What I like about your comment is that it points out that all technical work-arounds are moot if people as a whole are not willing to stand up with pitchforks and torches to defend their freedoms. It will always come down to that. A handful of tech-savvy users with rooted devices and open-source software will not make a difference to the giant crushing machine that is the system.

And I'm afraid most of us are part of the system, rage-clicking away most of our days, distracted, jaded perhaps, like it historically has always been.

My parents are getting old and they aren't tech savvy. The missing piece here is that I want my parents to have a computer they can safely do their banking on, without leaving them vulnerable to scams and viruses and the like. I like that they have iphones. Doing internet banking on their phone is safer than doing it on their desktop computer. Why is that?

The reason is that the desktop PC security model is deeply flawed. In modern desktop operating systems, we protect user A from user B. But any program running on my computer is - for some reason - completely trusted with my data. Any program I run is allowed to silently edit, delete or steal anything I own. Unless you install special software, you can't even tell if any of this is happening. This makes every transitive dependency of every program on your computer a potential attack vector.

I want computers to be hackable. But I don't also want my computer to be able to be hacked so easily. Right now, I have to choose between doing banking on my (maybe - hopefully - safe) computer. Or doing banking on my definitely safe iphone. What a horrible choice.

Personally I think we need to start making computers that provide the best of both worlds. I want much more control over what code can do on my computer. I also want programs to be able to run in a safe, sandboxed way. But I should be the one in charge of that sandbox. Not Google. Definitely not Apple. But there's currently no desktop environment that provides that ability.

I think the argument against locked down computers (like iphones and androids) would be a lot stronger if linux & friends provided a real alternative that was both safe and secure. If big companies are the only ones which provide a safe computing experience, we're asking for trouble.

This is the crux of the matter.

Maybe conceptually you will be able to run some kind of open operating system with your own code, but it will be unable to access software or services provided by corporate or governmental entities.

This has been obvious for some time, and as soon as passkeys started popping up the endgame became clear.

Pleading to the government definitely can't save us now though, because they want the control just as much as the corporations do.

> However all of these things are not technical

You understand it, but even in this thread you have people proposing solutions like switching from traditional banking to bitcoin, stoping using Netflix and starting torrenting again etc.

Tech crowd always tries to solve non-technical problems through technical means, and this is why I don't have much hope.

Joining all the other comments agreeing completely with this take.

I think it's worth adding that this is fundamental enough to not just be a tech issue. There's a strong legal framework in almost all developed companies for regulating companies where acting in their self interest harms the consumer interest. Without which, lots of things we take for granted (electrical safety certification, usb c, splits between serviceand investment banking).

I think the key thing that's missing at the moment is that the types of restrictions OP is mentioning (DRM, blocking encryption) harm both consumer rights and economic development.

That's an argument that needs to come from people knowledgable about both the indistry, and the technology. Like a lot of the people reading this post.

You could just not watch Netflix. Most of the content is kind of crap anyway, low effort filler. And the streaming services have trouble even licensing third-party content at all unless they have robust copy protection. That may be stupid because it drives more consumers to privacy but copyright holders are free to negotiate any licensing terms they want.

There’s a scenario where this does work: you can install any operating system on the hardware you own, if you complete a “erase all content and settings” dire scary confirmation screen.

- If you want to run something other than iPadOS or Google TV, go for it. (Smart TVs are just tablets with a don’t-touch screen.)

- If you want to install spyware on someone’s phone, you can’t; the HSM keys held by their OS are lost when you try to install a patched version and restore from a backup, and their backup doesn’t restore properly because half of it depends on the HSM or the cloud and everything is tagged with the old OS’s signature.

- If you want to patch macOS and then deploy it to your fleet, you can; it won’t be Signed By Apple but you’re an enterprise and don’t care about the small losses of functionality from that.

- If you want to dual boot, go ahead; the issues with the HSMs not permitting you to host two OSes worth of partitioned keystones can be resolved by regulatory pressure.

This satisfies all the terms of “let me install whatever I want”, while allowing the OG App Store to continue operating in Safe Mode for everyday users in a way that can’t be entrapped without the scammer on the phone telling them to delete everything, which destroys the data the scammer wants.

My car already allows me to do this. My phone should too.

There is also the possibility that without a [paid] curator (the vendor, like Google or Apple) we can't have security for how do we ascertain provenance? You might not buy that argument, but the vendor will make it, and it will resonate with the public and/or the politicians.

Establishing trust with hardware, firmware, and operating system software is currently an intractable problem. Besides the halting problem and the reflections on trusting trust problem (i.e., supply chain problems) the sheer size of these codebases and object code (since you'll need to confirm that the object code is not altered as in the reflections on trusting trust paper) is just too big for the public to be able to understand it. Sure, maybe we could use AI to review all of this, but... that's expensive if every person has to do it, and... that's got a bootstrapping problem.

Basically the walled garden is unlikely to go away anytime soon. It would be easier to change the rules politically to do things like reduce transaction fees, but truly allowing the wide public to run anything they want seems difficult not just politically but technically, because the technical problems will lead to political ones.

I wouldn’t be totally opposed to having some sort of totally locked down device that I was just used for banking. The bank could even sell them or give them away with the account (doesn’t need high performance).

Another though; if we were actually able to pass laws that helped people, one that I’d like to see would be: for a totally locked down proprietary device, everything done with it should be the legal liability of the vendor. If your bank account gets broken into via the device, you can’t audit what happened, you couldn’t have have broken it, so it ought to be their responsibility.

>It doesn't work. Everything from banks to Netflix and others are slowly edging out anything where they can't fully verify the chain of control to an entity they can have a legal or contractual relationship with.

Theres nothing stopping a hardware vendor from being able to delete the system installed keys/certificates, breaking trust to allow you to install your own. Sure netflix might not like it but you still have the right to run your own code and netflix has the right not to trust your OS.

>Governments shouldn't be able to prevent me from end to end encrypting things.

Agreed.

I think you're right but I'd say it even more generally: we just can't let companies get so big that they can do these things without facing pushback and competition from other entities.

While you have a point there is another aspect to this: If our current situation were already different, netflix and banks would not be able to pull these things in the first place.

E.g. if using open free platforms was already the norm, netflix requiring a verified OS would just result in netflix becoming unusable for most people rather than just killing a couple edgecases used by a relatively small number of people. And so it would no longer be in their financial interest. It's why we've had desktops for so long without this happening, although the pieces are finally being put in place to make it a reality.

I agree, but your points becomes stronger when you leave Netflix away. Netflix is a private entertainment company, and when I don't like their conditions I can always quit.

Banks on the other hand have so much more control over my life. With their apps being locked to the two major mobile OS I have many hoops to go through when I want to use an alternative one. It's not impossible yet, but it becomes very cumbersome to do so.

We need an open web, with open principles and to prevent any commercial enterprise from dominating our social / tech sphere via monopolisation or methods of proprietary control.

This isn't a surprise. A vocal minority have been saying the same ad infinitum.

The need hasn't changed, and won't change; however there's a strong likelihood we'll get to a point where action isn't possible because we've passed the point of no return.

We need legislation mandating that all hardware[a] have at least one fully-functional[b] open source driver for any operating system[c]. And that any device with a microprocessor with writable memory permit custom software to be run on it.

[a] whether that's a single device like a fingerprint scanner, or a device like a phone or tablet

[b] no crippled or low-performance open source driver

[c] any OS, including Windows, Mac, Linux, BSD, or some obscure minor OS as long as such OS is readily available for free or for a reasonable price

I agree with your point. And meanwhile in Korea (according to article I've read) to use any bank's website you have to install a spy software in your PC. It looks like every major service vendor is organising a crawling subversion against their users and they really count we won't notice.

One of the articles: https://palant.info/2023/01/02/south-koreas-online-security-...

I'm attempting to revive/create a streaming service to compete with Netflix et al. without any DRM. This would leverage physical media to eliminate requirements from copyright holders about how you might access something you actually own. There are challenges, and I'm almost certain to be sued, but it's a fight I believe is needed.

They do not benefit from having control, they risk if they don't. This is fundamental.

I do love freedom but such freedom will come with a disclaimer. You do want to use a bank app unsigned and you do not want the bank to check your latest SIM card replacement. You understand and assess the risk and will not discriminate the bank for any loss occurred. Same with Netflix and piracy.

This is fair.

This is a sad reality. I see 2 paths forward 1) we somehow build the right layers into the internet that we can withstand open hardware. 2) open hardware running any software becomes an education use and hobbyist market only. I could see an edu slice to every corporate entity deploying open and free stuff just as onboarding to paid. Hackable hardware with kiddyflix.

It is of high financial interest of Netflix. I killed my subscription because they couldn't support my sensibly configured browser.

I often recommend people to kill their subscription as well because of this fact. Netflix just isn't oriented to improve their service for their users and it shows.

It won't hit any of their KPI or metrics, but their shitty behavior has a real effect. That said, most other alternatives suck as well. Killed Paramount almost immediately, can't remember why I left Disney. I think there were similar issues.

Perhaps we should pick a page from the example of radio and force all video content to be openly reproducible for a forced flat fee.

> Netflix shouldn't be able to insist on a particular type of DRM for me to receive their service.

Maybe it’s just a bad example, but why would this be true? As a private company delivering entertainment, they can have any restrictions they want as a condition to selling to you.

How feasible is it currently (I never tried as I don't want or need it yet) to run Android under Linux for your banking/gov apps? I can accessibility tooling to control them, so only in those cases, I could communicate with the android layer. I don't care about Netflix etc (I know many people do) but I must he able to login to banking and gov.

> Everything from banks to Netflix and others

I have unlocked bootloader. That's it, I don't even have enabled root account. One app refuses to work anyway: McDonald’s. I actually can't decide if it is more funny or scary.

Maybe we must find individual solutions to each controlling application? Replace netflix with bittorrent, replace banks with bitcoin, etc?

Arguing doesn’t work for principles.

This is ultimately a form of collusion and anti-competitive behaviour - practices that we prohibit in other scenarios because we consider them harmful to our society. It's obvious why some large organisations would like more control over our lives. It's not obvious why we should let them have it.

Unfortunately for now it seems our representatives are letting them have it so personally I'm rooting for a snake-eating-its-tail moment as a result of Windows 10 losing support. There will inevitably be erosion of security and support for applications on Windows 10 once Microsoft declares it yesterday's OS - as we've seen with past versions of Windows. This time there is the added complication that a lot of perfectly good hardware can't run Windows 11 - largely because of the TPM/verification issue we're discussing.

So probably a lot of people who haven't moved to 11 yet aren't going to unless their current computer breaks and they get 11 by default when they buy a replacement. If the charts are correct then 11 only recently overtook 10 in user numbers. After all this time and despite all the pressure from Microsoft and the imminent EOL of Windows 10 over 40% of Windows users are still running that version. (https://gs.statcounter.com/os-version-market-share/windows/d...) So how exactly do the big organisations that want to control the client plan to deal with that over the next few years?

Unfortunately unless there is also some sort of intervention to deal with the collusion and market manipulation by vested interests I doubt enough Windows 10 refugees will jump to open platforms when their current devices fail for those open platforms to reach a critical mass of users. If five years from now Windows 10 user levels are negligible and almost all of the former users are now on Windows 11+ by default then the controlled client side probably wins effectively forever. I think it would take something dramatic happening that increased the desktop market share of open alternatives like Linux to say 10+% to avoid this fate. The only likely source of that drama I can see is if Valve's support for gaming on Linux encourages significant numbers of home users to switch and then general public awareness that you don't have to run Windows or macOS increases.

Really not a libertarian, but why shouldn’t Netflix have the right to choose who they distribute content to? They negotiated conditions with the creators, why shouldn’t they be able to specify the DRM? No one is forcing you to subscribe to Netflix. Or even to buy an iPad.

I prefer to live in a society where adults are free to come to their own arrangements with other adults. Not one where those with a penchant for authoritarianism set terms for others.

Sometimes this system may have warts like not getting to watch Netflix on your Switch, but that seems like a small price to pay for respecting individual autonomy.

> This is why it's so important to defend the real principles here not just the technical artefacts of them.

You're not wrong, but technical artefacts can be an important step in the right direction. I came to my bank, showed them my Librem 5 phone and asked where I can download an app for it. It was a much clearer message than "but Android isn't free!" (which is of course true). I do the same with governmental services. It also makes it much easier to explain to ordinary people that the choice must not be artificially restricted to just two megacorps.

Let’s say we do all that. How do you explain to a common layperson exactly what has been achieved? What is the ultimate benefit?

Right, so "defend" does a lot of lifting in there.

What are you prepared to do to reverse the contemporary tide of tyranny? What have you done to make those in power afraid to move forward with policy founded in loathing of humanity?

I'm going to get wild-eyed now but you can blame Google for that as they're the ones who just announced they'll retroactively ban me from installing software on the computer I bought and own.

I don't think you can really solve this problem as long as there's an operating system monopoly, or even duopoly/triopoly. The lure of total control is just too great. Every operating system vendor, hell every intellectual property vendor will always dream of it. A company that becomes powerful enough to put chains on its users will do so.

From the British Raj to Standard Oil to IBM and Microsoft, monopolies are some of the most powerful forces in history. There is a case to be made that we were on a similar path with Microsoft until a combination of the Internet and a half-assed but not completely ineffective anti-trust campaign made them hit the brakes, for a while.

I think that the solution is to highlight the abuses perpetrated by the biggest tech giants specifically, and advocate for radical government action on multiple levels. #1 to break up these companies. #2, to shackle them and anyone who gets as large as them so that they can't do anything like this again. #3, publicly fund the development of competing, open operating systems.

If you are a US citizen then #1 and #2 are the more realistic paths and you should be watching the various anti-trust cases against Big Tech like a hawk, the celebrity du jour is really Amit Mehta who is scheduled to release his Google remedies any day now. You need to make it clear to your representatives that this is your top issue at the ballot box. We need a second American Progressive Era that's seasoned with digital rights and anti-megacorp sentiment and with "doomscroll" and "Luigi" having entered the vernacular I think we could be closer than many here believe.

If you are an EU or Chinese citizen you should support the development and adoption in those polities of alternative, Linux-based operating systems. In the way the South Korean government specifically encouraged the growth of Samsung into a company with a global footprint, you should do that for local companies which develop OSes that compete with Apple and Google's. These geographies fundamentally can't do much to influence the American legal system so they should instead lean into public sentiment around nationalism and sovereignty and tie these to software freedom because that is likely the only elemental, emotional force that will capture enough public attention and support. Use state-scale resources to create competition for the American tech giants and establish a balance of power, because they are assuredly your enemies at this point.

And lastly for the ten millionth time I'll say it - Stallman predicted this. He saw it all coming. He warned us. He told us what would happen and what we needed to do. It's time to listen and to think big.

> Everything from banks to Netflix and others are slowly edging out anything where they can't fully verify the chain of control to an entity they can have a legal or contractual relationship with.

We need to make that illegal. Classify it as discrimination. They should be obligated to treat any client that tries to connect the same as they would treat their own software. Anything else is illegal discrimination against users, a crime comparable to racial discrimination.

Anything short of this means they've won. Everything the word "hacker" ever stood for will be destroyed. Throw all FOSS into the trash. None of it matters anymore. What's the point of free software that we can't run? That can't actually do anything useful because it fails remote attestation? Completely useless.

So you want the “freedom” of being able to run the hardware you want. But you don’t think Netflix should have the “freedom” to decide where there software should run?

You don’t have the right to other people’s content - especially for rental content in the case of Netflix.

Even if you don’t agree with that, do you really think that Google should allow Google Wallet run on hardware where they can’t verify the security? No one in the payment chain would trust Android devices. Credit card terminals and every one else has to fall under compliance regulations.

The banks are liable for fraud. Are you okay to say if use unverified hardware to use banking services they aren’t liable for any losses?

I mean you’re right but it seems like the equilibrium we’re heading towards is one where the opposite is true and our internet and society looks more like China’s. Principles unfortunately mean little in the face of societal and technological change, the only thing that matters is the resulting incentives.

[dead]