Hacker News new | past | comments | ask | show | jobs | submit login

I reject your implication that not being allowed to lock you out of your own device would somehow be equivalent to mandating official manufacturer support of arbitrary user modifications. I already provided what I believe to be a reasonable example of such a system. No manufacturer support is required beyond an interface for the user to disable key checks or possibly to replace the manufacturer's key with their own. Once you do so, you are in unsupported territory and everything that follows is entirely on you.

Perhaps an analogy would help here. For example, suppose auto manufacturers started welding the hoods of new vehicles shut. Suppose that legislation was subsequently passed which banned this practice and asserted that you have a legal right to access, inspect, manipulate, and replace the internals of a vehicle you own. This would not be equivalent to requiring the manufacturer to actively support such activity! It would only prevent specific undesirable behavior on their part.

> I support their freedom to build security countermeasures

This is a false implication about my position, and my previous post very clearly addressed this exact point. Providing the user with the means to optionally unlock things does not require that security be diminished. Functioning examples of this already exist in the wild.

> If they can lock me out with their technology, that is their right as author of the technology.

Currently, yes - from a legal perspective. For the public good, that needs to change. We have ample evidence at this point that we cannot rely on the market to make choices in its own best interests in this case. The market consistently chooses the cheapest devices and the largest ecosystems; it does not appear to select based on the openness of the ecosystem. Meanwhile, manufacturers are actively walling off their ecosystems wherever they can get away with it. They often point to security when questioned, but I find these claims dubious at best. Meanwhile, their behavior demonstrably protects their profits while actively pushing our society towards a state that is very easily abused in a great many ways.

To my mind, such regulation is conceptually analogous to the ADA compliance requirements for certain types of buildings in the US. Without the ADA regulation, the market would almost certainly not choose to conform on its own. Nevertheless, it is clearly in the public's best interest for it to do so.

-----

Editing to add: Your belief that there are no known ways to break into an iPhone if it is up to date is almost certainly incorrect. This article (https://motherboard.vice.com/en_us/article/qvakb3/inside-nso...) from ~6 months ago was on HN at some point. From the article:

> He gave NSO that phone number and put the phone on the desk. After “five or seven minutes,” the contents of his phone’s screen appeared on a large display that was set up in the meeting room, all without him even clicking on a malicious link, he said.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: