bootloader locked. Only works on Pixels and the Xiaomin A2
| though. Imho it's the one Android distribution that has the
| right balance of privacy and usability. I flashed it for my mum
| and my sister and there wasn't one complaint yet.
| okprod wrote:
| More problematic issue with smartphones these days is the
| baseband; hard for any phone to be free.
| [deleted]
| ciconia wrote:
| I own a 5-years old Moto G4 Play running a de-googled Android
| 7.1. It works just fine, and I can install apps from either the
| F-droid or the Aurora stores.
|
| To me it makes more sense to continue with this phone, as I can
| find all the replacement parts I need on AliExpress, rather
| than investing in a new Librem 5 or a PinePhone. While I
| appreciate being able to use an open mobile OS, there's the
| problem of apps, and there's still the hardware problem - it's
| both more expensive (in the case of the Librem 5 at least) and
| has the same problem of eventual obsolescence.
| morganvachon wrote:
| One of the biggest and most overlooked issues with privacy on
| any cellphone, "open hardware" or otherwise, is the phone
| part. The baseband processor (BBP) will be a proprietary
| black box until at least one of the carriers decides to allow
| an open source BBP to access their network and exchange data.
| Even once that happens, if it ever does, the second your BBP
| accesses the network you are vulnerable to snooping,
| tracking, and spoofing like everyone else on the planet.
|
| At the end of the day you are relying on a suspect network
| connection, hosted by a profit seeking corporation, regulated
| by a privacy hostile government, to maintain your connection
| to the world. No matter how "free" your device is, the
| network itself will never truly be free.
| suifbwish wrote:
| The type of programming you need to get your phone to
| dynamically manage a mesh of access points makes the brain
| melt. At what level do you want control? After the network
| connection manager already does its thing or do you want to
| govern that too?
| boring_twenties wrote:
| > Owning my computer is still relatively possible.
|
| Sorry to burst your bubble,
| https://libreboot.org/faq.html#intelme
| rouzh wrote:
| Happy to deflect your bursting! :)
|
| https://www.raptorcs.com/content/base/faq.html
| amatecha wrote:
| Excellent to see - thanks for sharing these!
| boring_twenties wrote:
| Thanks!
| b0tzzzzzzman wrote:
| Great stuff. First time I flashed a chip with SPI or started
| learning and playing with surface mount chips. Old ThinkPad
| are still very capable and empowering if you like playing
| with software and hardware.
|
| Coreboot is great as well, but a bit different.
| HideousKojima wrote:
| https://puri.sm/learn/intel-me/
|
| Purism was able to completely disable Intel's ME
| fsflover wrote:
| Not _completely_ , but to a large extent:
| https://puri.sm/learn/software-freedom-in-perspective/
| boring_twenties wrote:
| No? Your link says nothing about "completely," you just
| made that up. What it does say is that they remove the
| "nonessential" bits, plus flip the HAP bit. You can do both
| of these things yourself with me_cleaner, but it's not good
| enough. Exploitable vulnerabilities have been found in the
| bits that cannot be removed.
|
| edit: E.g. https://nitter.dark.fail/rootkovska/status/93845
| 887552266649...
| sammorrowdrums wrote:
| Well it is early days but Librem and System76 (and several
| others like Pine64) are making huge headway in the open
| hardware space. I know there have been lots of failures in this
| area but I think we are getting to a threshold point where
| building on top of these companies acheivements is quite
| possible.
|
| Linux on Mobile and open EC and Coreboot etc. are all making
| rapid progress at the moment. I would still say we are talking
| in terms of years before more general Linux Phone adoption
| would be possible, and still the fact your online bank etc.
| doesn't make an app for Linux would be prohibitive to many
| (although anbox might help), so I understand pessimism here,
| but I think the excitement around Linux mobile and open
| hardware is sufficient that it will at least be revolutionary
| that it is _possible_ to run open hardware and Linux phones
| etc. same as SteamOS was a failure if you look only at numbers
| of Steam Machines, and a revolution in Linux gaming if you look
| at Proton, GamerOS and all the improvements that came with it.
|
| Viable alternatives affect the behavior of others, even if they
| "fail".
|
| And if you're already a desktop Linux user like me, open
| hardware is already a reality. Only thing that's stopped me
| trading Dell XPS 13 for Purism 14 is that I will miss the QHD+
| screen, as it is standard HD res. Still really tempted though.
| fxtentacle wrote:
| The issue with open hardware is that DRM vendors don't
| support it. A fully open phone doesn't have hardware DRM keys
| so you won't get FullHD in Netflix. And now you've lost 90%
| of the market.
| sammorrowdrums wrote:
| Yeah, even when you boot up into Netlfix in Epiphany
| browser or something and discover you can't. It's not a
| great OOTB experience for new Linux users, never mind being
| locked out entirely. But that said, I don't really know how
| to fix the DRM problem without first making progress on
| open hardware. Viability and market share in spite of the
| adversity is the only chance I can see.
|
| It still might fail. We try because we feel it is too
| important to simply do nothing, not because we expect mass
| success.
| tekromancr wrote:
| Yea, it's not a great experience; fortunately, yarrr!
| thar be options, matey!
| tekromancr wrote:
| Seriously, I have slowly become subscribed to all of the
| streaming services; and I still use a system that
| automatically obtains rips of the content I actually want
| to consume. Having everything served to me in Plex
| instead of needing to remember/look up where something
| was streaming, load up that app, be at the mercy of my
| shitty connection, etc.
| mwcampbell wrote:
| I think the solution is to convince more people that we
| can live happy lives without access to big-budget
| entertainment. I've been mostly going without for about
| two years now, though I've wavered a few times.
| jtxx wrote:
| IDK, many people spend their whole lives glued to the TV
| or movies. it feels like it has only gotten worse. it
| also feels like people don't have hobbies these days. I
| think to convince people of what you're saying, we need
| to get people back into having more hobbies. or at least
| reading or something
| maerF0x0 wrote:
| The only solution I know is very labor intensive process
| (and kind of not covid friendly atm), Call up said friend
| and meet them in person for coffee / hikes / whatever you
| two like. Refuse invites to do "screen time" things...
| hkt wrote:
| Maybe this is something that is a bit facile of me to
| say, but I like to try to compartmentalise, such that I
| have a little tablet for media stuff which I use to cast
| to TV via Chromecast. The other stuff not having Netflix
| access (both phone and laptop) doesn't bother me so much,
| and keeps a distinction between open and closed at home.
| The nice perk is that Chromecast is now doable from
| laptops under GNOME and will likely become available on
| phone OSes like PureOS etc too in time.
|
| Not great for normies, but that's my tip anyway. Media
| consumption is a wedge issue and if you're prepared to
| spend money for privacy, there are a few ways it can be
| done.
| Nasrudith wrote:
| I fantasize of forced HDCP resulting in anti-trust action
| over what they forced upon thr market. The needless
| wasteful complexity of not being able to use a splitter and
| encrypting and decrypting both ends is clear consumer harm.
| Sadly that is unlikely to see a push.
| bmn__ wrote:
| > desktop Linux user like me, open hardware is already a
| reality
|
| Power or RISC-V ISA hardware are in low stock, have very few,
| specialised vendors and are not affordable. I have great
| sympathy for people who refuse to pay the outrageous
| difference to off-the-shelf hardware that can be bought
| anywhere just to gain a level of privacy that they should
| have in the first place.
|
| AMD and Intel have rootkits in their hardware which are
| designed to be exceedingly difficult to remove. If the
| customer is a spy agency, they will ship with the rootkit
| disabled. If the customer is just a normal person like the
| one writing the article, one will not be able to have one for
| money or good words.
| didericis wrote:
| If you're referring to Intel ME and the AMD PSP, people who
| have analyzed the PSP seem to think it's safe:
| https://youtu.be/bKH5nGLgi08?t=47m14s
| franga2000 wrote:
| I seriously doubt either Intel or AMD ship different
| silicon to the NSA or whoever else. At least from what I've
| read, the only difference (at least on Intel) is the "NSA
| bit", that can actually be turned on on any chip these
| days. System76 actually ships machines with it enabled by
| default.
| chasil wrote:
| The Intel Core 2 Duo/Quad was the last CPU where the
| "Management Engine" could be completely wiped and
| disabled.
|
| This is my experience in removing the ARC firmware code
| from two different HP desktops (I attached both BIOS
| images):
|
| https://github.com/corna/me_cleaner/issues/233
|
| These PCs are quite inexpensive. I run OpenBSD with
| hardened Chrome on one of them, for all of my finances.
| Zetaphor wrote:
| If you're going through all that effort, then why
| bothering with hardening Chrome? Why wouldn't you start
| with Firefox, which doesn't require unGoogling to be
| considered secure?
| chasil wrote:
| OpenBSD's Chrome had pledge() first, but you're right, I
| should consider Firefox.
|
| However, there was a recent Firefox bug in OpenBSD, and
| the patches weren't applied uniformly. It does seem that
| Chrome is more consistent, and gets more attention.
|
| https://undeadly.org/cgi?action=article;sid=2020010914160
| 0
| pmontra wrote:
| The NSA bit? Do you mean this setting to toggle Intel ME?
|
| https://www.csoonline.com/article/3220476/researchers-
| say-no...
| franga2000 wrote:
| Yep, that's the one. I've heard people referring to it as
| "the NSA bit" because it was supposedly implemented at
| the request/demand of the NSA.
| colejohnson66 wrote:
| If true, the irony of the NSA asking not for their
| hardware to (possibly) spy on them is rich.
| kube-system wrote:
| What is ironic about it? All spy agencies, everywhere on
| the planet, do two things:
|
| * spy on others
|
| * try not to get spied on
| [deleted]
| shams93 wrote:
| For me Lenovo have been in between the pure and wonderful but
| too expensive for me of System 76 and the Pinebook Pro which
| I own but is too slow and low end to use for my daily get
| stuff done machine, which instead is an ideapad 3 with ubuntu
| 20.04.
| rnestler wrote:
| > I cannot choose any of the parts, and even doing simple
| reparation tasks like replacing a battery is a nightmare these
| days.
|
| There is the https://www.fairphone.com/en/ which is a modular
| and easy to repair smartphone. They also make it easy to
| install alternative operating systems like Sailfish or an OSS
| version of Android.
| robotnikman wrote:
| Unfortunately they don't seem to work in the US, and from
| what I've seen they are mainly focusing on selling and making
| sure their phones work in Europe.
| tremon wrote:
| The company itself only supports stock Android, although they
| do foster (some) community efforts for ports. Sailfish
| doesn't seem available for the Fairphone 3; /e/OS is, but to
| get it preinstalled you need to order from E, not Fairphone
| itself: https://esolutions.shop/shop/e-os-fairphone-3-plus/
| stiray wrote:
| Well I have completely degoogled mine [1], but it comes with
| problems like reversing banking application as it uses
| safetynet. Luckily I am quite profound at that.
|
| Bottom line, it is doable, but I want a working linux phone,
| where camera and calls/sms/mms work and I dont use any newage
| communication software, so I dont care. Again, this is
| completely my use case as I practically consider the phone
| applications as mostly useless, dont play games and prefer
| paying in cash.
|
| I hoped Cosmo Communicator[2] would be it but they didn't
| support the camera and since I am using it for taking notes, it
| is vital for me. Actually I even went into making degoogled rom
| for CC but I got stuck at selinux blatantly abused to prevent
| modifications and maybe some day I will recompile the kernel to
| kick it out or find time to reverse and binary patch the
| selinux checking.
|
| Actually PinePhone is becoming more and more interesting option
| but they should really pump up the specs, again, at least for
| camera. The second possibility would be sailfish os [3] but
| again it has some closed source blobs.
|
| [1] https://microg.org/
|
| [2] https://www.www3.planetcom.co.uk/cosmo-communicator
|
| [3] https://sailfishos.org/
| vbezhenar wrote:
| I can somewhat relate to you, but in different aspect. I own
| iPhone and I'm thinking about some home automation. I can
| program iPhones, I tried to find out some way to put my code
| onto my phone without restrictions and I did not find any. I
| can use web app, but it's restricted and I might need some API
| that's not available for web. I can install my development
| build, but it'll expire in a few days and I don't want to
| reinstall it over and over again. That's an absurd situation
| when I'm as a programmer can't put my own program onto my own
| device.
|
| I love iOS in almost every way except sideloading restriction.
|
| If I missed some way to implement what I want, I'd love to hear
| how can I do that. I don't need much, but I need push
| notifications from server and I need push notifications when
| I'm close to some particular location (like open a door when
| I'm near it). I might need NFC push notification, I'm not sure.
|
| I don't agree that Android suck, I have second phone for
| testing and while I love iOS more as it feels more polished, I
| probably will switch to Android in the future, just because I
| want to run my code on my device.
| Terretta wrote:
| To your point, Apple Developer does not require the $100/year
| Apple Developer Program fee to load software on your iPhone,
| but does by default require a weekly cert refresh.
|
| However, the $100 is less a permission slip, and more buys
| you access to Apple services infrastructure that is largely
| worth the money so you don't have to do it yourself and so
| your users can trust a single brand experience.
|
| (For example, notifications before Apple's notification
| service were insane, the app "Growl" made a lot of money just
| trying to tame the dozens of different ways confounded users'
| expectations with notifications. Similarly, updating apps was
| crazy-making for users, then there was Sparkle, now you get
| the app hosting and distribution included in the $8/month.)
|
| Just these few services are well worth $8 a month if you
| compare what you get to any other SaaS we're buying all the
| time from HackerNews startups: - App
| discovery, hosting, distribution, updates - CloudKit,
| iCloud Documents, iCloud K/V Store - Push
| Notifications - Sign-in with Apple - etc.
| (NFC is also in the list)
|
| See this link for detailed differences between free Apple
| Developer and paid Apple Developer Program (also compares
| Enterprise distribution):
|
| https://help.apple.com/developer-account/#/dev21218dfd6
|
| Since you specifically mention push notifications which of
| course require an infrastructure to run reliably for you
| 24/7, there's a good value for the $8/month. The systems
| behind making these "just work" for users are complex and
| expensive.
| navaati wrote:
| It's frustrating to have to pay, but I think you can shell
| out something like a 100 bucks to get an Apple developer
| account and it allows you to install your own code on your
| own phone. I hope it's a 100 bucks forever and not once per
| year...
|
| Can someone confirm ?
| DeusExMachina wrote:
| It's once per year. Source: I have a paid developer
| account.
| MrGilbert wrote:
| But I also need a mac for signing, don't I? Like, a Mac
| Mini? That's the most annoying part, tbh. I feel fine-ish
| for paying 8 $ a month for my dev account (if you
| calculate it that way), but buying additional, expensive
| hardware? No, not really.
| vbezhenar wrote:
| I think that you can rent a mac for a day and do all your
| signing. Something like
| https://www.scaleway.com/en/hello-m1/
| cmrdsprklpny wrote:
| I've had the experience that often weird bugs pop up when
| signing; often it isn't that simple unfortunately.
| htrp wrote:
| AWS has mac minis by the hour (not cheap though)
| Terretta wrote:
| See my other reply in this same thread:
|
| https://news.ycombinator.com/item?id=26399788
|
| Long story short, you pay $100/year or $8.33/month for
| access to a suite of services that make apps frictionless
| for your users, and easier for you as a developer to offer
| high end features like authentication, notifications, and
| sync: - App discovery, hosting,
| distribution, updates - CloudKit, iCloud Documents,
| iCloud K/V Store - Push Notifications -
| Sign-in with Apple - etc. (NFC is also in the list)
|
| Details: https://help.apple.com/developer-
| account/#/dev21218dfd6
|
| You do not have to pay anything if you do not want any of
| those services, however you will have to "refresh" your
| test app cert weekly or work around that.
| vbezhenar wrote:
| I can pay, but, as I said, my apps will expire in a few
| days, so I would need to rebuild and reinstall them every
| day to keep them working. The only way to have non-expiring
| apps is to submit them to AppStore which is obviously not
| possible, as it's only for me.
| saagarjha wrote:
| If you pay your apps will expire once a year rather than
| once every couple days.
| vbezhenar wrote:
| That's very interesting to know. I guess that's an
| ultimate solution to my problems then, rebuilding once a
| year is perfectly acceptable.
| capableweb wrote:
| I both hate and love both of Android and iOS. Currently I'm
| on iOS has the hardware is nicer but damn if the UX isn't
| confusing and downright dangerous sometimes (looking at you
| CarPlay).
|
| I also looked into getting some of my own programs into my
| iPhone but rather than getting stuck on not being able to
| keep it there for a long time, I got stuck on how to even get
| the program into the phone. Turns out you need Apple hardware
| to push the code, so I'm stuck before even being able to try
| it.
| Siira wrote:
| All those Apple apologists should go and take a look at the
| world; I live in Iran, and here Iranian apps just use a
| business profile to install. There are even alternative app
| stores using device management profiles. And these apologists
| keep bullshitting that the monopolist walled garden actually
| keeps people safe. The walls don't keep out anyone powerful,
| they just enforce rents.
| vbezhenar wrote:
| That's surprising as Apple is supposed to revoke those
| kinds of certificates pretty quickly. Enterprise
| certificates are for use inside enterprises, not for outer
| users.
| naravara wrote:
| Iran is under embargo by the US. Consequently, Apple
| doesn't do business in Iran. If someone buys an Apple
| product in Iran they're getting smuggled hardware that
| has likely been jailbroken. It won't be connected to
| anything Apple or iCloud unless they're going through
| some kind of VPN. Certainly nobody is getting developer
| certs there and they can't do any payment processing so
| most regular apps are gonna be out of the question.
| Siira wrote:
| Please stop opining on what you have zero knowledge on.
| The Apple devices in Iran are never sold jailbroken (in
| fact, I have never seen a jailbroken Apple device in my
| life). They can usually connect to all the Apple services
| without a VPN. There are apps that use Iranian payment
| processors in the App Store itself (e.g.,
| https://apps.apple.com/us/app/fidiketabi/id1464658470 is
| an app that sells ebooks and audiobooks, its real name
| being Fidibo), and others have apps as direct installs
| that need the user to accept their profile, or use one of
| those Iranian app stores. There was a brief period after
| the Facebook VPN scandal that Apple did make a show of
| blocking these Iranian certificates, which caused a surge
| in web apps (which I liked a lot), but that didn't last
| long. What is super clear is that Apple gives not a
| single fuck about privacy, security, US laws, or anything
| except PR. They do exactly what generates the most money
| for them, and have no principles. Every single big stunt
| they have done costed them nothing and further
| consolidated their monopolies. It is always others who
| shoulder the costs, never Apple.
| giantrobot wrote:
| > Please stop opining on what you have zero knowledge on.
|
| Solid advice. You should follow it.
| naravara wrote:
| Nothing has happened in US-Iran relations in the past two
| years to suggest anything in this article has changed
| substantially:
|
| https://venturebeat.com/2018/03/15/apple-blocks-app-
| store-in...
|
| If your app is using any payment processor that's not
| Apple within the App Store that app is not in compliance
| with Apple's own App Store policies. Epic Games would be
| very interested to learn this is happening. If you're
| using self-signed certificates or an "Iranian App Store"
| to install things you are also operating outside the
| bounds of App Store policy.
|
| You're using Apple services in a region that is not
| officially supported by Apple. I don't understand how you
| think security and privacy protections are going to be in
| place when using smuggled hardware that's intentionally
| compromised and taking active measures to circumvent what
| protections Apple has, either by jailbreaking or
| rerouting requests to Apple to some other mirror.
| Siira wrote:
| You're full of assumptions. Nobody is tampering with the
| hardware, nobody is routing Apple IPs to fake mirrors,
| nobody is using "self-signed" certs. People use stock
| iPhones, without a VPN (not that enabling a normal VPN is
| at all relevant here, but still), to enable profiles
| signed by Apple, to run Iranian software. All these can
| happen in the US as well, except Iranian app websites
| usually check the IP and sometimes the phone number
| before they give you links to install the app.
|
| That Fidibo app is obviously not "compliance with App
| Store policy." Said policy has never been followed
| consistently. Feel free to email Epic if you think this
| changes anything. My magic ball says the best result you
| can expect is that Apple says, "Oops, they lied, and we
| didn't notice."
|
| Your article is also just an article. App Store is
| usually fine in Iran, but sometimes there are connection
| problems. This is not even always a ban from Apple, the
| Islamic Republic is all too happy to ban foreign
| services.
|
| Instead of giving me all these made-up stories, give me a
| list of all the major sacrifices Apple has made for user
| security. I can't think of a single one. The nearest
| thing to a sacrifice they have done is supposedly not
| selling your data to 3rd parties (except China and
| friends), but this isn't that lucrative for them and the
| PR it generates translates directly into profits. Most
| privacy choices aren't this PR-able.
| Razengan wrote:
| All the Apple haters keep missing the point for why Apple
| users prefer "walled gardens": They are fucking beautiful
| respites from all the crap outside their walls.
|
| Apple has refunded me without question whenever an app
| tried to scam me, no matter how big people popular it was,
| whereas apps using third-party payment systems almost never
| give any refunds.
| danogentili wrote:
| Imagine actually using free and open-source apps from
| free and open source app stores&operating systems instead
| of buying an overpriced rehash of open source software.
| [deleted]
| chokeartist wrote:
| I don't want every piece of software I use to be a
| science project. I will pay for quality, feature-rich
| software.
| hrvTGKFyDyko3aK wrote:
| You can use AltStore to easily sideload apps to your iPhone
| without a developer account[0]. You only need to be on the
| same WiFi network as your computer once every 7 days to
| "refresh" the sideloaded app.
|
| [0] https://altstore.io/
| fouuler wrote:
| > Owning my computer is still relatively possible. I can build
| a computer from parts which I can choose, and have a choice in
| which operating system to install on them.
|
| Where can I find, how can I build a computer---that isn't 13
| years old---with open firmware of which one doesn't reasonably
| suspect that the NSA put a backdoor into it?
| avhception wrote:
| Maybe have a look here:
| https://news.ycombinator.com/item?id=26394439
| eeZah7Ux wrote:
| Buy a PinePhone. It might very well be more open and
| trustworthy than some laptops or desktops.
| kokx wrote:
| I love the PinePhone. It is an amazing project, and I'm
| definitely considering buying one. However, it does not solve
| my main problem. For most scenarios I still need a "normal"
| smartphone with either iOS or Android. Apps like WhatsApp and
| banking apps are unfortunately needed for a large part of my
| daily life. At risk of either socially isolating myself or
| bringing major inconveniences without having them. All
| unavailable outside of the walled gardens.
|
| I really want the PinePhone to be a solution here, but
| unfortunately I know it isn't.
| bronco21016 wrote:
| What features of the banking apps do you require?
|
| My bank's app is essentially a wrapper around their mobile
| site. I can't think of any specific features it has that
| require it to be an app, both technically, and in their
| implementation.
|
| Check deposit may be the only feature not available in the
| mobile site. It's certainly not a technical requirement
| that they can't implement that though.
| jlokier wrote:
| Probably the most noticable feature of banking apps that
| I've noticed is real-time payment authorization.
|
| Sometimes when making a card payment online (not
| necessarily on the phone), my phone shows a notification
| from the app asking me to confirm the transaction.
| bronco21016 wrote:
| Ah, I hadn't thought of that. Several of my credit cards
| have that same feature and it never shows up until I
| leave the US and don't have connectivity and get locked
| out of my card.
| a5withtrrs wrote:
| The (not cost effective) solution is to carry both.
|
| Shut off the 'normal' smart phone when you don't need it
| (for banking or what have you).
|
| Use the web version of Whatsapp (https://web.whatsapp.com/)
| if you must use it. You could even consider having a
| WhatsApp specific phone if you have an older model that
| you've upgraded from that contains no other data.
|
| That was my solution anyway.
| kokx wrote:
| That is the solution I am considering at the moment as
| well. Its not the prettiest, but it will likely work as a
| stopgap measure.
| a5withtrrs wrote:
| You can also use one device to hotspot another thus
| providing data without the added risks that come with
| having another mystery binary blob.
|
| You'll need a external battery pack though for longer
| days away from home.
| eeZah7Ux wrote:
| Carrying a cheap/old/second-hand small android phone can
| be cost effective. Plus, it works as a backup for phone
| if the PinePhone runs out of battery.
|
| Also, PinePhone can run anbox - slowly.
| ekianjo wrote:
| Any first hand experience with Anbox on Pinephone?
| edoceo wrote:
| I do similar. Just use my previous Android (eg Pixel2)
| with the apps on it and my current phone (Pixel3) is
| trimmed (disable what you can, no apps but Firefox). I
| leave the 2 in a known safe location.
|
| Not a 100% solution but is dead simple and better than 0%
| path411 wrote:
| In your scenario what do you even use the 3 for? Just web
| browsing?
| edoceo wrote:
| Web, Phone, SMS. Email is via web-interface.
|
| And I've actually got three apps: Firefox, Mattermost and
| Wireguard
| NoImmatureAdHom wrote:
| Check out Beeper (beeperhq.com). They have an all-in-one
| service that'll get you Whatsapp without hilariously
| dubious security promises from Facebook.
|
| Basically what they do is build and maintain a bunch of
| Matrix bridges for you. Whatsapp, Imessage, Telegram,
| Facebook, Slack, Twitter, Skype...
| NotPavlovsDog wrote:
| It appears the Beeper service by default runs on the
| beeper servers, with a subscription fee, yet I see there
| is a solution one can run locally
| https://github.com/spantaleev/matrix-docker-ansible-
| deploy
|
| Does anyone have experience running the open version on
| their machine? (self-hosted)
| tachyonbeam wrote:
| Maybe a good solution would be to have an android
| emulator/sandbox running on the PinePhone?
| ekianjo wrote:
| Its called Anbox.
| tachyonbeam wrote:
| Is it good?
| dekiphoros wrote:
| It is slow to start, but it works OK. Comes installed by
| default on Manjaro Phosh. you can install android apps
| via .apk files with adb.
| cat_plus_plus wrote:
| Well, you want an open computer right? How can you trust
| closed source apps like WhatsApp and Wells Fargo?
| sodality2 wrote:
| >Apps like WhatsApp and banking apps are unfortunately
| needed for a large part of my daily life
|
| That is the opposite of what they want. Do you think
| whatsapp and a banking app will allow installations that
| let them track users _less_? With banking I can sort of
| understand it, they have to protect the lowest denominator
| (reused password, no 2fa), so barring different
| installation methods that are used for "anonymous"
| purposes I can sort of understand the reasoning behind. but
| something like whatsapp where the main commodity is your
| data? Hardly their priority.
| mindslight wrote:
| A way to mitigate this is to just accept having multiple
| devices. This doesn't solve issues like unaccountable
| microphones, but does give you at least one device that you
| do control and the no-nonsense software benefits that
| brings.
|
| I'm at the point in my life where I don't really need
| proprietary apps on the go, so my "full take" device is a
| tablet that mostly stays home.
| reilly3000 wrote:
| So far we're struggling with some really basic issues with
| our recent Pine Phone- including severe echo on calls, slow
| ui etc. Its a WIP and will undoubedly improve over time, but
| its definitely not a turnkey daily-driver type of experience.
| Mediterraneo10 wrote:
| The PinePhone is definitely more open and trustworthy, but it
| also feels pretty useless for the time being. Its Allwinner
| A64 processor is antiquated, about like a lower-end Android
| phone from half a decade ago and with only 2-3GB of RAM, but
| the Phosh software stack isn't optimized well for these
| limitations and the device moves at a crawl. Just opening the
| screen to turn the wifi on or off takes over five seconds.
| (Yes, there is also UBports, but that is based on 2014-era
| Ubuntu-specific software that even Ubuntu moved away from,
| and the whole thing feels like it is bitrotting now.)
|
| I also worry that there isn't enough of a development
| community behind the PinePhone to bring it to a basic level
| of polish. Instead of being the resurrection of the Nokia
| N900 as a hackable Linux phone, the PinePhone might actually
| be a repeat of the ill-fated Openmoko Freerunner.
| eeZah7Ux wrote:
| > lower-end Android phone from half a decade ago and with
| only 2-3GB of RAM
|
| For $150 it's quite a good deal. Plus, the software stacks
| are quickly improving, especially Mobian.
| ARandomerDude wrote:
| Where? Everywhere I've seen is preorder or out of stock. I'm
| sure it's a great device but the supply chain just isn't
| there if my phone dies today.
| NoImmatureAdHom wrote:
| Also consider Purism's Librem 5
| xenadu02 wrote:
| The only thing I will say is that I encourage you to get
| involved with hardware engineering. You will quickly find that
| small personal electronics have extreme design constraints that
| are quite unlike a custom-built PC (it's like complaining that
| you can't just buy RAM, a CPU, enclosure, etc and build your
| own ECM for your car).
|
| People don't drop their battery-powered custom-built PC into
| 6ft of water and expect it to keep working (then dunk it again
| after two years of abuse, 4 floor drops, etc have worked
| against the case, seals, and so forth). They don't take it from
| freezing temperatures into the warm indoors and expect it to
| keep on trucking. They don't expose it to extreme temperatures
| on car dashboards in the summertime and expect it to still
| perform (it would absolutely hard-lock due to overheating if
| you tried it). Compared to a phone it doesn't matter very much
| how much a custom-built PC weighs +/- 1kg; phones fight for
| grams. If a custom-built PC uses an extra 15w who cares? But
| that might be more than the entire power budget of a phone SoC.
| People expect a phone not to spew EM that breaks the ability of
| anyone around them to use data or make calls. People also
| expect their phone to be able to complete a 911 call in an
| emergency so long as some kind of signal exists.
|
| Modularity IS NOT FREE. STOP ACTING LIKE IT IS.
|
| Modularity costs space, weight, and complexity (which often
| translates into user time spent troubleshooting).
|
| If a user-replaceable screen means giving up waterproofing do
| you expect that to be a popular tradeoff? If making the battery
| replaceable reduces battery life by 40% is that a good
| tradeoff?
|
| It is clear to me some people complaining haven't spent any
| time researching this topic and have no idea just how much
| engineering goes into modern electronics nor what the tradeoffs
| are. If they actually had to live with the results of their
| claimed preferences a lot of them would hate it and switch back
| immediately. At best I see people hand-waving half the battery
| life or double the weight as if it such things were trivial for
| devices people hold or carry on their person for hours a day.
|
| I'm 100% serious when I say if you are working on your own
| company or product please make sure you approach these things
| with eyes open. If you are deliberately going to serve a
| different part of the market know that going in. It's fine to
| go after a niche - a niche can be profitable - but understand
| your customers and what they really value (not just what they
| claim to value). Don't let a bunch of contrarians on HN
| convince you there's a market for 10 million modular cell
| phones. You'll lose a lot of money when your "customers" skewer
| your product for all the compromises necessary to give them
| what they claimed to want.
| iphorde wrote:
| Let's get a right to repair bill done. I don't think this
| current administration and congress have an appetite for it,
| but maybe in the future we will get it.
| garmaine wrote:
| > Owning my computer is still relatively possible. I can build
| a computer from parts which I can choose
|
| This is insufficient according to conditions of TFA. It is
| widely assumed in the security industry (based on evidence from
| the various state-sponsored attacks we can see) that the NSA
| and/or other government agencies have backdoors and/or zero-day
| exploits for both the CPU secure execution modes and common
| networking hardware. It is very likely that there are "magic
| packets" which you can send to such devices which install a
| rootkit payload.
|
| If security against even government intrusion is something you
| care about, it really difficult to buy or make a modern
| computer that is configured like computers were in the 80's and
| 90's: just running code we have complete access to, with no
| hidden interfaces.
| macspoofing wrote:
| My hope is that as smartphone hardware gets commoditized we'll
| see a meaningful third-party alternative. Linux on desktop, for
| example, may not have the marketshare that matches commercial
| offerings (like MacOS, Win, ChromeOS) but it is viable, and it
| is there for people who want it. I want to see something like
| that for phones.
| tyingq wrote:
| _" simple reparation tasks like replacing a battery is a
| nightmare these days"_
|
| Had a recent experience with a Motorola phone with this. And
| there was no obvious technical reason they couldn't have held
| the battery down with something other than a shite ton of glue.
| katbyte wrote:
| glue is cheap
| crabmusket wrote:
| I'd like to quickly plug Fairphone here. They've made a phone
| which does everything you'd expect of a smartphone, but is
| also very easy to disassemble. Replacing the battery is
| extremely easy, same with the screen itself. The other
| "modules" tend to have a few different components on them,
| e.g. USB plug and vibration motor are on the same module
| AFAIR.
|
| I've been using the Fairphone 2 for a bit over 5 years and
| while it's not an outstanding phone, it's lasted well enough.
| The challenge for me in Australia is getting spare parts, as
| they only ship to Europe sadly.
| Psychlist wrote:
| I just bought a 3+, shipped to Australia via a friend in
| Austria. I'm glad to hear that your 2 has lasted, albeit
| the phone I replaced was also about 5 years old (a Samsung,
| from the days when those had replaceable batteries and uSD
| slots. And on battery number three, although I am pretty
| sure battery number two was a fake because it never worked
| properly)
|
| I'd love to run a more open software stack, but even just
| Linux on the top layer would mean not running the apps I
| need to get through daily life... it's why I had to retire
| my perfectly working Android 3 phone, so many things
| stopped working (the Covid tracking app FFS). But under
| linux are the various radio, camera, wifi etc modules and a
| lot of those have their own firmware. Pinephone has really
| struggled with that.
| thwoeriu2334234 wrote:
| > trying to ungoogle it as much as possible.
|
| From experience, no matter what you do, your phone will still
| continue to ping 1e100.net every few minutes. This may just be
| something innocuous, but there just is no way to get rid of
| this behavior (or to understand where it's coming from).
| Mediterraneo10 wrote:
| Doesn't LineageOS with MicroG strip out calls to Google
| servers?
| techrat wrote:
| 1e100.net is for dns resolution and captive portal detection.
|
| > adb shell settings put global captive_portal_mode 0
|
| will disable it.
| monkin wrote:
| There should be just a phone for hackers and hardware/open
| source enthusiasts. They would have a toy to play with without
| a need to bash other "walled garden" platforms which isn't for
| them apparently. As ordinary consumers don't want to or do not
| have a knowledge on how to do those advanced tasks most HN
| users want.
|
| And, that's great! They shouldn't know that, maybe there will
| be some cultural shift in the future, where everyone will be
| tech-savvy, and companies like Apple starts changing their
| approach. Until then HN users need to accept that most of those
| solutions are made for ordinary consumers, and embrace the
| niche for them. :-)
| fsflover wrote:
| Such phones exist: Librem 5 and Pinephone.
| mPReDiToR wrote:
| Typing this on Huawei Android.
|
| I have a PinePhone. It's much fun being around the guys who
| are making the next evolution of phone. Hackers gonna hack.
|
| I'm still here bashing the walled gardens because no matter
| what the non-techies want to do, they need protecting from
| themselves by either the .gov or by being given alternatives.
|
| Every day we get closer to giving them another usable option.
| Vaslo wrote:
| This reminds me of my stress in finding a high end TV without a
| major company watching my TV habits. It doesn't seem you can buy
| a high end TV without having Android or some other company
| watching what you are doing. Are there any high end TVs that have
| more open software? Or is profit such a high priority that we
| basically have to supplement tech companies through TVs?
| runjake wrote:
| Build a PC and install Linux on it and be done with it.
| luxuryballs wrote:
| The hardware is also suspect. I think in the author's mind we
| need an entirely new computing architecture.
| Koshkin wrote:
| Firefox on Debian spies on me. (I mean, sure, a bare Linux
| probably doesn't.)
| gautamcgoel wrote:
| Can you elaborate on this please? I run firefox on Linux and
| wasn't aware of any tracking.
| sodality2 wrote:
| Not who you're responding to but default telemetry, default
| search engine (google), etc
| asymptosis wrote:
| Yes, my thoughts exactly. You can't quite escape concerns about
| motherboard and cpu manufacturers baking in little security
| holes, but it's better than buying some pre-packaged system or
| laptop. Chuck Linux or a BSD on there and boom you've got back
| most of your general purpose computational freedom.
|
| Of course, you can't change the crappiness of the broader
| infrastructure, but "give me wisdom to accept what I cannot
| change" and all that. Choose your battles.
| waynesonfire wrote:
| Isn't this essentially what Richard Stallman talks about?
| zekica wrote:
| Except that he (almost) has a solution, while the author
| doesn't.
| NiceWayToDoIT wrote:
| It is interesting thought, especially as few days back someone in
| HN wrote completely opposite view, that everything should be
| controlled and spied on (and for the love of universe I cannot
| find it again, it was on first page of HN I would appreciate link
| ...), because with progress we are becoming more powerful and
| more destructive - so any human in future with enough knowledge,
| would have ability to destroying entire humanity.
|
| Where is the middle ground between those two ends?
|
| Maybe it is similar to what we have now?
| jillesvangurp wrote:
| It's basically fighting the inevitable. Technical progress is
| relentless and basically impossible to control. You can
| unilaterally choose to not participate. But that just means
| giving more control to exactly those people you are most afraid
| of. The best way to stay ahead of that game is to be a part of
| it.
|
| I take it as a given that a few generations from now, every
| move, expression, twitch, etc. will be recorded, persisted (in
| perpetuity), analyzed, etc. by many mutually hostile parties.
| Even right now, we're never far away from dozens of active
| microphones (i.e. phones) that may or may not be live streaming
| an audio feed over the network. Many cities are covered in
| cameras. A lot of financial traffic is electronic already. So,
| you could argue that although incomplete, it's already getting
| hard to cover your tracks. Tin foil hats don't really suffice
| anymore.
|
| In fact, I believe we are just living through a very narrow
| window of time where this is all technically feasible but not
| common practice or practical yet on a global scale. I'm talking
| about a cradle to grave thing. It's not going to be opt in or
| opt out for anyone ultimately. It's basically an arms race.
|
| However, I take some comfort from the notion that there will be
| many parties doing that and watching each other and thus
| keeping each other honest. The irony of that is that this
| applies equally to dictators, corrupt politicians, criminals,
| terrorists, military, etc. as well. They may be empowered to
| misbehave but they won't be able to do so covertly. If you are
| powerful enough, you get to rewrite history. But in the future
| that will require access to the digital archives of all your
| enemies. And you can never be sure that you got every bit of
| that.
| T3RMINATED wrote:
| Homeboy never heard of Linux.
| aranibatta wrote:
| yup, https://sail.so
| larrik wrote:
| This seems like a lot of words for "I wish I was brave enough to
| try Linux"
| obviouslynotme wrote:
| Damocles was an obsequious courtier in the court of Dionysius II
| of Syracuse, a fourth century BC tyrant of Syracuse. Damocles
| exclaimed that, as a great man of power and authority, Dionysius
| was truly fortunate. Dionysius offered to switch places with him
| for a day, so he could taste that fortune first-hand. In the
| evening a banquet was held, where Damocles very much enjoyed
| being waited upon like a king. Only at the end of the meal did he
| look up and notice a sharpened sword hanging directly above his
| head, held only by a single horse-hair. Immediately, he lost all
| taste for the festivities and asked leave of the tyrant, saying
| he no longer wanted to be so fortunate. Dionysius had
| successfully conveyed a sense of the constant threat under which
| a powerful man lives.
|
| - The Sword of Damocles,
| https://en.wiktionary.org/wiki/sword_of_Damocles
|
| The powerful are perpetually terrified. They are scared of each
| other. They are scared of the populace. If someone created a
| perfectly secure computer or phone with secure messaging
| capabilities, from the hardware up, that company would
| immediately be told to play ball or face blackballing.
| pengaru wrote:
| What the hell is an x286
| drvdevd wrote:
| I don't believe what the author is asking for exists. The answer
| to his question, in my opinion, is a definitive "No." Even his
| 286 was arguably full of components which were probably
| backdoored in some manner. And even if your hardware and software
| stack is somehow fully private, having to work with the web as we
| all do, almost guarantees compromise.
|
| This is not to say our efforts at privacy are completely in vain,
| just that this perfect endpoint doesn't exist.
| yoz-y wrote:
| What good is a backdoor without a worldwide network connection?
| TruthWillHurt wrote:
| You want "a computer"... what is this mithical box? are you
| reffering to the hardware? the operating system? the internet?
|
| Sounds like my mom - "make the gizmo do things".
|
| Install Linux, leave us be.
| arpa wrote:
| You still own the computer. But, but, the root of the problem is
| actually the web. The browser is essentially a operating system
| nowadays, there are very few browser engines and even less
| browser engines without links to corporate overlords.
| h0nd wrote:
| Since phones are nothing else than computers nowadays: I want a
| phone that I own!
|
| The mobile phones are by far more limiting and take away control
| of the owner.
|
| A simple example would be the possibility to edit the HOSTS file
| on Android. I am the owner and administrator of this device, yet
| I am unable to do basic controls of my device.
| megous wrote:
| Or just troubleshooting things, even if you don't want to
| change anything. You're not even allowed to view what's stored
| on your phone.
|
| My gf asked me why her Android can't install new apps (gplay
| says it doesn't have enough space to install 14MiB app, phone
| says it has 200MiB free).
|
| So I go to adb shell to see what's taking up space, df says
| 700MiB free on user data filesystem (so the stupid gplay app is
| lying). `ls` and `du` says permission denied almost everywhere.
|
| To unlock/root the phone, it needs to be erased, or needs some
| apk installed (which doesn't work). Even Windows 95 20 years
| ago had less shitty debugging experience.
|
| Just makes me glad I never bought a smartphone, personally.
|
| Other time we needed access was just to back up the list of
| contacts. Also not possible without a stupid possibly closed
| source apk. It's not even part of adb backup. But many regular
| apps are allowed to steal your contact list and send it
| anywhere they want. Bleh.
|
| "User hostile" doesn't even cut it, when you lose access to
| your data the moment app installation breaks, and can't get to
| your data via debug tools.
| h0nd wrote:
| Exactly, thats my point, too. You brought up a very nice
| example (which i actually experienced first hand as well).
|
| I feel forced to circumvent this so called 'protection'.
| post_below wrote:
| > Will this ever end?
|
| It remains an interesting question. Is there any way to reclaim
| the autonomy and ethos of freedom from the earlier part of the
| digital era?
|
| I'm not sure how that would look. I don't mean in terms of a set
| of hardware and software solutions.
|
| I mean technology that's actually for the end users, available to
| everyone with curiosity as the only barrier to entry. It sounds
| like a utopian delusion even though it existed not so long ago.
|
| I'm not sure there's a realistic way to get there from here. I'd
| love to be wrong about that though.
| judge2020 wrote:
| Windows has been the mainstream OS for nearly 25 years
| (probably more, had a hard time getting good historical stats).
| The desktop has never been free, just simpler and less 'rent
| seeking after the fact'.
|
| https://www.cnet.com/news/windows-95-remains-most-popular-op...
| post_below wrote:
| I suppose I should have added basic equipment as a barrier to
| entry, it seemed self evident as I was writing.
|
| Edit: I think you could call Windows mainstream (or becoming
| dominant) around version 3, maybe a bit before. So that's
| over 30 years.
| natural219 wrote:
| You should consider trying Urbit. There's a large community of
| people who have had this desire for decades, and most of the good
| ones are settling there.
|
| https://urbit.org
| Animats wrote:
| For the total opposite, see today's article on "remote
| workstations", where your computer is just a dumb terminal.
| hrishi wrote:
| Agree with most of the comments, but it's worth mentioning that
| you will never get those things for cheap.
|
| The reason most of the things you buy are cheap is due to
| economies of scale - you want something a lot of people want.
|
| Want a bicycle with 2 wheels? Cheap. Want one with 7 wheels?
| Expensive.
|
| Unfortunately for you, almost none of the things you say you want
| in a laptop are things you're aligned with most of humanity in
| terms of priority. Sure, most people might tell you they want
| those things, but they're not willing to give up the benefits of
| centralization, or pay a few bucks to get rid of ads.
|
| Tldr: if you want something few people will buy, expect to pay
| more.
| oytis wrote:
| > Except for a handful of very over-priced models that I can't
| afford to buy, our computers are increasingly designed to be
| little more than advertising platforms and vehicles for
| maximizing the cloud revenues of their true owners.
|
| I don't quite get what the author is talking about. There are
| some concerns about what proprietary BIOS firmware does, but
| otherwise pretty much any PC on the market can run whatever
| software (including the OS) the user installs on them. Or can the
| author only afford a smartphone?
| chj wrote:
| The author didn't define what owning means, but my guess is that,
| the computer must not run code without his approval, and must be
| able to run any code he wants.
|
| Nowadays, you can only truly own an emulator.
| temporallobe wrote:
| Yeah my guess is that OP is on Windows, judging by the way they
| mention advertising. This is the way I used to think and now
| that I am solely on macOS and Linux for my personal computing
| tasks, I don't feel like that any more, though I am not foolish
| enough to believe that even on those systems you can't be spied
| on at a hardware or OS level. Even if you're on a theoretically
| 100% secure OS, any third-party software such as, oh, a
| browser, could be phoning home or have analytics hooks that
| track all kinds of things. If you're super paranoid, I suppose
| you could always install Kali Linux on a VM and run TOR on that
| for covert communications. Or use smoke signals and manual
| OTPs.
| autoexec wrote:
| > Yeah my guess is that OP is on Windows, judging by the way
| they mention advertising. This is the way I used to think and
| now that I am solely on macOS and Linux for my personal
| computing tasks, I don't feel like that any more,
|
| I don't think either are immune from the problem. Even Ubuntu
| was sending people's local disk searches to their servers so
| that they could push amazon ads. Everything I've ever touched
| from Apple seemed to push you to their own apps/ecosystem. If
| you want to put music on your iphone, you can't just plug it
| in and open it like a drive, they'll push you to itunes. They
| also seem to very heavily push their cloud stuff.
| cat_plus_plus wrote:
| It's nice to want things, the question is what are you willing to
| contribute or give up to get them. The author wants to be free of
| Microsoft and then says he wants something like DOS on x286.
| Well, DOS was not free of Microsoft. To really be sure
| corporations and government are not spying on you, you need 100%
| open source for all software and firmware, if not chip
| schematics. This means slower hardware and less software, because
| people don't do as much work for free / on donations vs paychecks
| paid by copyright royalties and ads (that can be easily stripped
| from open source). Want to keep your photos if you drop your
| phone into the lake? Well, then a copy is on someone's servers.
| Want traffic information in your map app? Someone knows where you
| have been driving then.
|
| Running desktop/laptop Linux is a relatively minor sacrifice in
| terms of available software, especially if you consider Wine and
| Steam emulation. Yet market share is tiny. People do not seem to
| own a computer enough to do anything about it.
| Pawka wrote:
| > Well, DOS was not free of Microsoft.
|
| Probably he meant that Microsoft was not the same Microsoft as
| it is now. In the same way as having @gmail.com account let us
| feel "special" 15 years ago and Google was operating under
| "Don't be evil" flag. Things are changing.
| oaiey wrote:
| Well ... TCP/IP was not yet the standard, the Internet was
| very different there. Microsoft then and Microsoft today is
| the same deal: They want to earn money. And most likely,
| then, they were more ruthless than today.
|
| What he wants is simplicity he can understand. 286 had a
| processor architecture with a security model everyone could
| understand.
| aidenn0 wrote:
| I'm going to push back a bit when the author is both comparing
| what they want to an 80s 286 PC _and_ complaining that the only
| models today that meet their needs are too expensive.
|
| The inflation-adjusted price of an IBM AT when it was introduced
| in 1984 was about $15k.
| markus_zhang wrote:
| The problem is: Do we own ourselves?
| MaxBarraclough wrote:
| So they've independently discovered the tenets of the Free
| Software movement. They make valid points, but that's all they've
| done. I'm surprised there's no mention of this in the comments
| here.
|
| > I must rely on encryption algorithms that are designed with
| subtle flaws that can take years, if not decades, to come to
| light.
|
| Cryptography is an extremely technical field, so yes, you do.
| That's not really relevant to the matter of truly owning your
| computer. If you want to personally validate modern theoretical
| physics, that would also take years of study.
|
| > Even open source encryption algorithms that some claim are
| above reproach are repeatedly being shown to have major flaws,
| and the fixes to those flaws have their own major flaws.
|
| Again, a separate issue. That's not a matter of having a computer
| you truly own, that's a matter of software quality.
|
| > Will this ever end? Will I ever have a computer that I own?
|
| They pose this question as if it's a rhetorical one. The Free
| Software movement already exists. You can support it with code
| contributions, documentation, testing effort, money, or
| advocacy/activism. See [0]. If you don't like the FSF
| specifically, you can support other initiatives.
|
| [0] https://www.fsf.org/about/ways-to-donate/
| bjarneh wrote:
| > Governments seem to be universally terrified of even the
| slightest possibility of anyone in the world having a private
| conversation.
|
| We used to make fun of the countries behind the iron curtain for
| their lack privacy. The thought of living in a surveillance state
| seemed horrible as well as unrealistic in "the west". Freedom /
| democracy loving people like us would never have that kind of
| problem. Now it seems the whole world has gone mad, and it seems
| that people looking for privacy, are just considered as people
| looking to do something terrible that the state needs to stop
| anyway.
| annoyingnoob wrote:
| To some extent, 'maximizing the profits of the computer industry'
| has given us the slick hardware that we have available.
| varenc wrote:
| It's a bit ironic this site is served over unencrypted HTTP.
|
| While static content on a blog doesn't really need it, HTTPS
| would still help protect the privacy of visitors browsing
| history.
| charcircuit wrote:
| It also protects viewers from MITM attacks that can add
| advertisements, add malware, change your words to make you say
| something bad, etc.
| judge2020 wrote:
| I wonder if he'd be interested in a secure website without
| having to rely on trusting CAs.
| ho_schi wrote:
| I understand the author. While I'm more suspicious about the
| hardware companies than the governments. But care about both. And
| look pure software companies, which try to sell you services
| instead of code, executable and support. When hardware- and
| software are integrated be extremely wary - usually you only get
| an appliance.
|
| I try to follow these guidelines:
|
| 1.) Used and buy only general purpose computers, where you can
| swap hardware and operating-system. Or even better, firmware.
|
| 2.) Avoid Big Tech: Apple (literally all), Microsoft (Surface)
| and Google (Pixel)
|
| 3.) Laptops: Invest into vendors which allow all purpose
| computing or especiall Linux. Big ones are Lenovo and Dell, small
| ones are {System76, Purism, Tuxedo, ...}.
|
| 4.) Desktop: Built it yourself or order some from a shop which
| built it for you.
|
| Actually the Pixel Phones are rather good. But Google is not
| better than Apple. Miracast is really complicated but good.
| Google? Disables Miracast in the Pixel phones and tries people to
| lure into Chromecast, which is inferior and requires practically
| always Internet. If you want send content two meters across the
| room you don't want Internet! And Pushmail? Only with GMAIL on
| Pixel. We are in 2021 and this phones don't provide Pushmail for
| IMAP servers which actually provide this feature. Even Apple is
| better there, and Apple also provides CalDAV and CardDAV. But
| Apples doesn't provide file system access nor allow you to use
| your devics as you want!
|
| Lenovo and Dell improved their Linux support a lot in recent
| years - so I consider them pretty positive. But nothing is
| perfect.
|
| PS: Probably I receive downvotes because saying negative things
| about Apple is not well received here. Silicon Valley Clique?
| unobatbayar wrote:
| It's probably very difficult to be 100% sure, even if we create
| the hardware and software on our own. Therefore, be mindful of
| your actions and always assume it's being monitored. Running
| linux on raspberry pi might be a good start though.
| scelerat wrote:
| Who is going to make this mythical computer which neither
| benefits any government nor lines the pocket of any corporation?
| At a cost that makes it accessible to the author? Real question.
| Maybe it's possible. Who's going make it.
|
| I think the best bet is for citizens of powerful and influential
| governments insist on legal privacy constraints for software and
| hardware manufacturers, as well as place limits on their own
| governments' snooping.
| mogoman wrote:
| Looking through some of the points above, I was somehow reminded
| of Johnny Mnemonic, where he puts together a computer to get
| online. Based on today's reality he wouldn't need all the most
| modern, hard core parts, but actually as retro as possible -
| break into a computer museum and fire up some kind of antique
| running code he writes himself.
| blhack wrote:
| Get an old lenovo laptop and install openbsd on it. This post is
| legitimately a bit confusing to me since what they're describing
| sounds like a pretty standard sort of BSD/linux machine.
| Koshkin wrote:
| OpenBSD does not keep things from spying on you. All it does
| is, it prevents things (and the people behind them) from
| breaking in.
| yjftsjthsd-h wrote:
| Using OpenBSD should mean that _your own system_ isn 't
| spying on you.
| mikewarot wrote:
| You _can_ own a computer, but you have to go back to the days of
| MS-DOS and floppy disks to really be sure. Once a program is
| running on MS-DOS, it essentially owns the machine until it makes
| a DOS or BIOS call. There isn 't really enough room in the system
| to fit any advanced back doors, and you can have your operating
| system on a hardware write protected disk. You can make backups
| that you can verify, and write protect those, and keep them
| offline.
|
| -- The key advantage of an old MS-DOS / floppy based computer is
| that you can _always bring your system back to a known safe
| state_ --
|
| Once you adopt any operating system that is always running, _the
| OS_ has to protect the hardware from everything, if you want to
| be able to trust it. _This rules out Linux, Mac-OS, Windows,
| etc._ I 'm hoping that Genode does a good enough job to be able
| to trust it, but it's a bit beyond my learning curve right now.
|
| If you have a secure OS, which isn't stupid about trust, then
| you're back in the saddle again, and can build upon this
| foundation, being careful to never give any executable you run
| more privilege than it needs to do the job. Linux, Windows, and
| Mac-OS all have stupid defaults (allow everything the user is
| permitted)... Genode and systems that implement capabilities
| don't do that. (No, "access your contacts" on your tablet or
| phone is not a proper "capability", "you can read this file", and
| "you can write this folder" are _proper_ capabilities).
|
| -- A secure system lets you assign capabilities using dialog
| boxes like you're used to using, except they call them a "power
| box". The OS then enforces your decisions, not the application.
| No matter how rogue or confused your program gets, it can't
| access anything outside of the files or folders you've given it
| access to. 8)
|
| We're a few years out before awareness of the stupid defaults
| we're all living with take hold, and the inertia of everything
| then has to be overcome. We'll get there eventually, if we can
| keep the idea at least an open option before big business closes
| it down for good.
| mikewarot wrote:
| My main point to all of the above is that you need a better OS,
| the hardware can mostly be ignored once a proper OS is running
| that can keep the hardware from being hijacked.
| sanxiyn wrote:
| Please consider funding https://www.powerpc-notebook.org/. I did.
| (Seo Sanghyeon)
| alexashka wrote:
| > Will I ever have a computer that I own?
|
| Maybe yes, but why? _Why_ do you want it?
|
| As long as you remain a human being, there will _always_ be
| things you 'd prefer be otherwise if you just wait a while. If we
| take that as an axiom, we can stop trying to react to every
| discontent with thoughts of wanting the world to be different.
| Once you accept that things are the way they are and there ain't
| a thing to do about most of 'em, maybe that's better than owning
| a computer you own. I dunno, works for me :)
| guidoism wrote:
| A microcontroller is probably the closest you can get these days
| and honestly a modern MCU is going to be powerful enough of for
| most use cases.
|
| There's a huge world of difference in complexity and
| understandability between an MCU and the SOCs in a phone even if
| the instruction set is the same.
| walrus01 wrote:
| > Perhaps I am looking for something like the x286 DOS computer I
| had in the early 1990's
|
| You can do an almost fully GPL compliant Linux desktop by
| building it yourself today. I can already see people thinking
| "but what about the closed source binary blobs? my video card? my
| network interfaces?"
|
| But even your 12 MHz 286 or 386SX/20 had closed source AMI or
| Phoenix BIOS firmware on it. The motherboard manufacturer in
| Taiwan and American Megatrends sure weren't handing out the
| source code to that. And if you had a video card, or a
| soundblaster, its drivers loaded in config.sys were also closed
| binary blobs.
| tux1968 wrote:
| You have (almost?) no way to verify how the transistors inside
| the computer chips are wired. And even if you design your own
| chips, you can't really know if the design you specified has
| been faithfully followed at the fab facility. It's a tough
| problem.
| Black101 wrote:
| Wouldn't it be possible to verify that a quantum computer's
| design was properly implemented using a quantum problem?
| walrus01 wrote:
| The question then, really, is how far are you willing to go
| down the stack of software on hardware, in pursuit of true
| ideological purity? How can, even the Pinephone
| manufacturers, be absolutely sure that their design is being
| implemented in hardware as they specced it, without
| backdoors?
|
| If you have a near infinite amount of money and resources,
| you can be absolutely certain (the hardware that runs NSA
| approved type 1 crypto goes through a very thorough vetting
| process), but such a concept is economically unrealistic for
| anything that normal people can buy.
| ratorx wrote:
| Hardware level trust would be really cool. It seems
| theoretically possible because all you need is an accurate
| measurement of some physical property that is hard to forge
| when changing transistors orders etc. Practically though,
| anything like that would be most likely affected by
| manufacturing tolerances for the transistors, so you'd have
| to find something that allows a certain amount of error
| when individual transistors change, but will reveal unknown
| transistors and connections.
|
| Even if this was achieved, the rabbithole would continue
| though, because the thing you measure with could now have a
| backdoor. Remind me of the classic paper about the same
| problem with software: https://www.cs.cmu.edu/~rdriley/487/
| papers/Thompson_1984_Ref...
| walrus01 wrote:
| As the paper points out, ultimately you have to trust the
| people. This is why vetting processes exist for access to
| some critical things. And why I have a fairly high degree
| of confidence that certain reputable people can be relied
| upon to take a firm stand on principles and ideology
| (example: if somebody was trying to pressure Moxie
| Marlinspike to backdoor Signal).
| Koshkin wrote:
| The difference is, the BIOS and other firmware in early PCs did
| not spy on you.
| oaiey wrote:
| Because they had no internet, no CPU power and no memory/hard
| disk. Otherwise they would have ;)
| kiwidrew wrote:
| Precisely!
|
| In the olden days of real mode MS-DOS, if you want to gather
| keystrokes from the user securely (e.g. a password) the
| program could simply take over the IRQ1 (keyboard interrupt)
| vector and that was sufficient. The extra paranoid could also
| revector the other interrupts (or disable interrupts
| entirely) and ensure they had exclusive control of the entire
| machine.
| lmm wrote:
| There was no management engine, no "phone home" functionality.
| And those drivers you mention were often handwritten assembly
| to the point that reading the disassembly would be as good as
| having the source code.
| kiwidrew wrote:
| While the BIOS and VBIOS of a typical 286/386 machine was
| indeed a closed-source binary blob, there were several factors
| that helped keep this in check:
|
| 1. The underlying hardware interfaces (I/O ports, memory
| addresses, etc.) was considered part of the IBM PC "standard"
| and many programs would bypass the BIOS and talk directly to
| the hardware.
|
| 2. The software interface to the BIOS and VBIOS was also part
| of the IBM PC "standard", and so the firmware couldn't diverge
| too far from the expected behaviour without risking
| compatibility issues.
|
| 3. Once the PC entered protected mode, the BIOS essentially
| turns into a useless brick, and ceases to have any influence on
| the operation of the CPU. (That is, once in protected mode, the
| OS kernel in ring 0 had full control of the system, and none of
| the BIOS code remained active.)
|
| The difference with modern systems is stark: binary blobs often
| provide the _only_ means to operate the hardware devices, CPUs
| have special execution modes (such as SMM) which continue to
| execute binary firmware even after the OS has booted, and even
| the CPU itself holds binary blobs (such as microcode patches).
| eeZah7Ux wrote:
| The amount of binary blobs (in bytes) on an early 90's system
| is absolutely tiny compared to what's on modern hardware.
|
| Good security is about minimising the attack surface and risk,
| not reaching some ideal pie-in-the-sky complete and total
| trust.
| walrus01 wrote:
| Definitely, but in the pre 1995 time frame for both MS/DOS
| and Unix derived workstation stuff, the _default_ was for
| everything to be closed source and proprietary. Vendor lock
| in for high performance systems was much greater than the
| open hardware platforms and interoperable things we can piece
| together today.
|
| If you had a time machine and gave some developers in 1991
| the massive cpu, ram, storage and bus i/o throughput that we
| have today in a $1200 desktop PC, I don't doubt that they
| would have made those binary blobs a lot bigger and more
| complicated. Something about the typical software environment
| expanding to fill all available resources, seemingly as an
| inevitability.
| heterodyning wrote:
| I want the search index of the early google age where it was less
| monetized and more accurate.
|
| I want real information not force fed crap that is essentially
| information fast food causing type-2 terminal stupididty.
|
| I want information without the built in addiction.
| asymptosis wrote:
| I think there is a market niche which is being overlooked: pay-
| to-use search engines.
|
| Infinity Search (https://infinitysearch.co) is something like
| what I have in mind, but they only charge $5 per month, and
| search results are noticably less comprehensive than Google.
|
| Kind of like how there are various pay-to-use email services
| which market themselves on their security, I'd like to see a
| lot more competitors in the paid search engine space. Eg
| instead of paying $5 per month, let's pay $200 a year for a
| search engine which consistently returns superior results to
| Google.
| autoexec wrote:
| I agree, google's search certainly peaked a long time ago. It's
| great for anything highly popular but between marketing
| bullshit and spam results for anything else have just gotten
| worse
| 40four wrote:
| It's a somewhat angry & rambling rant, but without picking it
| apart too hard, one sentence really resonated with me.
|
| I would summarize the thesis in this sentence ->
|
| _"I want a computer that does what I want it to do, not one that
| has a hidden agenda programmed into it at the factory._ "
| t0r0nat0r wrote:
| Get a VM and s VPN.
| mbravorus wrote:
| Surprised nobody mentioned The Helm ( https://thehelm.com/ )
| mrverify wrote:
| A collection of ice40 FPGAs built into a computer? surface mount
| transistor implementation of a pdp8 with regular semiconductor
| memory and an FPGA MMU that handles gigabyte memory sticks? I was
| thinking a forth computer, but the applications are sparse:
| gForth spreadsheet and word processor, both text based.
| BoysenberryPi wrote:
| This feels like it was made to get to the top of somewhere like
| HN but I'm actually very confused.
|
| >I want it to be, but which can also be used to communicate
| securely with anyone on the planet without being observed by a
| third party. I don't want to be spied on by Microsoft or Google.I
| don't want the NSA intercepting my conversations or even their
| metadata.
|
| I don't see what this has to do with the actual computer
| honestly. You don't want Microsoft to be involved so I'm going to
| assume you are going to install Linux on whatever you get,
| awesome, this doesn't stop the NSA or Google from harvesting your
| data because that doesn't really have anything with the computer.
| Seems like you want a search engine and ISP that you own as well.
| Goz3rr wrote:
| I'm not sure if it's ironic or intentional, but I find it funny
| that they talk about these points while not having HTTP
| redirect to HTTPS on their own site, presumably because it's
| using a self signed certificate.
| [deleted]
| oytis wrote:
| It may have something to do with the fact that in another
| rant the author complains about how HTTPS makes webmasters
| dependent on certificate-issuing bodies.
| DocTomoe wrote:
| And he is not wrong about that. The HTTPS/SSL
| infrastructure is byzantine and less concerned with
| actually encrypting information, but establishing trust
| that whoever you as the browser are communicating with is
| in fact the server that you expect them to be. This is not
| an easy problem to solve...
|
| For the longest time, this introduced the ecosystem to
| professional certification authorities, which are
| essentially profit-oriented organisations that gauged
| prices.
|
| Let's Encrypt made some of the situation slightly better,
| opening up small websites to encryption, but you are still
| dependent on an external CA and the goodwill of the browser
| manufacturer to distribute their root certificate with
| their browsers.
| oytis wrote:
| At least in Linux distributions it's up to the distro,
| not the browser. Not to say you can add your own root
| certificates you trust if you don't trust your distro.
| You have to trust someone eventually, that's for sure,
| nothing can be done here.
| dr_kiszonka wrote:
| Not sure if this is what the author had in mind, but Chrome OS
| has over 50% of edu market share. Effectively, a lot of kids in
| the US are forced to Google's products.
|
| (Yes, Chromebooks have many benefits. I know.)
|
| https://www.theinformation.com/articles/chromebooks-gain-sha...
| rfrey wrote:
| Alternatively, they want the NSA to obey the law, and for
| surveillance-for-profit business models to be forbidden.
| exporectomy wrote:
| And every other country's government to not spy on internet
| traffic crossing their borders. Good luck communicating with
| somebody in China. If you use TOR or a VPN or any kind of
| tunnel over some other service, they'll figure out what
| you're doing eventually even if they can't read the content.
| guyzero wrote:
| "surveillance-for-profit business models to be forbidden"
|
| Are you going to ban TV networks and credit card companies
| next? Grocery store loyalty programs? Practically every
| company these days collects about their users and customers.
| krageon wrote:
| I don't see why banning those things should be
| controversial or extreme in any way. Predatory business
| interests need to die.
| bmn__ wrote:
| In a just world -- where the basic human right of privacy
| counts as much as the basic human rights of free speech,
| free travel, free reproduction, not being tortured or
| enslaved etc. -- they would be forbidden. Let them figure
| out a way to be profitable without infringing.
|
| Unfortunately, the Americans, the Russians and the Chinese
| are against pervasive privacy and pay only lip service to
| the UDHR at best.
| Ensorceled wrote:
| Credit companies would do just fine if they couldn't sell
| your data. Loyalty programs don't need to sell your data,
| they existed before it was even possible. TV networks ...
| wait, how is broadcast TV even collecting your data.
|
| None of these businesses NEED to collect and sell your
| behavioural and demographic data to exist. TV and
| newspapers would probably start doing OK if precision
| targeted ads were not possible.
| oaiey wrote:
| Google how modern TV spies on what you view on your
| screen (not talking your Netflix App here ;))
| Ensorceled wrote:
| Right, I know the bullshit Samsung etc. is up to. How is
| broadast television doing it?
| guyzero wrote:
| Not broadcast per se but cable company set top boxes
| monitor your viewing habits and correlate them with your
| account which has a bunch of demographic data.
| Ensorceled wrote:
| Yeah, so not TV Networks (Fox,NBC,ABC,...) but
| Comcast/AT&T etc.
| ocdtrekkie wrote:
| Yeah, I think the parent started with some good concepts like
| "a computer I own" and "not being spied on", but then missed
| the lack of relation between the two.
|
| You can have a computer that does not connect to the Internet,
| or connects to the Internet very little, or only connects to
| the Internet through specific communication channels you open
| in a firewall. That's all very attainable.
|
| However, as soon as you communicate with third parties, be it
| your ISP, a cloud provider, or your end communication partner,
| you are potentially sharing with more than you intend. It's a
| "the only way to keep a secret between three people is if two
| of them are dead" problem. You can't control what other people
| choose to share.
| JKCalhoun wrote:
| I'll go further: when have you _ever_ been able to
| communicate with guaranteed privacy?
|
| Telephone? Nope.
|
| Ham radio? Nope.
|
| Letters sent through the mail? Nope.
| m463 wrote:
| By turning off the radio, sitting in the pod and talking
| about HAL behind his back.
| TheRealDunkirk wrote:
| And, as we know full-well, this makes HAL angry and
| petulant.
| dredmorbius wrote:
| Postal mail and telephone were ... _relatively_ secure,
| inasmuch as that bulk surveillance was _expensive_.
|
| Wiredtapping and postal interception, as well as metadata
| (pen-trace and postal covers) are possible, but scale
| poorly when individual lines must be listened to by
| individual agents, or individual letters carefully opened
| and resealed.
|
| Digital permits surveillance at mass scale. It seems
| ultimately a fundamental property of the medium, less a bug
| than simply a feature.
|
| There is also a fairly robust tradition of privacy in
| postal mail (in most countries), and after some false
| starts, eventually applied to telephony, at least in
| theory. The situation for email is far less evolved.
|
| These days, if you do want secure communications, postal
| probably offers some real benefits. I'm somewhat surprised
| that postal remailing services (send an outer message to a
| central point who deposits the enclosed prepaid inner
| envelope(s) to final destination(s)) isn't a thing, or at
| least not one that has any appreciable awareness.
|
| The capabilities of voice-to-text and handwriting / optical
| character recognition make the viability of intercepting
| virtually any spoken conversation, or any _observed_
| written communication, quite high. The costs are much
| greater than with straight machine-readable character text
| (ASCII/UTF-8/Unicode), but pretty tractable.
|
| My view is increasingly that privacy is an emergent
| phenomenon responding to ever-increasing surveillance and
| observation capabilities. The modern discussion began in
| the 1890s (Warren & Brandeis:
| https://www.cs.cornell.edu/~shmat/courses/cs5436/warren-
| bran...), as technologically-mediated intrusions were
| increasing greatly in capability. Though what the end-game
| is I do not know.
| DocTomoe wrote:
| I would argue that postal remailing exposes the remailer
| to legal risk, and (if done with few remailers) gives the
| surveillers few points of particularly interesting mail
| hubs.
|
| If anything, postal remailing would probably only work in
| a TOR-like manner, with many, distributed, non-for-profit
| remailers - but that opens a whole set of new problems,
| like who pays for the service, what prevents the remailer
| to just take the delivery for themselves (as undoubtedly
| such a service would be used to remail illicit substances
| and other valuables), and how would such a network of
| legitimate, trustworthy remailers know each other to do
| some tunnelling?
| Hani1337 wrote:
| pgp, 2fa, tails os. what more do you want?
| ROARosen wrote:
| Letters sent with homing pigeons were mostly private...
| JKCalhoun wrote:
| I guess The Man is why homing pigeons are extinct now.
| TeMPOraL wrote:
| But a pidgeon leaves a trail of metadata on the ground as
| it carries your message, so this communication channel is
| still vulnerable to bulk network analysis by some
| Advanced Persistent Threat.
| dredmorbius wrote:
| Alternatively, you can just whitewash that threat vector
| away.
| etiam wrote:
| If it wasn't for the fact that it'd be tax funded I'd
| love to see them try bulk collection of that.
| theshrike79 wrote:
| Trained Peregrine Falcon: Hold my beer.
| JasonFruit wrote:
| Typical: we started with a technical problem, and started
| bikeshedding it, so now we have drunk falcons.
| dredmorbius wrote:
| That'll give you a denial-of-pigeon attack, but does it
| really risk interception?
| osobo wrote:
| Pigeon: ...
| Black101 wrote:
| > You don't want Microsoft to be involved
|
| Microsoft works closely with Intel... I wonder if they might
| have access to the invisible OS running on your PC... (Linux
| would not disable that)
| oaiey wrote:
| Why would Microsoft rely on a third party when they have a
| whole platform above it?
|
| And Intel platform is no secret anymore. It is inspected as
| is Microsoft's behavior.
| Black101 wrote:
| If you replace Windows with Linux, they need another point
| of entry.
| mixmastamyk wrote:
| I've heard it based on Minix, believe it or not.
| xchip wrote:
| yeah, I hate Windows 10 making all those https requests on the
| background sending who knows what to who knows where.
| ubermonkey wrote:
| Under-acknowledged here is the relationship between the networks
| that make our devices useful and the increased homogenization of
| the devices themselves.
|
| When I last truly owned my computer, connectivity (if it existed)
| was via dial-up.
|
| The other thing I'd note is that we have more and better ways to
| communicate securely today than ever before. In the world I grew
| up in, we had phones, and Ma Bell knew who you called and how
| long you talked, and possibly even what you talked about. There
| was no real privacy or encryption possible; we all just pretended
| like those calls were private.
|
| Private communication is possible now on Windows, Linux, Mac,
| iOS, Android, and I assume ChromeOS, right?
| jay_kyburz wrote:
| I want to live in Utopia too, but in the meantime I'm happy with
| Linux.
| ARandomerDude wrote:
| Exactly. Utopia (ou topos) literally means "nowhere" or "no
| [such] place" in Greek.
|
| https://www.etymonline.com/word/utopia
| Koshkin wrote:
| Most people are happy with Windows. (Nothing wrong with feeling
| happy.)
| bmn__ wrote:
| There's something wrong, though, when the feeling is based on
| ignorance. Hardly anyone knows about constantly being spied
| on by strangers in foreign countries, or that it is not
| normal that the product one dearly paid for shows
| advertisements, or that it restricts one's basic freedoms of
| using the product for any purpose, and studying and changing
| it.
|
| I liken the happy Windows useds to the people held captive in
| Plato's cave: if they knew about the sun-lit real world, they
| would realise their misery. We the enlightened have a moral
| duty and should strive to educate and unshackle them.
| peanut_worm wrote:
| This article made me look into Intel ME and AMD PSP. Kind of
| concerning to have a black box in my PC that could be doing
| pretty much anything.
| geff82 wrote:
| Wouldn't a Thinkpad with Linux or BSD be what the writer wants?
___________________________________________________________________
(page generated 2021-03-09 23:02 UTC)