This rather heavily begs the question what do we mean by "freedom"?
We don't mean anonymity. Acting in secret is not freedom - acting openly and not being persecuted or prosecuted is freedom.
The solution is what it is in real offline life. A regulated legal framework that allows most and limits little, a open dynamic culture that accepts diversity and constant change.
If we are worried that digital freedom will be taken from us, without anyone noticing, we should be worried about all our freedoms - and the solutions are still the same - democracy, voting, making a noise, agitating our neighbours.
It’s an important question because “digital freedom” tends to be code for “I want the Internet like how it was when I was younger”, and then throw in some stuff about jailbreaking iPhones or whatever for good measure.
I want to be able to use the Os I want on the computer I want, with the browser I want to be able to connect to my bank and my government websites.
As banks and governments move critical parts of their working online, it becomes harder to not use their online tools. If I'm not free to use the tools I want to do so, my freedoms were infringed.
I want to not have to worry about a government 30 years from now being able to quickly and quietly make unmonitored person-to-person communication illegal. There should be a whole bunch of difficult and complicated steps involved if they don't want to just shut down half their IT.
To expand on your idea to compare with the "real offline life"... While anonymity should not need to be a top-priority goal in and of itself, you also don't see people running around with their id-cards taped to their foreheads for easy access.
I mean my face is of course my fortune, but it is also my username. A frankly it's a username I have been using a lot longer than 'lifeisstillgood'.
my analogy is that one upon a time we were all walking dow the street in Victoria London during one of Sherlock Holmes "peasoupers". Only people who got up close to you could see what you were doing and even reognise you. But technology has cleaned up the air. Now anyone can see from who knows how far away. The privacy we thought we had because of the peasouper is revealed to be a mirage, we were always walking around naked, it just was harder to see.
We can simply accept this, or far more likely find a cultural consensus. Privacy can be violated for the public good (hunting offenders, medical epidemiologists etc), but otherwise you are not allowed to use the knowledge you have to exploit or influence. No adverts based on prior activity, no Cambridge Analytica creating ads just for you.
We are heading there. That Facebook and amazon more or less publish every ad campaign is incredible - imagine trying to persuade parliaments in 50 countries to pass that sort of legislation.
We are a long way from that "cultural consensus". We will probably get halfway there in the grey areas - like facebook deciding to publish all ads. The British politician Nick Clegg is likely able to make more influence globally at Facebook than if he became PM.
But we are in the culture wars, and we need to fight. The law, the application of the law - these matter online and offline.
So vote. And vote in primaries too because that shapes so much.
(Weird idea - Oz has compulsory voting to ensure votes reflect "everyone". What if we had compulsory political party membership so that parties and primaries reflected the population ...)
> vote in primaries too because that shapes so much.
You are on the right track to influence who is on the ballot for a particular party. Last time in PA the Rs put up the Dr Oz with lukewarm conservative values. The R voters in PA were so underwhelmed that the D with literal brain damage was elected.
Also, States with a caucus process give people who show up to caucus enormous influence of which names the party will put on the ballot.
> What if we had compulsory political party membership so that parties and primaries reflected the population
We could allow for more representative government in the federal House of Representatives by allowing the House to expand with population, as was written in the Constitution. The census was to count the people to expand the House to track population growth.
There's a huge burden on individuals to prove that another organization is using data to persecute them and the definitions or persecution. Before GDPR did you know how vast the network of 3rd parties handling your data was? I didn't!
Without this, the next best thing is anonymity which is simpler to enforce and covers future eventualities.
>The solution is what it is in real offline life. A regulated legal framework that allows most and limits little, a open dynamic culture that accepts diversity and constant change.
The real offline life where people can be punished in the US for aiding abortions? Or where homosexuality is illegal in many countries? Or where people conflate a mental disorder (paedophilia) with a criminal act (child sex abuse) (intentionally edgy example to highlight the edge of what's acceptable).
>and the solutions are still the same - democracy, voting, making a noise, agitating our neighbours.
This is good advice for the Belarusians with bloodied faces and no change. Or the million people who marched against the Invasion of Iraq.
We have many offline problems - yes abortion is now more or less illegal in the US. You know what chnaged that? voting. You know what can change it back. Democracy. A VPN won't. Democracy will.
Double down on democracy. It's hard complicated and messy. But there are no silver bullets.
Look Brexit was shit. But it was democratic shit. 20 million people did not get tricked by their Facebook feeds. Hell 20 million people did not get mind controlled by Nigel Farage's "I'm just sayin" approach.
20 million people were asked "the country is run by thousands of highly educated,
slightly patronising, articulate, over-achieving technocrats who want the best for everyone and frequently find the laws of unintended consequences bite and have not yet worked out that not everyone lives in leafy surrey. Do these people annoy you? vote now"
Oh hell I don't know why 20 million people voted for economic and cultural self harm. Because we aren't sharing out the wealth properly I guess. But it was not because "we were tricked". It's because "we refuse to accept the model of how the world works thet you are operating on and want to use ours. The democratic version of Adam Savages "I reject your reality and substitute my own"
The problem is without an agreed reality to substitute everyone put in their favourite untested political world view.
Yes you are immune to the efforts of a trillion dollar industry that has spent the best pet of a century working out exactly how to manipulate you without you even knowing.
> We don't mean anonymity. Acting in secret is not freedom - acting openly and not being persecuted or prosecuted is freedom.
So, if I openly state that I do not acquiesce to any government (all external force is immoral imo) - does that mean I am now free, and no longer subject to its laws, pay taxes, etc?
So, I don't think your definition of freedom cuts it. Any answer that assumes 'government' as part of the answer, and justifies acting with force against others, has to be wrong (immoral).
Far better to follow the golden rule:
Do not treat others in ways that you would not like to be treated
I'm sorry but I maybe feeling "off" today, but we should all be beyond kindergarten political philosophy. Anarchy is what it sounds like - awful and not some middle class libertarian utopia.
Yes we need government. And these days we need government to roll up its sleeves and be government. We know you cannot arrange the bread delivery for London through one department but you can force privatised water companies to invest before dividends over periods of decades.
You're not feeling off. You simply don't understand that basic morality means that you cannot force others to do what you think is right for them to do. You want to find a way to get others to do what you want. This is immoral - you do not want others to have or exercise their freewill. And you want to use other people to force your opinions via police, legal system, etc on others.
Put simply you think anarchy is a political philosophy. Whereas anarchy is a moral position - it advocates for free association with others - ie no force.
The fact is that it is not morally acceptable to force others to do what you would like them to do, if they are not harming you. You wouldn't force your neighbour/friends/family to do what you say, if they are not harming you. But you consent to government using immoral force to get others to do what you want (steal money, enforce certain behaviour, etc, etc). In fact you think we need something like a dictatorship to wield even more force even more overtly. I think you will get your desire, unfortunately, as most people agree with you.
Nah. I want to rule the world of course. But I would far rather setup a system of democracy to rule the world with everyone else than let some other bugger be king instead of me.
And I believe in actual government - government that builds roads to deliver food on, government that agrees ways to make researchers to discover medicines and hospitals and nurses to inject them, and governments that force companies to label their food with their ingredients (or their ISP adverts with their fees). I call this real government. not the arguing fools on TV. We can argue how much much of it is too much. We are. But I refuse utterly that "doing real government" is immoral, that any attempt to agree common standards is tyranny.
I believe that the real moral failing is to chip away at real government so
much that services collapse and harm is done to real people. We can look at failed states like Niger or Haiti in horror, but we can also look at the mismatched life expectancy across our own rich countries and ask why?
I reject the idea that we can roll back government so much we can lose driving licenses and just be more careful out there, that we can ignore food safety standards and just look at the restaurant kitchen carefully. I reject libertarianism because it knows as much about the real world as central command economics.
I want government run on empirical data with justice and equality at its heart.
I am happy to accept the grey areas, will stand up for democracy will argue we can always do better. But buggered if it's because I secretly yearn to control your life.
> I want government run on empirical data with justice and equality at its heart.
You're asking for technocracy, and this is what is lined up already - you might wonder whether you are being engineered. All those cameras, smart phones, smart meters, legislation, facial recognition, etc - this is to allow micro-management at the most granular level. It's all quite far from freedom indeed, which is where this conversation started. The global governance structure is already fascistic (corporation and the state work together). I'm not a fan of the forced tyranny that's in store for us - once we've got it, I suspect you'll change your mind too.
I am asking for science. That before we decide if we want to teach phonics at school we guinea pig a few thousand to see if it meets some p-value.
Is that technocracy? Maybe. Is it something easy to explain - yes. Is it something for some reason is not explained fully and at length? Yes oddly it's not.
Oh for heavens sake. There are 192 different governments (at least) on this globe and they lie along a spectrum. what we have now (I kinda assume USA) is up and to the right on this spectrum (ie some definition of good, free, whatever is up and right). my utopian government is further up and right but anyone living in any of those 192 places will benefit from their government going more up and right, freer, better, more open whatever.
So yeah i think there are things a real government does and does not do. That is not utopian, it's not naive. it's here and now and rooted in practical real world examples.
Whatever you or I dislike about the governments we live under, we are incredibly fortunate to live in democracies- where we can force the buggers up and to the right. Make them more utopian more free more open.
> Whatever you or I dislike about the governments we live under, we are incredibly fortunate to live in democracies
We don't live in democracies. At best we live in a 'representative democracy'. These are not the same thing, at all.
Representative democracy is where (if we vote) we choose 1 person every 5 years to represent tens or hundreds of thousands of people, for thousands of votes. If the person you vote for does get in, but doesn't do what he said in their campaign, there is no negative outcome for them. The worst is that they will receive less votes next time, but even that unlikely to be based on their voting record, but on whether more people prefer blue or red this time.
But all that is itself moot, imo. I think we live in a not very covert fascist (corporate and state) regime - voting is simply a pressure release valve, when both red and blue are merely wings of the same bird.
> The fact is that it is not morally acceptable to force others to do what you would like them to do,
Plainly, most people disagree with you. They find it perfectly acceptable to force others to (not) do things.
> if they are not harming you.
The fact is that people do not agree what "harm" is.
To pick an obvious argument, many people oppose abortion under _all_ circumstances because they claim it harms the offspring and the mother, while many people support abortion under _all_ circumstances because they claim forcing a woman to carry to term harms the woman.
How do we handle situations where people disagree on the definition of "harm"?
No, we most certainly do mean anonymity is a basic part of digital freedom. The only way you could consistently argue that it's not necessary is to advocate prohibiting anyone, including individuals, treating you differently for anything you've said. Which is clearly impossible.
Your framing is really just right in line with the bog standard authoritarian pattern of redefining "true" freedom as something that can be comfortably tolerated and/or further chipped away at down the line.
Of course what you say (and do) affects how others perceive you. Just as Uncle Jim drunkenly announcing over Xmas dinner how that Hitler guy had a good plan will affect how everyone sees him in the morning, your twitter feed will have an effect on how your neighbours talk to you.
That's a good thing 99% of the time. Social strictures have been how humans managed society for thousands of years. It can lead to terrible things of course - but we like to think we have built systems of justice and governance to overcome them.
But suddenly making everyone invisible and able to speak and act without consequences seems a bad idea in the real world - i am not sure why it's a good idea online.
Well yes of course, your first paragraph was exactly my subpoint - declaring otherwise would be impossible.
From there it follows that it is indeed a proper freedom to be able to communicate while limiting the scope of who is privy to that communication, including limiting what can be attributed to some singular inescapable "identity". Saying that preventing this is "a good thing 99% of the time" is a baseless assertion. While this may appear similar to how social strictures have been managed for thousands of years - that's thousands of years of oppression of individuality and persecution for deviating from the herd. The West has overtly bucked that vein of collectivism, which I'd call progress.
Furthermore what you're invoking as some open-and-shut traditional state of affairs was anything but. Witness the concept of hearsay - where party B claims that party A has said something, ostensibly so that others will judge party A for it, but modulo B's reputation. Digital communications render hearsay moot - the default result of party B being able to prove to themselves that party A said something, is that party B can also prove to anyone that party A said that thing. Hence the need for the cryptographic property of repudiation, as the physics of digital information leaves no ambiguous middle ground.
I mean, all you need to do is make it so that it violates some kind of “integrity” protection on the device, after which banking apps, android wallet etc stop functioning.
Its enough incentive to kill third party app stores for the vast majority of people.
Staying within the letter of the law is pretty easy.
Knowing EU it could be altered to "Google removes the ability to install non-sanctioned alternative stores which don't have strict content filtering and anti-piracy policies, as per the EU directive" while preserving the (high) level of plausibility.
I don't think it's a values problem. The technical issues here are complex. Can you explain bootloader locking or remote attestation to your grandmother?
Personally I think a better approach is to push the phrase "right to recycle and repurpose" as much as possible. People get that. Everybody personally has seen the unsettling amount of e-waste that passes through their ownership and into a landfill somewhere.
Right to repair isn't enough, because these restrictions don't block you from keeping things working the way they did when you bought the device. Recycling and repurposing is something everybody can understand. It answers the question of "wait don't only evil hackers care about that?"
How does it follow though. Bootloader locking and remote attestation don't stop you recycling devices or even repurposing them. They stop you changing the OS stack to an unknown one and then using them for the exact same purposes as before. That's much harder to explain and it boils down to in most cases, people still in love with the idea that one day a hacker/grassroots OS may become popular. Which is fun for developers to imagine but has no relevance to any end users.
Anti-theft features aren't anything to do with remote attestation, and this feature does not stop recycling the devices, it just means that only Apple can recycle them. Which would likely be true anyway due to how integrated the components are.
> Anti-theft features aren't anything to do with remote attestation, and this feature does not stop recycling the devices
Activation Lock relies on a remote attestation mechanism. It will not unlock without a connection to Apple's servers and can't be bypassed on the device.
>it just means that only Apple can recycle them.
Which would be a problem
>Which would likely be true anyway due to how integrated the components are.
You don't need Apple to melt down gold
This is the core problem. A person should be able to refuse attempts once he understands the goal. The problem is not technology, but the obfuscation through it (and privacy policies, lobbying).
It's not enough for the majority of people to oppose a trend. There are plenty of issues where trends continue despite scattered opposition from the majority.
Widespread activism could make a difference. If it becomes a major point of contention in elections, that could make a difference. These don't happen 'by default' though.
The majority of the population lives in poverty. It's very-very difficult to have any values other than survival while poor. There's also very slim chance poor people to be educated. They work 12h/day at jobs where they can't even go to toilet. When would they have the time to read about a bootloader?
I wonder if you travel by plane, and if you voluntarily consent to the full body scans in European and USA airports? Or do you oppose it by opting out?
Which begs the question, what would a good investigation look like here? Why is this important? Who are the actors? How can we know their end goals and strategies? What things have happened in the past that we can predict will be attempted again in the future?
It would look like the familiar investigative journalism, studies, surveys, and actual source materials from the companies involved.
And it's important because without due diligence, you get snake oil, Rush Limbaugh, anti-vaxx, and other such bullshit from some rando's wild ravings that people just latch onto out of laziness and familiarity. Could you imagine if court cases were held by such standards? Or if elections could be overturned simply by a president's unsubstantiated assertions?
Private comms will stay private as long as you can install an illegal decentralized chat app that won't spy on you. Once you can't do that without losing bank account access on the device, most people simply won't install it and stick to monitored comms.
There is one interesting force acting against that though (or it would probably already have happened). It is the simple fact that most people that are competent enough to actually implement these things also understand the problems with doing so. For the most part anyway. If we could just agree to not do that... well, what are "they" going to do?
And of course: we owe it to the web to use Firefox. The Chrome clones are only stalling; not counteracting the impending monoculture even one bit. It doesn't matter how fancy their marketing is.
Yeah, chrome and google in general are the first in line to cause problems.
There are many browsers, many apps, many everything... you can switch whenever... but the DRM and attestation pushes with browsers (and mobile devices) means, that sure, you can use a different browser, but your bank, your streaming service, your newssite might not work unless you're using chrome with drm and hardware attestation. This is already true with many banking apps, where you cannot even start the app on a rooted phone, a phone with an unlocked bootloader or even just a phone that's "not on the list".
So yeah... google is the silent killer of the "free interet" and te world happily follows... sadly.
Then switch from these services while they are still only a few. Revenue is a language they understand. I never understood why anyone would even want a banking app though; there is nothing int can do that a website can't.
The browser war can at least still be won or settled; mainstream apps are a lost cause outside the legal arena.
Edit: and by switching i don't mean going to some tinfoil grayweb nonsense. Go to their direct competitor.
That same logic says you should not vote either.
If even some 10-20% of IT professionals (with salaries to match) up and leave for a less shit bank, trust me, they will care.
You assume there is a “less shit bank”. Not everywhere is like the USA with a wide choice of banks. In some countries the banking landscape has, through mergers, become limited to just a few choices, and they all require SafetyNet attestation for their phone apps.
"voting makes no difference" is one of those rules which apply really well to the individual, but if you apply them to a larger group of people, they become wrong.
> That same logic says you should not vote either.
Indeed.
> If even some 10-20% of IT professionals (with salaries to match) up and leave for a less shit bank, trust me, they will care.
That's an impossible number of people to coordinate on something like this, and even if, I doubt banks would care. There exist no less shit banks, and retail is a rounding error anyway.
Banks aren't shit because of incompetence or a not-give-a-damb attitude. They're shit because it makes them more money, both directly and by reducing risks.
You would be trading one kind of "shit" for a much more real and serious kind of shit - at the new bank, you'd either be more likely to get your account drained in ways that are hard to reverse, or you'd be forced back to using dedicated hardware smartcard readers of the type that were common before mobile apps became widely used (at least were common in Europe).
If your bank account gets drained and you'd made a big song and dance about how you selected that bank specifically because it had less security on its mobile app, well, nobody will have any sympathy for you.
If your bank is equally secure but uses dedicated hardware devices instead of smartcard readers, then all you did is swap one bit of secured hardware for another, making your life less convenient and in return for what?
A bank has to know it's communicating with the real human who owns the account and not a hacker. It's going to achieve that one way or another. You'd be much better off accepting the tech and finding ways to achieve your goals within it, like by setting up a project to maintain whitelists of known good/secure OS builds. You can then make libs that wrap SafetyNet and eliminate the false positives. Even if banks don't start using it anytime soon, other smaller companies might and it's a place to start. Of course the fact that virtually nobody cares about custom operating systems to begin with is the biggest hurdle you'd face, not the tech or business requirements, but that is partly on the OS developers. You can't complain nobody cares about if you're not giving anyone a reason to care.
You use the word “forced” like it’s a problem? I hated it when my bank got rid of a nice secure card reader (which required my physical card and pin).
If my phone breaks or is stolen, I can’t actually buy a replacement phone now, as that requires spending money, which requires 2FA which requires my phone.
I did, i use firefox for example, but with mobile phones, what's the alternative? Apple and its walled garden? And when filing my taxes only works via chrome, how do i switch countries easily? Move because of a browser limitation and leave everything behind?
Not that it is for everyone; but i have used Sailfish OS for just about 10 years, and it has been quite fine.
Any country that isn't a total sh*tshow will have accessibility regulations around that. Let the accessibility folks fight for you.
I think the problem with the revenue rhetoric is that these services are consumed by the general consumer and the people that read this discussion generally are only a neglibile size of that market segment. So, even if all HN readers affected and all wired reader, etc changed service due to this discussionit would still be a rounding error on that company's report sheet in the end.
> I never understood why anyone would even want a banking app though; there is nothing int can do that a website can't.
Some banks are phasing out code cards or SMS verification for 2FA, and the only way to get the second factor for logging into the online banking website on your computer, is to use the bank’s app on your phone.
Obviously other solutions could be implemented if the bank chose. But if the bank does not choose to implement those other options, and instead requires the use of their app, then that explains for the OP’s sake some of the interest in running the bank’s app instead of solely using the website.
>I never understood why anyone would even want a banking app though; there is nothing int can do that a website can't.
A mobile phone app can let users "deposit paper checks from home" without ever driving to the bank branch by taking a photo of the check with the smartphone camera. Last time I looked into it, a desktop website couldn't enable check deposits with a webcam. (EDIT: I don't mean technically not possible. I meant that the banks deliberately chose not to have the websites utilize desktop/laptop webcams as an alternative to smartphone apps.)
Smartphone bank apps also have "push notifications" to immediately alert you of suspicious activity on your account.
But if one never uses the extra features that smartphones bank apps enable, then yes, desktop bank websites can be seen as perfectly equivalent.
My credit union let me deposit checks via uploaded picture on browsers back around 2008ish. Don't get me wrong, I did this by taking a picture from my phone and emailing it to myself to upload - the smartphone UX simplifies that. But this is a trail long since blazed.
Yes, this is one of those things that banks will sell as an add-on because capitalism. Credit unions will either just not have their act together on it (i.e. they contract with a bad service provider) or will have all kinds of useful stuff like this for free.
I really want a general-membership credit union with stellar technology, but I haven't found one yet. Does your credit union by chance offer open membership?
Meanwhile most of the world hasn't used checks in 20+ years. Thank god for that.
But for completeness; browsers have been able to use cameras since before smartphones. So of course it can work just the same there.
"Suspicious activity" is such a bad strawman argument, i'm not sure how to address it.
"Just thought you'd want to know your money is gone, lol."
Either you do N+1 factor authentication for real, or you just shouldn't bother.
Browsers have had push notifications for quite some time now too... so even if it was a worthwhile feature, it doesn't need an app.
? Suspicious activity isn't about this. For instance my bank reports me when I get a double debit (e.g. go to a restaurant and get charged twice), when a regular expense increases (e.g. some monthly payment that suddenly goes up)...
The real use for notifications is to sell things or get paid for services in-person without cash. The notification provides certainty that you've been paid, so you can hand over the item/stop hanging around after the service waiting to be paid.
Of course, a bank should be able to send you a text on the service of your choice. But they won't.
>Meanwhile most of the world hasn't used checks in 20+ years.
True, but the key word you used is "most". E.g. My home insurance refunds an annual dividend back to me and their method to pay me is paper check. Not an electronic direct deposit, nor a VISA giftcard, nor even a "credit" that can be applied as a discount off year's premium. It's a paper check.
>So of course it _can_ work just the same there.
Sure but that's talking in hypotheticals. Today, I have the reality of a paper check to deal with and Bank of America and Chase websites do not have options to upload images of checks for deposit. (Chase does have a paper check scanner option that doesn't require mobile phones but that's only for commercial accounts: https://www.chase.com/business/banking/services/quick-deposi...)
>"Suspicious activity" is such a bad strawman argument, i'm not sure how to address it. "Just thought you'd want to know your money is gone, lol."
No, you misunderstand. The better banking smartphone apps will require interactive approval from you to allow a particular suspicious transaction to happen. This prevents your money from being gone. (Example screenshot: https://www2.bac-assets.com/online-banking/spa-assets/images...)
> Browsers have had push notifications for quite some time now too...
No, web push finally came to Safari in iOS 16.4 which was just a few months ago in April 2023.
From the tone of your reply, it seems like you'd rather be argumentative instead of acknowledging that bank apps have some extra features that's convenient for some users.
The paper check scanner from Chase also (last I looked) cost a few bucks and needs an app on the Windows PC to process the data. That hardware is only useful when you process 100s of checks (eg: grocery store).
Ditto. I must have spent 10 full minutes clicking all through my bank's website before I finally realized their phone app provided the only possible way I could make a Zelle transfer.
My HOA started mandating Zelle as the only way they will accept payments. So now it appears that I have no choice but to use a device that supports my bank's app if I want to avoid getting a lien put on my house.
> Does it not count as a debt, that they have to accept cash ("legal tender for all debts public and private") for?
Let me tell you how that tends to go down in the real world. The HOA doesn't have a physical office or anything. It's some random address and random suite. Maybe it's a document processing company or some other third-party processor. There's some non-trivial chance that some $15/hr kid who may or may not have been raised right is opening the envelopes and feeding the contents into a scanner.
So I stuff my HOA dues in cash in an envelope and then go down to the post office to stand in line and get it delivered certified with a return receipt. I get the return receipt. Then the HOA puts a lien on my house. I say, "But I made the payment on time!" Then they say, "Naw-uh." Then I say, "Sure I did, I sent it in cash and I have a return receipt." They say, "We have no idea what you're talking about."
<sad trombone>
> Or there should be the option of opening another account, at a less tyrannical institution, to use for those payments.
How can I find out which ones let me use Zelle through their website? I don't trust anyone I can find at a branch or on the phone to give me the correct answer, because chances are they all personally use the phone app and really have no idea. I guess I can start opening up random accounts with random banks until I find one that works. For now.
I think we're missing the point entirely by talking about cash and hopping around banks and all that. The point many people are trying to make here is that life is already being made unreasonably difficult for those of us choosing to use Libre computing platforms, and there's a plausible reality in the future where choices go from inconvenient to scant to nonexistent.
If you're in the US, write to the FTC and complain that this is discriminatory toward the disabled who may need special user agent accessibility features unavailable in Chrome.
If the ecosystem is based on open source software, the community will fork it like it always does when someone tries to control it.
You’ll end up with a fork of Chromium/Blink that doesn’t have WEI. And it will be used to surf web sites. While the official browser from Google would be used to access sites that require WEI attestations. Just like the Bank of America app would.
Corporate power in pushing Chrome for everything can be limited if we have open source alternatives. Look at Firefox and what it did to M$IE, which had the full power of Micro$oft behind it. That only happened because Netscape chose to OPEN SOURCE their code base. They couldn’t beat IE on their own, but the open source community could.
Well, that and WebKit, which was basically adopted by Apple (Microsoft’s competitor) from another open source browser, Konqueror! And that led to Chrome, Chromium and Blink etc.
In short — open source is the best way we can check corporate power on the software side.
On the hardware side, it’s far more difficult, and if the vendors choose to ban any “unapproved” apps (eg requiring Safari WebView rendering engine in all apps on non-jailbroken iPhones) then the best tool we have is government antitrust laws. Maybe one day, in that area too, open source hardware will be the people’s best weapon. But not today :-/
Sure, but if netflix, your bank, your power and water service, and a chat app, where 80% of your contacts are only support chrome, what will you do? Many banks already require hardware attestation from google for mobile apps and mandatory 2FA via that app is a pain on a rooted phone and workarounds are painful.
I mean sure, you can just not-use those services and not chat with everyone else, but that's a bad solution.
I used to think this way and even made a browser extension to facilitate it (Browser Routr). Yet increasingly one must use Chrome or deal with random breakage and failed purchases because web devs cannot be bothered to try anything not Chrome. Sometimes even Safari is broken.
The problem is Blink might just be too big for what little community exists to feasibly maintain it. If it is just a Chrome that doesn't work an select asinine sites, it isn't in a great position to catch on. And perhaps most important; the point is to have something viable before that even needs to happen.
Not if one doesn’t want to end up supporting Chromium in any way. Which one shouldn’t if they believe “chrome and google in general are the first in line to cause problems”.
On macOS, that leaves essentially Firefox and Safari. Except Firefox has no support for AppleScript so it’s excluded from a ton of useful automations and is thus not suitable as a daily driver for many people. So Safari remains. And Orion, which is also based on WebKit. Both are closed-source.
There are indeed many browsers if all you want to do is display webpages. But as soon as you have any hard requirement, be it ideological or technical, the choices drop dramatically. Unless you don’t mind supporting Google, that is.
It is the one Chrome fork that sees some development.
(Yes, of course the forkage was the other way). So while they do have a seat at the standards table, i can't say i see much potential (or results). They also don't offer it outside their own locked-down platform by the looks of it. I.e. they have permanently kneecapped their market-share to near-pointless levels.
It seems like Apple is intentionally dragging its feet in implementing new web standards in Safari (webusb, webgpu, webmidi, bluetooth, filesystem, etc) in order to keep native apps relevant (which is a big cash cow for Apple).
I think the ship has sailed for the web. Many apps don't even bother with making functional webapps any longer; the go to market are mobile apps for the censorship platforms.
The web lost. Now it's just a transport layer for mobile app API requests.
Apps shouldn’t be web apps anyway. Local-first apps should be the default, in the context of digital freedom. The only exception being self-hostable web apps.
You misunderstand.
The point is that online services now come with apps for no reason. Very few things are so local that what you say applies. Though those few definitely should be!
And as you are already on to, not all web apps are cloud. What can be on-device webpages (e.g. routers) should be.
I see your point, in the sense that local software is in theory more permanent, more reliable. But the issue is more subtle that you are describing. Is the local-first program* free software, or proprietary adware? Is its sole function to communicate with some particular company's API? What is better for digital freedom, the Reddit website or the official "Reddit app"?
If a company is going to be gating their API behind some proprietary shovelware anyway, I would rather they write it in a plaintext scripting language (JavaScript) that runs inside a free software virtual machine (Firefox) which lets me intercept and control it.
*Yes, "program". How I hate "apps". Perverse term.
You are right, we also need open protocols. With Usenet or IRC or email (or even Reddit and Twitter until recently), local apps are perfectly fine, because everyone can write their own client if they want. That gives you more freedom than being stuck with a proprietary web app.
How about the common person being able to host without having to sign up for a "business" plan. Lookin' at you Spectrum for not providing the capability to manage PTR records in DNS without an artificial barrier and rent-seek.
Companies continue to encroach on what should be basic freedom to do network management. It's entirely intentional; to the point that I've about accepted there's a high-level of society push to enact as many barriers to reasonable liberty as humanly possible, all in the name of "Public safety" or some other transparent on further examination excuse.
> And of course: we owe it to the web to use Firefox.
Mozilla is hanging tightly on the Google's tit though. It won't be shocking to see Firefox deteriorate rapidly should it start gaining ground on Chrome. He who pays the piper calls the tune.
On the other hand Firefox development could be paid with a small fraction of Mozilla's current budget. They are doing all kinds of un-/semi-related stuff. But of course, it remains to be seen if the organization could survive such a financial drought.
The point is that for the Firefox to gain more foothold Mozilla first needs to break the dependency on Google's money. And this won't happen without deep restructuring of the Mozilla corp, starting from the top and shedding all the blubber all the way down. The chances of that happening are next to zero. You can label that as "defeatist non-arguments" all you want, but that's a very unfortunate reality. Saying this as a die-hard Firefox user of almost 20 years.
Which, in this world, can happen. The part that irks me the most isn't so much that, but that Mozilla is more than happy to suckle at that teat and not change the current status quo.
Disagree. Money is a hell of a motivator. I know multiple people who say “yes my employer XYZ is doing horrible things. I’m at peace with it because they pay so well.”
> It is the simple fact that most people that are competent enough to actually implement these things also understand the problems with doing so. For the most part anyway. If we could just agree to not do that... well, what are "they" going to do?
Which is why we should shame every one of us that does do it.
> Which is why we should shame every one of us that does do it.
I don't tend to have the issues people are describing using Firefox for banking, paying bills, etc. And when I'm shopping for something at random and looking for the best price, if one site I've never heard of doesn't work (typically Cloudflare) I just go somewhere else. But Verizon reworked their back end within the last month, causing UBlock Origin to SCREAM (over 2000 blocked scripts and counting when all was done), although the real trick was spoofing as Chrome because until then only the page headers and footers would appear, not the body with the "Pay my bill" button. Opera was even worse, so somebody screwed up something badly! I was chatting with support all this time and they logged at least one ticket.
Thinking through the "public shaming" bit, if the issue reoccurs next month, I'm going to the Better Business Bureau. While they can't guarantee a resolution, it is a very simple way to publicly shame a company doing wrong.
Long term, I'm thinking we need to add "user agent" to the list of "protected classes", i.e. gender, race, sexual preference, etc. to really hammer the point home. While it's just a piece of software, there is a real person behind it. Bots need not apply. And from there perhaps a law or FTC rule to state that public web sites must be accessible by the public.
Just forget about that. If you don't, I'll take the google software engineer salary and build it.
The issue is not technological, it's a natural outcome of how people work on and individual, and on a societal level. Regulation is the closest that can affect this situation, but as it turns out, no large entity has the same goals as "the people" - hence, I'm not holding my breath. I am using Firefox and other FOSS software though, and contribute back what I can, donations, bug reports. It's a nice privilege.
We need a new philosophical movement for computer technology.
The Stallman movement failed because it was not practical for business applications. At the end of the day, coders & hardware manufacturers need to eat just like accountants, plumbers and doctors. Technology can't rely 100% on altruism.
What we need is something close to the Ethical standards of the Stallman movement, but also compatable with business owners.
These philosophical ethical standards should also be ingrained into VC culture & corporate culture.
The reason why Apple can propose to have something like CSAM, or Google banning someone account forever (Gmail, YouTube et al) because they had images of their naked daughter suffering from a skin disease (to be sent to the doctor).
The reason is that there is no ethical-philosophical compass guiding computer technology.
Tech Corporate MBAs only care about "playing it safe". I find them disgustingly spinless.
Until we have this ethical-philosophy developed, I only expect technology to used as a tool for manipulation and control.
Ideological(ish) movements don't succeed by converting everyone absolutely, they do it by changing the narrative in their direction. Stallman has absolutely done that.
But answering the “it failed”. Not really. It exists and is a choice on most license dropdowns and is a famous one.
People should really default to GPL rather than more permissive licenses and hot take… should also default to closed source. And make open source or non GPL a conscious choice.
The reason is GPL gives you more ability to commercialise since it gives you the copyright holder more of an edge over let’s say Amazon Inc who has decided to accept your license to bundle it with a cloud service and extend it. They are obliged to release their source code to their customers.
That Ballmer called it a cancer is a great accolade.
Close source as a default because it is a one way door publishing the code on the open web. So you are protecting your own interests. You owe the “open source community” nothing and should exploit your IP as much as anyone else, and use GPL to allow people to “fix the printer” if they need to.
> The reason is GPL gives you more ability to commercialise since it gives you the copyright holder more of an edge over let’s say Amazon Inc who has decided to accept your license to bundle it with a cloud service and extend it. They are obliged to release their source code to their customers.
Not if it's GPLv2 or non-AGPL - and even then what you're describing is the opposite of the underdog-moral-problem a lot of smaller cloud services or database/infrastructure providers are facing whereby Amazon (et al.) simply offers your product or service as their service, which is allowed by all versions of the GPL because Amazon doesn't care about the source-code: they care about charging a premium for access to a hot open-source project without contributing anything back to the actual project maintainers. That's (unfortunately) an argument for going closed-source, or at least having to reserve copyrights/licenses for operating the software as a service for another company.
I imagine it's like being Sherlocked by Apple, except Apple was using your work all-along.
It failed, yes. If you want to go wide you could argue that all open source is "the Stallman movement" but given Stallman's noted hostility to other approaches than his own, that seems too much.
The peak of GPLd software was in the late 90s/early 2000s and since then the base of GPLd code has shrivelled. I can't remember the last time I encountered a library or program in my work that was even LGPL licensed, let alone GPLd, with the exception of some very old programs like the Linux kernel and a few bits of the userspace (plus Java's weird GPL+exceptions thing). These days almost everything new is Apache licensed or similar. Just browse around GitHub for a while and see what I mean.
Also:
1. The Linux kernel, the last bastion of Stallmanist philosophy, in reality has succeeded by not actually enforcing the GPL thus treating it more like LGPL or Apache2 in practice. GPL violations are rampant and rarely does anything happen. They also very publicly refused to switch to GPL3.
2. The most popular Linux based OS is Android where Google rewrote the entire userspace specifically to avoid the GPL, and then also created their own driver layer, again, to avoid the GPL and the Linux approach to technical "enforcement" (constant API churn).
3. The most popular UNIX based desktop OS is built on FreeBSD despite losing technical features, specifically because Apple refused to countenance anything GPL or FSF connected. The few dependencies they started with (like gcc) were rewritten into new BSD-style licensed codebases like LLVM at vast expense.
In other words the people who actually build operating systems for a living avoid like the plague anything connected to Stallman's vision or strategy.
It seems likely that eventually the Linux kernel would also be replaced, certainly Google attempted this with Zircon, but whilst enforcement is so lax and technical workarounds so numerous there isn't much reason for doing so.
> I can't remember the last time I encountered a library or program in my work that was even LGPL licensed, let alone GPLd
I don't know what line of work you're in but this seems quite unlikely. GTK and Qt are both LGPL (and GNOME and Plasma are GPL). WebKit's JavaScript engine is LGPL. MySQL is GPL. Blender is GPL. Arduino is AGPL. GCC is GPL. Bash is GPLv3. It's hard for me to believe you use the Linux kernel without touching any of these.
GPL is wildly popular. It's losing ground, yes, and you correctly identify a primary reason why: commercial software companies correctly see it as a threat, and are fighting it in earnest now. It is a threat. It was designed to be a threat. The purpose of the GPL is to create a self-reinforcing free ecosystem that outcompetes the balkanized proprietary hellscape that preceded the free software movement. At this, it succeeded beyond any reasonable imagining.
A lot of the revolutionary spirit has left the free software movement. We are currently in the "good times create weak men" stage of the cycle. People who grew up in the garden of Eden created by the free software movement, who take it for granted that the popular web browsers are open source and Microsoft releases cross-platform IDEs that run on Linux, don't appreciate that the current state of affairs was wrought over decades by the kind of people who spelled it Micro$oft and were willing to tolerate their computers only half working in order to avoid proprietary software of any kind, on principle.
But make no mistake, we are still at war. The big corpos know it, even if they've managed to fling enough bread and circuses to fool some into thinking we're all one big happy family now. Giving up on the GPL is how they win, and we lose.
I don't use GTK, Qt because macOS provides its own UI toolkit (+electron etc). I don't use MySQL, I use Postgres (not copyleft). I don't use Blender. I use the default compiler of the OS, so I don't use gcc. macOS switched to zsh (not copyleft) so I don't use bash either.
GPL isn't wildly popular by any possible definition of the term. It was more popular in the past which is why there's a base of software that still uses it, but find me new projects written in the past 10 years that are GPLd. Especially if you look at language ecosystems like JS, Python modules, whatever. Very little GPL there.
The purpose of the GPL is to create a self-reinforcing free ecosystem that outcompetes the balkanized proprietary hellscape that preceded the free software movement.
Well in that case no, it utterly failed. Most popular client operating systems today: Windows, macOS, iOS, Android. Only Android uses GPL components, only the kernel, and the hardware is typically proprietary with no portability anyway.
Most popular server operating systems: AWS, Azure, etc. They use the Linux kernel to provide your software with basic services like TCP/IP and timeslicing, but otherwise these are fully proprietary platforms with their own APIs, own filing systems, and which you can't even run locally at all regardless of how much you're willing to pay.
GPL's influence had its heyday and peaked a long time ago. It isn't a threat to anyone because it has been universally rejected by the current generation of developers. Hobbyist hackers use Apache/BSD licenses, just as corporate hackers do. Neither support the principles of copyleft, and even when code is released under those licenses Cathedral-developed operating systems with no development community to speak of dominate.
BTW, Microsoft release their IDE for Linux because it costs very little to do so and Linux is no threat to them anymore. The world moved on, Azure is the new Windows and people struggling with Wayland are fighting yesterday's war.
I don't feel the need to fight the "new and shiny" war, because yesteryear's problems are far from gone. Windows' dominance affects end users, people like me who had no hand in creating it and now have to deal with a near-monopoly. Companies tied to Azure are where they are due to their own business decisions, and I feel no need to bail them out. If my competitors waste money, let them, it makes me more likely to succeed. They could change everything if they cared anyway. Users, actual people screwed over by proprietary vendors, can't.
As a Kubuntu user, I have to disagree. From my perspective as a developer, the Linux PC experience has surpassed both Windows and Mac. I really couldn't care less what the other 95% of people are using. In that case, it's even more remarkable that even with just 5% market share, Linux can deliver such a cohesive, compatible experience.
10 years ago, I couldn't have done my job without Windows. Now I can do absolutely everything using Linux. IMO, people who are still on Windows or Mac don't know what they're doing. They've probably just been drifting through life, not really thinking.
I am sorry, but you basically say that we need more altruistic capitalists. Won't happen.
> These philosophical ethical standards should also be ingrained into VC culture & corporate culture.
Won't happen. Money always wins and exploiting people on the side of selling (or giving for free) them some stuff is always going to bring in more cash than respecting their privacy.
Seriously, you think it failed? I think it succeeded wildly beyond anything anybody imagined at the time, to the point that very large entities threw everything and the kitchensink at it to try to make it fail. Which exposed them for the criminals they were.
We don't need anything that is more compatible with 'business owners' than what we've got. What we need is education, so that people stop telling each other that the free software movement failed, but instead point out that without that free software movement the operating system, the browser and the applications on the computer that I'm writing this on would not exist.
Given your last paragraph, what is the net trend in society of that happening with enough speed to outpace other negative developments?
Would it be more accurate to say that the Free Software movement is in need for an update, or making next steps, to provide a better outlook in this regard?
Edit: Changed "Stallman movement" to "Free Software movement". I am a FOSS advocate myself, but not interested in deeply engrained notions around Stallman himself.
I think it's doing fine as it is within the limits of the law. If you want more you're going to have to either operate outside of the law or you're going to have to have the laws changed. But within the law the Free Software Movement used all of the available space, to the point that almost every other license out there is less strict than theirs.
What needs to be updated is the the knowledge of the users and of the programmers. But we've been co-opted as an industry for the most part by very large bags of money and a service oriented eco-system is the capitalist response to the free software movement.
Doing an end run around that is hard to enforce (see the various licenses that address this loophole directly) without having the backing of a regulator. I see this as a simple swing of the pendulum, which it has done several times in the past regarding centralization and decentralization of computers: single machines -> single machines with terminals and time sharing -> mini computers with terminals -> microcomputers -> networked micro computers -> networked micro computers using peer-to-peer services -> networked micro computers with access to services -> special purpose computers (terminals!) with access to services. So if we want to do away with these we'd need to focus on the technical implementation of federated services that do not require central services at all. One thing you could advocate for is to restore peer-to-peer capabilities of residential internet but the fear of the hacker card will be played to counter that one. But there is also still pressure to push the pendulum one more step to the right: identified access to the internet and without that no service. This may well happen, I would expect a country like the UK or Australia to be first to implement this.
Also note that there is no actual technical driving force behind the pendulum, it doesn't have to swing at all, it could just as easily get stuck. The important common factor between all of the above was that someone (or lots of someones) made a lot of money by driving the swing.
Businesses don't do free. It is not what they exist for: The 'Stallman movement' isn't compatible with the the tech-company, the employed software-engineer, etc.
I think what the OP is getting at is that the for-profit tech industry needs something akin to the Hippocratic Oath [1]. As software engineers swearing to a set of 'do no harm' ethical codes could well be a first step to becoming a recognised professional.
I can certainly see a future with a framework like that. If a doctor does something unethical it could affect the life of a few people. If a programmer does it, it could affect the lives of billions - it's not a hard sell that something like an ethical code is probably well overdue.
The for profit industry has been very happy to integrate the fruits of the FOSS labor.
And yes, we need an ethics framework for the IT industry, but we need liability more than that and I don't think either is going to happen in the next 10 years. Maybe if there is a mass death (> 10K people at once or so, a few 100 doesn't seem to have made a difference so far) on account of a software issue we will finally wake up.
> The for profit industry has been very happy to integrate the fruits of the FOSS labor.
Of course they are. They get free labour and their profits are therefore higher. which is the entire purpose of any corporation, to maximise profits. Being upset about this is futile, it's the artefact of living in a capitalist world. The free-software movement just isn't going to move the needle on that. They can either come up with a licensing model that pays, or get over it.
But really, this isn't about FOSS, it's about engineers everywhere (whether in FOSS or working 9-5 in a software company) making ethical decisions and understanding the impact of their work, on potentially billions of people. Critically, I think having something to point at, "this is the oath I swore to", when talking to a boss, could be just the thing we need.
I think this is one of the areas where software being treated as "not real engineering" caused some trouble. I went to school for electrical engineering and in my senior year they really pushed the idea of engineering ethics [1] and the personal responsibilities we had to whistle-blow.
There is this Order of the Engineer [2] that has their own oath akin to the Hippocratic Oath. I went down the software path so I never really looked into it, but my professors were very in favor of it.
> As software engineers swearing to a set of 'do no harm' ethical codes could well be a first step
Just like "don't be evil"? Which was actually enshrined in Google's corporate code of conduct for some time, and could even believed if you squinted the right way...
You can choose to interpret my comment as being about corporations if you like; however, I was talking about individual engineers. It is perfectly feasible for a professional oath/code-of-ethics to work, as it does in other industries. It doesn't mean you will never get a bad actor, but it adds a layer of protection to any engineer.
For example, you could imagine that once the code-of-ethics is standardised:
* Organisations that employ software engineers will feel obliged to publicly follow it (like they all have to have public policies around things like modern slavery, etc.)
* They would also be pressured to display it on job ads. Because why would an engineer want to work somewhere that doesn't follow the industry code-of-ethics.
* Engineers have something to point at as a reference to what is, and what is not, ethical. Allowing them to not appear be the only voice in an organisation who can see harm being done.
* It could well enable a union of software engineers take industrial action if the code of ethics is being broken. Which would be a PR disaster for any corporation.
At the extreme end, you could possibly see a future where engineers are 'struck off' of the professional body representing us (for unethical practice).
The only downside I see is that ethics and morals are mutable, so it'd be pretty hard to nail down a concrete set of ethics that are effective without overstepping. There are however plenty of smart people in this industry, so it shouldn't be beyond us to work it out.
> "I think it succeeded wildly beyond anything anybody imagined at the time..."
Somebody needs their memory refreshed. What was imagined at the time is that nearly all proprietary software companies, particularly Microsoft, would have gone bankrupt or bowed to the inevitable necessity to release all their source code to the community under capital-F Free licenses and nearly all businesses that use software would be voluntarily contributing any code developed for their own use to the community also under Free licenses so that their code would help others and others' code would help them.
Needless to say, this has not happened. Instead, FOSS turned out to be an enormous free handout to businesses with very little contribution back to the community compared to the value received. (Yes, even the Linux kernel. If there were contributions to Linux by all businesses that use it that were even a tenth of what Microsoft charges for Windows, there would be a thousand full time kernel developers.) That is failure and developers are recognizing that by turning away from Free licenses to fake FOSS licenses like open core or shared source.
>We need a new philosophical movement for computer technology.
I'm hoping for Cory Doctorow's new book[0] to ignite this discussion.
This is the first thing I've preordered in my life. And despite his marketing being a bit cheesy, I think he might be the right guy at the right time to plant the seeds for this movement.
I feel like we already have a battle-tested answer to that question - which is dual licensing. It worked great on software like Qt - just have an open source GPL(ish) licensed version for free as in speech users, and a proprietary do-whatever-you-want for cash money, so that developers can keep the lights on.
What needs to change is the open-source community's perception of this coexistence as something mutually beneficial as opposed to betraying their own principles.
This hostility manifests in two ways - one is the belief that not fully open software is somehow evil, and shouldn't be supported, and one should always use (often janky) alternatives that are fully open. The second is the constant churn without any thought given to API or ABI compatibility (never mind making the same binary run across versions, even source-level breakage is extremely common), leading to people wishing to ship commercial applications having to package half of the userland with them.
Important topic, absolute garbage article. It's more fiction than facts and 1. on hn ofc because the headline sounded nice. I get the intention of exaggerated fiction and landing on what is happening now or before but that's propaganda 101...FUD at its best. Disgusting.
Obviously everything that's in the future is not a fact - or "wildly speculative and hypothetical" as the article itself puts it. See it as a call to action to ensure that it remains fiction.
Call to action? The author did nothing to encourage engagement on the topics only on his article. No information about how you could get active yourself or how you could approach the topic politically just FUD.
They were calling attention to the problem, not proposing a solution. But calling out a problem is a call to action for people to try to come up with a (or multiple) solution.
Just because there isn't certainty that it would happen like this, doesn't mean there's not a possible future that looks somewhat like this. Nothing that was listed here seems particularly far-fetched to me, I don't think.
Done. So they're calling out things that could happen, driving the point home by placing them in a timeline. That makes the issue top of mind again for people, potentially spurring them into action - even if just by e.g. making it one of people's considerations in their next election.
The irony is that we invent a myth to explain our own fallacies, pointing to the frog and claiming we're not alone. Yet the truth is that we are alone!
The "boiling pot" is rubbish as a literal claim but quite apt as a metaphorical one: the Overton Window moves over time, particularly as people misremember history ("rose colored glasses") and as folks are born or grow up after major shifts.
There are folks on HN today who weren't alive on Sept 11th, or were in the US but were too young to remember it -- their idea of "normal" is very different from folks who were 20 or 40 or 60 years old on the day of the attacks. That's an example of the "boiling pot".
I remember talking with a college student in the mid 2000s about music and he was excited that he didn't own physical media, and instead had DRM copies and subscriber access to more. He was a "tech savvy" exception then, but the window has shifted and college students don't buy physical copies of music. In another decade, I doubt they'll buy physical copies of movies.
The other day I read an HN comment that thought that when you buy consumer PC hardware, it comes with a ToS that limits your property rights as the owner. It's the kind of uncanny experience I run into more and more often lately: talking with people so immersed in our new normal of cyberpunk dystopia, they seem not to remember how things were in the before-times. So accustomed to exploitative corporate gaslighting, we're forgetting the basics of civilization, like, what are ownership rights?
In the before-times, when you bought something, the seller relinquished all claims to it, as an established legal principle (and a social norm and a moral obvious-ity). You can do whatever the fuck you want to your own PC, in your own house! Who would step into your home and tell you "no"?
Stallman was right: if you erode the norm that you control your own software, you lose the hardware, too. Free software is sort of a consumer right that enshrines what ownership of computing hardware means.
Which ownership rights do the sellers retain now that they didn’t previously? I’m not familiar with any ToS that permits a company to repossess your PC or parts of it.
If you’re talking about manufacturers making their devices more difficult to repair or voiding warranties based on minor modifications, that doesn’t mean you can’t do what you want with the item. It just means you can’t force the company to fix or replace it free of charge when you do.
It's not that the PCs come with more strings attached than they did before - it's that many people, especially younger generation, are so used to those strings controlling their lives through their mobile devices and everything being a service, that they don't realize the same isn't true with a regular PC. At least isn't yet.
They don't. I think the commenter was guessing by generalizing from software/subscription service ToS's, which are ubiquitous; plus the fusion of hardware/software in inseparable packages, like the iPhone hardware, which is a brick without an ongoing Apple subscription.
This just isn’t true. You don’t have to give Apple another dime to use an iPhone perpetually. Any paid Apple subscriptions are optional for cloud or streaming services.
Agreed its optional. But Apple will do their best (worst?) to get you to use it. Defaults to the free 5g, resetting preferences after OS upgrades, nagging prompts, etc.
It may be a free subscription, but it's still an ongoing, no-opt-out commercial software service relationship with Apple, Inc. That's why it has a Terms of Service [0] – which is effectively a ToS for the iPhone hardware itself, as there is no way to use it without Apple's OS.
(And I think it's noteworthy how that ToS' language bounces freely between "hardware" and "software"; how it fluctuates between "software license agreement" and "by using your iPhone ("device"), you are agreeing to...". Apple hardware and software are fused together: there is no practical difference).
The only example I can think of is beer bottles. I know it's not related to computer hardware, but I'm just trying to think of examples where you purchase a consumer item and it's still not legally yours.
The reason why it remains property of the brewery, is so that they can re-use it when you recycle it. It might be something that's specific for my country, though.
> I’m not familiar with any ToS that permits a company to repossess your PC or parts of it.
I would call iCloud locking an embodiment of this. It's probably an unpopular example because people seem to broadly like it, but it does demonstrate the principal that the seller retains full control of the hardware and can "repossess" the device. The original purchaser does not receive a master unlock code.
Even if locking yourself out of your device is "your fault", it doesn't alter the fact that at that point only Apple retains control of the device.
Same with bios locks and management engines on PCs.
The idea that possession = ownership is gone. And we're almost all ok with that especially since it makes us a little safer and more "secure". At least until we can't trust Apple, Intel, etc. anymore.
One could argue that the black market value for your locked phone compared to unlocked phone is a proxy for how much you actually own the phone.
> I would call iCloud locking an embodiment of this.
Activation locks were required by law to deter armed theft.
> A new report from Reuters found that iPhone theft dropped by 50 percent in London, 40 percent in San Francisco and 25 percent in New York. The drops represent theft activity as measured during the 12 months following Apple’s introduction of the remote locking feature in September 2013 as part of iOS 7.
With iOS 8, Apple made its so-called said “kill switch” active by default, in accordance with California regulation, and that should help the rates of theft continue to trend downwards.
Laws pretty much always mean a loss of freedom, with the intent of promoting some other positive goal (often, some other freedom). That's why we make them.
Balancing these goals is not easy, but we don't get to avoid it just because we want "freedom" as an abstraction. It's an important consideration but only one when you put a lot of people with conflicting goals together.
It isn’t ironic, it’s precisely how it’s supposed to work.
Laws take freedom (as in do whatever you want) from people and give it to other people so the total expected gains are bigger than without the law, pretending that dishonest lawmakers don’t exist (false obviously). Also, all laws are bets on their outcomes and sometimes they go south.
Now there's a product. "Universal safety and security".
Universal safety and security is pushed almost ubiquitously. Like it's a holy truth. Trumping all other concerns. And anybody who argues for anything else is just selfish or whatever.
There is a circuit block diagram, a PCB layout diagram with all the components' part numbers that I guess you can replace broken ones (?), and circuit diagrams for the power supply and for the keyboard circuit. (starts on page 97) Skimming the text, the manual seems to assume an owner has access to a multimeter, an oscilloscope, and a soldering iron.
Your and others' comments on this thread remind me of a though I had lately.
In the "before times", you would buy things that would last. So naturally, the companies that made them could not sell new products.
Planned obsolescence was one natural outcome that we ended up with. An electrical engineers I know told me how designing a CPU that would last a lifetime is relatively easy compared to designing an equipment that will fail only 5 years from now, but not earlier.
I wonder if there was a way we could take the other path. Keep manufacturing solid, long lasting products but also being financially sound. Right now economy, to me, seems like a thing of perpetual growth, but in a cancer-like way.
> I wonder if there was a way we could take the other path. Keep manufacturing solid, long lasting products but also being financially sound.
Regulation.
Fun fact: this is still possible! It's a little harder – it'll have to be steadily introduced, in multiple countries at once (so we don't break international trade), starting in the areas where it's cheapest to produce lasting equipment (so enforcement doesn't take out entire sectors), and I don't yet know what the regulations would look like, but if it's possible to make lasting things, it's possible to require manufacturers to make things last.
We need to do this, sooner or later, anyway: we simply don't have the raw resources to continue as we are.
I’m in favor of regulation, but that’s not happening now for the same reason that we have the problem in the first place. We’re all tied up together in capitalism, and anything that slows the acceleration of growth that our retirement funds require is not going to fly. If it’s going to happen, it’s because enough people have been excluded from the rewards of the system (we’re getting there).
Easy to nay-say, though. To me, a solution starts with spreading those values that make it possible for _consumers_ to stop sliding down the growth-over-everything slope. Mittelstands, shinise, Patagonia, yada yada. Can you as an entrepreneur make a sustainable business that isn’t just for well-off conscious consumers? What’s the product where longevity is inextricable from the core feature set, not just a trade-off with cost?
Right-to-repair is a decent example of where regulation has enough support across the ideological spectrum to get a foot in the door. It would be cool if a company who made profit on service now decides it doesn’t want to compete on service and instead takes more profit upfront with a higher-quality product. Forcing USB-C on phones feels like a small thing to me, but if it sets a precedent where interfaces are standardized for sustainability, that could be amazing. (No, I’m not worried about governments slowing progress. Locked ecosystems are doing just fine at that.)
I agree with you, I am just highlighting companies' thinking why they would wanna protect their source code. security by obscurity. Also having a copy of source could also mean the companies might have cut corners. Many leaks of future products are now guessed from source code. Also it is so easy to copy as well by other companies.
This blew my mind as a younger person who took an interest in repairing tube radios from the 30's & 40's. One of the first things I realized was how generally easy it was to find schematics of popular brands and models. Some were even pasted right inside the radio shell!
I also hack and repair modern stuff, and it is so common to open up a product just to end up staring at an epoxy blob. User manuals hold no mention of service tips, but instead are near-useless "quick start" guides that might review functionality, if the manufacturer is feeling generous.
Modern tech seems so remarkably spiteful toward the consumer and consumers themselves just seem to roll with it. Sometimes I hear them use arguments like "Company X doesn't want Company Z making knock-offs" as though these knock-off manufacturers aren't already expert reverse engineers. I feel the locking down of consumer tech is more about forcing the consumer into a state of dependancy on the manufacturer than it is about protecting any intellectual properties. They conflate "repeate business" with customers being forced to return for repairs or replacements instead of willfully returning because they trust the quality and brand.
I wouldn't say they are intentionally spiteful, just that modern electronics are complex enough, especially highly integrated stuff like smartphones, that the OEM's suppliers would be unhappy if detailed schematics were released. Since they would not be willing to guarantee on the record that they are correct, nor would they want stuff impinging on actual trade secrets to be revealed.
This is false, there are thousands of examples of products 'in the wild' containing trade secrets that are difficult enough to figure out by reverse engineering that they are effectively considered such, even by industry experts.
e.g. Apple's fixed glass trackpads
Also by definition they cannot be 'invalidated' since trade secrets are never 'validated' in the first place, unlike patents, copyrights, or trademarks.
This is false, there are thousands of examples of products 'in the wild' containing trade secrets that are difficult enough to figure out by reverse engineering that they are effectively considered such, even by industry experts.
That's not how trade secrets work. If you give me a device, and I figure out how that part of it goes together, the trade secret dies. There is no protection except an attempt at secrecy, and once someone is retail sold hardware, they may do anything they choose with it, thus the idea of trying to maintain a secret, when it is in someone else's hands, is silly.
Also by definition they cannot be 'invalidated' since trade secrets are never 'validated' in the first place, unlike patents, copyrights, or trademarks.
Trade secrets are valid, until they no longer are. Copyright (in many jurisdictions) require no validation either, they're merely valid upon creation.
There is no validator for the 'validity' of trade secrets, it's simply nonsense to say that they can be 'validated' or 'invalidated'.
You can't dodge this point, which you appear to be doing as I never claimed copyright law is uniform in all jurisdictions worldwide, nor was that implied.
If you don't understand how these things work, it's better to not make bizarre claims.
I never claimed copyright law is uniform in all jurisdictions worldwide, nor was that implied.
What on earth are you even talking about?
Regardless, you can invalidate anything. EG, one can make a claim "Hey, that manufacturing process is my trade secret!", and that claim can most certainly be invalided. It can also be validated.
> Trade secrets are valid, until they no longer are. Copyright (in many jurisdictions) require no validation either, they're merely valid upon creation.
Some types of copyright requires approval via some organized entity in many jurisdictions, that is easily discoverable via a quick Google search by any passing reader. The prior comment appears like a deflection from the main point, since the fact that some jurisdictions operate differently is simply irrelevant as I never claimed otherwise, nor was that implied anywhere in the preceding comment chain.
Like I said you can't avoid the fact that 'invalidating' trade secrets makes no sense. They can be revealed, they can become so widely known that the label no longer applies, and so on.
But 'validity' whether legal, logical, etc., can not apply to them.
And in any case there are many real world products which so far have not been reverse engineered to a sufficient degree to recreate, such as the fixed glass trackpad previously mentioned. If you can prove otherwise then I would welcome a link.
Michael, my simple point was that copyright, like trade secrets, requires no validation in some jurisdictions by default. For some reason you view this as a distraction, instead, it was merely illustrative.
In terms of validation, I have no idea why you think one cannot invalidate someone claiming to have a trade secret. You can literally invalidate anything, someone is trying to assert as valid.
A bottle blonde could claim that is their original hair colour, and one could invalidate that claim too.
You seem stuck on an internal definition of 'validate'. Your internal definition seems wrong.
Well if you want to avoid getting into the weeds, since it appears you have a peculiar idea of validity that does not reflect the legal or logical usage, then by all means.
Anyways I agree this is a tangent from the main comment chain, if that's what your implying. I included the last paragraph for that reason:
> And in any case there are many real world products which so far have not been reverse engineered to a sufficient degree to recreate, such as the fixed glass trackpad previously mentioned. If you can prove otherwise then I would welcome a link.
You don't get how trade secrets work. What makes them enforceable, actionable.
The classic example was during the 90s. A company was building a new factory, and as a result, it was open to the air. A competitor, wanting to legally discover how the manufacturing process of the company was orchestrated, flew over the construction site, taking photos, pictures.
The competitor claimed, that they obtained such information without trickery. The company said that they had taken reasonable precautions, to conceal their manufacturing process, with employee NDAs, and security around the construction site, yet ... that there was absolutely no precaution which could be taken to protect from plane or satellite, and thus, the took all reasonable precautions. That the plane + photos were akin to someone sneaking into the factory, and taking photos as well.
The company won, their trade secret was protected.
The point of this illustrative story, is that reasonable attempts at secrecy of things such as manufacturing processes must be attempted.
A key part of a trade secret is in its name, secret. You cannot keep a secret in public, and even if you do, for a brief period of time, you are not attempting to conceal it if everyone and their dog may look at it. Nothing you sell to a consumer is a trade secret. Nothing. Not a single thing.
You may have a trade secret in how that product was made, but you do not have a trade secret in how that product fits together. At all. A schematic of a circuit board is not a trade secret, and this is the context you started this conversation on.
To speak to this, if anyone, ever, discovers how to take apart and repair this glass trackpad you discuss, there is no trade secret, and no judge will ever ever help anyone enforce protections on the same.
To put it another way, and going back to the example at start of this message, if you hold tours of your factory with trade secret manufacturing processes in it, you no longer have trade secret manufacturing processes. Your competitors may tour it at whim, as part of the tour group, and use such information to derive and copy your no longer enforceable trade secrets.
That's simply how it works.
And there's nothing more public than selling something to the public.
I think you are confused, because Apple may claim it's a 'trade secret', in how they manufacturer said glass trackpad. But the part in consumer hands is not a trade secret. You can put the blasted thing under an x-ray, an electron microscope, and yes these are valid ways to examine things, and there's literally even remotely a trade secret to enforce from this angle.
This, any schematics provides are not going to invalidate what already exists.
I won't bother looking back at this any more, for two reasons. First, it's falling off the first page of my comments I look at, for replies. And second, your over the top, absurd attack on a correct use of the word 'valid' is quite odd, and smacks of a lack of good faith.
You've said your part, I've said mine, and I don't see much value beyond my extended attempt to discuss my reasoning re: trade secrets, how I believe they work, etc. above.
Oh, one final note. I've noticed some larger corporations, and some dark corners of the legal profession attempt to shift the line in terms of rights. We've seen absurd attempts at this in the last 20 years, and we've seen industry practices which are in effect for 10 to 20 years, in terms of IP shot down again and again.
Part of me suspects you may have fallen into a trap, where perhaps Apple claims something they cannot claim, such as extending trade secrets to devices held in people's hands. If they are, they will fail in this, unless there is a deep legislative change, and even then I doubt it won't be kicked, and you should not listen to such absurd claims.
You appear to be assuming that the 'schematics', even if they were provided by the manufacturer, describe the actual product in your hands, which is probably the source of confusion.
They don't, at least not for modern products of some intricacy.
Going back to the example of Apple's glass trackpad, there's a decent chance that literally every Macbook ever sold with it has a unique trackpad, because some transistor(s) were slightly off, due to manufacturing tolerances, requiring slightly different resistor(s) to compensate, etc..., and so on.
And there are hundreds of components just in the trackpad.
So even in the literal sense of examining it under various microscopes and so on, I think it's pretty fair to say that it's secret enough for it to be very very difficult to recreate.
But this all seems like arguing at windmills, because in practice, Apple's shareholders, board, management, employees, suppliers, customers, and competitors behave as if it was a trade secret. Which is more then sufficient for all practical purposes most HN readers are concerned with.
That wasn't less true for any other appliance that's ever existed, largely because of the availability of the schematics.
People have a right to know what they're buying. Companies are testing legal and cultural boundaries, silently changing functionality and usability by altering software or access to required services after sale.
It's not "too complex", it'd just be a hassle if people knew.
Microsoft showing it's totalitarian real character again. So happy that Minetest[1] exists and gives that warm Open Source glow, just knowing that your using Microsoft free software and it works fine on Linux too.
A valve radio had ~50 discrete components[1]. The first semiconductors had triple that number of components in a square millimeter in 1971[2], a modern CPU is in the tens or hundreds of millions of transistors per square millimetre. That's more components than the Encyclopedia Britannica had words in 29 volumes[3]. How are you going to 'know what you're buying' if you don't know anything about the bit which makes up most of the complexity and does most of the work? How are 'people' going to know anything about the CPU by getting lumbered a dozen bookshelves worth of schematics?
All this means is that you move one level up on what it is you are diagramming and replacing. I don't expect to replace the integrated circuit on my instant pot, but I do expect to be able to replace the control board or the thermal fuse. And instructions on how to do these things would be great! A simple diagram showing how the larger things are connected is all that's necessary. I don't need a map of all the traces, or a list of the surface mount components.
Not to say it wouldn't be useful to someone, somewhere, or save you 10 minutes, but I suspect if you are capable of replacing the control board and thermal fuse, willing and motivated to do so, have the equipment and workspace to do it, willing to spend almost as much on a replacement control board as you would on a new Instant Pot, and don't need a map of all traces or list of components, you can likely find the fuse yourself without much bother.
But that's still a different argument to the one I was responding to which was "People have a right to know what they're buying" - and the claim that products are "not too complex" for that. At the point we turn it to a diagram which says "fuse connects to System-on-Chip blob ground pin 0 and data pin 7. Button board connects to blob ground pin 0 data pin 8" are we any closer to "knowing what we're buying" in a meaningful way?
The Atari (400/800, from the Warner Brothers ownership era) also had full schematics /available/ (you had to buy the 'technical reference manual') but they were available. And part of that tech. manual was a printout of the 6502 assembly for the ROM OS.
And if I remember correctly, the tech. manual was something like $20.00 (in circa 1984 dollars, roughly $58 today, and you got about 400 pages of paper, printed on both sides.
So while schematics did not "come with the product in the retail packaging" one could obtain them with only the trouble of ordering a ~$20 (at the time) "book".
Every device/vehicle/system now needs to be connected to the internet and needs you to download an app.
Is that for the consumer? No. That's for the manufacturer.
For milking be reselling your data and/or spying on you and/or charging extra because they can and/or the capability to turn any device into literal trash by not providing updates or bug fixes to a half-baked alpha software that it shipped with.
Blame your government. There could and should be laws against that or at the very least incentives to prevent it.
>Blame your government. There could and should be laws against that or at the very least incentives to prevent it.
In a democracy the government is a proxy for the people. I blame the people. If the majority was conscious of their rights (or at least what these rights should be) the governments would have no choice and they'd bring laws that protect these rights. Yes, no democracy is perfect, there are lobbyists, corruption etc, but if the large majority of the population wants something all these lobbying and corruption can only delay it.
The issue with the government(s) is a symptom, not a cause. The cause is that the majority of people have no spine. They'll sell their privacy and rights gladly for a tiny bit of perceived convenience, entertainment or status. It's like this famous saying "people that are willing to sacrifice freedom for safety deserve neither". Substitute privacy/ownership for freedom and convenience/entertainment for safety and it will still be true.
Neither me nor my partner own a smartwatch/health band. Why? Because we literally found no brand that could be used without setting up silly "online accounts" and having our personal details (including health) harvested. The pine watch is an exception, but last time I checked the software was not ready for daily use.
Personally, despite the above, I'm a "long term optimist". I think people eventually will learn to value their privacy, their right to ownership/repair and they will stop buying and using devices and software that infringe on these rights. But not before a generation or two come and go.
Consider other revolutions in human condition. For example the industrial revolution. It brought magnificent benefits, but also (especially initially) it was horrible for many people including children. Eventually the masses started paying attention and worker rights were established, but not a second before the majority was ready to sacrifice a lot to fight for it. It will. Be like this with our "digital revolution".
Psychology is a science that studies human behavior, and like all sciences it works mostly. As a result, human minds can be easily hacked by those with the motivation to do so. Psychological science can be employed, things like A/B testing are very effective with enough data, which our digital systems easily provide. Ads are the wholesome version of that, because they are overt. We know the ads are trying to change the way we think and act. Corporate news is an example of the less wholesome side of using psychological science against humans. The humans aren’t to blame. Humans are animals and easy to hack, and our economy is largely, mostly I’d say, based on people hacking/behavioral engineering.
> They'll sell their privacy and rights gladly for a tiny bit of perceived convenience, entertainment or status.
How does that mean they have no spine? It sounds like they made a decision on what was more valuable to them. You could argue that they might not have been fully informed. But I think the reality is that they just don't care that much because they don't feel harmed by it. The segment of people that are going to even consider trying to repair a digital device rather than paying to get it fixed or getting a new one is probably vanishingly small (and very over-represented on this site).
I could easily see things going the other way, where the lack of digital privacy becomes even more of an unquestioned norm. These things can hold in a kind of equilibrium as long as the entities that hold the power don't use it to cause perceived harm above a threshold. We have the technology to do a lot more scanning of license plates, facial recognition, automated speeding tickets, etc. I'm kind of an optimist in that I think people will generally maintain this balance (or maybe a pragmatist - it's not really in their interest to upset the apple cart, but they will test the limits sometimes).
It’s weird how people in tech think they are superior to their less-technical colleagues. Everyone outside of software development is a moron and the entire world would be better if programmers ran everything with no oversight. Somehow only engineers are moral and everyone else is purely motivated by profit. But engineers are above that! It’s so ridiculous.
It's really evil and indeed against the customer, and it applies to pretty much any real product out there nowadays from cars to washing machines to water boilers. It's all designed to fall apart, break and stop working.
What about the incalculable environmental factor for all of this? Nobody cares.
How many people cared about those schematics? Most people would say "Gee, instead of this paper of things I don't understand, having a list of the radio stations in this spot would be more useful"
As someone who found computing in general through the joy of taking broken electronic things apart and trying to fix them, it does sadden me too when I see a black blob over a circuit board but most people are just happy they're cheap and easy to replace and toss em away. Most developers I know today can't understand basic electrical circuits, even though they are the very foundation of everything we do. But like my previous analogy, most would rather just see the magic happen when they install something, write a little bit of code, and see results.
Some of us do value privacy, security, and even the underlying things that make stuff work. We're in the minority. The vast majority of people simply don't even care. I've tried explaining it to my wife, or my mother, that some piece of software might track them, know about them, restrict them, whatever, and the opinion I usually get back is "Oh, it doesn't already do that?" People joke about Facebook ads being something they just talked about all the time and it doesn't even phase them that the reality is very near to that.
People simply don't care enough to make a change in the laws that would prevent things like this.
Privacy loss is like climate change. People don’t care because the really bad things haven’t happened yet. People who keep telling them about the bad stuff that is likely to happen are alarmists, and like with climate change there’s an industry with a vested interest in downplaying the issue.
A sneak peek may be coming with what some states are doing to police travel for abortion. Does the algorithm think you might be pregnant? Congratulations, you may now be stopped on state lines and charged with a crime because you are driving someone one state over. Even if you have no intent of getting an abortion you may have to prove that in court if a prosecutor is feeling particularly self righteous today.
People in the US are not accustomed to totalitarian politics. We have rights. But loss of those rights are one populist demagogue away.
When that happens all that surveillance and remote control will suddenly become as relevant as Antarctica’s Thwaites glacier would become if it fell in the ocean.
(Left wing populist demagoguery and authoritarianism are possible too. I’m just picking on the right wing sort because it’s the kind that has traction most recently. But that too can change.)
I'm turning to the opinion that if we really want to fix this, we need to have government mandates that "takeout" style exports are provided by every company/service, in a standard machine-readable format.
If you collect and store any personal data about a user, there needs to be a standard way for them to request a usable copy.
Then allow third parties to build tools that work with those to educate users, which is why standard and usable format are key criteria. E.g. "visualize what X knows about you"
It's the details that would motivate people, but the details are precisely what's invisible right now.
(Disclaimer: talking from a US-centric viewpoint, for the majority of states that don't have digital privacy rights)
That’s the neat thing! For most people, you don’t! Until it breaks and you need to fix it, and the manufacturer is out-of-business. But then you can present that strange schematic to your local electronics repairer who can fix it up with a few spare commodity components.
The entire economic system was different. Even something as basic as a radio, fridge or TV cost serious money, so very few people had them in the first place, they expected it to last and be easily repairable, particularly as shipping took a lot of time and was expensive just as well. Farmers living out in the country had it even worse, for them the ability to repair devices literally in the field can be a question that makes their entire business viable or not.
Today? Everything is cheap, you can fedex something across continents in a matter of a few days. When the TV is broken, fuck it, a new one is a click and a day of waiting time away, free delivery included. Computers? Phones? Just the same.
Building products that last or are repairable just isn't competitive enough any more. Yes, there are niches like Fairphone, Framework and Pine, but that's the point: they are niches for nerds who care and are able and willing to spend the money.
On top of that, technology has gotten ever smaller and smaller. Up until a decade or two ago, most electronics was through-hole stuff that even a complete dunderhead could repair with a soldering iron, a bit of solder and some tweezers. Modern SMT? That needs highly specialized machines and an awful lot of knowledge about stuff like temperature ramps, not to mention passive components being as small as a tiny piece of sand. And if you want to verify signal integrity, some random scope won't cut it either at modern high speed buses.
I wonder if gaming consoles had a big hand in this? Going back to Atari pong in the early/mid 70's and I don't recall if any of the major players (Magnavox, Atari, Coleco, Sears) included anything close to schematics.
> Very large-scale integration (VLSI) is the process of creating an integrated circuit (IC) by combining millions or billions of MOS transistors onto a single chip. VLSI began in the 1970s when MOS integrated circuit (Metal Oxide Semiconductor) chips were developed and then widely adopted, enabling complex semiconductor and telecommunication technologies. The microprocessor and memory chips are VLSI devices.
> Before the introduction of VLSI technology, most ICs had a limited set of functions they could perform. An electronic circuit might consist of a CPU, ROM, RAM and other glue logic. VLSI enables IC designers to add all of these into one chip.
It was mostly the mobile revolution. Consoles were always considered something separate from computers. It was phones that normalized not only locked down OSes but surveillance as a normal thing.
I remember in the late 2000s hating everything about the mobile revolution and predicting where it would go. I was mostly right but wow did people ever think I was nuts. Tech groupthink back then was the literal phrase “mobile is the future” repeated like something out of a political talking points memo.
What I got wrong was underestimating how evil social media would become. I never imagined how addictive it could be made or how toxic the content would get, or how it would help re-mainstream a whole raft of horrible ideologies. The addiction factor and brain dead content machine really hit with mobile too, so it’s not unrelated. Something about that little screen that is always there and swiping to scroll seems to facilitate addiction better than a PC or laptop screen.
Agree with everything you said, but what bugs me most is that I like computers, and phones are computers but they're designed for people who don't like computers, so they pretend not to be computers. Worse, those same ideas have infected the desktop too.
The Atari 400/800 computers had available as an extra cost purchase (IIRC about $20 in 1984 dollars) a "technical reference manual" that included full schematics for the computers, a printout of the 6502 assembly for the ROM OS, and a lot of narrative describing technical aspects of the computers.
So for at least Atari, and at least with the 400/800 computers, they did release the information. For an extra cost, but it was released.
I bought a vintage printer (juki 6100) to tinker with recently, I was pretty shocked how the manual included circuit and timing diagrams, and gave instructions on how to construct adapter cables for various machines.
Also the "driver" installation for IBM PC is just instructions on how to manually patch wordstar to work with it.
I took apart an old bakelite phone to replace the cord with an RJ11 one (connected two old phones together with a Cisco SPA adapter, the kids love calling each other) and was surprised when there was a little bit of paper wedged between two components with the full schematic!
In Russia it was the case even in the 90s, but all locally produced consumer electronics in ex-USSR quickly got replaced by Japanese and Western devices.
Looking at this list, open source software is the only thing that can help save us from this future. Whenever a corporation takes control of a widespread open source software (eg Oracle buying MySQL) it is forked by the community (MariaDB).
If you don’t have access to the source code, you can’t fork it. And ALL the Web 2.0 platforms of today (on which we have our public forums) won’t give you their back-end software. Not even HN. Nor Reddit, LinkedIn, Twitter, Facebook, Telegram or even Signal. They need to retain control because of the capitalism system in which they were conceived (Facebook, LinkedIn) or sold (WhatsApp, Instagram), and the shareholder class which the corporations must serve and extract rents from their ecosystem forever. It starts with venture capitalists and it ends with wall street ownership. https://en.wikipedia.org/wiki/Surveillance_capitalism
If you look at my posts for the last decade, I have been openly saying this. Those of you who saw the movie iRobot back in 2004 may remember the tagline: “One Man Saw it Coming”. I feel like Will Smith’s character. Except that I have been doing something about it.
1. From Digital Feudalism to a Free Market
We are living in Digital Feudalism, and like serfs, we have very little say. And all of this is because we don’t have a viable open source alternative. The first step is to have this software be available to everyone.
There were attempts with diaspora* and Mastodon has so far been the most successful. We’ve quietly been building something far, far beyond Mastodon and attracted 10 million people in over 100+ countries. But you probably haven‘t heard of it. It’s a web-based, open source, general-purpose Community Operating System, on which anyone is free to develop just as they are on Linux or Wordpress.
While an app like Telegram or Signal could be easily banned from app stores by governments, something like this is much harder to censor. If millions of websites use https and some may be hosting Qbix widgets, then how will governments and corporations ban it? They may have to insist on having a backdoor to the https certificates, which means enough people would have to fork Chromium / Blink (open source on the front end). But until then, it’s a way for We the People to continue building an innovating in the face of corporate and government crackdowns.
In a free market you have a choice of landlord (eg who will host your Wordpress or Qbix instance). But you still have a landlord.
This is the part that some on HN are allergic to. I’m going to extol the virtues of automomous networks, because they’re the most benign “Landlords”, who can be trusted to uphold the rules and never change them (if enough of the community doesn’t like the changes, they can fork and continue the old rules).
Blockchains and smart contracts are JUST THE MOST POPULAR VERSION of this at the moment. There are many other architectures, including Hashgraph, IOTA DAG, and more generally, networks based around Distributed Hash Tables / Kademlia, such as BitTorrent, IPFS, and the ultimate i...
You may have missed this part further down in the economics section: Stallman’s Free Software Movement is more like a gift economy, or perhaps “distributism” (a 19th-century Christian economic system). Those are actually really good, but to pay for resource use in the ecosystem we need an accounting system, and that’s utility tokens.
I believe that decentralized movements need to be named properly. If Stallman named it “Liberating Software” instead of “Free Software”, his movement could have attracted a lot more devotees from the wider open source movement.
Similarly, I believe (my personal viewe) thay if BLM had simply called themselves BLAM (Black Lives Also Matter) their message would have been crystal clear and would have attracted far less controversy and much more support across the political spectrum, avoiding such rejoinders as “All Lives Matter.” In fact it rolls off the tongue better and stronger: BLAM!
When starting a decentralized movement, the naming is crucial as it affects positioning long after it has become bigger than those who began it.
What's the alternative to "I built it, I own it"? Seems like forced open sourcing under threat of government force would be worse than what we have now.
Also Meta these days is open sourcing more ML tools than any other corp, so I'm not sure the claim that "killing ... all open-source tendencies" is supportable.
People naturally tend to give things away in a gift economy when the marginal cost of making a copy is zero. Dan Pink explains it here: https://m.youtube.com/watch?v=u6XAPnuFjJc
Consider science: it is a privilege in most scientific disciplines to publish one’s discoveries openly for everyone to build on. Except in the bio and pharma departments — there, the intellectual property system has made generically engineered crops trap farmers and has made drugs extremely expensive in the very country that enforces this system. I wrote about Open Source Drugs a whopping 12 years ago: https://magarshak.com/blog/?p=93
Newton said, “if I saw further, it’s because I stood on the shoulders of giants”. He didn’t pay rent to the giants for those shoulders.
Thomas Jefferson said, “He who receives an idea from me, receives instruction himself without lessening mine; as he who lights his taper at mine, receives light without darkening me.”
Albert Wenger, a friend of mine who is a venture capitalist, general partner at Union Square Ventures here in NY and who raised their climate fund, wrote an entire book called World After Capital about this very thing, and is giving it away: https://worldaftercapital.org
Back then, USV and other VCs were really bullish on Utility Tokens as a way for the participants to own the network, and to incentivize open source voluntarily, without government force:
I also mentioned Meta open sourcing ML, and said you should be thankful to Zuck’s tendencies, which he can exercise in an area that isn’t a core business proposition of facebook. The capitalists have stranged Mark Z’s tendencies in every area where Facebook could extract rents and profits from its ecosystem. And in this, it could have easily gone another way had an IP-loving Steve Jobs type been at the helm. Had FB chosen to branch out into it, like Apple did into, say, banking or cars, then you would see FAR LESS open source competition in AI. Maybe Bloom model?
This reads like you’re taking their post in bad faith or otherwise didn’t read all of it. They go on to mention:
> ... you should be thanking [Zuckerberg’s] open source sympathies as he is literally having his company give away open source LLaMa and other AI which his company spends a ton of money training. Without someone stepping up and doing this, the AI [would] belong to only a select few ...
You’re right that such sympathies weren’t exactly “killed” (instead “discouraged”) by advisors but pressing this mistake in phrasing is certainly a bit of a straw man argument.
I'm imagining something like a "software choice" act which requires all network connected devices to be able to, in principle, have their bootloader unlocked and an alternative operating system loaded in with relative ease. No specialized tools, you can't say "well just unsolder this chip" but you can display a prominent warning that the bootloader is unlocked. Basically do it like android does it, but by law.
There are obviously some specifics there, like if the camera on my phone has a firmware blob, does that need to be able to have the firmware updated? A lot of little caveats like that make such a law difficult, but I think with hardware access the open source community can flourish on devices like smart TVs, etc.
Thank you, for this comment and for the work you've done, all this time.
- - - -
THe thing that gets me is that people seem pretty much content with things. E.g. they'll complain about Amazon and then in the next breath admit that they still shop there. Etc.
Some of it is complacency. (A friend of mine, an academic, was talking about "the pain" of switching from Twitter to Mastodon. I had to stop him. You just click some buttons? You don't even have to get out of your chair.)
A lot of it seems to be apathy.
And then there's contentment with ignorance.
People say that this is just "human nature" but I feel that's a cop out.
- - - -
FWIW I think of Capitalism as a kind of economic API. It's very useful, but you have to run it within certain resource limits and policies. (E.g. don't "eat the rich", just tax them at the rate that we did fifty years ago, eh?)
Science and capitalism have delivered technology and wealth, we won history. We just haven't really noticed yet.
We have to stop fighting each other and take care of each other.
As a software engineer, I don't think capitalism is the only factor preventing big companies like Facebook, Twitter and Reddit from releasing their back end code... You'll find that their back end code is a real mess with millions of lines scattered all over the place, with various parts tightly coupled to specific hardware and software vendors; I can almost guarantee that if Facebook made their back end code fully open source, you'd probably need a team of 100 full time engineers working round the clock for 1 year or 2 to launch a Facebook clone... These platforms are way over-engineered; the technology essentially cannot exist without the people. Facebook as a platform is not merely code; it's an insanely complex amalgamation of both people and code. It would be useless to make their back end code open source as essentially nobody else would be able to run it.
That's why Twitter software engineers were making fun of people wanting to release the Twitter algorithm... They were well aware of what a complex mess it was and how unrealistic that was. People have the right intuition though; it doesn't need to be so complex. It is complex by design.
That's a long diatribe for what can be reduced down to "another techbro excuse why climate-destroying pre-mined (for shareholders!) shitcoin is better".
The only thing shitcoin made "better" was how to pay the ransomware industry.
Pretty sure you’re reading your own biases into this
Where did anyone mention climate-destroying proof-of-work? Last I checked, only Bitcoin uses that amount of energy — every other decentralized system does not.
Shitcoin is a term bitcoiners use for every other coin so your own diatribe is incoherent.
Most people on HN are techbros
Blockchains are not the most efficient distributed systems architecture. But if you think you can do better, please do it!
For instance, I am. I think we can do better than BlockChain. That’s why I designed InterCloud, and putting together a team to build it.
I care about open and free technologies. Dat/Hypercore. IPFS. Maidsafe/Safenet. Matrix. Nostr. Literally none of them fit anything you’re bitching about.
In every case, people like you prefer bitching while the frog is being boiled, and actively spreading FUD about any open, free, permissionless alternatives. You’d do better by doing nothing, getting out of the way and let innovation happen. You seem to have no solution.
> Pretty sure you’re reading your own biases into this
“It is difficult to get a man to understand something, when his salary depends on his not understanding it.” -Upton Sinclair
> Where did anyone mention climate-destroying proof-of-work? Last I checked, only Bitcoin uses that amount of energy — every other decentralized system does not.
All shitcoin uses inordinate amounts of energy and resources to do wasteful calculations to prove a thing. Bitcoin chews through massive amounts of power. Ethereum chews through GPUs and lowers expected lifetimes. CHIA chews through SSDs in weeks of massive amounts of writes. Even running IPFS client chews through CPU/RAM/network like there's no tomorrow. Filecoin is 10x worse.
> Shitcoin is a term bitcoiners use for every other coin so your own diatribe is incoherent.
I include all of them. But how quaint that you invalidate me as some round-about defense of your own shitcoin.
> Most people on HN are techbros
Most != all. Some of us are actual socialists. You know, "know thy enemy" and all that.
> Blockchains are not the most efficient distributed systems architecture. But if you think you can do better, please do it!
Its already been made. Its called Hawala ( https://en.wikipedia.org/wiki/Hawala ). And its an easy way to send money across areas and even currency changes. And its based on reputation, not some silly climate-destroying math, so you shitcoiners cant make money pre-mining the chain before opening it up to the public.
Again, thats really the problem with all this decentralized "currency". Its a terrible merge between money transmitter and money printer. And you posit "But if you think you can do better, please do it!"... and you refuse the counter-question of 'Do we even need this?'
> For instance, I am. I think we can do better than BlockChain. That’s why I designed InterCloud, and putting together a team to build it.
I repeat: “It is difficult to get a man to understand something, when his salary depends on his not understanding it.” -Upton Sinclair
Basically, I'm saying this for others who read this now, and not for you. This is a tacit admittance that you cannot look at other perspectives in this realm, and must see your path as the "only and true path", because otherwise you would be rejecting your own idea and business plan. (And I know very few who can dispassionately look at their own passions.)
> I care about open and free technologies. Dat/Hypercore. IPFS. Maidsafe/Safenet. Matrix. Nostr. Literally none of them fit anything you’re bitching about....In every case, people like you prefer bitching while the frog is being boiled, and actively spreading FUD about any open, free, permissionless alternatives. You’d do better by doing nothing, getting out of the way and let innovation happen. You seem to have no solution.
And in every case, the whole network is actually run by a quorum on the backend. The breathless claims of "decentralized" arent even defensible. And the other scam here is that all these with shitcoins attached have been heavily pre-mined to "pay the upfront investment cost". But again, with you being a shitcoin founder, you're well aware how this grift works.
I used to run the blockchain meetup here locally. Some of my contributions are still used by a lot of folks. But after a hard deep dive into dozens of blockchain systems, the only real benefit is to the ransomware industry. Well, that, and a whole bunch more decomissioned power plants being spun back up for shitcoin of various types. https://www.theguardian.com/technology/2022/feb/18/bitcoi...
I don’t refuse to counter-question “do we even need it?” I have written articles at length why we need smart contracts, and I linked to it in the original comment (answer to Moxie). You just ignored it in your rush to ascend your soapbox!
I know that Upton Sinclair quote. Who pays my salary?
I could say the same about you. I realize who pays the salary of many of the startups that go through YC. The venture CAPITALISTS do. The Web2 ecosystem that banks at the same bank (Silicon Valley) and had a bank run on that bank kicked off by Peter “build a monopoly” Thiel. You support that ecosystem, and therefore are against any decentralized alternatives. Do you support Palantir and precrime as well?
Perhaps the above doesn’t describe you, only a bunch of tech bros like you in the very shareholder-based ecosystem that has led to the Big Tech oligopoly and is the subject of “boiling the frog” we are talking about. But then again, you are doing the same to me, assuming things based on whatever “Web3” means to you.
First you trot out incoherent strawmen about proof of work and shitcoins. Then, when I point out the issues with what you say, you do an adhominem.
You continue to be deluded. I just got through criticizinf hyper-capitalism like Thiel’s that would make many capitalists blush. Then I proceeded to advocate alternatives that fit the dictionary definition of “libertarian socialism”. You turn around and call that hyper-capitalism.
Well, how about this… in your system, you have monopolies and hardly any competition. It’s digital Feudalism. You are like the slaves supporting the system because the slavemasters were kinda good to you. In the system I advocate, everyone is competing to provide better infrastructure (hosting, security, storage etc) and you are not locked in. There is redundancy, no single point of failure. And no one can usurp power easily.
>All shitcoin uses inordinate amounts of energy and resources to do wasteful calculations to prove a thing.
Sigh. You sound like you’re in 2013. Are you talking about Bitcoin? Because I had the same criticisms of it since before you were in crypto. I made them publicly in ArsTechnica and was covered in the BBC, Newsweek, etc back in 2018. We actually experimented with allowing people to do Monero mining as a way to pay for our apps, and the whole thing went bad pretty quickly and we removed it for precisely this reason. I called out the incentives publicly 5 years ago:
You seem to ignore that every other coin besides Bitcoin and Monero doesnt fit your description, let alone the other distributed systems…
> And in every case, the whole network is actually run by a quorum on the backend. The breathless claims of "decentralized" arent even defensible.
Really? “The whole network” of Dat/Hypercore and Bittorrent and IPFS and safenet are run “by a quorum”? You should read up a bit more on what distributed hash tables are before spouting such nonsense.
Your response is to throw shade and FUD it without engaging in anything approaching substantive, intellectually honest discussion. I back up everything I say with myriad examples that illustrate general patterns. I have arrived at this position by battle-testing my ideas and being open to changing my mind. Are you?
Saying “you’re wrong and deluded” and declaring “it aint” unilaterally isn’t actual substantive argument. It’s just asserting bias.
In theory, markets should regulate and competitors should be able to rise and provide products over never ending services and be successful. That doesn't seem to happen though. Is it because service designs expose real business costs of continued investment in R&D sort of deal, is it because such reliable products are bad for business (you provide something so good, reliable, and cheap you kill your own revenue stream) or what?
Similar to the concept in medicine that it's bad for business to cure vs good for business to treat something. From the consumer side, clearly you want cures but markets don't seem to function that way. Treating kidney disease is far less lucrative than providing a cure (if possible). Your only option as a business to find this appealing is to somehow look at the treatment option, roll all expected profit and revenue up, and tuck that into a "cure" option. If altruism in medicine isn't there, I don't know why we'd hope for it in something as artificial as electronics and software. I don't know what the solution is here if we want to continue to pretend markets self regulate in a healthy way for the general population and not for businesses.
I mean ... the market has spoken on this. It just isn't something that enough people value enough for it to have a positive return on investment. Like pretty much everyone else here, I think that sucks, but I also struggle to begrudge the preferences of people who just don't care about this.
So the question is just, is this a market failure in the sense that the market outcome is undesirable to society such that there's a strong case for regulation? Or is it a market success in that most people are getting what they prefer (cheaper products)?
If we were to get regulation passed on this, and prices for digital products and services were to rise, would people broadly cheer or jeer us? I think it's pretty clear that most people would be unhappy with this, at least above some level of price increase (which may be zero).
So to me the question is (like with all regulation) whether this can be regulated without increasing costs to people beyond the value of the regulation to society. Maybe so, but unfortunately I'm pretty skeptical that's the case.
If companies released just the hardware without the services, then we could have open source jumping in to provide those services, and things would be cheaper.
Unless of course you want to argue that without financial incentive nobody would ever do such a thing, and open source is a fairy tale that can't really exist ...
There is a reason that open source thrives in the niche of tooling for other software developers, and ... thrives less outside that niche. The target audience for software development tooling ascribes huge value to being able to read and modify the source of the tools we use. And for good reason, it's not just a principled stand; open source directly helps us do our jobs better.
But outside that niche, nobody really values this capability, and it's not a mystery why not. What good does open source do an accountant? Any given work-a-day accountant is never going to read or modify the source of their software. They just have no interest in that. They may have a computer enthusiast friend who has made a compelling case to them for why this stuff matters, so they may agree in theory, but they aren't going to do extra work or pay extra for this. It just isn't a direct enough impact for them.
Consumer PC hardware is the exception though. Android and iOS are more or less exactly that: computers that you may have paid for but that you do not actually own. Ditto Chromebooks.
In the before times there were phones owned by AT&T attached to landlines in every home and business. Attaching your own phone and repairing the phone company's were not allowed.
This seems a lot like the same business model you're saying didn't exist before.
In fact, AT&T was more draconian. People can pay off their cell phones today. The old wall-tethered units had a monthly rental fee in perpituity.
So many folks don't seem to have remember this. IBM was also the same with the giant mainframes. Even now, if you have a power system, it's pretty much mandatory to pay an ongoing "service agreement" or very quickly you'll discover you have major issues.
I hate that the system has it where you don't own anything and you are supposed to be happy with it. But from a market perspective what else can they do? They need to make a regular income to pay for the development and such, but they also need to deal with the fact that a competitor who offers a freemium or product at a loss but where they can at some point in the future hide future costs will just naturally win.
> In the before times there were phones owned by AT&T attached to landlines in every home and business. Attaching your own phone and repairing the phone company's were not allowed.
The difference is, culturally that didn't go too well with people so hating in MaBell was a thing. Enough so that it forced politicians to enforce anti-trust laws and break it up, eliminating all these restrictions.
I fear there is no political backbone today to do anything to the monopolists that own the hardware we "buy" from them.
General purpose desktop computing isn't dead yet. It's still available - but barely. Now is the time to save it, or it will be gone soon.
The same thing happened to TVs. There are nearly no 'dumb' TVs that doesn't do anything more than just display the video signal. All the 'smart' ('over-smart' is more appropriate) TVs out there take too long to start and they almost always phone home to their overlords. The really worrying part is how normalized it is. I remember someone here on HN contemptuously dismissing my concern, saying that dumb-TVs are called 'computer monitors'. How many affordable 'computer monitors' above 30 inch do you know? And give it enough time - even computer monitors will become 'smart monitors', unless something is done now.
TVs long ago used to take up to 10 seconds to startup because the electron gun at the back of the CRT needed time to heat up. The advent of TFT panels gave us the hope that that wait would be a thing of the past. Now instead we wait minutes for its spyware, adware and bloatware ridden OS to boot up and phone home. We're living is a world that's the opposite of what technology promised us.
TV has no purpose connecting to internet in the first place. But that's the reality now. It's more or less guaranteed that this slippery slope will lead to TVs that won't start without an internet connection - and only such TVs soon afterwards.
It won't disappear because it's a different market. A digital signage display is a large computer monitor. It has a remote, and typically also an RS232 interface to communicate what is pressed on the remote (as an alternative to HDMI CEC).
but not everyone wants/is capable of buying a 150lb NEC tv made to resist vandalism and such, they just want a flimsy plastic panel that takes hdmi from their laptop and pushes it to an appreciably large 1080p panel
If you are big TV brand player, the way it works is you go to a contract manufacturer and say you want to do a TV. They will tell you what options you have – what sizes, features, quality levels etc (configuration) and at what price they will sell to _you_ at different order volumes and the timelines for them to deliver to you. The offer you get will not be same as the offer they make to a bigger player who is a more favored partner to them. They will tell you if you become big, you will get better deals. You come back home. Then, you do your market research and decide where in the market's price/feature/quality curve is an opportunity for you today and what is your 10 year strategy to become big. Then, you also find out someone is doing a higher quality product but somehow pricing it lower - they are cross-subsidizing it. In the recent decade that has been through data/ads deals. Then, you study what happened to those players who didn't do data/ads deals and launched the product at actual the price with some decent margin built-in. They didn't do so well. Consumers cared more about feature spec and price deals than about data/ads fine-print. A lot of the features are to do with software OS. Then you discover that the software OS vendor has lock-in contracts with the contract manufacturer. You want to use that manufacturer who has great quality TV hardware components, you don't really have a choice but to use that software vendor's OS that comes baked into the TV by the manufacturer and let them take your customer's data forever. That's the current world we are in.
I remember, aged 10 or so, my fellow schoolkids thought we should get paid for going to school because it was "work".
Around this point, same school but not necessarily the same year, someone else in the class thought I'd ripped off their idea in the classroom and that this was a copyright violation.
Now?
Now I understand that the work done at school is not a product, it's at most an extended pre-interview test much like a code challenge (not that literal code challenges were really possible when I was 10, given a decent C compiler would've cost something like 2 week's pre-tax income).
All I can say is that in the modern era you have to lead by example. Run Linux and Firefox. Use the services from the tech giants as little as possible, you won't be able to eliminate them, but you can minimize the amount of money and attention you give them.
Tell other people.
Contribute. If you work long hours, give a little money to FOSS. If you have spare time, spend a bit of it contributing, doesn't need to be a lot.
The timeline in the link is not set. The tech world has been disrupted many times, if it hadn't been, we'd all be on IBM mainframes and typewriters or something. There is no fate but what we make. Very few people are aware enough to show up on this website and read this thread, so it's on you to do something. If you're reading this you are the resistance.
I'm hugely thankful someone highlighted this conflict - that our property law has largely been eroded by contract law - in a nice pull quoting from Web scraping for me but not for thee.
It's abhorrent in extreme to strip away the rights of the citizens like so. Our ability to experiment with the world & explore the things about is fundamental to maintaining the human spirit, to keeping us homo sapiens.
>In the before-times, when you bought something, the seller relinquished all claims to it
and also, all responsibility for it. in the more recent "before times" that you're probably talking about, most things you bought came with a warranty, and if you did unapproved things with that product you would void your warranty. that's what the "warranty void if removed" stickers mean. and yes, when you buy consumer PC hardware there's all kinds of stuff that you can't do with it if you want to keep your warranty.
This hasn't really changed, we just expect more continuing service from our products now, so the list of conditions to recieve those ongoing services from the seller has increased. if you want to buy something and receive no warranty, no software updates, no bugfixes, no cloud sync, no remote access, or all the other modern conveniences, then yeah, you get to do whatever the fuck you want with it.
> So accustomed to exploitative corporate gaslighting, we're forgetting the basics of civilization, like, what are ownership rights?
...
> Stallman was right: if you erode the norm that you control your own software, you lose the hardware, too. Free software is sort of a consumer right that enshrines what ownership of computing hardware means.
The teeming masses praising Steam for cutting out the middleman seem unacquainted with the first-sale doctrine.
I think it is notable that all the stuff that happened is fairly minor and all the stuff that is going to happen is going to economically devastate anyone who brings it in. Freedom does amazing things for an economy.
VPNs wont be outlawed. But they will be KYC and backdoored encryption - so like an typical internet service provider. VPNs are used all the time in the cloud for legitimate reasons so outlawing is impractical (like outlawing a kitchen knife)
> 2027: Non-WEI compliant websites are marked as "insecure" by Chrome and Safari. Accessing them requires confirmation through a "yes, I accept the risk" dialog box.
Did I misunderstand WEI? It's an API a website can use to confirm that a client is "authentic", so shouldn't this rather be "Goodle/Apple/Facebook/... drops support for Non-WEI compliant browsers".
You could argue for "Websites that don't validate client's WEI compliance are marked as insecure by Chrome". But that's a stretch, your version makes much more sense. The real fear is that if WEI happens, in 10 years banks and major websites will reject non-blessed browsers and OSes. All for the user benefit, of course.
Think of it as a way for Google coercing websites into implementing WEI.
Any site can be marked as insecure if it doesn't block non wei compliant devices.
You may ask why does that make a website insecure? They can give any number of reasons that can be silly, made up or outright lies as long as they are able to convince larger public.
For example, they can claim that a site that allows shady(read wei non-compliant) clients is more susceptible to hacking and can be a threat to your data and your devices as well. Therefore it is insecure.
This may come across as silly to techies, but it can sound reasonable to people who don't understand the web in general.
> Think of it as a way for Google coercing websites into implementing WEI.
And why exactly do you think they'd want to do that? What do they gain from it? What do you even think the WEI is that you think this motivation makes the tiniest bit of sense?
> What do you even think the WEI is that you think this motivation makes the tiniest bit of sense?
First let me add some snippets on what the authors of WEI think can be gained from it:
* This is beneficial for anti-fraud measures. Websites commonly use fingerprinting techniques to try to verify that a real human is using a real device[1]
One of the proposed use cases: Detect non-human traffic in advertising to improve user experience and access to web content* [2]
Another snippet :
we could standardize the set of signals that browsers will receive from attesters, and have one of those signals be whether the attester recommends the browser for sites to trust (based on a well-defined acceptance criteria). As new browsers are introduced, they would need to demonstrate to attesters (a relatively small group) that they pass the bar, but they wouldn't need to convince all the websites in the world [2]
This is clearly an attempt at gatekeeping both web client software and the clients themselves.
> What do they gain from it?
I think we can agree that Google is primarily an advertising and search company. One of the threats to Google's revenue as an advertising company is ad-fraud and this 'anti-fraud' measures protect their bottom-line. Another threat is ad-blocking and though they don't explicitly mention it, the WEI "bar" mentioned above can potentially be used to prevent ad-blocking by denying attestation to clients capable of ad-blocking (either directly or by allowing plugins).
Client attestation also prevents bots(both good & bad bots of all types including new search indexing bots) from accessing websites. This has a nice side-effect for Google that it restricts building a new search engine(a competitor) without its blessing. Search is a gateway to Google's advertising.
> And why exactly do you think they'd want to do that?
Like any product that any company introduces, it is to drive adoption? The more websites use it, the more normalized and legitimate WEI becomes. Once it becomes a standard and an integral part of web, it is easier to dictate terms that keep their position entrenched.
We can argue whether ad-blocking or bots are good or not and whether these concerns are all pure speculation or hyperbole. But once the technical capability is there and it is only the ethical/moral belief of corporate executives( and probability of government intervention) that prevent it, I wouldn't trust them to do the right thing especially when money is involved.
Ok, so I think below are the only parts of your reply relevant to the "force every website to implement it" idea:
> Client attestation also prevents bots(both good & bad bots of all types including new search indexing bots) from accessing websites. This has a nice side-effect for Google that it restricts building a new search engine(a competitor) without its blessing. Search is a gateway to Google's advertising.
Um, no. Let's imagine a world where Chrome starts warning about "websites that don't support WEI". What does that actually mean? At most it'd mean warning about websites that don't request an attestation. It cannot possibly be a warning about how the website uses the attestation, or whether it even uses it. So in this world where you imagine that Google Search can attest that a request is coming from their crawler, and every site in the world has been strongarmed into requesting an attestation by the mustache-twirling villains at Chrome, nothing about crawlability by smaller search engines has changed. Other search engines can provide their own attestations, and the sites can choose whether to trust them. Websites can choose to ignore the attestations entirely.
> Like any product that any company introduces, it is to drive adoption? The more websites use it, the more normalized and legitimate WEI becomes.
Normalized and legitimate in whose view? Why do they need that legitimacy? It's normally an invisible feature to the users. If it ships in Chrome and is available for Google to use for protecting their own properties against abuse, that's all they really need. They want to make the mechanism available for other sites and other browsers, but not because that third-party adoption is particularly important.
The reality is, anyone with an anti-abuse problem will be delighted to have this signal available, especially as the browser fingerprinting surface will keep shrinking over the next few years. There will be no need to coerce sites to use the API.
It's just a really stupid idea. High visiblity, absurdily high risk of a backlash (having it be a security warning would be obviously untrue), and all for literally no rewards. I will happily take a bet at 100:1 odds that this prediction will not become true. It will not happen by 2027 like the author thinks. It will not happen by 2033. And if that's really the most realistic threat to digital freedom that you can envision, we're in a pretty good shape.
Any random website can implement WEI, using it as a means to deem a website "safe" doesn't make much sense. You could use a list of "trusted" domains for that to mark websites as "safe". WEI's intention/threat is to kill smaller browsers that refuse to implement it.
> Youtube, Gmail, Spotify, banks and a few other major websites start using Google's WEI API for internal user reputation scoring, forcing non-compliant browsers through more captchas.
I can't even read scientific journal articles (on their journal sites) anymore because the big publishers are putting themselves behind cloudflare walls that just don't work in any browser I try. Pretty much my only access these days is waiting years for it to get on sci-hub or in some of the sciences, finding it on arxiv.
466 comments
[ 3.8 ms ] story [ 225 ms ] threadLuckily the single point of failure is the store, so it requires one law to fix.
We don't mean anonymity. Acting in secret is not freedom - acting openly and not being persecuted or prosecuted is freedom.
The solution is what it is in real offline life. A regulated legal framework that allows most and limits little, a open dynamic culture that accepts diversity and constant change.
If we are worried that digital freedom will be taken from us, without anyone noticing, we should be worried about all our freedoms - and the solutions are still the same - democracy, voting, making a noise, agitating our neighbours.
" Let governments be governments"
As banks and governments move critical parts of their working online, it becomes harder to not use their online tools. If I'm not free to use the tools I want to do so, my freedoms were infringed.
https://en.m.wikipedia.org/wiki/Begging_the_question
I mean my face is of course my fortune, but it is also my username. A frankly it's a username I have been using a lot longer than 'lifeisstillgood'.
my analogy is that one upon a time we were all walking dow the street in Victoria London during one of Sherlock Holmes "peasoupers". Only people who got up close to you could see what you were doing and even reognise you. But technology has cleaned up the air. Now anyone can see from who knows how far away. The privacy we thought we had because of the peasouper is revealed to be a mirage, we were always walking around naked, it just was harder to see.
We can simply accept this, or far more likely find a cultural consensus. Privacy can be violated for the public good (hunting offenders, medical epidemiologists etc), but otherwise you are not allowed to use the knowledge you have to exploit or influence. No adverts based on prior activity, no Cambridge Analytica creating ads just for you.
We are heading there. That Facebook and amazon more or less publish every ad campaign is incredible - imagine trying to persuade parliaments in 50 countries to pass that sort of legislation.
We are a long way from that "cultural consensus". We will probably get halfway there in the grey areas - like facebook deciding to publish all ads. The British politician Nick Clegg is likely able to make more influence globally at Facebook than if he became PM.
But we are in the culture wars, and we need to fight. The law, the application of the law - these matter online and offline.
So vote. And vote in primaries too because that shapes so much.
(Weird idea - Oz has compulsory voting to ensure votes reflect "everyone". What if we had compulsory political party membership so that parties and primaries reflected the population ...)
You are on the right track to influence who is on the ballot for a particular party. Last time in PA the Rs put up the Dr Oz with lukewarm conservative values. The R voters in PA were so underwhelmed that the D with literal brain damage was elected. Also, States with a caucus process give people who show up to caucus enormous influence of which names the party will put on the ballot.
> What if we had compulsory political party membership so that parties and primaries reflected the population
We could allow for more representative government in the federal House of Representatives by allowing the House to expand with population, as was written in the Constitution. The census was to count the people to expand the House to track population growth.
Without this, the next best thing is anonymity which is simpler to enforce and covers future eventualities.
>The solution is what it is in real offline life. A regulated legal framework that allows most and limits little, a open dynamic culture that accepts diversity and constant change.
The real offline life where people can be punished in the US for aiding abortions? Or where homosexuality is illegal in many countries? Or where people conflate a mental disorder (paedophilia) with a criminal act (child sex abuse) (intentionally edgy example to highlight the edge of what's acceptable).
>and the solutions are still the same - democracy, voting, making a noise, agitating our neighbours.
This is good advice for the Belarusians with bloodied faces and no change. Or the million people who marched against the Invasion of Iraq.
Double down on democracy. It's hard complicated and messy. But there are no silver bullets.
Look Brexit was shit. But it was democratic shit. 20 million people did not get tricked by their Facebook feeds. Hell 20 million people did not get mind controlled by Nigel Farage's "I'm just sayin" approach.
20 million people were asked "the country is run by thousands of highly educated, slightly patronising, articulate, over-achieving technocrats who want the best for everyone and frequently find the laws of unintended consequences bite and have not yet worked out that not everyone lives in leafy surrey. Do these people annoy you? vote now"
Oh hell I don't know why 20 million people voted for economic and cultural self harm. Because we aren't sharing out the wealth properly I guess. But it was not because "we were tricked". It's because "we refuse to accept the model of how the world works thet you are operating on and want to use ours. The democratic version of Adam Savages "I reject your reality and substitute my own"
The problem is without an agreed reality to substitute everyone put in their favourite untested political world view.
So why did you vote and why do you think it's a good idea now ? (honest question)
Sibling post said it best: if you think you're immune to the trillion dollar brainwashing industry then you're fooling yourself.
So, if I openly state that I do not acquiesce to any government (all external force is immoral imo) - does that mean I am now free, and no longer subject to its laws, pay taxes, etc?
So, I don't think your definition of freedom cuts it. Any answer that assumes 'government' as part of the answer, and justifies acting with force against others, has to be wrong (immoral).
Far better to follow the golden rule:
Do not treat others in ways that you would not like to be treated
I think that does it.
Yes we need government. And these days we need government to roll up its sleeves and be government. We know you cannot arrange the bread delivery for London through one department but you can force privatised water companies to invest before dividends over periods of decades.
Put simply you think anarchy is a political philosophy. Whereas anarchy is a moral position - it advocates for free association with others - ie no force.
The fact is that it is not morally acceptable to force others to do what you would like them to do, if they are not harming you. You wouldn't force your neighbour/friends/family to do what you say, if they are not harming you. But you consent to government using immoral force to get others to do what you want (steal money, enforce certain behaviour, etc, etc). In fact you think we need something like a dictatorship to wield even more force even more overtly. I think you will get your desire, unfortunately, as most people agree with you.
And I believe in actual government - government that builds roads to deliver food on, government that agrees ways to make researchers to discover medicines and hospitals and nurses to inject them, and governments that force companies to label their food with their ingredients (or their ISP adverts with their fees). I call this real government. not the arguing fools on TV. We can argue how much much of it is too much. We are. But I refuse utterly that "doing real government" is immoral, that any attempt to agree common standards is tyranny.
I believe that the real moral failing is to chip away at real government so much that services collapse and harm is done to real people. We can look at failed states like Niger or Haiti in horror, but we can also look at the mismatched life expectancy across our own rich countries and ask why?
I reject the idea that we can roll back government so much we can lose driving licenses and just be more careful out there, that we can ignore food safety standards and just look at the restaurant kitchen carefully. I reject libertarianism because it knows as much about the real world as central command economics.
I want government run on empirical data with justice and equality at its heart.
I am happy to accept the grey areas, will stand up for democracy will argue we can always do better. But buggered if it's because I secretly yearn to control your life.
You're asking for technocracy, and this is what is lined up already - you might wonder whether you are being engineered. All those cameras, smart phones, smart meters, legislation, facial recognition, etc - this is to allow micro-management at the most granular level. It's all quite far from freedom indeed, which is where this conversation started. The global governance structure is already fascistic (corporation and the state work together). I'm not a fan of the forced tyranny that's in store for us - once we've got it, I suspect you'll change your mind too.
Is that technocracy? Maybe. Is it something easy to explain - yes. Is it something for some reason is not explained fully and at length? Yes oddly it's not.
No, you believe in _utopian_ government, which is not actual government. Actual government is what we have right now, in reality.
> I call this real government.
https://en.m.wikipedia.org/wiki/No_true_scotsman
So yeah i think there are things a real government does and does not do. That is not utopian, it's not naive. it's here and now and rooted in practical real world examples.
Whatever you or I dislike about the governments we live under, we are incredibly fortunate to live in democracies- where we can force the buggers up and to the right. Make them more utopian more free more open.
We don't live in democracies. At best we live in a 'representative democracy'. These are not the same thing, at all.
Representative democracy is where (if we vote) we choose 1 person every 5 years to represent tens or hundreds of thousands of people, for thousands of votes. If the person you vote for does get in, but doesn't do what he said in their campaign, there is no negative outcome for them. The worst is that they will receive less votes next time, but even that unlikely to be based on their voting record, but on whether more people prefer blue or red this time.
But all that is itself moot, imo. I think we live in a not very covert fascist (corporate and state) regime - voting is simply a pressure release valve, when both red and blue are merely wings of the same bird.
Plainly, most people disagree with you. They find it perfectly acceptable to force others to (not) do things.
> if they are not harming you.
The fact is that people do not agree what "harm" is.
To pick an obvious argument, many people oppose abortion under _all_ circumstances because they claim it harms the offspring and the mother, while many people support abortion under _all_ circumstances because they claim forcing a woman to carry to term harms the woman.
How do we handle situations where people disagree on the definition of "harm"?
Freedom is what 'the bad guys' want, so good people must do everything they can to destroy it.
Your framing is really just right in line with the bog standard authoritarian pattern of redefining "true" freedom as something that can be comfortably tolerated and/or further chipped away at down the line.
Of course what you say (and do) affects how others perceive you. Just as Uncle Jim drunkenly announcing over Xmas dinner how that Hitler guy had a good plan will affect how everyone sees him in the morning, your twitter feed will have an effect on how your neighbours talk to you.
That's a good thing 99% of the time. Social strictures have been how humans managed society for thousands of years. It can lead to terrible things of course - but we like to think we have built systems of justice and governance to overcome them.
But suddenly making everyone invisible and able to speak and act without consequences seems a bad idea in the real world - i am not sure why it's a good idea online.
From there it follows that it is indeed a proper freedom to be able to communicate while limiting the scope of who is privy to that communication, including limiting what can be attributed to some singular inescapable "identity". Saying that preventing this is "a good thing 99% of the time" is a baseless assertion. While this may appear similar to how social strictures have been managed for thousands of years - that's thousands of years of oppression of individuality and persecution for deviating from the herd. The West has overtly bucked that vein of collectivism, which I'd call progress.
Furthermore what you're invoking as some open-and-shut traditional state of affairs was anything but. Witness the concept of hearsay - where party B claims that party A has said something, ostensibly so that others will judge party A for it, but modulo B's reputation. Digital communications render hearsay moot - the default result of party B being able to prove to themselves that party A said something, is that party B can also prove to anyone that party A said that thing. Hence the need for the cryptographic property of repudiation, as the physics of digital information leaves no ambiguous middle ground.
>2030: The market share of ARM-based Windows machines overtakes x86_64.
Yeah, they wish...
Yeah no, would be a direct violation of DMA at that point[1]
[1] - https://digital-markets-act.ec.europa.eu/index_en
Its enough incentive to kill third party app stores for the vast majority of people.
Staying within the letter of the law is pretty easy.
Personally I think a better approach is to push the phrase "right to recycle and repurpose" as much as possible. People get that. Everybody personally has seen the unsettling amount of e-waste that passes through their ownership and into a landfill somewhere.
Right to repair isn't enough, because these restrictions don't block you from keeping things working the way they did when you bought the device. Recycling and repurposing is something everybody can understand. It answers the question of "wait don't only evil hackers care about that?"
Not even close to true.
https://www.vice.com/en/article/43jywd/why-tens-of-thousands...
>it just means that only Apple can recycle them. Which would be a problem
>Which would likely be true anyway due to how integrated the components are. You don't need Apple to melt down gold
Widespread activism could make a difference. If it becomes a major point of contention in elections, that could make a difference. These don't happen 'by default' though.
There's a general willingness to trade incremental freedom for security in many arenas but ascending that gradient is a hard sell
And it's important because without due diligence, you get snake oil, Rush Limbaugh, anti-vaxx, and other such bullshit from some rando's wild ravings that people just latch onto out of laziness and familiarity. Could you imagine if court cases were held by such standards? Or if elections could be overturned simply by a president's unsubstantiated assertions?
Nah, the whole point of kernel_lockdown and uefi attestation is so they can roll out WEI without having to do this.
Of course compiling your own kernel, or doing anything else interesting, will break the WEI checks as well as break most of the web...
I'm looking at you, vivaticket, booking, and many others I can't keep count of
And of course: we owe it to the web to use Firefox. The Chrome clones are only stalling; not counteracting the impending monoculture even one bit. It doesn't matter how fancy their marketing is.
There are many browsers, many apps, many everything... you can switch whenever... but the DRM and attestation pushes with browsers (and mobile devices) means, that sure, you can use a different browser, but your bank, your streaming service, your newssite might not work unless you're using chrome with drm and hardware attestation. This is already true with many banking apps, where you cannot even start the app on a rooted phone, a phone with an unlocked bootloader or even just a phone that's "not on the list".
So yeah... google is the silent killer of the "free interet" and te world happily follows... sadly.
Edit: and by switching i don't mean going to some tinfoil grayweb nonsense. Go to their direct competitor.
The banks don't need your money.
Indeed.
> If even some 10-20% of IT professionals (with salaries to match) up and leave for a less shit bank, trust me, they will care.
That's an impossible number of people to coordinate on something like this, and even if, I doubt banks would care. There exist no less shit banks, and retail is a rounding error anyway.
Banks aren't shit because of incompetence or a not-give-a-damb attitude. They're shit because it makes them more money, both directly and by reducing risks.
If your bank account gets drained and you'd made a big song and dance about how you selected that bank specifically because it had less security on its mobile app, well, nobody will have any sympathy for you.
If your bank is equally secure but uses dedicated hardware devices instead of smartcard readers, then all you did is swap one bit of secured hardware for another, making your life less convenient and in return for what?
A bank has to know it's communicating with the real human who owns the account and not a hacker. It's going to achieve that one way or another. You'd be much better off accepting the tech and finding ways to achieve your goals within it, like by setting up a project to maintain whitelists of known good/secure OS builds. You can then make libs that wrap SafetyNet and eliminate the false positives. Even if banks don't start using it anytime soon, other smaller companies might and it's a place to start. Of course the fact that virtually nobody cares about custom operating systems to begin with is the biggest hurdle you'd face, not the tech or business requirements, but that is partly on the OS developers. You can't complain nobody cares about if you're not giving anyone a reason to care.
If my phone breaks or is stolen, I can’t actually buy a replacement phone now, as that requires spending money, which requires 2FA which requires my phone.
Some banks are phasing out code cards or SMS verification for 2FA, and the only way to get the second factor for logging into the online banking website on your computer, is to use the bank’s app on your phone.
This is utterly false. Yubikey, TOTP-based solutions, there are options. It is a choice by the businesses to not implement those options.
A mobile phone app can let users "deposit paper checks from home" without ever driving to the bank branch by taking a photo of the check with the smartphone camera. Last time I looked into it, a desktop website couldn't enable check deposits with a webcam. (EDIT: I don't mean technically not possible. I meant that the banks deliberately chose not to have the websites utilize desktop/laptop webcams as an alternative to smartphone apps.)
Smartphone bank apps also have "push notifications" to immediately alert you of suspicious activity on your account.
But if one never uses the extra features that smartphones bank apps enable, then yes, desktop bank websites can be seen as perfectly equivalent.
I really want a general-membership credit union with stellar technology, but I haven't found one yet. Does your credit union by chance offer open membership?
"Suspicious activity" is such a bad strawman argument, i'm not sure how to address it. "Just thought you'd want to know your money is gone, lol." Either you do N+1 factor authentication for real, or you just shouldn't bother. Browsers have had push notifications for quite some time now too... so even if it was a worthwhile feature, it doesn't need an app.
Of course, a bank should be able to send you a text on the service of your choice. But they won't.
True, but the key word you used is "most". E.g. My home insurance refunds an annual dividend back to me and their method to pay me is paper check. Not an electronic direct deposit, nor a VISA giftcard, nor even a "credit" that can be applied as a discount off year's premium. It's a paper check.
>So of course it _can_ work just the same there.
Sure but that's talking in hypotheticals. Today, I have the reality of a paper check to deal with and Bank of America and Chase websites do not have options to upload images of checks for deposit. (Chase does have a paper check scanner option that doesn't require mobile phones but that's only for commercial accounts: https://www.chase.com/business/banking/services/quick-deposi...)
>"Suspicious activity" is such a bad strawman argument, i'm not sure how to address it. "Just thought you'd want to know your money is gone, lol."
No, you misunderstand. The better banking smartphone apps will require interactive approval from you to allow a particular suspicious transaction to happen. This prevents your money from being gone. (Example screenshot: https://www2.bac-assets.com/online-banking/spa-assets/images...)
> Browsers have had push notifications for quite some time now too...
No, web push finally came to Safari in iOS 16.4 which was just a few months ago in April 2023.
From the tone of your reply, it seems like you'd rather be argumentative instead of acknowledging that bank apps have some extra features that's convenient for some users.
Why not?
My bank only allows me to do Zelle (instant p2p money transfer) via app, not that a browser would be incapable.
My HOA started mandating Zelle as the only way they will accept payments. So now it appears that I have no choice but to use a device that supports my bank's app if I want to avoid getting a lien put on my house.
Or there should be the option of opening another account, at a less tyrannical institution, to use for those payments.
Let me tell you how that tends to go down in the real world. The HOA doesn't have a physical office or anything. It's some random address and random suite. Maybe it's a document processing company or some other third-party processor. There's some non-trivial chance that some $15/hr kid who may or may not have been raised right is opening the envelopes and feeding the contents into a scanner.
So I stuff my HOA dues in cash in an envelope and then go down to the post office to stand in line and get it delivered certified with a return receipt. I get the return receipt. Then the HOA puts a lien on my house. I say, "But I made the payment on time!" Then they say, "Naw-uh." Then I say, "Sure I did, I sent it in cash and I have a return receipt." They say, "We have no idea what you're talking about."
<sad trombone>
> Or there should be the option of opening another account, at a less tyrannical institution, to use for those payments.
How can I find out which ones let me use Zelle through their website? I don't trust anyone I can find at a branch or on the phone to give me the correct answer, because chances are they all personally use the phone app and really have no idea. I guess I can start opening up random accounts with random banks until I find one that works. For now.
I think we're missing the point entirely by talking about cash and hopping around banks and all that. The point many people are trying to make here is that life is already being made unreasonably difficult for those of us choosing to use Libre computing platforms, and there's a plausible reality in the future where choices go from inconvenient to scant to nonexistent.
No message, no nothing, just close the socket.
But this bank routinely violates EU directives so I'm sure if there's a rule they don't care about it.
You’ll end up with a fork of Chromium/Blink that doesn’t have WEI. And it will be used to surf web sites. While the official browser from Google would be used to access sites that require WEI attestations. Just like the Bank of America app would.
Corporate power in pushing Chrome for everything can be limited if we have open source alternatives. Look at Firefox and what it did to M$IE, which had the full power of Micro$oft behind it. That only happened because Netscape chose to OPEN SOURCE their code base. They couldn’t beat IE on their own, but the open source community could.
Well, that and WebKit, which was basically adopted by Apple (Microsoft’s competitor) from another open source browser, Konqueror! And that led to Chrome, Chromium and Blink etc.
In short — open source is the best way we can check corporate power on the software side.
On the hardware side, it’s far more difficult, and if the vendors choose to ban any “unapproved” apps (eg requiring Safari WebView rendering engine in all apps on non-jailbroken iPhones) then the best tool we have is government antitrust laws. Maybe one day, in that area too, open source hardware will be the people’s best weapon. But not today :-/
I mean sure, you can just not-use those services and not chat with everyone else, but that's a bad solution.
And the rest of the web can be accessed using the fork of Chrome
What’s the big deal? People have been using Popcorn Time to view movies that they couldn’t access, and so on.
Which means that every service in countries where Huawei has major market share definitely can't require Google anything.
Not if one doesn’t want to end up supporting Chromium in any way. Which one shouldn’t if they believe “chrome and google in general are the first in line to cause problems”.
On macOS, that leaves essentially Firefox and Safari. Except Firefox has no support for AppleScript so it’s excluded from a ton of useful automations and is thus not suitable as a daily driver for many people. So Safari remains. And Orion, which is also based on WebKit. Both are closed-source.
There are indeed many browsers if all you want to do is display webpages. But as soon as you have any hard requirement, be it ideological or technical, the choices drop dramatically. Unless you don’t mind supporting Google, that is.
It is actually Google's Blink that split off of WebKit, not the other way around.
they have 25% of the mobile browser market share.
The web lost. Now it's just a transport layer for mobile app API requests.
It seems they have gotten inside your head. If services are no longer that, but "apps", then of course people lose sight of the problem.
And as you are already on to, not all web apps are cloud. What can be on-device webpages (e.g. routers) should be.
If a company is going to be gating their API behind some proprietary shovelware anyway, I would rather they write it in a plaintext scripting language (JavaScript) that runs inside a free software virtual machine (Firefox) which lets me intercept and control it.
*Yes, "program". How I hate "apps". Perverse term.
Companies continue to encroach on what should be basic freedom to do network management. It's entirely intentional; to the point that I've about accepted there's a high-level of society push to enact as many barriers to reasonable liberty as humanly possible, all in the name of "Public safety" or some other transparent on further examination excuse.
Mozilla is hanging tightly on the Google's tit though. It won't be shocking to see Firefox deteriorate rapidly should it start gaining ground on Chrome. He who pays the piper calls the tune.
Which is why we should shame every one of us that does do it.
I don't tend to have the issues people are describing using Firefox for banking, paying bills, etc. And when I'm shopping for something at random and looking for the best price, if one site I've never heard of doesn't work (typically Cloudflare) I just go somewhere else. But Verizon reworked their back end within the last month, causing UBlock Origin to SCREAM (over 2000 blocked scripts and counting when all was done), although the real trick was spoofing as Chrome because until then only the page headers and footers would appear, not the body with the "Pay my bill" button. Opera was even worse, so somebody screwed up something badly! I was chatting with support all this time and they logged at least one ticket.
Thinking through the "public shaming" bit, if the issue reoccurs next month, I'm going to the Better Business Bureau. While they can't guarantee a resolution, it is a very simple way to publicly shame a company doing wrong.
Long term, I'm thinking we need to add "user agent" to the list of "protected classes", i.e. gender, race, sexual preference, etc. to really hammer the point home. While it's just a piece of software, there is a real person behind it. Bots need not apply. And from there perhaps a law or FTC rule to state that public web sites must be accessible by the public.
I do wish the EFF would take up this cause.
Just forget about that. If you don't, I'll take the google software engineer salary and build it.
The issue is not technological, it's a natural outcome of how people work on and individual, and on a societal level. Regulation is the closest that can affect this situation, but as it turns out, no large entity has the same goals as "the people" - hence, I'm not holding my breath. I am using Firefox and other FOSS software though, and contribute back what I can, donations, bug reports. It's a nice privilege.
The Stallman movement failed because it was not practical for business applications. At the end of the day, coders & hardware manufacturers need to eat just like accountants, plumbers and doctors. Technology can't rely 100% on altruism.
What we need is something close to the Ethical standards of the Stallman movement, but also compatable with business owners.
These philosophical ethical standards should also be ingrained into VC culture & corporate culture.
The reason why Apple can propose to have something like CSAM, or Google banning someone account forever (Gmail, YouTube et al) because they had images of their naked daughter suffering from a skin disease (to be sent to the doctor).
The reason is that there is no ethical-philosophical compass guiding computer technology.
Tech Corporate MBAs only care about "playing it safe". I find them disgustingly spinless.
Until we have this ethical-philosophy developed, I only expect technology to used as a tool for manipulation and control.
Citation needed
But answering the “it failed”. Not really. It exists and is a choice on most license dropdowns and is a famous one.
People should really default to GPL rather than more permissive licenses and hot take… should also default to closed source. And make open source or non GPL a conscious choice.
The reason is GPL gives you more ability to commercialise since it gives you the copyright holder more of an edge over let’s say Amazon Inc who has decided to accept your license to bundle it with a cloud service and extend it. They are obliged to release their source code to their customers.
That Ballmer called it a cancer is a great accolade.
Close source as a default because it is a one way door publishing the code on the open web. So you are protecting your own interests. You owe the “open source community” nothing and should exploit your IP as much as anyone else, and use GPL to allow people to “fix the printer” if they need to.
Not if it's GPLv2 or non-AGPL - and even then what you're describing is the opposite of the underdog-moral-problem a lot of smaller cloud services or database/infrastructure providers are facing whereby Amazon (et al.) simply offers your product or service as their service, which is allowed by all versions of the GPL because Amazon doesn't care about the source-code: they care about charging a premium for access to a hot open-source project without contributing anything back to the actual project maintainers. That's (unfortunately) an argument for going closed-source, or at least having to reserve copyrights/licenses for operating the software as a service for another company.
I imagine it's like being Sherlocked by Apple, except Apple was using your work all-along.
https://www.fsf.org/resources/hw/systems
https://ryf.fsf.org/
The peak of GPLd software was in the late 90s/early 2000s and since then the base of GPLd code has shrivelled. I can't remember the last time I encountered a library or program in my work that was even LGPL licensed, let alone GPLd, with the exception of some very old programs like the Linux kernel and a few bits of the userspace (plus Java's weird GPL+exceptions thing). These days almost everything new is Apache licensed or similar. Just browse around GitHub for a while and see what I mean.
Also:
1. The Linux kernel, the last bastion of Stallmanist philosophy, in reality has succeeded by not actually enforcing the GPL thus treating it more like LGPL or Apache2 in practice. GPL violations are rampant and rarely does anything happen. They also very publicly refused to switch to GPL3.
2. The most popular Linux based OS is Android where Google rewrote the entire userspace specifically to avoid the GPL, and then also created their own driver layer, again, to avoid the GPL and the Linux approach to technical "enforcement" (constant API churn).
3. The most popular UNIX based desktop OS is built on FreeBSD despite losing technical features, specifically because Apple refused to countenance anything GPL or FSF connected. The few dependencies they started with (like gcc) were rewritten into new BSD-style licensed codebases like LLVM at vast expense.
In other words the people who actually build operating systems for a living avoid like the plague anything connected to Stallman's vision or strategy.
It seems likely that eventually the Linux kernel would also be replaced, certainly Google attempted this with Zircon, but whilst enforcement is so lax and technical workarounds so numerous there isn't much reason for doing so.
I don't know what line of work you're in but this seems quite unlikely. GTK and Qt are both LGPL (and GNOME and Plasma are GPL). WebKit's JavaScript engine is LGPL. MySQL is GPL. Blender is GPL. Arduino is AGPL. GCC is GPL. Bash is GPLv3. It's hard for me to believe you use the Linux kernel without touching any of these.
GPL is wildly popular. It's losing ground, yes, and you correctly identify a primary reason why: commercial software companies correctly see it as a threat, and are fighting it in earnest now. It is a threat. It was designed to be a threat. The purpose of the GPL is to create a self-reinforcing free ecosystem that outcompetes the balkanized proprietary hellscape that preceded the free software movement. At this, it succeeded beyond any reasonable imagining.
A lot of the revolutionary spirit has left the free software movement. We are currently in the "good times create weak men" stage of the cycle. People who grew up in the garden of Eden created by the free software movement, who take it for granted that the popular web browsers are open source and Microsoft releases cross-platform IDEs that run on Linux, don't appreciate that the current state of affairs was wrought over decades by the kind of people who spelled it Micro$oft and were willing to tolerate their computers only half working in order to avoid proprietary software of any kind, on principle.
But make no mistake, we are still at war. The big corpos know it, even if they've managed to fling enough bread and circuses to fool some into thinking we're all one big happy family now. Giving up on the GPL is how they win, and we lose.
GPL isn't wildly popular by any possible definition of the term. It was more popular in the past which is why there's a base of software that still uses it, but find me new projects written in the past 10 years that are GPLd. Especially if you look at language ecosystems like JS, Python modules, whatever. Very little GPL there.
The purpose of the GPL is to create a self-reinforcing free ecosystem that outcompetes the balkanized proprietary hellscape that preceded the free software movement.
Well in that case no, it utterly failed. Most popular client operating systems today: Windows, macOS, iOS, Android. Only Android uses GPL components, only the kernel, and the hardware is typically proprietary with no portability anyway.
Most popular server operating systems: AWS, Azure, etc. They use the Linux kernel to provide your software with basic services like TCP/IP and timeslicing, but otherwise these are fully proprietary platforms with their own APIs, own filing systems, and which you can't even run locally at all regardless of how much you're willing to pay.
GPL's influence had its heyday and peaked a long time ago. It isn't a threat to anyone because it has been universally rejected by the current generation of developers. Hobbyist hackers use Apache/BSD licenses, just as corporate hackers do. Neither support the principles of copyleft, and even when code is released under those licenses Cathedral-developed operating systems with no development community to speak of dominate.
BTW, Microsoft release their IDE for Linux because it costs very little to do so and Linux is no threat to them anymore. The world moved on, Azure is the new Windows and people struggling with Wayland are fighting yesterday's war.
10 years ago, I couldn't have done my job without Windows. Now I can do absolutely everything using Linux. IMO, people who are still on Windows or Mac don't know what they're doing. They've probably just been drifting through life, not really thinking.
> These philosophical ethical standards should also be ingrained into VC culture & corporate culture.
Won't happen. Money always wins and exploiting people on the side of selling (or giving for free) them some stuff is always going to bring in more cash than respecting their privacy.
And I am glad that they are profitable.
Once that point is crossed, they will have to compensate and adapt or risk losing their entire business.
The stuff you read on hn...
Seriously, you think it failed? I think it succeeded wildly beyond anything anybody imagined at the time, to the point that very large entities threw everything and the kitchensink at it to try to make it fail. Which exposed them for the criminals they were.
We don't need anything that is more compatible with 'business owners' than what we've got. What we need is education, so that people stop telling each other that the free software movement failed, but instead point out that without that free software movement the operating system, the browser and the applications on the computer that I'm writing this on would not exist.
Would it be more accurate to say that the Free Software movement is in need for an update, or making next steps, to provide a better outlook in this regard?
Edit: Changed "Stallman movement" to "Free Software movement". I am a FOSS advocate myself, but not interested in deeply engrained notions around Stallman himself.
What needs to be updated is the the knowledge of the users and of the programmers. But we've been co-opted as an industry for the most part by very large bags of money and a service oriented eco-system is the capitalist response to the free software movement.
Doing an end run around that is hard to enforce (see the various licenses that address this loophole directly) without having the backing of a regulator. I see this as a simple swing of the pendulum, which it has done several times in the past regarding centralization and decentralization of computers: single machines -> single machines with terminals and time sharing -> mini computers with terminals -> microcomputers -> networked micro computers -> networked micro computers using peer-to-peer services -> networked micro computers with access to services -> special purpose computers (terminals!) with access to services. So if we want to do away with these we'd need to focus on the technical implementation of federated services that do not require central services at all. One thing you could advocate for is to restore peer-to-peer capabilities of residential internet but the fear of the hacker card will be played to counter that one. But there is also still pressure to push the pendulum one more step to the right: identified access to the internet and without that no service. This may well happen, I would expect a country like the UK or Australia to be first to implement this.
Also note that there is no actual technical driving force behind the pendulum, it doesn't have to swing at all, it could just as easily get stuck. The important common factor between all of the above was that someone (or lots of someones) made a lot of money by driving the swing.
I think what the OP is getting at is that the for-profit tech industry needs something akin to the Hippocratic Oath [1]. As software engineers swearing to a set of 'do no harm' ethical codes could well be a first step to becoming a recognised professional.
I can certainly see a future with a framework like that. If a doctor does something unethical it could affect the life of a few people. If a programmer does it, it could affect the lives of billions - it's not a hard sell that something like an ethical code is probably well overdue.
[1] https://en.wikipedia.org/wiki/Hippocratic_Oath
And yes, we need an ethics framework for the IT industry, but we need liability more than that and I don't think either is going to happen in the next 10 years. Maybe if there is a mass death (> 10K people at once or so, a few 100 doesn't seem to have made a difference so far) on account of a software issue we will finally wake up.
Of course they are. They get free labour and their profits are therefore higher. which is the entire purpose of any corporation, to maximise profits. Being upset about this is futile, it's the artefact of living in a capitalist world. The free-software movement just isn't going to move the needle on that. They can either come up with a licensing model that pays, or get over it.
But really, this isn't about FOSS, it's about engineers everywhere (whether in FOSS or working 9-5 in a software company) making ethical decisions and understanding the impact of their work, on potentially billions of people. Critically, I think having something to point at, "this is the oath I swore to", when talking to a boss, could be just the thing we need.
There is this Order of the Engineer [2] that has their own oath akin to the Hippocratic Oath. I went down the software path so I never really looked into it, but my professors were very in favor of it.
[1] https://en.wikipedia.org/wiki/Engineering_ethics
[2] https://en.wikipedia.org/wiki/Order_of_the_Engineer
Just like "don't be evil"? Which was actually enshrined in Google's corporate code of conduct for some time, and could even believed if you squinted the right way...
For example, you could imagine that once the code-of-ethics is standardised:
* Organisations that employ software engineers will feel obliged to publicly follow it (like they all have to have public policies around things like modern slavery, etc.)
* They would also be pressured to display it on job ads. Because why would an engineer want to work somewhere that doesn't follow the industry code-of-ethics.
* Engineers have something to point at as a reference to what is, and what is not, ethical. Allowing them to not appear be the only voice in an organisation who can see harm being done.
* It could well enable a union of software engineers take industrial action if the code of ethics is being broken. Which would be a PR disaster for any corporation.
At the extreme end, you could possibly see a future where engineers are 'struck off' of the professional body representing us (for unethical practice).
The only downside I see is that ethics and morals are mutable, so it'd be pretty hard to nail down a concrete set of ethics that are effective without overstepping. There are however plenty of smart people in this industry, so it shouldn't be beyond us to work it out.
https://news.ycombinator.com/newsguidelines.html
Somebody needs their memory refreshed. What was imagined at the time is that nearly all proprietary software companies, particularly Microsoft, would have gone bankrupt or bowed to the inevitable necessity to release all their source code to the community under capital-F Free licenses and nearly all businesses that use software would be voluntarily contributing any code developed for their own use to the community also under Free licenses so that their code would help others and others' code would help them.
Needless to say, this has not happened. Instead, FOSS turned out to be an enormous free handout to businesses with very little contribution back to the community compared to the value received. (Yes, even the Linux kernel. If there were contributions to Linux by all businesses that use it that were even a tenth of what Microsoft charges for Windows, there would be a thousand full time kernel developers.) That is failure and developers are recognizing that by turning away from Free licenses to fake FOSS licenses like open core or shared source.
The reason is that there is no ethical-philosophical compass guiding people in the greater part, computer technologists included.
I'm hoping for Cory Doctorow's new book[0] to ignite this discussion.
This is the first thing I've preordered in my life. And despite his marketing being a bit cheesy, I think he might be the right guy at the right time to plant the seeds for this movement.
[0]: https://www.kickstarter.com/projects/doctorow/the-internet-c...
What needs to change is the open-source community's perception of this coexistence as something mutually beneficial as opposed to betraying their own principles.
This hostility manifests in two ways - one is the belief that not fully open software is somehow evil, and shouldn't be supported, and one should always use (often janky) alternatives that are fully open. The second is the constant churn without any thought given to API or ABI compatibility (never mind making the same binary run across versions, even source-level breakage is extremely common), leading to people wishing to ship commercial applications having to package half of the userland with them.
Just because there isn't certainty that it would happen like this, doesn't mean there's not a possible future that looks somewhat like this. Nothing that was listed here seems particularly far-fetched to me, I don't think.
Humans have a lot to learn from the frog. And it's not about putting lids on pots.
There are folks on HN today who weren't alive on Sept 11th, or were in the US but were too young to remember it -- their idea of "normal" is very different from folks who were 20 or 40 or 60 years old on the day of the attacks. That's an example of the "boiling pot".
I remember talking with a college student in the mid 2000s about music and he was excited that he didn't own physical media, and instead had DRM copies and subscriber access to more. He was a "tech savvy" exception then, but the window has shifted and college students don't buy physical copies of music. In another decade, I doubt they'll buy physical copies of movies.
Not all changes are good.
In the before-times, when you bought something, the seller relinquished all claims to it, as an established legal principle (and a social norm and a moral obvious-ity). You can do whatever the fuck you want to your own PC, in your own house! Who would step into your home and tell you "no"?
Stallman was right: if you erode the norm that you control your own software, you lose the hardware, too. Free software is sort of a consumer right that enshrines what ownership of computing hardware means.
If you’re talking about manufacturers making their devices more difficult to repair or voiding warranties based on minor modifications, that doesn’t mean you can’t do what you want with the item. It just means you can’t force the company to fix or replace it free of charge when you do.
This just isn’t true. You don’t have to give Apple another dime to use an iPhone perpetually. Any paid Apple subscriptions are optional for cloud or streaming services.
[0] https://www.apple.com/legal/sla/docs/iOS16_iPadOS16.pdf (the iOS ToS)
(And I think it's noteworthy how that ToS' language bounces freely between "hardware" and "software"; how it fluctuates between "software license agreement" and "by using your iPhone ("device"), you are agreeing to...". Apple hardware and software are fused together: there is no practical difference).
The reason why it remains property of the brewery, is so that they can re-use it when you recycle it. It might be something that's specific for my country, though.
I would call iCloud locking an embodiment of this. It's probably an unpopular example because people seem to broadly like it, but it does demonstrate the principal that the seller retains full control of the hardware and can "repossess" the device. The original purchaser does not receive a master unlock code.
Even if locking yourself out of your device is "your fault", it doesn't alter the fact that at that point only Apple retains control of the device.
Same with bios locks and management engines on PCs.
The idea that possession = ownership is gone. And we're almost all ok with that especially since it makes us a little safer and more "secure". At least until we can't trust Apple, Intel, etc. anymore.
One could argue that the black market value for your locked phone compared to unlocked phone is a proxy for how much you actually own the phone.
Activation locks were required by law to deter armed theft.
> A new report from Reuters found that iPhone theft dropped by 50 percent in London, 40 percent in San Francisco and 25 percent in New York. The drops represent theft activity as measured during the 12 months following Apple’s introduction of the remote locking feature in September 2013 as part of iOS 7.
With iOS 8, Apple made its so-called said “kill switch” active by default, in accordance with California regulation, and that should help the rates of theft continue to trend downwards.
https://techcrunch.com/2015/02/11/apples-activation-lock-lea...
Balancing these goals is not easy, but we don't get to avoid it just because we want "freedom" as an abstraction. It's an important consideration but only one when you put a lot of people with conflicting goals together.
Laws take freedom (as in do whatever you want) from people and give it to other people so the total expected gains are bigger than without the law, pretending that dishonest lawmakers don’t exist (false obviously). Also, all laws are bets on their outcomes and sometimes they go south.
Universal safety and security is pushed almost ubiquitously. Like it's a holy truth. Trumping all other concerns. And anybody who argues for anything else is just selfish or whatever.
Google just decreed that, starting 2 days ago, nobody may distribute software for my phone...
You used to get full schematics along with the electronics you bought.
And by "get", I do NOT mean that you'd have to ask for them.
They'd be shipped WITH the products, on paper. It was a normal part of your purchase, just like the manual.
https://chrisacorns.computinghistory.org.uk/docs/Acorn/Manua... ("BBC Microcomputer Model B +")
There is a circuit block diagram, a PCB layout diagram with all the components' part numbers that I guess you can replace broken ones (?), and circuit diagrams for the power supply and for the keyboard circuit. (starts on page 97) Skimming the text, the manual seems to assume an owner has access to a multimeter, an oscilloscope, and a soldering iron.
(Edit: with the help of the circuit diagram we did make a simple mod to one of the output ports of the device)
Planned obsolescence was one natural outcome that we ended up with. An electrical engineers I know told me how designing a CPU that would last a lifetime is relatively easy compared to designing an equipment that will fail only 5 years from now, but not earlier.
I wonder if there was a way we could take the other path. Keep manufacturing solid, long lasting products but also being financially sound. Right now economy, to me, seems like a thing of perpetual growth, but in a cancer-like way.
Regulation.
Fun fact: this is still possible! It's a little harder – it'll have to be steadily introduced, in multiple countries at once (so we don't break international trade), starting in the areas where it's cheapest to produce lasting equipment (so enforcement doesn't take out entire sectors), and I don't yet know what the regulations would look like, but if it's possible to make lasting things, it's possible to require manufacturers to make things last.
We need to do this, sooner or later, anyway: we simply don't have the raw resources to continue as we are.
What runs out, and when does it run out? Are there alternatives? And can we source it from asteroids?
Easy to nay-say, though. To me, a solution starts with spreading those values that make it possible for _consumers_ to stop sliding down the growth-over-everything slope. Mittelstands, shinise, Patagonia, yada yada. Can you as an entrepreneur make a sustainable business that isn’t just for well-off conscious consumers? What’s the product where longevity is inextricable from the core feature set, not just a trade-off with cost?
Right-to-repair is a decent example of where regulation has enough support across the ideological spectrum to get a foot in the door. It would be cool if a company who made profit on service now decides it doesn’t want to compete on service and instead takes more profit upfront with a higher-quality product. Forcing USB-C on phones feels like a small thing to me, but if it sets a precedent where interfaces are standardized for sustainability, that could be amazing. (No, I’m not worried about governments slowing progress. Locked ecosystems are doing just fine at that.)
I've seen a product like this, yes, but I wasn't the one buying it
(got the schematic for some later products, for a fee)
#1 reason I hack on vintage computers: top to bottom documentation and source, and still small enough to fit in one human's head.
Right now the NSA just has all the 0days instead.
I also hack and repair modern stuff, and it is so common to open up a product just to end up staring at an epoxy blob. User manuals hold no mention of service tips, but instead are near-useless "quick start" guides that might review functionality, if the manufacturer is feeling generous.
Modern tech seems so remarkably spiteful toward the consumer and consumers themselves just seem to roll with it. Sometimes I hear them use arguments like "Company X doesn't want Company Z making knock-offs" as though these knock-off manufacturers aren't already expert reverse engineers. I feel the locking down of consumer tech is more about forcing the consumer into a state of dependancy on the manufacturer than it is about protecting any intellectual properties. They conflate "repeate business" with customers being forced to return for repairs or replacements instead of willfully returning because they trust the quality and brand.
Schematics for things sold, are never trade secrets.
e.g. Apple's fixed glass trackpads
Also by definition they cannot be 'invalidated' since trade secrets are never 'validated' in the first place, unlike patents, copyrights, or trademarks.
That's not how trade secrets work. If you give me a device, and I figure out how that part of it goes together, the trade secret dies. There is no protection except an attempt at secrecy, and once someone is retail sold hardware, they may do anything they choose with it, thus the idea of trying to maintain a secret, when it is in someone else's hands, is silly.
Also by definition they cannot be 'invalidated' since trade secrets are never 'validated' in the first place, unlike patents, copyrights, or trademarks.
Trade secrets are valid, until they no longer are. Copyright (in many jurisdictions) require no validation either, they're merely valid upon creation.
You can't dodge this point, which you appear to be doing as I never claimed copyright law is uniform in all jurisdictions worldwide, nor was that implied.
If you don't understand how these things work, it's better to not make bizarre claims.
What on earth are you even talking about?
Regardless, you can invalidate anything. EG, one can make a claim "Hey, that manufacturing process is my trade secret!", and that claim can most certainly be invalided. It can also be validated.
This:
> Trade secrets are valid, until they no longer are. Copyright (in many jurisdictions) require no validation either, they're merely valid upon creation.
Some types of copyright requires approval via some organized entity in many jurisdictions, that is easily discoverable via a quick Google search by any passing reader. The prior comment appears like a deflection from the main point, since the fact that some jurisdictions operate differently is simply irrelevant as I never claimed otherwise, nor was that implied anywhere in the preceding comment chain.
Like I said you can't avoid the fact that 'invalidating' trade secrets makes no sense. They can be revealed, they can become so widely known that the label no longer applies, and so on.
But 'validity' whether legal, logical, etc., can not apply to them.
And in any case there are many real world products which so far have not been reverse engineered to a sufficient degree to recreate, such as the fixed glass trackpad previously mentioned. If you can prove otherwise then I would welcome a link.
In terms of validation, I have no idea why you think one cannot invalidate someone claiming to have a trade secret. You can literally invalidate anything, someone is trying to assert as valid.
A bottle blonde could claim that is their original hair colour, and one could invalidate that claim too.
You seem stuck on an internal definition of 'validate'. Your internal definition seems wrong.
Anyways I agree this is a tangent from the main comment chain, if that's what your implying. I included the last paragraph for that reason:
> And in any case there are many real world products which so far have not been reverse engineered to a sufficient degree to recreate, such as the fixed glass trackpad previously mentioned. If you can prove otherwise then I would welcome a link.
The classic example was during the 90s. A company was building a new factory, and as a result, it was open to the air. A competitor, wanting to legally discover how the manufacturing process of the company was orchestrated, flew over the construction site, taking photos, pictures.
The competitor claimed, that they obtained such information without trickery. The company said that they had taken reasonable precautions, to conceal their manufacturing process, with employee NDAs, and security around the construction site, yet ... that there was absolutely no precaution which could be taken to protect from plane or satellite, and thus, the took all reasonable precautions. That the plane + photos were akin to someone sneaking into the factory, and taking photos as well.
The company won, their trade secret was protected.
The point of this illustrative story, is that reasonable attempts at secrecy of things such as manufacturing processes must be attempted.
A key part of a trade secret is in its name, secret. You cannot keep a secret in public, and even if you do, for a brief period of time, you are not attempting to conceal it if everyone and their dog may look at it. Nothing you sell to a consumer is a trade secret. Nothing. Not a single thing.
You may have a trade secret in how that product was made, but you do not have a trade secret in how that product fits together. At all. A schematic of a circuit board is not a trade secret, and this is the context you started this conversation on.
To speak to this, if anyone, ever, discovers how to take apart and repair this glass trackpad you discuss, there is no trade secret, and no judge will ever ever help anyone enforce protections on the same.
To put it another way, and going back to the example at start of this message, if you hold tours of your factory with trade secret manufacturing processes in it, you no longer have trade secret manufacturing processes. Your competitors may tour it at whim, as part of the tour group, and use such information to derive and copy your no longer enforceable trade secrets.
That's simply how it works.
And there's nothing more public than selling something to the public.
I think you are confused, because Apple may claim it's a 'trade secret', in how they manufacturer said glass trackpad. But the part in consumer hands is not a trade secret. You can put the blasted thing under an x-ray, an electron microscope, and yes these are valid ways to examine things, and there's literally even remotely a trade secret to enforce from this angle.
This, any schematics provides are not going to invalidate what already exists.
I won't bother looking back at this any more, for two reasons. First, it's falling off the first page of my comments I look at, for replies. And second, your over the top, absurd attack on a correct use of the word 'valid' is quite odd, and smacks of a lack of good faith.
You've said your part, I've said mine, and I don't see much value beyond my extended attempt to discuss my reasoning re: trade secrets, how I believe they work, etc. above.
Oh, one final note. I've noticed some larger corporations, and some dark corners of the legal profession attempt to shift the line in terms of rights. We've seen absurd attempts at this in the last 20 years, and we've seen industry practices which are in effect for 10 to 20 years, in terms of IP shot down again and again.
Part of me suspects you may have fallen into a trap, where perhaps Apple claims something they cannot claim, such as extending trade secrets to devices held in people's hands. If they are, they will fail in this, unless there is a deep legislative change, and even then I doubt it won't be kicked, and you should not listen to such absurd claims.
They don't, at least not for modern products of some intricacy.
Going back to the example of Apple's glass trackpad, there's a decent chance that literally every Macbook ever sold with it has a unique trackpad, because some transistor(s) were slightly off, due to manufacturing tolerances, requiring slightly different resistor(s) to compensate, etc..., and so on.
And there are hundreds of components just in the trackpad.
So even in the literal sense of examining it under various microscopes and so on, I think it's pretty fair to say that it's secret enough for it to be very very difficult to recreate.
But this all seems like arguing at windmills, because in practice, Apple's shareholders, board, management, employees, suppliers, customers, and competitors behave as if it was a trade secret. Which is more then sufficient for all practical purposes most HN readers are concerned with.
People have a right to know what they're buying. Companies are testing legal and cultural boundaries, silently changing functionality and usability by altering software or access to required services after sale.
It's not "too complex", it'd just be a hassle if people knew.
If you don't Microsoft, one of the wealthiest corporations in existence, will steal your copy of minecraft that you purchased elsewhere.
Sorry if this isn't on topic, I'm very salty over the migration.
[1] https://www.minetest.net/
A valve radio had ~50 discrete components[1]. The first semiconductors had triple that number of components in a square millimeter in 1971[2], a modern CPU is in the tens or hundreds of millions of transistors per square millimetre. That's more components than the Encyclopedia Britannica had words in 29 volumes[3]. How are you going to 'know what you're buying' if you don't know anything about the bit which makes up most of the complexity and does most of the work? How are 'people' going to know anything about the CPU by getting lumbered a dozen bookshelves worth of schematics?
[1] One 1960s valve radio schematic found from Google: https://1.bp.blogspot.com/-Is9qxCCu2S8/VmZ44qHP1nI/AAAAAAABQ...
[2] https://en.wikipedia.org/wiki/Transistor_count#Transistor_co...
[3] https://patricktreardon.com/wp-content/uploads/2016/06/Encyc...
Even a fairly old ARM based CPU such as in the Pi 4, has billions of transistors. And miles of wiring.
But that's still a different argument to the one I was responding to which was "People have a right to know what they're buying" - and the claim that products are "not too complex" for that. At the point we turn it to a diagram which says "fuse connects to System-on-Chip blob ground pin 0 and data pin 7. Button board connects to blob ground pin 0 data pin 8" are we any closer to "knowing what we're buying" in a meaningful way?
My Commodore64 had full motherboard schematics in the manual, and I had a 90s tube TV with schematics inside the back of the case.
This change, lack of docs/schematics has happened over a mere 20 years.
And if I remember correctly, the tech. manual was something like $20.00 (in circa 1984 dollars, roughly $58 today, and you got about 400 pages of paper, printed on both sides.
So while schematics did not "come with the product in the retail packaging" one could obtain them with only the trouble of ordering a ~$20 (at the time) "book".
Every device/vehicle/system now needs to be connected to the internet and needs you to download an app.
Is that for the consumer? No. That's for the manufacturer.
For milking be reselling your data and/or spying on you and/or charging extra because they can and/or the capability to turn any device into literal trash by not providing updates or bug fixes to a half-baked alpha software that it shipped with.
Blame your government. There could and should be laws against that or at the very least incentives to prevent it.
In a democracy the government is a proxy for the people. I blame the people. If the majority was conscious of their rights (or at least what these rights should be) the governments would have no choice and they'd bring laws that protect these rights. Yes, no democracy is perfect, there are lobbyists, corruption etc, but if the large majority of the population wants something all these lobbying and corruption can only delay it.
The issue with the government(s) is a symptom, not a cause. The cause is that the majority of people have no spine. They'll sell their privacy and rights gladly for a tiny bit of perceived convenience, entertainment or status. It's like this famous saying "people that are willing to sacrifice freedom for safety deserve neither". Substitute privacy/ownership for freedom and convenience/entertainment for safety and it will still be true.
Neither me nor my partner own a smartwatch/health band. Why? Because we literally found no brand that could be used without setting up silly "online accounts" and having our personal details (including health) harvested. The pine watch is an exception, but last time I checked the software was not ready for daily use.
Personally, despite the above, I'm a "long term optimist". I think people eventually will learn to value their privacy, their right to ownership/repair and they will stop buying and using devices and software that infringe on these rights. But not before a generation or two come and go.
Consider other revolutions in human condition. For example the industrial revolution. It brought magnificent benefits, but also (especially initially) it was horrible for many people including children. Eventually the masses started paying attention and worker rights were established, but not a second before the majority was ready to sacrifice a lot to fight for it. It will. Be like this with our "digital revolution".
Psychology is a science that studies human behavior, and like all sciences it works mostly. As a result, human minds can be easily hacked by those with the motivation to do so. Psychological science can be employed, things like A/B testing are very effective with enough data, which our digital systems easily provide. Ads are the wholesome version of that, because they are overt. We know the ads are trying to change the way we think and act. Corporate news is an example of the less wholesome side of using psychological science against humans. The humans aren’t to blame. Humans are animals and easy to hack, and our economy is largely, mostly I’d say, based on people hacking/behavioral engineering.
Which boils majority democracy down to the median level of education.
How does that mean they have no spine? It sounds like they made a decision on what was more valuable to them. You could argue that they might not have been fully informed. But I think the reality is that they just don't care that much because they don't feel harmed by it. The segment of people that are going to even consider trying to repair a digital device rather than paying to get it fixed or getting a new one is probably vanishingly small (and very over-represented on this site).
I could easily see things going the other way, where the lack of digital privacy becomes even more of an unquestioned norm. These things can hold in a kind of equilibrium as long as the entities that hold the power don't use it to cause perceived harm above a threshold. We have the technology to do a lot more scanning of license plates, facial recognition, automated speeding tickets, etc. I'm kind of an optimist in that I think people will generally maintain this balance (or maybe a pragmatist - it's not really in their interest to upset the apple cart, but they will test the limits sometimes).
And greed starts to become an issue when managers think they need a raise.
But to be fair, if you're not an engineer is there much else you can take pride in other than driving up profits by whatever means?
What about the incalculable environmental factor for all of this? Nobody cares.
As someone who found computing in general through the joy of taking broken electronic things apart and trying to fix them, it does sadden me too when I see a black blob over a circuit board but most people are just happy they're cheap and easy to replace and toss em away. Most developers I know today can't understand basic electrical circuits, even though they are the very foundation of everything we do. But like my previous analogy, most would rather just see the magic happen when they install something, write a little bit of code, and see results.
Some of us do value privacy, security, and even the underlying things that make stuff work. We're in the minority. The vast majority of people simply don't even care. I've tried explaining it to my wife, or my mother, that some piece of software might track them, know about them, restrict them, whatever, and the opinion I usually get back is "Oh, it doesn't already do that?" People joke about Facebook ads being something they just talked about all the time and it doesn't even phase them that the reality is very near to that.
People simply don't care enough to make a change in the laws that would prevent things like this.
A sneak peek may be coming with what some states are doing to police travel for abortion. Does the algorithm think you might be pregnant? Congratulations, you may now be stopped on state lines and charged with a crime because you are driving someone one state over. Even if you have no intent of getting an abortion you may have to prove that in court if a prosecutor is feeling particularly self righteous today.
People in the US are not accustomed to totalitarian politics. We have rights. But loss of those rights are one populist demagogue away.
When that happens all that surveillance and remote control will suddenly become as relevant as Antarctica’s Thwaites glacier would become if it fell in the ocean.
(Left wing populist demagoguery and authoritarianism are possible too. I’m just picking on the right wing sort because it’s the kind that has traction most recently. But that too can change.)
I'm turning to the opinion that if we really want to fix this, we need to have government mandates that "takeout" style exports are provided by every company/service, in a standard machine-readable format.
If you collect and store any personal data about a user, there needs to be a standard way for them to request a usable copy.
Then allow third parties to build tools that work with those to educate users, which is why standard and usable format are key criteria. E.g. "visualize what X knows about you"
It's the details that would motivate people, but the details are precisely what's invisible right now.
(Disclaimer: talking from a US-centric viewpoint, for the majority of states that don't have digital privacy rights)
That’s the neat thing! For most people, you don’t! Until it breaks and you need to fix it, and the manufacturer is out-of-business. But then you can present that strange schematic to your local electronics repairer who can fix it up with a few spare commodity components.
Today? Everything is cheap, you can fedex something across continents in a matter of a few days. When the TV is broken, fuck it, a new one is a click and a day of waiting time away, free delivery included. Computers? Phones? Just the same.
Building products that last or are repairable just isn't competitive enough any more. Yes, there are niches like Fairphone, Framework and Pine, but that's the point: they are niches for nerds who care and are able and willing to spend the money.
On top of that, technology has gotten ever smaller and smaller. Up until a decade or two ago, most electronics was through-hole stuff that even a complete dunderhead could repair with a soldering iron, a bit of solder and some tweezers. Modern SMT? That needs highly specialized machines and an awful lot of knowledge about stuff like temperature ramps, not to mention passive components being as small as a tiny piece of sand. And if you want to verify signal integrity, some random scope won't cut it either at modern high speed buses.
> Before the introduction of VLSI technology, most ICs had a limited set of functions they could perform. An electronic circuit might consist of a CPU, ROM, RAM and other glue logic. VLSI enables IC designers to add all of these into one chip.
https://en.wikipedia.org/wiki/VLSI
I remember in the late 2000s hating everything about the mobile revolution and predicting where it would go. I was mostly right but wow did people ever think I was nuts. Tech groupthink back then was the literal phrase “mobile is the future” repeated like something out of a political talking points memo.
What I got wrong was underestimating how evil social media would become. I never imagined how addictive it could be made or how toxic the content would get, or how it would help re-mainstream a whole raft of horrible ideologies. The addiction factor and brain dead content machine really hit with mobile too, so it’s not unrelated. Something about that little screen that is always there and swiping to scroll seems to facilitate addiction better than a PC or laptop screen.
So for at least Atari, and at least with the 400/800 computers, they did release the information. For an extra cost, but it was released.
Also the "driver" installation for IBM PC is just instructions on how to manually patch wordstar to work with it.
edit: went to the trouble of uploading some photos https://kalleboo.com/microblog/posts/111001749605994561.html
If you don’t have access to the source code, you can’t fork it. And ALL the Web 2.0 platforms of today (on which we have our public forums) won’t give you their back-end software. Not even HN. Nor Reddit, LinkedIn, Twitter, Facebook, Telegram or even Signal. They need to retain control because of the capitalism system in which they were conceived (Facebook, LinkedIn) or sold (WhatsApp, Instagram), and the shareholder class which the corporations must serve and extract rents from their ecosystem forever. It starts with venture capitalists and it ends with wall street ownership. https://en.wikipedia.org/wiki/Surveillance_capitalism
If you look at my posts for the last decade, I have been openly saying this. Those of you who saw the movie iRobot back in 2004 may remember the tagline: “One Man Saw it Coming”. I feel like Will Smith’s character. Except that I have been doing something about it.
1. From Digital Feudalism to a Free Market
We are living in Digital Feudalism, and like serfs, we have very little say. And all of this is because we don’t have a viable open source alternative. The first step is to have this software be available to everyone.
https://qbix.com/blog/2021/01/15/open-source-communities/
There were attempts with diaspora* and Mastodon has so far been the most successful. We’ve quietly been building something far, far beyond Mastodon and attracted 10 million people in over 100+ countries. But you probably haven‘t heard of it. It’s a web-based, open source, general-purpose Community Operating System, on which anyone is free to develop just as they are on Linux or Wordpress.
While an app like Telegram or Signal could be easily banned from app stores by governments, something like this is much harder to censor. If millions of websites use https and some may be hosting Qbix widgets, then how will governments and corporations ban it? They may have to insist on having a backdoor to the https certificates, which means enough people would have to fork Chromium / Blink (open source on the front end). But until then, it’s a way for We the People to continue building an innovating in the face of corporate and government crackdowns.
Back in 2019 I wrote this: https://cointelegraph.com/news/how-a-web-that-lost-its-way-c...
Ans just two days ago LA Weekly wrote about the project and the difference it can make: https://www.laweekly.com/restoring-healthy-communities/
2. From a Free Market to Autonomous Networks
In a free market you have a choice of landlord (eg who will host your Wordpress or Qbix instance). But you still have a landlord.
This is the part that some on HN are allergic to. I’m going to extol the virtues of automomous networks, because they’re the most benign “Landlords”, who can be trusted to uphold the rules and never change them (if enough of the community doesn’t like the changes, they can fork and continue the old rules).
Blockchains and smart contracts are JUST THE MOST POPULAR VERSION of this at the moment. There are many other architectures, including Hashgraph, IOTA DAG, and more generally, networks based around Distributed Hash Tables / Kademlia, such as BitTorrent, IPFS, and the ultimate i...
I believe that decentralized movements need to be named properly. If Stallman named it “Liberating Software” instead of “Free Software”, his movement could have attracted a lot more devotees from the wider open source movement.
Similarly, I believe (my personal viewe) thay if BLM had simply called themselves BLAM (Black Lives Also Matter) their message would have been crystal clear and would have attracted far less controversy and much more support across the political spectrum, avoiding such rejoinders as “All Lives Matter.” In fact it rolls off the tongue better and stronger: BLAM!
When starting a decentralized movement, the naming is crucial as it affects positioning long after it has become bigger than those who began it.
Like your Qbix? https://qbix.com
I started Intercoin and Intercloud later. Our apps are named Groups and Calendars.
Also Meta these days is open sourcing more ML tools than any other corp, so I'm not sure the claim that "killing ... all open-source tendencies" is supportable.
People naturally tend to give things away in a gift economy when the marginal cost of making a copy is zero. Dan Pink explains it here: https://m.youtube.com/watch?v=u6XAPnuFjJc
Consider science: it is a privilege in most scientific disciplines to publish one’s discoveries openly for everyone to build on. Except in the bio and pharma departments — there, the intellectual property system has made generically engineered crops trap farmers and has made drugs extremely expensive in the very country that enforces this system. I wrote about Open Source Drugs a whopping 12 years ago: https://magarshak.com/blog/?p=93
Newton said, “if I saw further, it’s because I stood on the shoulders of giants”. He didn’t pay rent to the giants for those shoulders.
Thomas Jefferson said, “He who receives an idea from me, receives instruction himself without lessening mine; as he who lights his taper at mine, receives light without darkening me.”
Albert Wenger, a friend of mine who is a venture capitalist, general partner at Union Square Ventures here in NY and who raised their climate fund, wrote an entire book called World After Capital about this very thing, and is giving it away: https://worldaftercapital.org
Back then, USV and other VCs were really bullish on Utility Tokens as a way for the participants to own the network, and to incentivize open source voluntarily, without government force:
https://avc.com/category/blockchain/
I also mentioned Meta open sourcing ML, and said you should be thankful to Zuck’s tendencies, which he can exercise in an area that isn’t a core business proposition of facebook. The capitalists have stranged Mark Z’s tendencies in every area where Facebook could extract rents and profits from its ecosystem. And in this, it could have easily gone another way had an IP-loving Steve Jobs type been at the helm. Had FB chosen to branch out into it, like Apple did into, say, banking or cars, then you would see FAR LESS open source competition in AI. Maybe Bloom model?
> ... you should be thanking [Zuckerberg’s] open source sympathies as he is literally having his company give away open source LLaMa and other AI which his company spends a ton of money training. Without someone stepping up and doing this, the AI [would] belong to only a select few ...
You’re right that such sympathies weren’t exactly “killed” (instead “discouraged”) by advisors but pressing this mistake in phrasing is certainly a bit of a straw man argument.
There are obviously some specifics there, like if the camera on my phone has a firmware blob, does that need to be able to have the firmware updated? A lot of little caveats like that make such a law difficult, but I think with hardware access the open source community can flourish on devices like smart TVs, etc.
- - - -
THe thing that gets me is that people seem pretty much content with things. E.g. they'll complain about Amazon and then in the next breath admit that they still shop there. Etc.
Some of it is complacency. (A friend of mine, an academic, was talking about "the pain" of switching from Twitter to Mastodon. I had to stop him. You just click some buttons? You don't even have to get out of your chair.)
A lot of it seems to be apathy.
And then there's contentment with ignorance.
People say that this is just "human nature" but I feel that's a cop out.
- - - -
FWIW I think of Capitalism as a kind of economic API. It's very useful, but you have to run it within certain resource limits and policies. (E.g. don't "eat the rich", just tax them at the rate that we did fifty years ago, eh?)
Science and capitalism have delivered technology and wealth, we won history. We just haven't really noticed yet.
We have to stop fighting each other and take care of each other.
That's why Twitter software engineers were making fun of people wanting to release the Twitter algorithm... They were well aware of what a complex mess it was and how unrealistic that was. People have the right intuition though; it doesn't need to be so complex. It is complex by design.
The only thing shitcoin made "better" was how to pay the ransomware industry.
Where did anyone mention climate-destroying proof-of-work? Last I checked, only Bitcoin uses that amount of energy — every other decentralized system does not.
Shitcoin is a term bitcoiners use for every other coin so your own diatribe is incoherent.
Most people on HN are techbros
Blockchains are not the most efficient distributed systems architecture. But if you think you can do better, please do it!
For instance, I am. I think we can do better than BlockChain. That’s why I designed InterCloud, and putting together a team to build it.
I care about open and free technologies. Dat/Hypercore. IPFS. Maidsafe/Safenet. Matrix. Nostr. Literally none of them fit anything you’re bitching about.
In every case, people like you prefer bitching while the frog is being boiled, and actively spreading FUD about any open, free, permissionless alternatives. You’d do better by doing nothing, getting out of the way and let innovation happen. You seem to have no solution.
“It is difficult to get a man to understand something, when his salary depends on his not understanding it.” -Upton Sinclair
> Where did anyone mention climate-destroying proof-of-work? Last I checked, only Bitcoin uses that amount of energy — every other decentralized system does not.
All shitcoin uses inordinate amounts of energy and resources to do wasteful calculations to prove a thing. Bitcoin chews through massive amounts of power. Ethereum chews through GPUs and lowers expected lifetimes. CHIA chews through SSDs in weeks of massive amounts of writes. Even running IPFS client chews through CPU/RAM/network like there's no tomorrow. Filecoin is 10x worse.
> Shitcoin is a term bitcoiners use for every other coin so your own diatribe is incoherent.
I include all of them. But how quaint that you invalidate me as some round-about defense of your own shitcoin.
> Most people on HN are techbros
Most != all. Some of us are actual socialists. You know, "know thy enemy" and all that.
> Blockchains are not the most efficient distributed systems architecture. But if you think you can do better, please do it!
Its already been made. Its called Hawala ( https://en.wikipedia.org/wiki/Hawala ). And its an easy way to send money across areas and even currency changes. And its based on reputation, not some silly climate-destroying math, so you shitcoiners cant make money pre-mining the chain before opening it up to the public.
Again, thats really the problem with all this decentralized "currency". Its a terrible merge between money transmitter and money printer. And you posit "But if you think you can do better, please do it!"... and you refuse the counter-question of 'Do we even need this?'
> For instance, I am. I think we can do better than BlockChain. That’s why I designed InterCloud, and putting together a team to build it.
I repeat: “It is difficult to get a man to understand something, when his salary depends on his not understanding it.” -Upton Sinclair
Basically, I'm saying this for others who read this now, and not for you. This is a tacit admittance that you cannot look at other perspectives in this realm, and must see your path as the "only and true path", because otherwise you would be rejecting your own idea and business plan. (And I know very few who can dispassionately look at their own passions.)
> I care about open and free technologies. Dat/Hypercore. IPFS. Maidsafe/Safenet. Matrix. Nostr. Literally none of them fit anything you’re bitching about....In every case, people like you prefer bitching while the frog is being boiled, and actively spreading FUD about any open, free, permissionless alternatives. You’d do better by doing nothing, getting out of the way and let innovation happen. You seem to have no solution.
And in every case, the whole network is actually run by a quorum on the backend. The breathless claims of "decentralized" arent even defensible. And the other scam here is that all these with shitcoins attached have been heavily pre-mined to "pay the upfront investment cost". But again, with you being a shitcoin founder, you're well aware how this grift works.
I used to run the blockchain meetup here locally. Some of my contributions are still used by a lot of folks. But after a hard deep dive into dozens of blockchain systems, the only real benefit is to the ransomware industry. Well, that, and a whole bunch more decomissioned power plants being spun back up for shitcoin of various types. https://www.theguardian.com/technology/2022/feb/18/bitcoi...
I know that Upton Sinclair quote. Who pays my salary?
I could say the same about you. I realize who pays the salary of many of the startups that go through YC. The venture CAPITALISTS do. The Web2 ecosystem that banks at the same bank (Silicon Valley) and had a bank run on that bank kicked off by Peter “build a monopoly” Thiel. You support that ecosystem, and therefore are against any decentralized alternatives. Do you support Palantir and precrime as well?
Perhaps the above doesn’t describe you, only a bunch of tech bros like you in the very shareholder-based ecosystem that has led to the Big Tech oligopoly and is the subject of “boiling the frog” we are talking about. But then again, you are doing the same to me, assuming things based on whatever “Web3” means to you.
First you trot out incoherent strawmen about proof of work and shitcoins. Then, when I point out the issues with what you say, you do an adhominem.
You continue to be deluded. I just got through criticizinf hyper-capitalism like Thiel’s that would make many capitalists blush. Then I proceeded to advocate alternatives that fit the dictionary definition of “libertarian socialism”. You turn around and call that hyper-capitalism.
Well, how about this… in your system, you have monopolies and hardly any competition. It’s digital Feudalism. You are like the slaves supporting the system because the slavemasters were kinda good to you. In the system I advocate, everyone is competing to provide better infrastructure (hosting, security, storage etc) and you are not locked in. There is redundancy, no single point of failure. And no one can usurp power easily.
>All shitcoin uses inordinate amounts of energy and resources to do wasteful calculations to prove a thing.
Sigh. You sound like you’re in 2013. Are you talking about Bitcoin? Because I had the same criticisms of it since before you were in crypto. I made them publicly in ArsTechnica and was covered in the BBC, Newsweek, etc back in 2018. We actually experimented with allowing people to do Monero mining as a way to pay for our apps, and the whole thing went bad pretty quickly and we removed it for precisely this reason. I called out the incentives publicly 5 years ago:
https://arstechnica.com/information-technology/2018/03/there...
You seem to ignore that every other coin besides Bitcoin and Monero doesnt fit your description, let alone the other distributed systems…
> And in every case, the whole network is actually run by a quorum on the backend. The breathless claims of "decentralized" arent even defensible.
Really? “The whole network” of Dat/Hypercore and Bittorrent and IPFS and safenet are run “by a quorum”? You should read up a bit more on what distributed hash tables are before spouting such nonsense.
Your response is to throw shade and FUD it without engaging in anything approaching substantive, intellectually honest discussion. I back up everything I say with myriad examples that illustrate general patterns. I have arrived at this position by battle-testing my ideas and being open to changing my mind. Are you?
Saying “you’re wrong and deluded” and declaring “it aint” unilaterally isn’t actual substantive argument. It’s just asserting bias.
1. https://www.reddit.com/r/changelog/comments/6xfyfg/an_update... 2. https://github.com/reddit-archive/reddit
Owning something should include that you can cut all ties with the original vendor, and still be able to use the device as advertised.
Similar to the concept in medicine that it's bad for business to cure vs good for business to treat something. From the consumer side, clearly you want cures but markets don't seem to function that way. Treating kidney disease is far less lucrative than providing a cure (if possible). Your only option as a business to find this appealing is to somehow look at the treatment option, roll all expected profit and revenue up, and tuck that into a "cure" option. If altruism in medicine isn't there, I don't know why we'd hope for it in something as artificial as electronics and software. I don't know what the solution is here if we want to continue to pretend markets self regulate in a healthy way for the general population and not for businesses.
So the question is just, is this a market failure in the sense that the market outcome is undesirable to society such that there's a strong case for regulation? Or is it a market success in that most people are getting what they prefer (cheaper products)?
If we were to get regulation passed on this, and prices for digital products and services were to rise, would people broadly cheer or jeer us? I think it's pretty clear that most people would be unhappy with this, at least above some level of price increase (which may be zero).
So to me the question is (like with all regulation) whether this can be regulated without increasing costs to people beyond the value of the regulation to society. Maybe so, but unfortunately I'm pretty skeptical that's the case.
Unless of course you want to argue that without financial incentive nobody would ever do such a thing, and open source is a fairy tale that can't really exist ...
But outside that niche, nobody really values this capability, and it's not a mystery why not. What good does open source do an accountant? Any given work-a-day accountant is never going to read or modify the source of their software. They just have no interest in that. They may have a computer enthusiast friend who has made a compelling case to them for why this stuff matters, so they may agree in theory, but they aren't going to do extra work or pay extra for this. It just isn't a direct enough impact for them.
(I completely agree with you however.)
This seems a lot like the same business model you're saying didn't exist before.
In fact, AT&T was more draconian. People can pay off their cell phones today. The old wall-tethered units had a monthly rental fee in perpituity.
I hate that the system has it where you don't own anything and you are supposed to be happy with it. But from a market perspective what else can they do? They need to make a regular income to pay for the development and such, but they also need to deal with the fact that a competitor who offers a freemium or product at a loss but where they can at some point in the future hide future costs will just naturally win.
In the US, at least, it literally took an act of Congress for customers to be allowed to port their numbers between wireless providers.
The difference is, culturally that didn't go too well with people so hating in MaBell was a thing. Enough so that it forced politicians to enforce anti-trust laws and break it up, eliminating all these restrictions.
I fear there is no political backbone today to do anything to the monopolists that own the hardware we "buy" from them.
The same thing happened to TVs. There are nearly no 'dumb' TVs that doesn't do anything more than just display the video signal. All the 'smart' ('over-smart' is more appropriate) TVs out there take too long to start and they almost always phone home to their overlords. The really worrying part is how normalized it is. I remember someone here on HN contemptuously dismissing my concern, saying that dumb-TVs are called 'computer monitors'. How many affordable 'computer monitors' above 30 inch do you know? And give it enough time - even computer monitors will become 'smart monitors', unless something is done now.
A large dumb TV is called a digital signage display. Those even come with remotes!
Do kids even own their school work done on Chromebooks / Apple Tablets / online learning platforms?
Have their parents assigned the rights to the IP?
I wonder how much kids feel ownership of their work done electronically
Around this point, same school but not necessarily the same year, someone else in the class thought I'd ripped off their idea in the classroom and that this was a copyright violation.
Now?
Now I understand that the work done at school is not a product, it's at most an extended pre-interview test much like a code challenge (not that literal code challenges were really possible when I was 10, given a decent C compiler would've cost something like 2 week's pre-tax income).
Most people always had poor memories, George Orwell make that observation. It's unfortunately one of the human conditions.
Tell other people.
Contribute. If you work long hours, give a little money to FOSS. If you have spare time, spend a bit of it contributing, doesn't need to be a lot.
The timeline in the link is not set. The tech world has been disrupted many times, if it hadn't been, we'd all be on IBM mainframes and typewriters or something. There is no fate but what we make. Very few people are aware enough to show up on this website and read this thread, so it's on you to do something. If you're reading this you are the resistance.
The seller/person getting money gets to set whatever terms they want. It cited Mark Lemley as having made the connection two decades ago. https://blog.ericgoldman.org/archives/2023/08/web-scraping-f... https://news.ycombinator.com/item?id=37264970
It's abhorrent in extreme to strip away the rights of the citizens like so. Our ability to experiment with the world & explore the things about is fundamental to maintaining the human spirit, to keeping us homo sapiens.
and also, all responsibility for it. in the more recent "before times" that you're probably talking about, most things you bought came with a warranty, and if you did unapproved things with that product you would void your warranty. that's what the "warranty void if removed" stickers mean. and yes, when you buy consumer PC hardware there's all kinds of stuff that you can't do with it if you want to keep your warranty.
This hasn't really changed, we just expect more continuing service from our products now, so the list of conditions to recieve those ongoing services from the seller has increased. if you want to buy something and receive no warranty, no software updates, no bugfixes, no cloud sync, no remote access, or all the other modern conveniences, then yeah, you get to do whatever the fuck you want with it.
...
> Stallman was right: if you erode the norm that you control your own software, you lose the hardware, too. Free software is sort of a consumer right that enshrines what ownership of computing hardware means.
The teeming masses praising Steam for cutting out the middleman seem unacquainted with the first-sale doctrine.
This is not happening for sure. Look how apple is being sued from everywhere because of it.
Did I misunderstand WEI? It's an API a website can use to confirm that a client is "authentic", so shouldn't this rather be "Goodle/Apple/Facebook/... drops support for Non-WEI compliant browsers".
Any site can be marked as insecure if it doesn't block non wei compliant devices.
You may ask why does that make a website insecure? They can give any number of reasons that can be silly, made up or outright lies as long as they are able to convince larger public.
For example, they can claim that a site that allows shady(read wei non-compliant) clients is more susceptible to hacking and can be a threat to your data and your devices as well. Therefore it is insecure.
This may come across as silly to techies, but it can sound reasonable to people who don't understand the web in general.
And why exactly do you think they'd want to do that? What do they gain from it? What do you even think the WEI is that you think this motivation makes the tiniest bit of sense?
First let me add some snippets on what the authors of WEI think can be gained from it:
* This is beneficial for anti-fraud measures. Websites commonly use fingerprinting techniques to try to verify that a real human is using a real device[1]
One of the proposed use cases: Detect non-human traffic in advertising to improve user experience and access to web content* [2]
Another snippet :
we could standardize the set of signals that browsers will receive from attesters, and have one of those signals be whether the attester recommends the browser for sites to trust (based on a well-defined acceptance criteria). As new browsers are introduced, they would need to demonstrate to attesters (a relatively small group) that they pass the bar, but they wouldn't need to convince all the websites in the world [2]
This is clearly an attempt at gatekeeping both web client software and the clients themselves.
> What do they gain from it?
I think we can agree that Google is primarily an advertising and search company. One of the threats to Google's revenue as an advertising company is ad-fraud and this 'anti-fraud' measures protect their bottom-line. Another threat is ad-blocking and though they don't explicitly mention it, the WEI "bar" mentioned above can potentially be used to prevent ad-blocking by denying attestation to clients capable of ad-blocking (either directly or by allowing plugins).
Client attestation also prevents bots(both good & bad bots of all types including new search indexing bots) from accessing websites. This has a nice side-effect for Google that it restricts building a new search engine(a competitor) without its blessing. Search is a gateway to Google's advertising.
> And why exactly do you think they'd want to do that?
Like any product that any company introduces, it is to drive adoption? The more websites use it, the more normalized and legitimate WEI becomes. Once it becomes a standard and an integral part of web, it is easier to dictate terms that keep their position entrenched.
We can argue whether ad-blocking or bots are good or not and whether these concerns are all pure speculation or hyperbole. But once the technical capability is there and it is only the ethical/moral belief of corporate executives( and probability of government intervention) that prevent it, I wouldn't trust them to do the right thing especially when money is involved.
[1] - https://groups.google.com/a/chromium.org/g/blink-dev/c/Ux5h_...
[2] - https://github.com/RupertBenWiser/Web-Environment-Integrity/...
> Client attestation also prevents bots(both good & bad bots of all types including new search indexing bots) from accessing websites. This has a nice side-effect for Google that it restricts building a new search engine(a competitor) without its blessing. Search is a gateway to Google's advertising.
Um, no. Let's imagine a world where Chrome starts warning about "websites that don't support WEI". What does that actually mean? At most it'd mean warning about websites that don't request an attestation. It cannot possibly be a warning about how the website uses the attestation, or whether it even uses it. So in this world where you imagine that Google Search can attest that a request is coming from their crawler, and every site in the world has been strongarmed into requesting an attestation by the mustache-twirling villains at Chrome, nothing about crawlability by smaller search engines has changed. Other search engines can provide their own attestations, and the sites can choose whether to trust them. Websites can choose to ignore the attestations entirely.
> Like any product that any company introduces, it is to drive adoption? The more websites use it, the more normalized and legitimate WEI becomes.
Normalized and legitimate in whose view? Why do they need that legitimacy? It's normally an invisible feature to the users. If it ships in Chrome and is available for Google to use for protecting their own properties against abuse, that's all they really need. They want to make the mechanism available for other sites and other browsers, but not because that third-party adoption is particularly important.
The reality is, anyone with an anti-abuse problem will be delighted to have this signal available, especially as the browser fingerprinting surface will keep shrinking over the next few years. There will be no need to coerce sites to use the API.
It's just a really stupid idea. High visiblity, absurdily high risk of a backlash (having it be a security warning would be obviously untrue), and all for literally no rewards. I will happily take a bet at 100:1 odds that this prediction will not become true. It will not happen by 2027 like the author thinks. It will not happen by 2033. And if that's really the most realistic threat to digital freedom that you can envision, we're in a pretty good shape.
You forgot the biggest threat: CloudFlare
Strange that. Well, not really. But still. I dislike being the "told you so" guy.