←back to thread

We should have the ability to run any code we want on hardware we own

(hugotunius.se)
2071 points K0nserv | 4 comments | 31 Aug 25 21:46 UTC | HN request time: 0s | source
Show context
tzury ◴[01 Sep 25 01:47 UTC] No.45088695[source]
We need both options to coexist:

1. Open, hackable hardware for those who want full control and for driving innovation

2. Locked-down, managed devices for vulnerable users who benefit from protection

This concept of "I should run any code on hardware I own" is completely wrong as a universal principle. Yes, we absolutely should be able to run any code we want on open hardware we own - that option must exist. But we should not expect manufacturers of phones and tablets to allow anyone to run any code on every device, since this will cause harm to many users.

There should be more open and hackable products available in the market. The DIY mindset at the junction of hardware and software is crucial for tech innovation - we wouldn't be where we are today without it. However, I also want regulations and restrictions on the phones I buy for my kids and grandparents. They need protection from themselves and from bad actors.

The market should serve both groups: those who want to tinker and innovate, and those who need a safe, managed experience. The problem isn't that locked-down devices exist - it's that we don't have enough truly open alternatives for those who want them.

replies(23): >>45088735 #>>45088761 #>>45088840 #>>45088846 #>>45088867 #>>45088917 #>>45088924 #>>45088947 #>>45089091 #>>45089098 #>>45089274 #>>45089445 #>>45089853 #>>45090037 #>>45090783 #>>45091788 #>>45091834 #>>45092235 #>>45092332 #>>45092365 #>>45092417 #>>45092508 #>>45094664 #
mjevans ◴[01 Sep 25 02:17 UTC] No.45088840[source]
Incorrect.

Choice 2. Empowered user. The end user is free to CHOOSE to delegate the hardware's approved signing solutions to a third party. Possibly even a third party that is already included in the base firmware such as Microsoft, Apple, OEM, 'Open Source' (sub menu: List of several reputable distros and a choice which might have a big scary message and involved confirmation process to trust the inserted boot media or the URL the user typed in...)

There should also be a reset option, which might involve a jumper or physical key (E.G. clear CMOS) that factory resets any TPM / persistent storage. Yes it'd nuke everything in the enclave but it would release the hardware.

replies(6): >>45088909 #>>45088912 #>>45088914 #>>45088933 #>>45089048 #>>45091997 #
maxwelljxyz ◴[01 Sep 25 03:03 UTC] No.45089048[source]
I like the way Chromebooks do things, initially locking down the hardware but allowing you to do whatever if you intentionally know what you're doing (after wiping the device for security reasons). It's a pity that there's all the Google tracking in them that's near impossible to delete (unless you remove Chrome OS).
replies(2): >>45090320 #>>45094871 #
1. Krssst ◴[01 Sep 25 07:22 UTC] No.45090320[source]
I wonder if full device wipe would be the solution to "annoying enough that regular users don't do it even when asked by a scam, but power users can and will definitely use it".
replies(1): >>45090670 #
2. dvdkon ◴[01 Sep 25 08:16 UTC] No.45090670[source]
That's how bootloader unlocking has worked on Android phones for ages, and I've never heard of it being abused, so I think it's a good model.
replies(1): >>45090879 #
3. Krssst ◴[01 Sep 25 08:56 UTC] No.45090879[source]
If that comes to pass I hope that one would be able to install a regular firmware with full DRM support / banking app support which only differs by allowing one to install apps freely. I don't think that's the case currently with firmwares that allow root. The security implications are somewhat different (root is more permissive) but I guess that the kind of person that wants to run arbitrary apps also prefer root access (maybe not at the cost of access to everyday apps with bullshit protections however).
replies(1): >>45091871 #
4. dvdkon ◴[01 Sep 25 11:37 UTC] No.45091871{3}[source]
I agree, if Google's going to disallow "normal users" from installing apps from unknown sources, I'd like there to be some escape hatch other than the (increasingly blocked) nuclear option of rooting/bootloader unlock.