←back to thread

We should have the ability to run any code we want on hardware we own

(hugotunius.se)
2071 points K0nserv | 1 comments | 31 Aug 25 21:46 UTC | HN request time: 0.202s | source
Show context
tzury ◴[01 Sep 25 01:47 UTC] No.45088695[source]
We need both options to coexist:

1. Open, hackable hardware for those who want full control and for driving innovation

2. Locked-down, managed devices for vulnerable users who benefit from protection

This concept of "I should run any code on hardware I own" is completely wrong as a universal principle. Yes, we absolutely should be able to run any code we want on open hardware we own - that option must exist. But we should not expect manufacturers of phones and tablets to allow anyone to run any code on every device, since this will cause harm to many users.

There should be more open and hackable products available in the market. The DIY mindset at the junction of hardware and software is crucial for tech innovation - we wouldn't be where we are today without it. However, I also want regulations and restrictions on the phones I buy for my kids and grandparents. They need protection from themselves and from bad actors.

The market should serve both groups: those who want to tinker and innovate, and those who need a safe, managed experience. The problem isn't that locked-down devices exist - it's that we don't have enough truly open alternatives for those who want them.

replies(23): >>45088735 #>>45088761 #>>45088840 #>>45088846 #>>45088867 #>>45088917 #>>45088924 #>>45088947 #>>45089091 #>>45089098 #>>45089274 #>>45089445 #>>45089853 #>>45090037 #>>45090783 #>>45091788 #>>45091834 #>>45092235 #>>45092332 #>>45092365 #>>45092417 #>>45092508 #>>45094664 #
mjevans ◴[01 Sep 25 02:17 UTC] No.45088840[source]
Incorrect.

Choice 2. Empowered user. The end user is free to CHOOSE to delegate the hardware's approved signing solutions to a third party. Possibly even a third party that is already included in the base firmware such as Microsoft, Apple, OEM, 'Open Source' (sub menu: List of several reputable distros and a choice which might have a big scary message and involved confirmation process to trust the inserted boot media or the URL the user typed in...)

There should also be a reset option, which might involve a jumper or physical key (E.G. clear CMOS) that factory resets any TPM / persistent storage. Yes it'd nuke everything in the enclave but it would release the hardware.

replies(6): >>45088909 #>>45088912 #>>45088914 #>>45088933 #>>45089048 #>>45091997 #
1. echelon ◴[01 Sep 25 02:38 UTC] No.45088933[source]
This.

We need a mobile bill of rights for this stuff.

- The devices all of society has standardized upon should not be owned by companies after purchase.

- The devices all of society has standardized upon should not have transactions be taxed by the companies that make them, nor have their activities monitored by the companies that make them. (Gaming consoles are very different than devices we use to do banking and read menus at restaurants.)

- The devices all of society has standardized upon should not enforce rules for downstream software apart from heuristic scanning for viruses/abuse and strong security/permissions sandboxing that the user themselves controls.

- The devices all of society has standardized upon should be strictly regulated by governments all around the world to ensure citizens and businesses cannot be strong-armed.

- The devices all of society has standardized upon should be a burden for the limited few companies that gate keep them.