We should have the ability to run any code we want on hardware we own

(hugotunius.se)

2071 points K0nserv | 3 comments | 31 Aug 25 21:46 UTC | HN request time: 0.001s | source

Show context

kristov ◴[01 Sep 25 13:05 UTC] No.45092413[source]▶

I think the conversation needs to change from "can't run software of our choice" to "can't participate in society without an apple or google account". I have been living with a de-googled android phone for a number of years, and it is getting harder and harder, while at the same time operating without certain "apps" is becoming more difficult.

For example, by bank (abn amro) still allows online banking on desktop via a physical auth device, but they are actively pushing for login only via their app. I called their support line for a lost card, and had to go through to second level support because I didn't have the app. If they get their way, eventually an apple or google account will be mandatory to have a bank account with them.

My kid goes to a school that outsourced all communication via an app. They have a web version, but it's barely usable. The app doesn't run without certain google libs installed. Again, to participate in school communication about my kid effectively requires an apple or google account.

I feel like the conversation we should be having is that we are sleepwalking into a world where to participate in society you must have an account with either apple or google. If you decide you don't want a relationship with either of those companies you will be extremely disadvantaged.

replies(33): >>45092481 #>>45092502 #>>45092525 #>>45092559 #>>45092576 #>>45092623 #>>45092669 #>>45092781 #>>45092939 #>>45092947 #>>45093038 #>>45093048 #>>45093123 #>>45093260 #>>45093421 #>>45093478 #>>45093537 #>>45093699 #>>45093704 #>>45094027 #>>45095844 #>>45096340 #>>45096654 #>>45097801 #>>45098763 #>>45099066 #>>45100986 #>>45102151 #>>45102555 #>>45103765 #>>45103863 #>>45104157 #>>45105475 #

pdonis ◴[01 Sep 25 15:48 UTC] No.45093699[source]▶

>>45092413 #

To me the point where the law needs to intervene is the bank or the school. You need a bank to function--that means the bank should be prohibited by law from tying you to an app from a particular company, whether it's Google or Apple or anyone else. You should be able to access their functions using any client that supports the appropriate open standards (such as web browsers).

Similarly, if the school is going to have control over your kids, the school should be prohibited by law from requiring you to use an app that's tied to a particular company. They should be required to provide you functional access using any client that supports the appropriate open standards.

replies(2): >>45093791 #>>45094686 #

1. adiabatichottub ◴[01 Sep 25 15:56 UTC] No.45093791[source]▶

>>45093699 #

You mean like if there were a standard (JSON, XML, whatever) format of document that you could cryptographically sign which would order a transaction to take place? Kind of like a digital teller's slip?

replies(1): >>45095795 #

2. pdonis ◴[01 Sep 25 19:26 UTC] No.45095795[source]▶

>>45093791 (TP) #

That would be nice, but how would the bank verify the signature? It's the same old key exchange problem all over again.

In any case, that's not what I was suggesting. I was simply suggesting that banks shouldn't be allowed to force you to depend on certain apps or app stores to get access to your money. Similarly, schools shouldn't be allowed to force you to depend on certain apps or app stores to take proper care of your kids.

replies(1): >>45096311 #

3. adiabatichottub ◴[01 Sep 25 20:23 UTC] No.45096311[source]▶

>>45095795 #

> That would be nice, but how would the bank verify the signature? It's the same old key exchange problem all over again.

I suppose you could print your public key as a QR code on a piece of paper, or display it on a phone, or use a USB security key device, and physically give it to an authorized employee at a local bank branch. Or if there is a way to electronically open an account you submit it then, along with whatever other proof of identification is deemed acceptable. I think root of trust has been, and always will be, a hard problem. It's just about finding the acceptable level of risk. Security is weaponized inconvenience.

Edit: Just to think down that road a little further, I expect the issue exists because the solution chosen by the school/bank/gov't/business will not be the optimal one for users, but the most expedient for the org. They're going to do the lazy thing that works for 80-90%, because there currently is no better alternative that they can implement with minimal effort.

If we look at the past we see that postal mail and telephones became standard methods of communication, but you could always walk into an office somewhere and handle business in person. Now that last default is quickly being phased out. So what should be final fallback method of communication?

So I see two problems: there is no better way, and there is no required minimum. Both need to be solved.

↑