I really don't understand the argument here. That the product is locked down by design is a feature, not a limitation.
Yes, this has the side effect of making them more money and allowing a walled garden to form, but given that the vast majority of users wouldn't do anything different with their phones if a shell was present, this is in my opinion not that large of an effect.
The snide around "clicking on links is dangerous" and locking down the bootloader is unwarranted, because for most people a phone is not a toy (or at least, not just a toy) - it has their communications history, their bank information, their passwords, any many more. And it's really easy to steal people's phones on the subway. This isn't about freedom of computing, this is about the fact that an iPhone in BFU is nearly as secure as a GrapheneOS phone.
There are many problems with Apple software. It's buggy, uses proprietary formats that you can't export, and interoperable with open standards. It's bad, and is the primary reason why I won't buy another iPhone, but Macs have that same problem. On the other hand, being cryptographically locked-down is an optional feature. If you don't like it, buy a computer without that feature. It's harmful to us, to tinkerers and people who want to see how things work, but the average person does not care at all and just wants to be able to open LOVE-LETTER-FOR-YOU.TXT.vbs without having their 401k get drained.
>On the other hand, being cryptographically locked-down is an optional feature. If you don't like it, buy a computer without that feature.
But that's the thing, where can I buy a phone without a locked-down operating system? GrapheneOS on a Google Pixel is basically the only option right now, and this still has problems thanks to hardware attestation in a lot of apps that the ecosystem forces us to use.
This is largely because Apple has dictated the direction of smartphones for the past two decades. All of our expectations for control over our phones are completely out of whack compared to other computers.
Somehow we managed to survive without the majority of society being scammed out of their life savings before Apple came in with the iPhone and locked down iOS, and yet now people are earnestly defending the notion that 90% of people should not even have access to the filesystem on their own device.
> All of our expectations for control over our phones are completely out of whack compared to other computers.
I would, sadly, challenge this. If anything, our desktops and laptops are the exception now. Phones, TVs, game consoles, set top boxes, cars, Amazon echos, ebook readers, tablets, security cameras, autonomous devices like vacuum cleaners — when I think of the myriad devices we interact with that have a computer in them, they are all as stringently locked down as possible.
> hardware attestation in a lot of apps that the ecosystem forces us to use
Only a tiny amount of apps force you into hardware attestation, and these are mostly around banking, mobile payments and the like. So just use a separate, locked down device for those (where the anti-fraud protection of a locked-down system can be a benefit) and your more open day-to-day device for mostly everything else. A hidden advantage is that the dedicated device for secure uses is not something that you're forced to carry with you; you can leave it in a secure place instead.
>Only a tiny amount of apps force you into hardware attestation
Luckily this is still true, but I'm not confident that it will stay this way. For a few examples, I've been unable to use my phone as a metro card in my city because even though it goes through the metro's app, the app redirects back to google pay. Google's own Waymo app won't work without stock OS even though all it does is call robotaxis.
>these are mostly around banking, mobile payments and the like. So just use a separate, locked down device for those
I don't think this is a very reasonable suggestion, carrying around a second phone that I use at most a couple of times a day is inconvenient and expensive. Half of the point of these is convenience and this would defeat the purpose.
The broader point is that our standards for phones are so different from everything else. I also carry around a credit card which requires no authorization to use, not to mention cash. I can have just as much personal data on my laptop if not more, so why does it have to be this way just for phones?
Be sure to give apps that behave that way one-star reviews.
I just tested Waymo and my usual solution of Magisk Play Integrity Fix was insufficient, suggesting hardware-backed attestation. This is the kind of crap Microsoft was doing that inspired Google to put "don't be evil" in its mission statement. We all know how that went.
If your goal is to boycott Google, you're probably not trying to use Waymo. My suggestion was only about punishing the use of remote attestation in the small way most of us can.
A smart phone's primary function is to initiate and receive phone calls, or arguably 1/3 of it's primary function if the metric is the Jobs iPhone launch presentation, however since "smart phone" and "iPhone" have "phone" in their names I'm going to argue its their primary function.
People have come to expect that phones nearly always work, and rely on them for critical communication with loved ones, services like emergency services. When these aren't dependable you don't have a phone but instead a toy.
The case made two decades ago is that running arbitrary software on a phone incurs a risk that malware can compromise the device and alter its dependability. _General purpose computers don't have this historical burden._ Phone and mobile OS makers sell their products with their purposeful limitations made fairly clear. You want a mobile device with different capabilities then seek out am alternate device, it's kinda obvious.
There's always communities of people who attempt to repurpose the products they own for purposes the weren't originally intended, and I would like to see that laws that make that hobby more legitimate and legal. I would love to see 3rd parties able to support these hobbyists, that would be great. But Apple, Google with their hardware partners have no obligation to do so, and justifiable positions for making repurposing non-trivial to do.
I was able to get Waymo to work on GrapheneOS, but it took some doing, and relies on the GrapheneOS developers hacking around the official Google Play services in some way. Waymo definitely made it more difficult than it needs to be to run this on something other than ordinary Android, and it's unclear if they did so in order to make themselves more money, or simply because doing things the official Google Android way is easier for them and they aren't even thinking about people who are trying to have a less-restricted smartphone OS.
> Only a tiny amount of apps force you into hardware attestation, and these are mostly around banking, mobile payments and the like.
I.e. the only ones that make the phone critical to daily lives of most poeple. Don't forget to add government applications, multimedia applications (DRM) and communications too.
And that's only going get worse, because every app seems to think they're most important. We're in the middle of the phase where every app tries to force strong MFA on users, despite most apps having no fucking business having this level of security. Banks are actually lagging behind toilet paper roll simulator apps nad stores selling hats for pets and such.
Wait when they're done that, leveraging attestation APIs will be next.
>Somehow we managed to survive without the majority of society being scammed out of their life savings before Apple came in with the iPhone and locked down iOS
What on earth are you talking about? People have been getting scammed since the days of AOL! What an insane perspective. It's not about total money lost from scams. It's about the amount of impact it has on the individuals who get scammed. What's the problem with Russian roulette after all? Most people playing Russian Roulette are absolutely fine! The point is that the damage done to the few people who get scammed is so high, we ought to care about their lives too. At the end of the day, it might end up being us... it probably won't, but it might.
Yes, monopolistic network effects are a problem, but that can be handled with regulation.
We don't save few people suffering high damage from losing a round of Russian Roulette by restricting ability to roll D6, because of then harm a bad roll can do when in form of a barrel of a loaded revolver. Also "only criminals need random number generators".
It is a question of who is "We" because all this seems to imply that the market owes "us" this product.
I would lose my mind and switch to Linux for good if Apple every tried to close their laptops. Why? Because unlike my mom, I'm sitting here writing programs for myself.
On my phone however, I don't want to have to do a bunch of research whenever I need to install something like a parking app. I don't want to have to install a random parking app, but when you need an app to park in the MUELLER - MCBEE garage in Austin, and when I'm visiting and am meeting people for tacos, life is going to force me to install that app. When that happens, I'm happy to be in the walled garden. In fact, I want a walled garden.
I'm happy to have two computers, one open and one closed. They're two different products. For folks who want an open phone, yea, it's basically GrapheneOS or nothing, because when the point of the phone is a completely different use case (random app installs) then the point becomes the ecosystem, and you need to always be able to trust the ecosystem.
When you are trying to tinker with your phone, it becomes a completely different product. The market doesn't owe you that product.
Which is why, note, I have not phrased my comment in terms of markets.
The market does not owe me shit. It doesn't owe anything to anybody. It does whatever it does, and if it doesn't meet our ethical and utilitarian standards, we constrain it with regulations until it does.
WRT your example, that you have to install random parking apps is a problem - it's only the case because the market framework enables and encourages people to make money by hurting and abusing others. Demanding installation of random apps is a small act of malice, but act of malice nonetheless, because it's done not to solve the parking problem, but to trap people in a situation ("captive audience") and monetize them on the side. Freedom of end-user computing helps defeat that, as it makes it easier to both set up and integrate with larger-scale, common solutions to problem, and protect yourself from attempts at being kept captive and exploited digitally.
> because for most people a phone is not a toy (or at least, not just a toy) - it has their communications history, their bank information, their passwords, any many more. And it's really easy to steal people's phones on the subway. This isn't about freedom of computing, this is about the fact that an iPhone in BFU is nearly as secure as a GrapheneOS phone.
If that were the entire reason, the straight-forward thing would be to give the user tools to secure the phone, such as setting a password and encrypting data based on that password.
It wouldn't make sense to spent enormous amounts of resources to "secure" the phone against its own user, yet that is what they do.
I think a more honest explanation is that they aren't just securing their own corporate power, but also the power and business models of all kinds of app developers - this way, developers can sell trivial UI improvements as "premium features" or even put in deliberate anti-features and the user can't do anything about it.
Games can put in loot boxes and microtransactions, YouTube can declare that keeping a song playing and putting the phone away is a premium feature and movie rightsholders can decide the exact circumstances under which a movie may be watched.
That's all before the ubiquitous tracking and data collection.
Everyone wins, except the user...
> and just wants to be able to open LOVE-LETTER-FOR-YOU.TXT.vbs without having their 401k get drained.
So do I, even if I'm a tinkerer. That's what sane permission settings and - if you like - a locked bootloader are for. What you don't need for that is to restrict the owner from unlocking the bootloader.
I understood this stance more 10 years ago, but now we have many layers of fairly well documented exploit tactics and none of them rely on the app store. However forcing users to use an app store was supposed to benefit us has clearly failed.
And, somehow, the indignity of being forced into paying apple a 30% tax for a market they wholly own never comes up alongside other paternalistic arguments....
Can you elaborate on "fairly well documented exploit tactics"? My impression is that most of these are either social engineering, for which we need to hire better designers, or complicated chains of hard-to-find primitives only accessible to state actors.
There's definitely problems but the solution isn't to make the iPhone a general purpose computer. We definitely need to defend the existence of general purpose computing at a time where regulation is likely to begin encroaching on it, but the promise of the App Store is "pay a 30% tax and any app you download here will be safe." In my mind, at least, that's the promise, and perhaps one solution to the situation would be to erect consequences to breaking that promise.
> the promise of the App Store is "pay a 30% tax and any app you download here will be safe."
Apple, who revealed in court that they enjoy a 75% profit margin on that fee, is being sued for that promise being false advertising on account of the crypto scams they keep approving.
Stemming from the case where Apple revealed their 75% profit margin on these fees, Apple was referred for criminal investigation for illegally forcing everyone to pay that fee violating a court order to ensure they get it and then lying to a judge about it.
A 30% tax and no freedom to install what you want better come with protection from state actors lmaooo. Otherwise what could be worth such a heavy-handed (and under a rational state, illegal) method?
Especially when the app store is nos filled with gambling apps and social media built to exploit children....
I still remember the era when jailbreaking Android and iPhones was gaining popularity among less technical people. It was eye opening to watch how many people I knew would search for a random web page and then unquestioningly follow instructions on the screen to install software from the first link they clicked.
All of this to get custom fonts in their messaging app or some other little feature they saw on someone’s phone.
I started getting a lot of requests for help from people who had broken key functions on their phones or even bricked them entirely.
Even today there’s a culture of downloading Android builds from long forum threads on XDA developers and other forums and hoping they’re not compromised.
> All of this to get custom fonts in their messaging app or some other little feature they saw on someone’s phone.
Yes, and this is normal and right. They're expressing curiosity, and in the process also actually exercising ownership of their devices.
It's how most of us here learned computers, too.
The only problem in this picture, really, is that we've allowed - or even helped - software and platform vendors to disempower regular users so much that "to get custom fonts in their messaging app" they need to do something high-risk.
Most of what regular people try to do is like this anyway - something that should be a basic functionality, that used to be basic functionality, but has been taken away from users for their "safety" or because "sekhurity" or such.
The Linux community settled very quickly on the model of a Linux distribution, distributed via FTP, as a safe place to acquire on OS. Some got very popular.
Is there anything like that in the Android world? I'd love an alternative Android distro the supports writing notes with the S-Pen from the lockscreen. Where does one find such a thing?
There are AOSP-based distros like grapheneOS and calyxOS with various "app stores" like fdroid that behave similar to package managers on linux. There are also just run-linux-on-your-smartphone distros like postmarketOS. I doubt stylus integration is good in either.
> Even today there’s a culture of downloading Android builds from long forum threads on XDA developers
I did that this month. I wouldn't do that for a device I use for anything sensitive, but I have a niche use case for my old Nexus 5, and it needed to be running at least Android 8.
> That the product is locked down by design is a feature, not a limitation.
And why should the entity locking down the design be the same entity as the one selling it? Is that a feature too?
You can't imagine a world where people can install different services by different providers to protect their devices? And have some actual competition? And therefore choice?
We almost had that with the browser wars, when Microsoft was forced to have customers choose which browser they wanted when they got a computer. Operating system choice was already lost to Windows, but at least browser, they were forced by EU directive to let the customer choose which one they wanted. Then the game changed, and now it's basically Google or Apple for your smartphone, with a tiny bit of competition that doesn't really count. If the EU really had guts, they'd say that computing devices must let the user install a OS of their choice, at their risk, and businesses would be able to just sell phones, with the option of GrapheneOS alongside Android and iOS or Windows Mobile or FirefoxOS or WebOS. We didn't get that future, unfortunately.
We really need to have a "no-tether law" that says that the consumer should be able to break all ties with the vendor and still be able to use the device as advertised.
If you make a bootloader unlock require a full wipe/rekey of the device, and make unlock status visible at boot, most of the "someone might unlock my bootloader maliciously" concerns go away.
Fairphone actually does this. My FP3+ displays a red bar with an open padlock as long as the bootloader is unlocked, and when one changes the bootloader lock one way or the other, the phone wipes itself.
Right, but unless you prevent apps from being able to query for this status, the market will still force people into locked phones, because "sekhurity" isn't about actual security, but checking boxes and control.
If you put the icloud-lockout stuff early enough in the boot chain (which I believe is the case on apple silicon macs already?), that seems like a solvable problem too. I can understand why apple hasn't put the engineering effort into making something like this happen, but I don't think it's because they can't make it happen.
And the consequence for this is that you can't replace your own camera - or home button. Instead of a thief stealing your phone, Apple steals your phone. Not worth it. They could still track it by IMEI when it connects to a network.
This is not an honest portrayal of iOS. iOS is locked down period. "By default" makes it seem like there's a choice involved anywhere, and there isn't.
I like iPhones because they are a little bit restricted.
But let’s be real here. They should have unified everything 5 years ago. Your phone should plugin to a screen and be a “netbook” level device and anything 13 inches and up should be running MacOS. The iPad should have a real affordable keyboard.
These limitations are no longer designed to make the product better.
I moved to a beach town and found out the tides app only exists on my Apple Watch. I went through 10 iOS apps that didn’t work properly or wanted me to pay subscription before giving up. I just don’t understand… do they not use their own products or something?
This is clearly sub-optimal for a tablet. And worse, they are supposed to be a company that has good taste and design.
I bought a knock off cantilever keyboard cover. This is clearly the way to go. Very clever design from Apple. The knockoff works almost as well for 25% of the price.
The iPhone is designed to be a good smartphone, not a good NAS. It is silly to expect anyone to compromise the design of a mass market product to support some esoteric MacGyvering entirely unrelated to the original product.
Should we all expect Toyota to design their ECUs to be used as a NAS?
It's not about "design", because the iPhone is perfectly capable of running arbitrary code, it just refuses to do so if you're not Apple.
The situation is such that the legal owner of the device has less power over it, post-sale, than the company that made it.
That reason alone, the imbalance of power, should be enough to support abolishing those restrictions, preferably by law.
To be clear: this is something that should be beyond market forces, and it should apply to anything that is sold to consumers and can run code. The end goal should be that no user remain less powerful, in terms of code execution and access to content, than the manufacturer.
> It's not about "design", because the iPhone is perfectly capable of running arbitrary code
It is a very intentional UX choice to mitigate malware for users who do not know how to evaluate the legitimacy of software on their own. And studies show that this is a very effective policy, both perceived (e.g. marketing) and real (actual breach statistics).
You can mitigate malware while still allowing for the same level of end-user control as the manufacturer. Look at Windows itself! People getting infected on up-to-date installations is a rarity nowadays, all without draconian lockdown policies.
It took windows many decades to get there and the reputational harm was already done by then. Android is not doing particularly well but it has improved significantly.
Of course Apple doesn’t want people to use their device in a way that’s not how they designed it. They’re very anal about the user experience, they don’t want kids to install ArchLinux on their grandparents iPhones, and have the grandparents complain that their phone is shit. I get that.
Conveniently, the way they designed the phone allows them to charge 30% of every transaction that happens on the device…
But that’s beyond the point. The point is that the iphone is a capable device, that probably can run macos, and it’s a waste that we’re not allowed to.
I'm all for antitrust action against the financial trap that is the app store. But as someone who designs products, I think it's absolutely asinine to require security flaws in a product's primary design to support an untended repurposing.
I guess I don’t see how allowing some phone owners to root their devices introduces security flaws for those who don’t. Maybe there’s something I’m missing here.
A NAS is just an example, here's a better one; I love to use my old phones as wall mounted displays and controls for home assistant, or as remote music players plugged in to some speakers that I can hook into in music assistant. Some of my old phones are more than capable of this hardware wise but are locked to older versions of android and can't run anything built for a newer version, so they end up as ewaste intstead.
I think my next phone is going to be a fairphone or something for this reason.
You can do this but you have to remove the battery and hook up the circuitry to external power. This practically turns the phone into a glorified SBC. It may still be worth it since there's more of a mass market for phones than SBCs (and phones come with lots of extra hardware components that can be useful) but it's not that huge of a win.
None of those are even remotely reasonable enough to be a higher priority design criteria than preventing little old ladies from unknowingly installing malware.
I understand this for a user’s primary phone, and agree to a large extent.
However, the article touches on ideas like using an old phone as a server. It would be nice if on first boot a user could choose if the device will be a phone or a generic device. This way, when I decide to upgrade my phone, my old would could be reset and then setup with macOS to use for wherever I want. The alternatives are to sell it, recycle it, use it as an overpowered iPod touch, or throw it in a drawer for 10 years.
> Apple software. It's buggy, uses proprietary formats that you can't export
Buggy sure, but proprietary formats? Calendar entries can be imported or exported as iCalendar .ics (RFC 5545), contacts as vCard .vcf (RFC 6350), photos as .jpeg or .heif (ISO/IEC 23008-12), books use the open .epub (ISO/IEC TS 30135), iTunes dropped DRM for purchased files in 2016 and uses mp4 (ISO/IEC 14496-14:2020) (though not sure what Apple Music streaming uses). TextEdit uses .rtf (a closed Microsoft format), and Pages, Numbers, Keynote use their own formats (as other office software does), but they import and export to many common formats. Notes imports and exports markdown (and you can always print/export as pdf).
What are the "proprietary formats that you can't export"?
ETA: Oh, Messages, yeah. To export those, you have to copy/paste a conversation, or use a 3rd party app, fair enough.
All good points. But what would be really useful and easy is allowing the iPhone to be used as a full-fledged computer on a file system completely distinct from that used to run the phone. Then my laptop is just peripherals connected to my phone.
Also phones are network devices on a carrier network. A long time ago, people didn’t even own their own phones. Their landlines were property of the phone company.
Apple achieved what was nearly impossible by getting iPhone capabilities on a carrier’s network. (They did another impossible feat with the iTunes Store and selling tracks for 0.99)
iPhone capabilities caught up to most people’s computing needs but at the core these are still devices that need to be approved to run on a carrier’s network with basic service contracts. So they are locked down.
Phone networks have always been crusty legacy things when you look at it from a modern computing lens
You can buy a cellular data plan for your laptop. Just plug in a 5g radio to your usb port or in some laptops you can even install it internally in a dedicated pcie slot.
Carrier approval is not the reason phones are locked down. If it were then rooting android devices wouldn’t be possible.
> The snide around "clicking on links is dangerous" and locking down the bootloader is unwarranted, because for most people a phone is not a toy (or at least, not just a toy) - it has their communications history, their bank information, their passwords, any many more.
And so is their god damn computer!
The ONLY reason why we treat phones differently from computers has no relationship at all with what's at stake, it's purely because Apple felt they could get away with it for phone, while they estimated that people would stop buying macs right away if they did the same thing for computers. It's literally that simple.
Problem is a lot of apps require a locked-down device. You can't use a phone that isn't locked down in most of the world. And it will spread to PCs eventually.
If it was easy I would expect 5-10% if people would probably do it, much like alternate desktop installs
This would mean millions of devices
You mention Graphene is more secure so what exactly am I gaining from not being able to install it other than my phone being trash once it's out of support
And yet, try getting a full backup of your Google phone onto your own computer. (Without rooting/wiping the whole thing.) Heck, try getting just your text messages off (without a separate app)!
You can't. (Last time I checked.) The backup is encrypted in the cloud, and the only way to download it is to restore it to a phone.
Whereas I can just plug in my iPhone and get a full backup, complete with sqlite manifest, completely accessible. Text messages, photo library, everything.
> That the product is locked down by design is a feature, not a limitation.
I would say most people in tech who aren't interested in fiddling with their phones have no issue with this either and frankly intentionally prefer more locked down options, all things considered.
It's fine to criticize abusive practices that companies engage in, but I tire of the narrow-mindedness of some people who measure everything according to their personal interests. Like, expand your mind, man.
You don't understand the argument of why people might want to install their own OS on a device they own. And then say you won't buy another iPhone because you don't like their software... It sounds like you _do_ understand the argument.
I greatly dislike Apple software, but I think their hardware is quite nice. I would buy apple hardware if it wasn't handy-caped by their OS.
It used to be said that Apple was a hardware company that happens to make an OS. This argument never made sense to me, because while they make good hardware they very clearly don't want people to use it.
I'm surprised zero-knowledge proofs have not been mentioned. This is a technique where (for example) the government signs your digital license, then you can present a proof that you are over 18 to a site without revealing anything else about yourself. ZKPassport exists, Privacy Pass is an implementation being standardized by the IETF, and Google is working on a similar implementation. Granted, these are not yet widely used, but I'd be very interested in hearing HN's thoughts on this.
Let's try to figure out what a good policy solution looks like:
- entities with harmful or adult content must require proof of the user being over 18
- entities cannot ask for, store, or process more detailed information without explicit business needs (this should be phrased in a way that disallows Instagram from asking for your birth year, for example)
- entities cannot share this data with other sites, to avoid privacy leaks, unless there is an explicit business need (this is tricky to get right; someone might try to set up a centralized non-anonymous age-verification service, erasing many benefits)
- entities must in general not store or process information about the user that is not strictly relevant to their function
- there ought to be different treatment for anonymous users (which ideally these protocols will allow, just submit proof of work plus a ZKP that you are a human and authorized to access the resource) compared to pseudonymous and non-anonymous users, who are more at risk of being censored or tracked.
There's some loopholes here, but if the government can enact good policy on this I personally think it's feasible. Please share your thoughts, if you have a minute to do so.
There's also an interesting political split to note among the opposition here. I see a lot of people vehemently against this, and as far as I can see this is largely for concerns regarding one of 1) privacy abuses, 2) censorship, or 3) restriction of general computing. Still, there is a problem with harmful content and platforms on the web. (Not just for minors, I don't think we should pretend it doesn't harm adults too.) The privacy crowd seems to be distinctly different from the computing-freedom crowd; the most obvious example is in attitudes towards iOS. As I personally generally align more towards what I perceive as the privacy-focused side, I'm very interested in what people more focused on software freedom think about zero-knowledge proofs as a politically workable solution here.
Sounds cool but do you believe it's really about protecting children? Since when do politicians care about this so much? I have not heard of any protests or public calls for better child protection online. It's really all about control and elimination of freedom of speech and information. They want to set up a legal framework and get people more comfortable with the idea of closed and controlled internet. Then they'll argue that age verification alone is ineffective because its too easy to circumvent so they'll start rolling out less "private" solutions that will benefit them and their sponsors greatly.
I'm not sure anyone is being this explicitly malicious. Parents' groups, child safety organizations, and researchers have been at this for years, and while I agree with you that the solutions are very misguided, I think it does our own priorities a disservice to stick our fingers in our ears with regards to their concerns.
Can you give an example of how less private solutions will benefit them and their sponsors? I could see big tech / adtech and government surveillance benefitting but I don't think they're the ones behind this push.
As another example, consider the "small web" community, say at Bear Blog, which is a group of technically sophisticated people who routinely complain about the harms of traditional social media. I doubt most of them would support this particular implementation, but they show that there is popular support for solving the ills of at least one of the targets of this legislation.
So to answer your question, yes, I do see this as an attempt to protect people. The restriction of free speech is in my opinion a side effect of this legislation opening the way to worse-designed laws in the future.
The quote seems to imply that if the watch receives the payload from any source, even without a compromised AP, it'll pop the shell.
The easiest source of this is local network attacks, and it's not that unusual. In this case you could imagine a teacher at school who knows how to use Metasploit.
It doesn't seem like it has to be local network, though, the computer just has to receive the packet somehow. So for example if the watch loads a website or connects to some service on the internet (firmware updates, cloud sync, telemetry, whatever), an attacker could try to receive/intercepts/redirect that traffic and serve the payload through that channel.
You might need the watch has no certificate pinning or weak certificate validation if it's using TLS but IoT devices often skip TLS.
Omega-3 good, Omega-6 bad has been known for many years.
For example, Scott Alexander wrote in 2014 on his blog Slate Star Codex about how Omega-3 lowers crime rates and Omega-6 increases crime rates. And he links to some cool RCTs where you can check the methodology yourself.
There is zero evidence in that article, or anywhere else that I’ve seen for that matter, that omega 6 is harmful. The evidence provided there would perhaps suggest that omega 3s are beneficial, but that’s about it.
To be fair, the octet as the byte has been dominant for decades. POSIX even has the definition “A byte is composed of a contiguous sequence of 8 bits.” I would wager many software engineers don't even know that a non-octet bytes were a thing, given that college CS curricula typically just teach a byte is 8 bits.
I found some search results about Texas Instruments' digital signal processors using 16-bit bytes, and came across this blogpost from 2017 talking about implementing 16-bit bytes in LLVM: https://embecosm.com/2017/04/18/non-8-bit-char-support-in-cl.... Not sure if they actually implemented it, but that was surprising to me that non octet bytes still exist, albeit in a very limited manner.
Do you know of any other uses for bytes that are not 8 bits?
> Do you know of any other uses for bytes that are not 8 bits?
For "bytes" as the term-of-art itself? Probably not. For "codes" or "words"? 5 bits are the standard in Baudot transmission (in teletype though). 6- and 7-bit words were the standards of the day for very old computers (ASCII is in itself a 7-bit code), especially on DEC-produced ones (https://rabbit.eng.miami.edu/info/decchars.html).
Back in the days of Octal notation, there were computers with a 12 bit word size that used sixbit characters (early DEC PDP-8, PDP-5, early CDC machines). 'Byte' was sometimes used for 6- and 9-bit halfword values.
I wanted to reply with a bunch of DSP examples but on further investigation the ones I checked just now seem to very deliberately use the term "data word". That said, the C char type in these cases is one "data word" as opposed to 8 bits; I feel like that ought to count as a non-8-bit byte regardless of the terminology in the docs.
NXP makes a number of audio DSPs with a native 24 bit width.
Microchip still ships chips in the PIC family with instructions of various widths including 12 and 14 bit however I believe the data memory on those chips is either 8 or 16 bit. I have no idea how to classify a machine where the instruction and data memory widths don't match.
Unlike POSIX, C merely requires that char be at least 8 bits wide. Although I assume lots of real world code would break if challenged on that particular detail.
I hear sentiment like this occasionally and I genuinely wonder if this is conspiracy theory stuff or if this sort of thing actually happened in the past.
I'm aware of the programs Snowden revealed, Tempora / XKeyscore / Longhaul / the like, plus I've heard J. Edgar Hoover did bad things and lots of CIA meddling internationally was bad. Still, these seem qualitatively different to the explicit blackmail you're referring to.
Do you (or someone else reading this) know of historical examples that demonstrate a pattern of this sort of thing? You can interpret "this sort of thing" as you wish.
That's a lot to ask for on the spot, so if not, I would be interested in what generally makes you approach the situation from this cynical angle, especially given that it's the FBI. In my experience, which is fairly limited but is as a US citizen, most of the time the US government mostly follows the law and doesn't do this sort of thing to citizens.
Living through all of the events of 2020 in Minneapolis of all places led me to the conclusion that when push comes to shove there is no law, only hard power and the will to use it.
If you want examples of events that could be reasonably interpreted as “this sort of thing”, the son of the guy who tried to assassinate Trump the second time was mysteriously arrested for possession of CSAM a week after his dad was arrested. I’m inclined to believe that the base rate of people being into that stuff is reasonably low so whenever I hear about someone being charged with it in relation to a completely unrelated major news story it gets my spidey sense tingling.
You're right that absent some colossal screwup you could never prove one way or another that it was legit vs planted, but stuff like that changes my priors on what I believe can happen. The fact that it is completely deniable also increases the incentive for the government to do it, and they no doubt have the capability. Capability and motive combined leads me to believe that it likely does happen.
For anyone else who got a little too excited at the title, ECC here is error correction codes, not elliptic curve crypto.
Very cool writeup, thanks for digging into all those data sheets and sharing it with us! I feel like the hands-on electronics stuff has always been a little bit inaccessible to me, but posts like these always make me a little more excited to start doing little projects myself. So thanks for posting.
Bubblewrap is a it's a very minimal setuid binary. It's 4000 lines of C but essentially all it does is parse your flags ask the kernel to do the sandboxing (drop capabilities, change namespaces) for it. You do have to do cgroups yourself, though. It's very small and auditable compared to docker and I'd say it's safer.
If you want something with a bit more features but not as complex as docker, I think the usual choices are podman or firejail.
Yes, this has the side effect of making them more money and allowing a walled garden to form, but given that the vast majority of users wouldn't do anything different with their phones if a shell was present, this is in my opinion not that large of an effect.
The snide around "clicking on links is dangerous" and locking down the bootloader is unwarranted, because for most people a phone is not a toy (or at least, not just a toy) - it has their communications history, their bank information, their passwords, any many more. And it's really easy to steal people's phones on the subway. This isn't about freedom of computing, this is about the fact that an iPhone in BFU is nearly as secure as a GrapheneOS phone.
There are many problems with Apple software. It's buggy, uses proprietary formats that you can't export, and interoperable with open standards. It's bad, and is the primary reason why I won't buy another iPhone, but Macs have that same problem. On the other hand, being cryptographically locked-down is an optional feature. If you don't like it, buy a computer without that feature. It's harmful to us, to tinkerers and people who want to see how things work, but the average person does not care at all and just wants to be able to open LOVE-LETTER-FOR-YOU.TXT.vbs without having their 401k get drained.
reply