←back to thread

Is it possible to allow sideloading and keep users safe?

(shkspr.mobi)
205 points ColinWright | 5 comments | 30 Aug 25 12:03 UTC | HN request time: 0.807s | source
Show context
enriquto ◴[30 Aug 25 12:59 UTC] No.45074254[source]
> Are you allowed to run whatever computer program you want on the hardware you own?

Yes. It is a basic human right.

> This is a question where freedom, practicality, and reality all collide into a mess.

No; it isn't. The answer is clear and not messy. If you are not allowed to run programs of your choice, then it is not your hardware. Practicality and "reality" (whatever that means) are irrelevant issues here.

Maybe you prefer to use hardware that is not yours, but that is a different question.

replies(7): >>45074265 #>>45074374 #>>45074385 #>>45074396 #>>45074529 #>>45074536 #>>45074595 #
hollerith ◴[30 Aug 25 13:16 UTC] No.45074385[source]
I don't want to live in your overly simplistic world.
replies(1): >>45074449 #
fleshmonad ◴[30 Aug 25 13:23 UTC] No.45074449[source]
How is this overly simplistic? It is pretty simple. You buy some hardware, and some company wants to force you to use their telemetry ridden, data collecting software under the guise of stupid people being unable to do a google search and comparing a string. I can safely say I don't want to live in your technocratic techbro wet dream.
replies(1): >>45074534 #
hollerith ◴[30 Aug 25 13:32 UTC] No.45074534[source]
Remote attestation is a useful capability. One example: it can be used to create a camera such that the photographer can prove that an image is an accurate recording of reality and not AI-generated. Without remote attestation, we will soon enter a state of affairs in which the courts (and anyone else, too) cannot ever rely on photographic or video evidence.

The banking system has been relying on remote attestation for decades to ensure that devices used in settling financial transactions have not been tampered with:

https://en.wikipedia.org/wiki/IBM_4758

Also, I think the chip-and-PIN cards used for most in-store transactions in Europe for the last 20 years rely on remote attestation and tamper resistance to prevent fraud.

Finally, in the domain of desktop and laptop computers, there is a big security hole in that most components (certainly, disk drives and storage devices, but basically any peripheral or board) are essentially embedded computers that can be pwned with the result that they stayed pwned even if the owner of the computer installs the OS from scratch. One solution to this would be for suppliers of peripherals and boards to get much better at securing their products or to stop using microprocessor to implement their products, but it would be quite a lot of work (and governmental intervention or at least intervention by industry-wide quasi-governmental entities that currently do not exist) to get from the current situation to the one I just described. The only products currently available that are secure against this threat (aside perhaps from using 40-year-old computers) use verified-boot technology to implement the security.

I.e., the only desktop and laptop computers you can buy where you can be reasonable sure some attacker hasn't installed malware in the computer's disk drive or track page or wifi module are things like Macs and Chromebooks, which implement the security using verified boot.

replies(2): >>45074572 #>>45074636 #
1. fleshmonad ◴[30 Aug 25 13:42 UTC] No.45074636[source]
I am sorry that free choice what software to install on your device goes against your existential fear of "AI extinction" as displayed in your profile description. I guess I was wrong, and surrendering all your rights, being tracked and used for datapoints that will in turn be used to train AI is actually good.
replies(1): >>45074713 #
2. hollerith ◴[30 Aug 25 13:53 UTC] No.45074713[source]
I don't think the "ethic" you are proposing (i.e., a consumer should have free choice of what software to install on their own device) has much bearing one way or the other on AI extinction risk.

Do you simply not care that this Linux computer that you have such warm feelings about is fairly easy to pwn (in part because of the lack of verified boot and in part because desktop Linux software is just much easier to pwn than the systems software on a Mac or a Chromebook or an iPhone or an Android phone) such that if you ever got to be an effective activist against some government or some powerful industrial interest, that government or industrial interest could fairly easily eavesdrop on everything you do with this Linux computer?

That doesn't sound much like protecting your individual rights.

replies(2): >>45074757 #>>45074836 #
3. fleshmonad ◴[30 Aug 25 13:59 UTC] No.45074757[source]
You're right. My loonixtard brain didn't grok this without your input. My device is going to be pwned because I didn't use a Microsoft verified image. Should I ever feel the need to start the revolution, I will make sure to use secure boot and use Microsoft windows using my employers account.
replies(1): >>45074839 #
4. 2paz7x ◴[30 Aug 25 14:09 UTC] No.45074836[source]
>this Linux computer that you have such warm feelings about is fairly easy to pwn

It's just not. Otherwise, all servers would be running your beloved iOS, wouldn't they?

>in part because of the lack of verified boot

This does not matter. I can generate my own keys.

>easier to pwn [...] than [...]an iPhone

Lol... If anything, phones are more vulnerable because you have less access to sandboxes and VMs.

Hey, look, an Apple CVE from two days ago. https://nvd.nist.gov/vuln/detail/CVE-2025-43284

And this one's from this month. https://nvd.nist.gov/vuln/detail/CVE-2025-43300

And here's Apple's sandbox failing, last month. https://nvd.nist.gov/vuln/detail/CVE-2025-43274

5. hollerith ◴[30 Aug 25 14:10 UTC] No.45074839{3}[source]
It appears that most PC makers didn't implement verified boot correctly (e.g., they negligently left sample keys in the firmware they shipped), which is why I avoided any mention of Windows in my previous comments.