←back to thread

We should have the ability to run any code we want on hardware we own

(hugotunius.se)
2071 points K0nserv | 1 comments | 31 Aug 25 21:46 UTC | HN request time: 0s | source
Show context
zmmmmm ◴[01 Sep 25 02:51 UTC] No.45088995[source]
> In this context this would mean having the ability and documentation to build or install alternative operating systems on this hardware

It doesn't work. Everything from banks to Netflix and others are slowly edging out anything where they can't fully verify the chain of control to an entity they can have a legal or contractual relationship with. To be clear, this is fundamental, not incidental. You can't run your own operating system because it's not in Netflix's financial interest for you to do so. Or your banks, or your government. They all benefit from you not having control, so you can't.

This is why it's so important to defend the real principles here not just the technical artefacts of them. Netflix shouldn't be able to insist on a particular type of DRM for me to receive their service. Governments shouldn't be able to prevent me from end to end encrypting things. I should be able to opt into all this if I want more security, but it can't be mandatory. However all of these things are not technical, they are principles and rights that we have to argue for.

replies(38): >>45089166 #>>45089202 #>>45089284 #>>45089333 #>>45089427 #>>45089429 #>>45089435 #>>45089489 #>>45089510 #>>45089540 #>>45089671 #>>45089713 #>>45089774 #>>45089807 #>>45089822 #>>45089863 #>>45089898 #>>45089923 #>>45089969 #>>45090089 #>>45090324 #>>45090433 #>>45090512 #>>45090536 #>>45090578 #>>45090671 #>>45090714 #>>45090902 #>>45090919 #>>45091186 #>>45091432 #>>45091515 #>>45091629 #>>45091710 #>>45092238 #>>45092325 #>>45092412 #>>45092773 #
josephg ◴[01 Sep 25 04:34 UTC] No.45089489[source]
My parents are getting old and they aren't tech savvy. The missing piece here is that I want my parents to have a computer they can safely do their banking on, without leaving them vulnerable to scams and viruses and the like. I like that they have iphones. Doing internet banking on their phone is safer than doing it on their desktop computer. Why is that?

The reason is that the desktop PC security model is deeply flawed. In modern desktop operating systems, we protect user A from user B. But any program running on my computer is - for some reason - completely trusted with my data. Any program I run is allowed to silently edit, delete or steal anything I own. Unless you install special software, you can't even tell if any of this is happening. This makes every transitive dependency of every program on your computer a potential attack vector.

I want computers to be hackable. But I don't also want my computer to be able to be hacked so easily. Right now, I have to choose between doing banking on my (maybe - hopefully - safe) computer. Or doing banking on my definitely safe iphone. What a horrible choice.

Personally I think we need to start making computers that provide the best of both worlds. I want much more control over what code can do on my computer. I also want programs to be able to run in a safe, sandboxed way. But I should be the one in charge of that sandbox. Not Google. Definitely not Apple. But there's currently no desktop environment that provides that ability.

I think the argument against locked down computers (like iphones and androids) would be a lot stronger if linux & friends provided a real alternative that was both safe and secure. If big companies are the only ones which provide a safe computing experience, we're asking for trouble.

replies(21): >>45089546 #>>45089576 #>>45089598 #>>45089602 #>>45089643 #>>45089690 #>>45089745 #>>45089884 #>>45090077 #>>45090112 #>>45090128 #>>45090605 #>>45090660 #>>45091074 #>>45091275 #>>45091454 #>>45091793 #>>45092007 #>>45092495 #>>45092746 #>>45114735 #
mcv ◴[01 Sep 25 11:24 UTC] No.45091793[source]
Good point. The current security model of desktop OSs sucks. I was recently reminded of this by an issue at work. I'm used to devs having admin rights on their laptops, but here they closed that down: you have to request admin rights for a specific purpose, and then you get them for a week.

I recently requested those rights again because I needed to install something new for a PoC I was working on, and that wasn't allowed anymore. But during onboarding I had those rights and installed homebrew to more easily install dev tools, and homebrew keeps its admin rights to install stuff in a directory owned by admin. So that circumvents this whole security model (and I did, for my PoC).

The problem is that it's all or nothing. Homebrew should have the right only to install in a specific directory. Apps shouldn't automatically get access to potentially sensitive data. Mobile OSs handle that sort of thing more granularly. Desktop OSs should too.

Because the overly restrictive security rules at my work are little more than security theatre when it's so easy to circumvent.

replies(2): >>45092174 #>>45092533 #
raxxorraxor ◴[01 Sep 25 13:25 UTC] No.45092533[source]
There is software that does exactly that. You install a software kiosk were users can pick from and users don't get admin rights.

Won't satisfy developers for long though because it cannot work.

The problem is that mobile OS security systems isn't fit to develop anything but shit. It is simply no solution for desktop.

replies(1): >>45095936 #
1. mcv ◴[01 Sep 25 19:42 UTC] No.45095936[source]
Well, one issue with the app store solution at my workplace is that you can still download anything, even if you can't install it. And executables can still be executed even from your downloads folder. Or your personal bin folder. So preventing people from executing unknown apps is not going to work that way.

But then again, we write and execute our own code, so of course we have to be able to execute unknown code.

The whole thing feels like an exercise in futility to me. It would make more sense to specify what rights a specific application should have. Let me approve the external urls it wants to visit, the folders it wants to access, etc. Shield everything else off.