"Imagine being an engineer at a company at Apple, and it being your job to design the mechanism that makes it so that machine cannot start up unless the chassis is fully sealed. Apple spent actual fucking money making sure that product would not work unless it is in the exact chassis they shipped it in."
That goes beyond not caring.
Honestly, I would not be surprised if Apple 'invented' the idea of 'integrated dongles' before their next keynote so they could sell you a $95 usb 2.0 port.
I'm willing to bet real money that they did.
While there are questionable practices by Apple and many other machine producers, what you can't argue against is that in limiting the hardware that MacOS has to work with, they're able to deliver a level of stability and user experience that you don't get with Linux.
Sure, it would be great if we could replace the batteries, if we could upgrade the memory, and easily fix broken parts, but that isn't the company's ethos. The company produces devices that are plug and play, high grade consumer electronics. Nobody forces us to buy these products.
Anyway, that being said, the framework machines look super interesting and if they were UK available, I'd probably get one for a non-critical Linux-based workstation.
As if choosing a $1k+ computer to use for years was equivalent to choosing the flavor of ice cream scoops.
The "voting with your wallet" argument doesn't work when there's several variables in play, and the optimal configurations don't exist on the market. Like e.g. I'd like to buy a computer that's just like Macbook, except with repairable/swappable/upgradeable components. Or a phone that's just like iPhone, except with replaceable battery, a headphone jack, and repairable home button. But I can't have them - even if I'm ready to pay a bit extra, and if I'd welcome a thicker device. These options literally don't exist. Nothing similar to them exists. Particularly on the repairability front, every vendor is choosing to just not offer it.
I am against billboards in space but I would make an exception for this quote.
That's the thing, making something plug and play and mostly "driver-free" would be very hard to almost impossible. Framework laptops look amazing but they will require at least a bit more maintenance and knowledge, and that is fine too.
1) How do we enforce that at smaller scales?
2) How would we prevent our regulation from squashing innovative solutions to problems, or enhancing safety in critical applications?
I agree that Apple shouldn't have to support random mods / hardware components / etc and that their selling point is "it just works".
But then again, they don't have to be dicks about it. If they're able to detect that the hardware has somehow been modified, maybe just show some message along the lines of "you've modified the hardware, we're not supporting this anymore, you're on your own" instead of bricking it.
Realistically, if your threat model is government secret services, and you're using unmodified consumer grade electronics, then you're in 'danger' no matter what. You can't effectively mitigate a threat at the state level using resources produced under the watchful eye of the same state. All they have to do is ask the producer to swap out the device they gave you with a device that comes compromised out of the box. And that's assuming the tech is perfect. Most likely they just hire someone to defeat the countermeasures. However many resources Apple has, I assure you even the most janky state has more.
Commenter above was saying though that the device's anti-tamper tech would save you from state level attacks. I'm just getting at the fact that that's not going to work, since if a proverbial 'they' want to take you out, there's other ways to do so you can't overcome. Just a few examples that came to me about how easy it is to foil anti-tampering measures.
> It seems obvious to me that if you're being targeted, tailed and tracked and probed, you've already lost.
Depends on which government agency watchlist you are. If you are some sort of Islamist terrorist, the tools that are open to the government are far more capable than if you are some sort of low level drug dealer.
I find it ridiculous that people build threat models around organisations with almost unlimited resources that will only care about you (enough to tamper with your hardware) if you have done something very, very wrong.
Security isn't a product.