- 20 years ago it was impossible to buy a PC, especially a laptop, without MS Windows : today there are several suppliers: System76, LaptopWithLinux, TuxedoComputers, to name but a few.
- It is only in the last few years (less than 10) that Linux is perfectly usable on the desktop, so I don't care what decision MS will take for Windows, it is irrelevant if you have other options. For office suites we have: LibreOffice, OnlyOffice, FreeOffice
- FreeBSD has come a long way as a desktop too,in the long run will be usable as Linux
- There are now many alternatives (free or paid) to all the Google services. What Google decides to do with its own services is irrelevant to me, there are alternatives: ProtonMail, Tutanota, Infomaniak, OpenStreetmap, MagicEarth, OrganicMaps, ...
- There are several open source alternatives to Google Android, solid, complete and usable: Iodè, e/OS, to name a few, and we already have an open source app store: F-Droid.
- Linux is also making huge improvements on mobile phones (see PinePhone). It will take a few years, but I'm sure we'll have a viable alternative to Android in the near future.
- There are many messaging apps and protocols that are decentralised and resistant to censorship.
What is really in danger, in my opinion, is net neutrality and the clamps that Google and other big tech companies and governments will try to impose, but in the recent years we have seen a rise of decentralised protocols and services.
My humble suggestions:
- don't use the services of the big tech companies : look for and use only open source alternatives, if possible
- use an open source version of Android on your phone, without the Google services
- prefer decentralised solutions whenever possible
just like living the hermit life, leaving all of these services behind is surprisingly alienating.
I say this as somebody who has done several of these and is trying to continue to expand. but damn, the is a lot of stuff that you miss out on and I'm starting to be squeezed by the losses to move back.
I guess I'm saying, even though I feel driven by a massive moral imperative to engage with technology in that fashion, I find it absurdly difficult to the point of failure. I'm not ready to be a hermit.
Just rebuild what you're missing, and share. In the journey to do so you will discover some of the most interesting primitives out there, and everyone gains, instead of a few unrepentant Gatekeepers.
This is missing a very important part of how certain software became de facto standards: by achieving dominating market share, which, in turn, was achieved by shipping working software with passable UX, ruthless business practices, making governments use the software, and making schools teach the software.
I'm writing this because the software is already there. There are decent alternatives to most things, sometimes multiple. What isn't there is government adoption, and commercial adoption.
I agree and the fact the governments prefer commercial and costly software instead of adopting open source solutions and hire local companies for support and custom development is very disturbing : they spend the taxpayers money to make rich a bunch of already disgusting rich companies. And when this company is a foreign company the damage for the state money balance (and citizens of course) is double.
That's exactly right and I think it's no much "preferring", rather than getting different deals from these companies like Microsoft. MS has already been caught specifically, but also I think that this phenomenon is hardly exclusive to software, it's just part of how the government, or rather the individuals in government, go about their business. In the third world it's practically an open secret, and I don't have doubt that basically every government works like this.
Also, large companies offer quite robust support, deals to implement specific features, compliance with different regulations, etc. I know from experience that one thing I like about dealing with large entities is that they have many corner cases already figured out.
You can, of course, pick your level of engagement, and make adjustments over time. An Android phone can provide all the engagement you need, and there are lots of distributions that focus on providing different experience. I'm using a stock Android phone and Linux everywhere else. My current phone isn't rootable, (I bought it to replace a lost iPhone and didn't have time to do research) so I'm stuck with stock, but my next phone will be. I'm still way happier on Android than I ever was on iOS.
If you really want to have your foot in both worlds, you can always live the two-phone lifestyle. Might go that way myself eventually.
I've been happily living on android for maybe 5 years now after iOS for maybe 10 before that. I don't really miss it at all, but the tier system is hard to ignore. besides the infamous "green text" phenomenon, iOS tends to get the apps for applications that only support one, or in my car, android auto only takes up the top half of the screen whereas car play uses the full display. and of course, the software ecosystem for the Subaru infotainment is completely proprietary and non-user-serviceable so I can do nothing about it.
but that's just how it is, choosing free, ethical software is choosing a life of austerity and alienation.
Alienation I can see, but austerity? One of the things I plan on doing is building custom UIs for all the apps I usually use. Termux on stock Android is hobbled by unremappable key bindings that make using the Super key almost impossible, but when I can finally actually control the computer I carry around in my pocket all day, a blank canvas I can mold and shape is infinitely better.
I bet your Subaru is probably hackable, all these things run Linux under the hood, wouldn't be surprised if there were already a group of people on Reddit that have already done it. Lonely, this lifestyle does not have to be.
> your Subaru is probably hackable, all these things run Linux under the hood,
Years ago I would have said “much more likely to be QNX since a car always has a RTOS.” These days it’s likely Android Automotive, which has a massive share now. Note: despite the name it has nothing to do with “Android Auto.”
Overall, hacking on a car, even infotainment, seems very difficult. They really don’t want you to have any control over it.
I live that two phones lifestyle. One is being iPhones SE 1st Gen., the smallest one; another is being Google Nexus 6P ¹
While in theory that works, in practice I bear just iPhone all the time. With Android on the shelf most of its time. I even started to turn off its Wi-Fi so it keeps being alive after a week of being untouched.
————
1 — I’m the lucky one who hadn’t been bootlooped, so I’m not on Pixel yet. Both phones are enough for me, performance wise.
Many businesses already have WhatsApp as the exclusive channel of communication. So its either have a Meta account, or become locked out of a subset of services. Not to mention how many work/social groups use also WhatsApp exclusively. To try to force everyone to use something like Matrix is an herculean task, which also requires maintenance.
And then there are all the government/school/work/authentication apps that are mobile only and exclusive to iOS and Android.
IMO its impossible to walk away from it. The ship has sailed. It is possible to move away as far as you can and keep these accounts and their usage to a minimum, but its time consuming and has little rewards against many obstacles. Atm I'm willing to put in the effort but I also totally understand it not being a reasonable option for most.
I predict you will never feel like you "win" .. Instead, find what else exists and use that ALSO not instead of.. paper exchange has some positive sides to it, expect much less volume and currency of course.. radio is not dead, etc
> - use an open source version of Android on your phone, without the Google services
Having tried this many times over the last 10 years, I have never encountered a stable, non-vendor Android distribution for any of my phones. Oh there are always multiple available Android images for most popular phones, however in my experience they are always unstable in ways that make them too much of a hassle to use. I have experienced bluetooth suddenly disconnecting from my headset and refusign to reconnect until i reboot the phone, WiFi drops connection and needs a phone reboot, unable to make phone calls or receive SMS until I reboot the phone, phone randomly reboots without any interaction. These are primary uses for my phone and if the primary functionality of the Android image is broken, I do not want to use it.
In the phone ecosystem, you have to choose the OS you want, and then buy a phone that is compatible with that OS.
If you buy a random phone and then try to find a compatible OS, your options will be very limited, or null.
GrapheneOS is, in my opinion, the most mature, serious, and reliable phone operating system, so I bought myself a Google Pixel specifically so that I could install GrapheneOS on it.
The options might exist, but that doesn't mean that they are viable/usable. I agree with many of your points, but regarding document processing, LibreOffice really does not compare with any of the best alternatives (Google Documents, Office Word). It lacks options, if the options exists they are hidden in obscure menus, it doesn't display many things correctly (at least on my Linux computer), etc. For document processing, I'm still stuck on Google Docs, which is quite a sad state of affairs.
I prefer LibreOffice so much more over Microsoft Word and Google Documents.
yes, with LibreOffice, often options are hidden somewhere that I wish there was just an autocomplete box to type in what I'm looking for (e. g. "Page numbering", "page break l");
BUT: finding those options in Word is complicated as well, and on top of it it reshuffles with every new version
> 20 years ago it was impossible to buy a PC, especially a laptop, without MS Windows : today there are several suppliers: System76, LaptopWithLinux, TuxedoComputers, to name but a few.
Buying components and assembling them yourself has always been an option for desktops (and IMO the best one). For laptops, I bought a Dell with Linux ~15 years ago - not quite 20 but close enough.
> It is only in the last few years (less than 10) that Linux is perfectly usable on the desktop, so I don't care what decision MS will take for Windows, it is irrelevant if you have other options. For office suites we have: LibreOffice, OnlyOffice, FreeOffice
Linux has been a perfectly usable desktop OS for a long time. I know because I have been using it for well over 10 years and have not missed the sorry excuse for a OS that is Windows.
If anything, there are certain actors trying to lock down Linux to build their own walled garden. Of course being open source makes this harder but they do try and with hardware-backed crypto requirements may eventually succeed - source won't help you if whatever you build with it won't match the whitelisted checksums.
> There are many messaging apps and protocols that are decentralised and resistant to censorship.
Which is an improvement on a single Gaim/Pidgin being able to connect to all networks you can think of? We hardly need more messaging protocols and apps.
Would be nice to have a Linux phone where one could run ios and google android in a vm. Same way I run my computer. Level 1 hypervisor and all flavors on top. Max control, max options, max nerd.
Oh, do you mind elaborating on this? I’m looking for a way to organise my PC with similar approach. I thought of minimal Arch Linux installation as a host, and macOS (or Windows for very special cases) on top, when I need those GUI apps that aren’t present in Linux. I see no need to keep Linux apps in a VM.
Thank you for most of the points, it's easy to miss the good parts of development of the recent years.
I don't however agree with this one: "It will take a few years, but I'm sure we'll have a viable alternative to Android in the near future." I think many essential apps (such as banking, or "less essential" such as for bike- and car-sharing) will start requiring device attestation as soon as even low-end Android phones start shipping with hardware TPM.
Yes, I agree that this will be the critical point, but ... it all depends on the critical mass of users. About 20 years ago there was no CAD software for Linux, no IDE for rapid development and now we have tons of incredible tools in all areas: FreeCad, Blender, Lazarus, KDevelop, QT Creator. JetBrains produces incredible cross-platform development tools.
The same revolution that happened on the desktop can happen on mobile. The people at Pine64 are creating incredible and affordable devices, and this is just the beginning. The open source revolution is spreading from software to hardware (Risc-V processors for example).
In my lifetime I have seen Linux and open source software in general make incredible progress. And it is not only a technical aspect, but also a different way of living and seeing the world: hundreds of thousands of developers working together for the benefit of the most, beyond any language, geographical or political boundaries.
It also depends on the choices that each of us will make to stop supporting and encouraging predatory and monopolistic regimes, and instead make choices to preserve our freedoms as individuals, which are more important than the last "nice features" in expensive and proprietary gadgets that imprison us and our data in closed kingdoms.
Oh, I have a nice contribution to your comment! I use some taxi apps (very infrequently), and sometimes I need to call it for someone else, not in my current location. Sometimes there is a promotion catch with, say, 20% discount. Which is applicable only for a personal ride (e.g. from your location), but if you ask a taxi to bring someone to you (e.g. from other location to your location), well, then sorry, not applicable. I used to trick the app but faking my location on my Android with gps-fake app (don’t remember the name, mine was from f-droid). I bet taxi services are not happy about that kind of a customer. Giving it some thought: still a returning customer. Sometimes it’s not just the money thing for me, but the challenge of whether the algorithm could be tricked.
Can anyone elaborate on Free Office? I checked, it was first submitted to AUR in 2013, but it’s the very first time I hear the brand. I use Libre Office and I tried OnlyOffice as well. Of course I know Open Office, which Libree Office was, once upon a time.
But I never seen in any shape of form Free Office. I couldn’t find even Wikipedia article about them. Their website looks dull to me. What is it all about?
Me, I’m looking for a way to fool people that claim they need Windows when they need browser and Office by installing Linux (possibly with some similar looking shell) and some Office suite that looks very similar. Is Free Office that thing?
FreeOffice exists since many years. It is free for personal use. It is a light and complete office suite. It is a good alternative to LibreOffice, also if not so rich in features.
Just tried to install it from AUR, and it didn’t run on my Arch Linux system.
`$ freeoffice-textmaker`
Critical System Error: Unable to open X Window display. <:0>
I assume it doesn’t support Wayland. And I don’t support X, I don’t use it and if an app doesn’t work on Wayland, I won’t use it. May be useful for someone else, who doesn’t tolerate Wayland being unsupported.
While I share the author's fear, the timeline they created doesn't really work.
1. Windows 10 S has mostly been a failure.
2. Web Environment Integrity, while horrifying, has not been rolled into Chrome! It's an early proposal. We should work to ensure it goes nowhere.
3. The above greatly pushes out the plausible timeline for events currently listed next to 2024, 2027, 2028, 2029, 2031, and 2032.
An aside, I don't find "Apple enforces notarization" to be significant, since it only applies to code-signed applications. It would be better to list "2012 – Apple blocks unsigned apps by default on Mac" and "2016 – Apple hides option to allow unsigned apps from the Mac GUI." The rollout of System Integrity Protection should be in there too. I'm personally not against any of these changes in isolation, but they are absolutely part of the slippery slope the author is trying to highlight.
Maybe I'm nitpicking, but I think the article would be more powerful if the content was more plausible. If you already agree this is a problem, the specifics don't matter, but if you're trying to show the pattern to someone new, the facts you present are important.
Agreed. (Except for the part where you're not actually against of these changes in isolation. I was against all of them.) Notarization is one of the most misunderstood aspects of Mac lockdown. It was just another annoying layer atop the preexisting system of Gatekeeper and Developer ID.
Also missing on the Apple side are crucial dates such as 2007, the introduction of the locked down iPhone, and 2008, the introduction of the crApp Store.
Apple did a bait and switch with iPhone lockdown. Many people seem to forget that it wasn't initially justified in terms of protecting the end user. Rather, it was justified in terms of protecting the cell phone carriers, i.e., "Cingular doesn’t want to see their West Coast network go down because some application messed up." Which we knew was total B.S. at the time, but that was the initial story. The Orwellian move was later made to change the story, and now it has always been about protecting the end user (from themselves).
> Rather, it was justified in terms of protecting the cell phone carriers
I don't remember that at all. I do remember Jobs resisting the app store because he wanted everything to be a web app though (despite resisting the move to responsive web design).
2.5G and 3G networks were bad at the time, and many phone plans that included data had unlimited data. The only thing that kept them up was the fact that so few people had data-capable smart phones.
One of the big Windows 10 S problems is back in Windows 11, though.
1. You buy a device with Windows 11
2. The out of box experience demands you add a Microsoft account to proceed past it. There are workarounds for this, but mostly they are getting shut down.
3. You can't even get into the UEFI to install another OS without signing up to a MS account, because the UEFI is accessed via an OS level advanced startup option rather than the "press delete at bios screen" of the past
>> One of the big Windows 10 S problems is back in Windows 11, though.
>> 1. You buy a device with Windows 11
I realize i'm techy an have techy friends, but I dont know anyone who has purchased a Windows machine in a decade. No one in my household, none of my friends, no office i've been at since 2017.
The only interaction I have with windows is an old laptop used for MS Visio, which immediately dual-boots to Ubuntu when visio use is over.
I rarely see anyone at conferences with anything but a macbook.
My assumption was that the 30% market share windows has (https://gs.statcounter.com/os-market-share) is from old-school corporations, government, city hall, etc. Am I missing something?
1. You're in a tech bubble. For a counter anecdote, the only Macs I encounter are those provided by my US employers in the technology sector. The US is particularly high in Mac market share, California more so, and the bay area may be the one Mac OS majority desktop/laptop share region on the planet.
2. Windows laptops don't get replaced that often. I know it's hard to believe from a tech/heavy user perspective, where it may feel like a 4 year old Windows laptop is so outdated and you need to replace it, especially if it was not one of the models that rival the Mac in price, but for the average user a Windows machine reached the point of being good enough for their uses in the Windows 7 era. This is because their uses (a) are not that strenuous (typing up office documents, posting on social media) and (b) unexciting, so they don't feel the need to upgrade the way they might with their smartphones. Notably, these users are also _not_ going to computing conferences to be spotted by you, or bringing their laptops to coffee shops (they have smartphones for that), etc.
Note that despite that, Windows still has the majority of new sales in the US, steady for the last 3 years at 55% to Mac's 30%, and the decline in the years prior to that were mostly driven by iPads and Chromebooks, not Macs - the big jump in Mac market share in 2019 seems to be iPads being merged into the mac category, as iOS's share in this space disappears at the same time: https://www.statista.com/statistics/272667/market-share-held...
I can't read the source without an account, but 55% + 30% = 85%. Is the last 15% Chromebooks? (I guess there's also traditional desktop Linux but I can't imagine that's more than 2% at most.)
Yeah, Chromebooks, Android (tablets presumably, or it would be first), Linux, and unknown.
I guess they're either rate limiting by IP or checking referrer, since I can't open it again either. Chromebooks were at 7% as the next largest segment, but I don't remember the relative shared of android tablets, linux or unknown.
That's 30% among all devices, the percentage among desktops/laptops is much higher.
You are living in a bubble. I don't know how large it is, but especially in non-web, non-multimedia offices, Windows is the default. Most serious CAD software is Windows-only, some outliers also support macOS. That old ugly accounting software the company uses only runs on Windows and nobody bats an eye.
My laptop (Lenovo X1 yoga) is less than a decade old, it came with Windows.
The laptops at work all run Windows.
My desktop used to run Linux, but I downgraded when I got a (Windows-only) rift s. Since Facebook foobared that, it'll be Linux again if/when it gets replaced.
I don't think Windows 10 S was a failure, but it was never aimed at the average consumer, rather than institutions who operate extremely locked down devices, like information kiosks, or school or library computers. These organizations need very efficient fleet management tools that can be operated by a small (even part-time) IT professionals.
> 2016 – Apple hides option to allow unsigned apps from the Mac GUI.
Are you referring to System Settings? There was always a more convenient option which continues to work: right-click and select “Open”. Granted, you have to know that’s a solution and most people don’t (including developers, who recommend cumbersome methods in the documentation of their own apps), but the option was never removed nor is it hard to do.
I think having to right click and select “open” is effectively hiding the option from the GUI, since the assumption would be that does the same thing as double clicking. The whole point of a GUI is to be discoverable, and that workaround is very much not obvious or discoverable. If you right clicked and it said “open regardless of security concerns“ or something like that, then maybe it would qualify. The original article says the option was hidden from the GUI, not that it’s impossible to do.
^ Yes, this is what I meant by "hidden from the GUI". Apple is purposefully obscuring the process. If you double click, the OS tells you "this Application is damaged" which is at best leaving out key information and at worst deliberately misleading.
As I said in my original comment—I'm not necessarily against these changes in isolation. I think macOS handles the balance reasonably well. However, if you take these changes together, the throughline is clear. We went from "don't worry, Gatekeeper is entirely optional and easy to turn off" when it was first introduced to "don't worry, advanced users who can use the Terminal or know the specific hidden incantation can still bypass Gatekeeper."
I don't get the impression that this was written with everyman in mind. The "someone new" won't understand the plausibility therein; better to appeal to the influencers that do.
> I mean, if you're only writing for people who already agree with you, why bother at all?
To give those people, who may not be articulate or knowledgeable enough to explain the intricacies of a problem, the capacity to argue for or against a point when engaged in conversation.
For example, there are people who are against behavioural advertising but they may not be able to cite specific examples of how it’s harmful, or how much, or to whom. Thus they would research those questions and make a post so others in similar situations are able to have informed discussions with those in their lives who don’t think behavioural advertising is a big deal.
Okay, but it could do that more effectively if they picked better events for their timeline.
I feel like the article, as it stands, basically only works on the basis of "the boiling frog of digital freedom" as a concept that people already feel is happening. Unfortunately, the actual details are poorly chosen—which don't matter if you're already bought into the concept, but are imperative otherwise.
My answer was more about the general reason to do it. I agree in the specific instance of this article, which is why I gave a different example. I meant to point that out in the original post.
Use `spctl --status` to see the status of Gatekeeper.
If Gatekeeper is enabled, the binaries you're downloading must have been signed by a valid developer ID. IIRC binaries you compile yourself get whitelisted automatically.
There is one interesting force acting against that though (or it would probably already have happened). It is the simple fact that most people that are competent enough to actually implement these things also understand the problems with doing so. For the most part anyway. If we could just agree to not do that... well, what are "they" going to do?
And of course: we owe it to the web to use Firefox. The Chrome clones are only stalling; not counteracting the impending monoculture even one bit. It doesn't matter how fancy their marketing is.
Yeah, chrome and google in general are the first in line to cause problems.
There are many browsers, many apps, many everything... you can switch whenever... but the DRM and attestation pushes with browsers (and mobile devices) means, that sure, you can use a different browser, but your bank, your streaming service, your newssite might not work unless you're using chrome with drm and hardware attestation. This is already true with many banking apps, where you cannot even start the app on a rooted phone, a phone with an unlocked bootloader or even just a phone that's "not on the list".
So yeah... google is the silent killer of the "free interet" and te world happily follows... sadly.
If the ecosystem is based on open source software, the community will fork it like it always does when someone tries to control it.
You’ll end up with a fork of Chromium/Blink that doesn’t have WEI. And it will be used to surf web sites. While the official browser from Google would be used to access sites that require WEI attestations. Just like the Bank of America app would.
Corporate power in pushing Chrome for everything can be limited if we have open source alternatives. Look at Firefox and what it did to M$IE, which had the full power of Micro$oft behind it. That only happened because Netscape chose to OPEN SOURCE their code base. They couldn’t beat IE on their own, but the open source community could.
Well, that and WebKit, which was basically adopted by Apple (Microsoft’s competitor) from another open source browser, Konqueror! And that led to Chrome, Chromium and Blink etc.
In short — open source is the best way we can check corporate power on the software side.
On the hardware side, it’s far more difficult, and if the vendors choose to ban any “unapproved” apps (eg requiring Safari WebView rendering engine in all apps on non-jailbroken iPhones) then the best tool we have is government antitrust laws. Maybe one day, in that area too, open source hardware will be the people’s best weapon. But not today :-/
Sure, but if netflix, your bank, your power and water service, and a chat app, where 80% of your contacts are only support chrome, what will you do? Many banks already require hardware attestation from google for mobile apps and mandatory 2FA via that app is a pain on a rooted phone and workarounds are painful.
I mean sure, you can just not-use those services and not chat with everyone else, but that's a bad solution.
I used to think this way and even made a browser extension to facilitate it (Browser Routr). Yet increasingly one must use Chrome or deal with random breakage and failed purchases because web devs cannot be bothered to try anything not Chrome. Sometimes even Safari is broken.
The problem is Blink might just be too big for what little community exists to feasibly maintain it. If it is just a Chrome that doesn't work an select asinine sites, it isn't in a great position to catch on. And perhaps most important; the point is to have something viable before that even needs to happen.
Then switch from these services while they are still only a few. Revenue is a language they understand. I never understood why anyone would even want a banking app though; there is nothing int can do that a website can't.
The browser war can at least still be won or settled; mainstream apps are a lost cause outside the legal arena.
Edit: and by switching i don't mean going to some tinfoil grayweb nonsense. Go to their direct competitor.
I think the problem with the revenue rhetoric is that these services are consumed by the general consumer and the people that read this discussion generally are only a neglibile size of that market segment. So, even if all HN readers affected and all wired reader, etc changed service due to this discussionit would still be a rounding error on that company's report sheet in the end.
> I never understood why anyone would even want a banking app though; there is nothing int can do that a website can't.
Some banks are phasing out code cards or SMS verification for 2FA, and the only way to get the second factor for logging into the online banking website on your computer, is to use the bank’s app on your phone.
Obviously other solutions could be implemented if the bank chose. But if the bank does not choose to implement those other options, and instead requires the use of their app, then that explains for the OP’s sake some of the interest in running the bank’s app instead of solely using the website.
Ditto. I must have spent 10 full minutes clicking all through my bank's website before I finally realized their phone app provided the only possible way I could make a Zelle transfer.
My HOA started mandating Zelle as the only way they will accept payments. So now it appears that I have no choice but to use a device that supports my bank's app if I want to avoid getting a lien put on my house.
> Does it not count as a debt, that they have to accept cash ("legal tender for all debts public and private") for?
Let me tell you how that tends to go down in the real world. The HOA doesn't have a physical office or anything. It's some random address and random suite. Maybe it's a document processing company or some other third-party processor. There's some non-trivial chance that some $15/hr kid who may or may not have been raised right is opening the envelopes and feeding the contents into a scanner.
So I stuff my HOA dues in cash in an envelope and then go down to the post office to stand in line and get it delivered certified with a return receipt. I get the return receipt. Then the HOA puts a lien on my house. I say, "But I made the payment on time!" Then they say, "Naw-uh." Then I say, "Sure I did, I sent it in cash and I have a return receipt." They say, "We have no idea what you're talking about."
<sad trombone>
> Or there should be the option of opening another account, at a less tyrannical institution, to use for those payments.
How can I find out which ones let me use Zelle through their website? I don't trust anyone I can find at a branch or on the phone to give me the correct answer, because chances are they all personally use the phone app and really have no idea. I guess I can start opening up random accounts with random banks until I find one that works. For now.
I think we're missing the point entirely by talking about cash and hopping around banks and all that. The point many people are trying to make here is that life is already being made unreasonably difficult for those of us choosing to use Libre computing platforms, and there's a plausible reality in the future where choices go from inconvenient to scant to nonexistent.
I did, i use firefox for example, but with mobile phones, what's the alternative? Apple and its walled garden? And when filing my taxes only works via chrome, how do i switch countries easily? Move because of a browser limitation and leave everything behind?
Not that it is for everyone; but i have used Sailfish OS for just about 10 years, and it has been quite fine.
Any country that isn't a total sh*tshow will have accessibility regulations around that. Let the accessibility folks fight for you.
That same logic says you should not vote either.
If even some 10-20% of IT professionals (with salaries to match) up and leave for a less shit bank, trust me, they will care.
You assume there is a “less shit bank”. Not everywhere is like the USA with a wide choice of banks. In some countries the banking landscape has, through mergers, become limited to just a few choices, and they all require SafetyNet attestation for their phone apps.
"voting makes no difference" is one of those rules which apply really well to the individual, but if you apply them to a larger group of people, they become wrong.
You would be trading one kind of "shit" for a much more real and serious kind of shit - at the new bank, you'd either be more likely to get your account drained in ways that are hard to reverse, or you'd be forced back to using dedicated hardware smartcard readers of the type that were common before mobile apps became widely used (at least were common in Europe).
If your bank account gets drained and you'd made a big song and dance about how you selected that bank specifically because it had less security on its mobile app, well, nobody will have any sympathy for you.
If your bank is equally secure but uses dedicated hardware devices instead of smartcard readers, then all you did is swap one bit of secured hardware for another, making your life less convenient and in return for what?
A bank has to know it's communicating with the real human who owns the account and not a hacker. It's going to achieve that one way or another. You'd be much better off accepting the tech and finding ways to achieve your goals within it, like by setting up a project to maintain whitelists of known good/secure OS builds. You can then make libs that wrap SafetyNet and eliminate the false positives. Even if banks don't start using it anytime soon, other smaller companies might and it's a place to start. Of course the fact that virtually nobody cares about custom operating systems to begin with is the biggest hurdle you'd face, not the tech or business requirements, but that is partly on the OS developers. You can't complain nobody cares about if you're not giving anyone a reason to care.
You use the word “forced” like it’s a problem? I hated it when my bank got rid of a nice secure card reader (which required my physical card and pin).
If my phone breaks or is stolen, I can’t actually buy a replacement phone now, as that requires spending money, which requires 2FA which requires my phone.
> That same logic says you should not vote either.
Indeed.
> If even some 10-20% of IT professionals (with salaries to match) up and leave for a less shit bank, trust me, they will care.
That's an impossible number of people to coordinate on something like this, and even if, I doubt banks would care. There exist no less shit banks, and retail is a rounding error anyway.
Banks aren't shit because of incompetence or a not-give-a-damb attitude. They're shit because it makes them more money, both directly and by reducing risks.
>I never understood why anyone would even want a banking app though; there is nothing int can do that a website can't.
A mobile phone app can let users "deposit paper checks from home" without ever driving to the bank branch by taking a photo of the check with the smartphone camera. Last time I looked into it, a desktop website couldn't enable check deposits with a webcam. (EDIT: I don't mean technically not possible. I meant that the banks deliberately chose not to have the websites utilize desktop/laptop webcams as an alternative to smartphone apps.)
Smartphone bank apps also have "push notifications" to immediately alert you of suspicious activity on your account.
But if one never uses the extra features that smartphones bank apps enable, then yes, desktop bank websites can be seen as perfectly equivalent.
Meanwhile most of the world hasn't used checks in 20+ years. Thank god for that.
But for completeness; browsers have been able to use cameras since before smartphones. So of course it can work just the same there.
"Suspicious activity" is such a bad strawman argument, i'm not sure how to address it.
"Just thought you'd want to know your money is gone, lol."
Either you do N+1 factor authentication for real, or you just shouldn't bother.
Browsers have had push notifications for quite some time now too... so even if it was a worthwhile feature, it doesn't need an app.
>Meanwhile most of the world hasn't used checks in 20+ years.
True, but the key word you used is "most". E.g. My home insurance refunds an annual dividend back to me and their method to pay me is paper check. Not an electronic direct deposit, nor a VISA giftcard, nor even a "credit" that can be applied as a discount off year's premium. It's a paper check.
>So of course it _can_ work just the same there.
Sure but that's talking in hypotheticals. Today, I have the reality of a paper check to deal with and Bank of America and Chase websites do not have options to upload images of checks for deposit. (Chase does have a paper check scanner option that doesn't require mobile phones but that's only for commercial accounts: https://www.chase.com/business/banking/services/quick-deposi...)
>"Suspicious activity" is such a bad strawman argument, i'm not sure how to address it. "Just thought you'd want to know your money is gone, lol."
No, you misunderstand. The better banking smartphone apps will require interactive approval from you to allow a particular suspicious transaction to happen. This prevents your money from being gone. (Example screenshot: https://www2.bac-assets.com/online-banking/spa-assets/images...)
> Browsers have had push notifications for quite some time now too...
No, web push finally came to Safari in iOS 16.4 which was just a few months ago in April 2023.
From the tone of your reply, it seems like you'd rather be argumentative instead of acknowledging that bank apps have some extra features that's convenient for some users.
The paper check scanner from Chase also (last I looked) cost a few bucks and needs an app on the Windows PC to process the data. That hardware is only useful when you process 100s of checks (eg: grocery store).
The real use for notifications is to sell things or get paid for services in-person without cash. The notification provides certainty that you've been paid, so you can hand over the item/stop hanging around after the service waiting to be paid.
Of course, a bank should be able to send you a text on the service of your choice. But they won't.
? Suspicious activity isn't about this. For instance my bank reports me when I get a double debit (e.g. go to a restaurant and get charged twice), when a regular expense increases (e.g. some monthly payment that suddenly goes up)...
My credit union let me deposit checks via uploaded picture on browsers back around 2008ish. Don't get me wrong, I did this by taking a picture from my phone and emailing it to myself to upload - the smartphone UX simplifies that. But this is a trail long since blazed.
Yes, this is one of those things that banks will sell as an add-on because capitalism. Credit unions will either just not have their act together on it (i.e. they contract with a bad service provider) or will have all kinds of useful stuff like this for free.
I really want a general-membership credit union with stellar technology, but I haven't found one yet. Does your credit union by chance offer open membership?
If you're in the US, write to the FTC and complain that this is discriminatory toward the disabled who may need special user agent accessibility features unavailable in Chrome.
Not if one doesn’t want to end up supporting Chromium in any way. Which one shouldn’t if they believe “chrome and google in general are the first in line to cause problems”.
On macOS, that leaves essentially Firefox and Safari. Except Firefox has no support for AppleScript so it’s excluded from a ton of useful automations and is thus not suitable as a daily driver for many people. So Safari remains. And Orion, which is also based on WebKit. Both are closed-source.
There are indeed many browsers if all you want to do is display webpages. But as soon as you have any hard requirement, be it ideological or technical, the choices drop dramatically. Unless you don’t mind supporting Google, that is.
Disagree. Money is a hell of a motivator. I know multiple people who say “yes my employer XYZ is doing horrible things. I’m at peace with it because they pay so well.”
> It is the simple fact that most people that are competent enough to actually implement these things also understand the problems with doing so. For the most part anyway. If we could just agree to not do that... well, what are "they" going to do?
Which is why we should shame every one of us that does do it.
> Which is why we should shame every one of us that does do it.
I don't tend to have the issues people are describing using Firefox for banking, paying bills, etc. And when I'm shopping for something at random and looking for the best price, if one site I've never heard of doesn't work (typically Cloudflare) I just go somewhere else. But Verizon reworked their back end within the last month, causing UBlock Origin to SCREAM (over 2000 blocked scripts and counting when all was done), although the real trick was spoofing as Chrome because until then only the page headers and footers would appear, not the body with the "Pay my bill" button. Opera was even worse, so somebody screwed up something badly! I was chatting with support all this time and they logged at least one ticket.
Thinking through the "public shaming" bit, if the issue reoccurs next month, I'm going to the Better Business Bureau. While they can't guarantee a resolution, it is a very simple way to publicly shame a company doing wrong.
Long term, I'm thinking we need to add "user agent" to the list of "protected classes", i.e. gender, race, sexual preference, etc. to really hammer the point home. While it's just a piece of software, there is a real person behind it. Bots need not apply. And from there perhaps a law or FTC rule to state that public web sites must be accessible by the public.
Just forget about that. If you don't, I'll take the google software engineer salary and build it.
The issue is not technological, it's a natural outcome of how people work on and individual, and on a societal level. Regulation is the closest that can affect this situation, but as it turns out, no large entity has the same goals as "the people" - hence, I'm not holding my breath. I am using Firefox and other FOSS software though, and contribute back what I can, donations, bug reports. It's a nice privilege.
> And of course: we owe it to the web to use Firefox.
Mozilla is hanging tightly on the Google's tit though. It won't be shocking to see Firefox deteriorate rapidly should it start gaining ground on Chrome. He who pays the piper calls the tune.
The point is that for the Firefox to gain more foothold Mozilla first needs to break the dependency on Google's money. And this won't happen without deep restructuring of the Mozilla corp, starting from the top and shedding all the blubber all the way down. The chances of that happening are next to zero. You can label that as "defeatist non-arguments" all you want, but that's a very unfortunate reality. Saying this as a die-hard Firefox user of almost 20 years.
On the other hand Firefox development could be paid with a small fraction of Mozilla's current budget. They are doing all kinds of un-/semi-related stuff. But of course, it remains to be seen if the organization could survive such a financial drought.
Which, in this world, can happen. The part that irks me the most isn't so much that, but that Mozilla is more than happy to suckle at that teat and not change the current status quo.
It seems like Apple is intentionally dragging its feet in implementing new web standards in Safari (webusb, webgpu, webmidi, bluetooth, filesystem, etc) in order to keep native apps relevant (which is a big cash cow for Apple).
It is the one Chrome fork that sees some development.
(Yes, of course the forkage was the other way). So while they do have a seat at the standards table, i can't say i see much potential (or results). They also don't offer it outside their own locked-down platform by the looks of it. I.e. they have permanently kneecapped their market-share to near-pointless levels.
I think the ship has sailed for the web. Many apps don't even bother with making functional webapps any longer; the go to market are mobile apps for the censorship platforms.
The web lost. Now it's just a transport layer for mobile app API requests.
Apps shouldn’t be web apps anyway. Local-first apps should be the default, in the context of digital freedom. The only exception being self-hostable web apps.
I see your point, in the sense that local software is in theory more permanent, more reliable. But the issue is more subtle that you are describing. Is the local-first program* free software, or proprietary adware? Is its sole function to communicate with some particular company's API? What is better for digital freedom, the Reddit website or the official "Reddit app"?
If a company is going to be gating their API behind some proprietary shovelware anyway, I would rather they write it in a plaintext scripting language (JavaScript) that runs inside a free software virtual machine (Firefox) which lets me intercept and control it.
*Yes, "program". How I hate "apps". Perverse term.
You are right, we also need open protocols. With Usenet or IRC or email (or even Reddit and Twitter until recently), local apps are perfectly fine, because everyone can write their own client if they want. That gives you more freedom than being stuck with a proprietary web app.
How about the common person being able to host without having to sign up for a "business" plan. Lookin' at you Spectrum for not providing the capability to manage PTR records in DNS without an artificial barrier and rent-seek.
Companies continue to encroach on what should be basic freedom to do network management. It's entirely intentional; to the point that I've about accepted there's a high-level of society push to enact as many barriers to reasonable liberty as humanly possible, all in the name of "Public safety" or some other transparent on further examination excuse.
You misunderstand.
The point is that online services now come with apps for no reason. Very few things are so local that what you say applies. Though those few definitely should be!
And as you are already on to, not all web apps are cloud. What can be on-device webpages (e.g. routers) should be.
We need a new philosophical movement for computer technology.
The Stallman movement failed because it was not practical for business applications. At the end of the day, coders & hardware manufacturers need to eat just like accountants, plumbers and doctors. Technology can't rely 100% on altruism.
What we need is something close to the Ethical standards of the Stallman movement, but also compatable with business owners.
These philosophical ethical standards should also be ingrained into VC culture & corporate culture.
The reason why Apple can propose to have something like CSAM, or Google banning someone account forever (Gmail, YouTube et al) because they had images of their naked daughter suffering from a skin disease (to be sent to the doctor).
The reason is that there is no ethical-philosophical compass guiding computer technology.
Tech Corporate MBAs only care about "playing it safe". I find them disgustingly spinless.
Until we have this ethical-philosophy developed, I only expect technology to used as a tool for manipulation and control.
Seriously, you think it failed? I think it succeeded wildly beyond anything anybody imagined at the time, to the point that very large entities threw everything and the kitchensink at it to try to make it fail. Which exposed them for the criminals they were.
We don't need anything that is more compatible with 'business owners' than what we've got. What we need is education, so that people stop telling each other that the free software movement failed, but instead point out that without that free software movement the operating system, the browser and the applications on the computer that I'm writing this on would not exist.
> "I think it succeeded wildly beyond anything anybody imagined at the time..."
Somebody needs their memory refreshed. What was imagined at the time is that nearly all proprietary software companies, particularly Microsoft, would have gone bankrupt or bowed to the inevitable necessity to release all their source code to the community under capital-F Free licenses and nearly all businesses that use software would be voluntarily contributing any code developed for their own use to the community also under Free licenses so that their code would help others and others' code would help them.
Needless to say, this has not happened. Instead, FOSS turned out to be an enormous free handout to businesses with very little contribution back to the community compared to the value received. (Yes, even the Linux kernel. If there were contributions to Linux by all businesses that use it that were even a tenth of what Microsoft charges for Windows, there would be a thousand full time kernel developers.) That is failure and developers are recognizing that by turning away from Free licenses to fake FOSS licenses like open core or shared source.
Businesses don't do free. It is not what they exist for: The 'Stallman movement' isn't compatible with the the tech-company, the employed software-engineer, etc.
I think what the OP is getting at is that the for-profit tech industry needs something akin to the Hippocratic Oath [1]. As software engineers swearing to a set of 'do no harm' ethical codes could well be a first step to becoming a recognised professional.
I can certainly see a future with a framework like that. If a doctor does something unethical it could affect the life of a few people. If a programmer does it, it could affect the lives of billions - it's not a hard sell that something like an ethical code is probably well overdue.
The for profit industry has been very happy to integrate the fruits of the FOSS labor.
And yes, we need an ethics framework for the IT industry, but we need liability more than that and I don't think either is going to happen in the next 10 years. Maybe if there is a mass death (> 10K people at once or so, a few 100 doesn't seem to have made a difference so far) on account of a software issue we will finally wake up.
> The for profit industry has been very happy to integrate the fruits of the FOSS labor.
Of course they are. They get free labour and their profits are therefore higher. which is the entire purpose of any corporation, to maximise profits. Being upset about this is futile, it's the artefact of living in a capitalist world. The free-software movement just isn't going to move the needle on that. They can either come up with a licensing model that pays, or get over it.
But really, this isn't about FOSS, it's about engineers everywhere (whether in FOSS or working 9-5 in a software company) making ethical decisions and understanding the impact of their work, on potentially billions of people. Critically, I think having something to point at, "this is the oath I swore to", when talking to a boss, could be just the thing we need.
I think this is one of the areas where software being treated as "not real engineering" caused some trouble. I went to school for electrical engineering and in my senior year they really pushed the idea of engineering ethics [1] and the personal responsibilities we had to whistle-blow.
There is this Order of the Engineer [2] that has their own oath akin to the Hippocratic Oath. I went down the software path so I never really looked into it, but my professors were very in favor of it.
> As software engineers swearing to a set of 'do no harm' ethical codes could well be a first step
Just like "don't be evil"? Which was actually enshrined in Google's corporate code of conduct for some time, and could even believed if you squinted the right way...
You can choose to interpret my comment as being about corporations if you like; however, I was talking about individual engineers. It is perfectly feasible for a professional oath/code-of-ethics to work, as it does in other industries. It doesn't mean you will never get a bad actor, but it adds a layer of protection to any engineer.
For example, you could imagine that once the code-of-ethics is standardised:
* Organisations that employ software engineers will feel obliged to publicly follow it (like they all have to have public policies around things like modern slavery, etc.)
* They would also be pressured to display it on job ads. Because why would an engineer want to work somewhere that doesn't follow the industry code-of-ethics.
* Engineers have something to point at as a reference to what is, and what is not, ethical. Allowing them to not appear be the only voice in an organisation who can see harm being done.
* It could well enable a union of software engineers take industrial action if the code of ethics is being broken. Which would be a PR disaster for any corporation.
At the extreme end, you could possibly see a future where engineers are 'struck off' of the professional body representing us (for unethical practice).
The only downside I see is that ethics and morals are mutable, so it'd be pretty hard to nail down a concrete set of ethics that are effective without overstepping. There are however plenty of smart people in this industry, so it shouldn't be beyond us to work it out.
Given your last paragraph, what is the net trend in society of that happening with enough speed to outpace other negative developments?
Would it be more accurate to say that the Free Software movement is in need for an update, or making next steps, to provide a better outlook in this regard?
Edit: Changed "Stallman movement" to "Free Software movement". I am a FOSS advocate myself, but not interested in deeply engrained notions around Stallman himself.
I think it's doing fine as it is within the limits of the law. If you want more you're going to have to either operate outside of the law or you're going to have to have the laws changed. But within the law the Free Software Movement used all of the available space, to the point that almost every other license out there is less strict than theirs.
What needs to be updated is the the knowledge of the users and of the programmers. But we've been co-opted as an industry for the most part by very large bags of money and a service oriented eco-system is the capitalist response to the free software movement.
Doing an end run around that is hard to enforce (see the various licenses that address this loophole directly) without having the backing of a regulator. I see this as a simple swing of the pendulum, which it has done several times in the past regarding centralization and decentralization of computers: single machines -> single machines with terminals and time sharing -> mini computers with terminals -> microcomputers -> networked micro computers -> networked micro computers using peer-to-peer services -> networked micro computers with access to services -> special purpose computers (terminals!) with access to services. So if we want to do away with these we'd need to focus on the technical implementation of federated services that do not require central services at all. One thing you could advocate for is to restore peer-to-peer capabilities of residential internet but the fear of the hacker card will be played to counter that one. But there is also still pressure to push the pendulum one more step to the right: identified access to the internet and without that no service. This may well happen, I would expect a country like the UK or Australia to be first to implement this.
Also note that there is no actual technical driving force behind the pendulum, it doesn't have to swing at all, it could just as easily get stuck. The important common factor between all of the above was that someone (or lots of someones) made a lot of money by driving the swing.
I feel like we already have a battle-tested answer to that question - which is dual licensing. It worked great on software like Qt - just have an open source GPL(ish) licensed version for free as in speech users, and a proprietary do-whatever-you-want for cash money, so that developers can keep the lights on.
What needs to change is the open-source community's perception of this coexistence as something mutually beneficial as opposed to betraying their own principles.
This hostility manifests in two ways - one is the belief that not fully open software is somehow evil, and shouldn't be supported, and one should always use (often janky) alternatives that are fully open. The second is the constant churn without any thought given to API or ABI compatibility (never mind making the same binary run across versions, even source-level breakage is extremely common), leading to people wishing to ship commercial applications having to package half of the userland with them.
It failed, yes. If you want to go wide you could argue that all open source is "the Stallman movement" but given Stallman's noted hostility to other approaches than his own, that seems too much.
The peak of GPLd software was in the late 90s/early 2000s and since then the base of GPLd code has shrivelled. I can't remember the last time I encountered a library or program in my work that was even LGPL licensed, let alone GPLd, with the exception of some very old programs like the Linux kernel and a few bits of the userspace (plus Java's weird GPL+exceptions thing). These days almost everything new is Apache licensed or similar. Just browse around GitHub for a while and see what I mean.
Also:
1. The Linux kernel, the last bastion of Stallmanist philosophy, in reality has succeeded by not actually enforcing the GPL thus treating it more like LGPL or Apache2 in practice. GPL violations are rampant and rarely does anything happen. They also very publicly refused to switch to GPL3.
2. The most popular Linux based OS is Android where Google rewrote the entire userspace specifically to avoid the GPL, and then also created their own driver layer, again, to avoid the GPL and the Linux approach to technical "enforcement" (constant API churn).
3. The most popular UNIX based desktop OS is built on FreeBSD despite losing technical features, specifically because Apple refused to countenance anything GPL or FSF connected. The few dependencies they started with (like gcc) were rewritten into new BSD-style licensed codebases like LLVM at vast expense.
In other words the people who actually build operating systems for a living avoid like the plague anything connected to Stallman's vision or strategy.
It seems likely that eventually the Linux kernel would also be replaced, certainly Google attempted this with Zircon, but whilst enforcement is so lax and technical workarounds so numerous there isn't much reason for doing so.
> I can't remember the last time I encountered a library or program in my work that was even LGPL licensed, let alone GPLd
I don't know what line of work you're in but this seems quite unlikely. GTK and Qt are both LGPL (and GNOME and Plasma are GPL). WebKit's JavaScript engine is LGPL. MySQL is GPL. Blender is GPL. Arduino is AGPL. GCC is GPL. Bash is GPLv3. It's hard for me to believe you use the Linux kernel without touching any of these.
GPL is wildly popular. It's losing ground, yes, and you correctly identify a primary reason why: commercial software companies correctly see it as a threat, and are fighting it in earnest now. It is a threat. It was designed to be a threat. The purpose of the GPL is to create a self-reinforcing free ecosystem that outcompetes the balkanized proprietary hellscape that preceded the free software movement. At this, it succeeded beyond any reasonable imagining.
A lot of the revolutionary spirit has left the free software movement. We are currently in the "good times create weak men" stage of the cycle. People who grew up in the garden of Eden created by the free software movement, who take it for granted that the popular web browsers are open source and Microsoft releases cross-platform IDEs that run on Linux, don't appreciate that the current state of affairs was wrought over decades by the kind of people who spelled it Micro$oft and were willing to tolerate their computers only half working in order to avoid proprietary software of any kind, on principle.
But make no mistake, we are still at war. The big corpos know it, even if they've managed to fling enough bread and circuses to fool some into thinking we're all one big happy family now. Giving up on the GPL is how they win, and we lose.
I don't use GTK, Qt because macOS provides its own UI toolkit (+electron etc). I don't use MySQL, I use Postgres (not copyleft). I don't use Blender. I use the default compiler of the OS, so I don't use gcc. macOS switched to zsh (not copyleft) so I don't use bash either.
GPL isn't wildly popular by any possible definition of the term. It was more popular in the past which is why there's a base of software that still uses it, but find me new projects written in the past 10 years that are GPLd. Especially if you look at language ecosystems like JS, Python modules, whatever. Very little GPL there.
The purpose of the GPL is to create a self-reinforcing free ecosystem that outcompetes the balkanized proprietary hellscape that preceded the free software movement.
Well in that case no, it utterly failed. Most popular client operating systems today: Windows, macOS, iOS, Android. Only Android uses GPL components, only the kernel, and the hardware is typically proprietary with no portability anyway.
Most popular server operating systems: AWS, Azure, etc. They use the Linux kernel to provide your software with basic services like TCP/IP and timeslicing, but otherwise these are fully proprietary platforms with their own APIs, own filing systems, and which you can't even run locally at all regardless of how much you're willing to pay.
GPL's influence had its heyday and peaked a long time ago. It isn't a threat to anyone because it has been universally rejected by the current generation of developers. Hobbyist hackers use Apache/BSD licenses, just as corporate hackers do. Neither support the principles of copyleft, and even when code is released under those licenses Cathedral-developed operating systems with no development community to speak of dominate.
BTW, Microsoft release their IDE for Linux because it costs very little to do so and Linux is no threat to them anymore. The world moved on, Azure is the new Windows and people struggling with Wayland are fighting yesterday's war.
I don't feel the need to fight the "new and shiny" war, because yesteryear's problems are far from gone. Windows' dominance affects end users, people like me who had no hand in creating it and now have to deal with a near-monopoly. Companies tied to Azure are where they are due to their own business decisions, and I feel no need to bail them out. If my competitors waste money, let them, it makes me more likely to succeed. They could change everything if they cared anyway. Users, actual people screwed over by proprietary vendors, can't.
As a Kubuntu user, I have to disagree. From my perspective as a developer, the Linux PC experience has surpassed both Windows and Mac. I really couldn't care less what the other 95% of people are using. In that case, it's even more remarkable that even with just 5% market share, Linux can deliver such a cohesive, compatible experience.
10 years ago, I couldn't have done my job without Windows. Now I can do absolutely everything using Linux. IMO, people who are still on Windows or Mac don't know what they're doing. They've probably just been drifting through life, not really thinking.
Ideological(ish) movements don't succeed by converting everyone absolutely, they do it by changing the narrative in their direction. Stallman has absolutely done that.
But answering the “it failed”. Not really. It exists and is a choice on most license dropdowns and is a famous one.
People should really default to GPL rather than more permissive licenses and hot take… should also default to closed source. And make open source or non GPL a conscious choice.
The reason is GPL gives you more ability to commercialise since it gives you the copyright holder more of an edge over let’s say Amazon Inc who has decided to accept your license to bundle it with a cloud service and extend it. They are obliged to release their source code to their customers.
That Ballmer called it a cancer is a great accolade.
Close source as a default because it is a one way door publishing the code on the open web. So you are protecting your own interests. You owe the “open source community” nothing and should exploit your IP as much as anyone else, and use GPL to allow people to “fix the printer” if they need to.
> The reason is GPL gives you more ability to commercialise since it gives you the copyright holder more of an edge over let’s say Amazon Inc who has decided to accept your license to bundle it with a cloud service and extend it. They are obliged to release their source code to their customers.
Not if it's GPLv2 or non-AGPL - and even then what you're describing is the opposite of the underdog-moral-problem a lot of smaller cloud services or database/infrastructure providers are facing whereby Amazon (et al.) simply offers your product or service as their service, which is allowed by all versions of the GPL because Amazon doesn't care about the source-code: they care about charging a premium for access to a hot open-source project without contributing anything back to the actual project maintainers. That's (unfortunately) an argument for going closed-source, or at least having to reserve copyrights/licenses for operating the software as a service for another company.
I imagine it's like being Sherlocked by Apple, except Apple was using your work all-along.
>We need a new philosophical movement for computer technology.
I'm hoping for Cory Doctorow's new book[0] to ignite this discussion.
This is the first thing I've preordered in my life. And despite his marketing being a bit cheesy, I think he might be the right guy at the right time to plant the seeds for this movement.
I am sorry, but you basically say that we need more altruistic capitalists. Won't happen.
> These philosophical ethical standards should also be ingrained into VC culture & corporate culture.
Won't happen. Money always wins and exploiting people on the side of selling (or giving for free) them some stuff is always going to bring in more cash than respecting their privacy.
I like timelines and other formalisations as of thinking/discussing about digital freedom... and I agree that this is a key freedom battleground in the coming decades (maybe centuries).
Alongside this, I think it's worth keeping in mind gradual changes without discreet dates.
For example, online copyright enforcement/existence has been on a complex, but directional journey over the 20 years. Same for "safety" and other "content policies," both euphemistic and literal. For a short time copyright looseness made "mashups" a major musical genre. Years later, walking by a speaker playing music triggers automatic "demonetisation" on youtube. Meanwhile, social media became much more centralised and inoffensive. Nudity, politics and such are strongly discouraged unless explicitly encouraged.
There are landmarks in the China-touching part of this timeline that are critical to understanding where we are. At one point, the great firewall was derided. Violating digital freedom with comprehensive censorship meant opting out the digital revolution.
Google "walked away" from China when they got too insistent about "getting the message" and independently censoring search in line with unwritten, but well understood censorship rules. Google regretted this and their subsequents did not repeat the error. Since then, most major tech companies have learned the lesson. Telsa, Apple, Disney, Microsoft, etc.
In June 2021, a bug on Bing accidentally applied a chinese censorship setting worldwide. "Tank Man" no longer existed on Bing. A demonstration of what flipping a switch in local content settings can do.
This rather heavily begs the question what do we mean by "freedom"?
We don't mean anonymity. Acting in secret is not freedom - acting openly and not being persecuted or prosecuted is freedom.
The solution is what it is in real offline life. A regulated legal framework that allows most and limits little, a open dynamic culture that accepts diversity and constant change.
If we are worried that digital freedom will be taken from us, without anyone noticing, we should be worried about all our freedoms - and the solutions are still the same - democracy, voting, making a noise, agitating our neighbours.
To expand on your idea to compare with the "real offline life"... While anonymity should not need to be a top-priority goal in and of itself, you also don't see people running around with their id-cards taped to their foreheads for easy access.
I mean my face is of course my fortune, but it is also my username. A frankly it's a username I have been using a lot longer than 'lifeisstillgood'.
my analogy is that one upon a time we were all walking dow the street in Victoria London during one of Sherlock Holmes "peasoupers". Only people who got up close to you could see what you were doing and even reognise you. But technology has cleaned up the air. Now anyone can see from who knows how far away. The privacy we thought we had because of the peasouper is revealed to be a mirage, we were always walking around naked, it just was harder to see.
We can simply accept this, or far more likely find a cultural consensus. Privacy can be violated for the public good (hunting offenders, medical epidemiologists etc), but otherwise you are not allowed to use the knowledge you have to exploit or influence. No adverts based on prior activity, no Cambridge Analytica creating ads just for you.
We are heading there. That Facebook and amazon more or less publish every ad campaign is incredible - imagine trying to persuade parliaments in 50 countries to pass that sort of legislation.
We are a long way from that "cultural consensus". We will probably get halfway there in the grey areas - like facebook deciding to publish all ads. The British politician Nick Clegg is likely able to make more influence globally at Facebook than if he became PM.
But we are in the culture wars, and we need to fight. The law, the application of the law - these matter online and offline.
So vote. And vote in primaries too because that shapes so much.
(Weird idea - Oz has compulsory voting to ensure votes reflect "everyone". What if we had compulsory political party membership so that parties and primaries reflected the population ...)
> vote in primaries too because that shapes so much.
You are on the right track to influence who is on the ballot for a particular party. Last time in PA the Rs put up the Dr Oz with lukewarm conservative values. The R voters in PA were so underwhelmed that the D with literal brain damage was elected.
Also, States with a caucus process give people who show up to caucus enormous influence of which names the party will put on the ballot.
> What if we had compulsory political party membership so that parties and primaries reflected the population
We could allow for more representative government in the federal House of Representatives by allowing the House to expand with population, as was written in the Constitution. The census was to count the people to expand the House to track population growth.
> We don't mean anonymity. Acting in secret is not freedom - acting openly and not being persecuted or prosecuted is freedom.
So, if I openly state that I do not acquiesce to any government (all external force is immoral imo) - does that mean I am now free, and no longer subject to its laws, pay taxes, etc?
So, I don't think your definition of freedom cuts it. Any answer that assumes 'government' as part of the answer, and justifies acting with force against others, has to be wrong (immoral).
Far better to follow the golden rule:
Do not treat others in ways that you would not like to be treated
I'm sorry but I maybe feeling "off" today, but we should all be beyond kindergarten political philosophy. Anarchy is what it sounds like - awful and not some middle class libertarian utopia.
Yes we need government. And these days we need government to roll up its sleeves and be government. We know you cannot arrange the bread delivery for London through one department but you can force privatised water companies to invest before dividends over periods of decades.
You're not feeling off. You simply don't understand that basic morality means that you cannot force others to do what you think is right for them to do. You want to find a way to get others to do what you want. This is immoral - you do not want others to have or exercise their freewill. And you want to use other people to force your opinions via police, legal system, etc on others.
Put simply you think anarchy is a political philosophy. Whereas anarchy is a moral position - it advocates for free association with others - ie no force.
The fact is that it is not morally acceptable to force others to do what you would like them to do, if they are not harming you. You wouldn't force your neighbour/friends/family to do what you say, if they are not harming you. But you consent to government using immoral force to get others to do what you want (steal money, enforce certain behaviour, etc, etc). In fact you think we need something like a dictatorship to wield even more force even more overtly. I think you will get your desire, unfortunately, as most people agree with you.
> The fact is that it is not morally acceptable to force others to do what you would like them to do,
Plainly, most people disagree with you. They find it perfectly acceptable to force others to (not) do things.
> if they are not harming you.
The fact is that people do not agree what "harm" is.
To pick an obvious argument, many people oppose abortion under _all_ circumstances because they claim it harms the offspring and the mother, while many people support abortion under _all_ circumstances because they claim forcing a woman to carry to term harms the woman.
How do we handle situations where people disagree on the definition of "harm"?
Nah. I want to rule the world of course. But I would far rather setup a system of democracy to rule the world with everyone else than let some other bugger be king instead of me.
And I believe in actual government - government that builds roads to deliver food on, government that agrees ways to make researchers to discover medicines and hospitals and nurses to inject them, and governments that force companies to label their food with their ingredients (or their ISP adverts with their fees). I call this real government. not the arguing fools on TV. We can argue how much much of it is too much. We are. But I refuse utterly that "doing real government" is immoral, that any attempt to agree common standards is tyranny.
I believe that the real moral failing is to chip away at real government so
much that services collapse and harm is done to real people. We can look at failed states like Niger or Haiti in horror, but we can also look at the mismatched life expectancy across our own rich countries and ask why?
I reject the idea that we can roll back government so much we can lose driving licenses and just be more careful out there, that we can ignore food safety standards and just look at the restaurant kitchen carefully. I reject libertarianism because it knows as much about the real world as central command economics.
I want government run on empirical data with justice and equality at its heart.
I am happy to accept the grey areas, will stand up for democracy will argue we can always do better. But buggered if it's because I secretly yearn to control your life.
> I want government run on empirical data with justice and equality at its heart.
You're asking for technocracy, and this is what is lined up already - you might wonder whether you are being engineered. All those cameras, smart phones, smart meters, legislation, facial recognition, etc - this is to allow micro-management at the most granular level. It's all quite far from freedom indeed, which is where this conversation started. The global governance structure is already fascistic (corporation and the state work together). I'm not a fan of the forced tyranny that's in store for us - once we've got it, I suspect you'll change your mind too.
I am asking for science. That before we decide if we want to teach phonics at school we guinea pig a few thousand to see if it meets some p-value.
Is that technocracy? Maybe. Is it something easy to explain - yes. Is it something for some reason is not explained fully and at length? Yes oddly it's not.
Oh for heavens sake. There are 192 different governments (at least) on this globe and they lie along a spectrum. what we have now (I kinda assume USA) is up and to the right on this spectrum (ie some definition of good, free, whatever is up and right). my utopian government is further up and right but anyone living in any of those 192 places will benefit from their government going more up and right, freer, better, more open whatever.
So yeah i think there are things a real government does and does not do. That is not utopian, it's not naive. it's here and now and rooted in practical real world examples.
Whatever you or I dislike about the governments we live under, we are incredibly fortunate to live in democracies- where we can force the buggers up and to the right. Make them more utopian more free more open.
> Whatever you or I dislike about the governments we live under, we are incredibly fortunate to live in democracies
We don't live in democracies. At best we live in a 'representative democracy'. These are not the same thing, at all.
Representative democracy is where (if we vote) we choose 1 person every 5 years to represent tens or hundreds of thousands of people, for thousands of votes. If the person you vote for does get in, but doesn't do what he said in their campaign, there is no negative outcome for them. The worst is that they will receive less votes next time, but even that unlikely to be based on their voting record, but on whether more people prefer blue or red this time.
But all that is itself moot, imo. I think we live in a not very covert fascist (corporate and state) regime - voting is simply a pressure release valve, when both red and blue are merely wings of the same bird.
No, we most certainly do mean anonymity is a basic part of digital freedom. The only way you could consistently argue that it's not necessary is to advocate prohibiting anyone, including individuals, treating you differently for anything you've said. Which is clearly impossible.
Your framing is really just right in line with the bog standard authoritarian pattern of redefining "true" freedom as something that can be comfortably tolerated and/or further chipped away at down the line.
Of course what you say (and do) affects how others perceive you. Just as Uncle Jim drunkenly announcing over Xmas dinner how that Hitler guy had a good plan will affect how everyone sees him in the morning, your twitter feed will have an effect on how your neighbours talk to you.
That's a good thing 99% of the time. Social strictures have been how humans managed society for thousands of years. It can lead to terrible things of course - but we like to think we have built systems of justice and governance to overcome them.
But suddenly making everyone invisible and able to speak and act without consequences seems a bad idea in the real world - i am not sure why it's a good idea online.
Well yes of course, your first paragraph was exactly my subpoint - declaring otherwise would be impossible.
From there it follows that it is indeed a proper freedom to be able to communicate while limiting the scope of who is privy to that communication, including limiting what can be attributed to some singular inescapable "identity". Saying that preventing this is "a good thing 99% of the time" is a baseless assertion. While this may appear similar to how social strictures have been managed for thousands of years - that's thousands of years of oppression of individuality and persecution for deviating from the herd. The West has overtly bucked that vein of collectivism, which I'd call progress.
Furthermore what you're invoking as some open-and-shut traditional state of affairs was anything but. Witness the concept of hearsay - where party B claims that party A has said something, ostensibly so that others will judge party A for it, but modulo B's reputation. Digital communications render hearsay moot - the default result of party B being able to prove to themselves that party A said something, is that party B can also prove to anyone that party A said that thing. Hence the need for the cryptographic property of repudiation, as the physics of digital information leaves no ambiguous middle ground.
There's a huge burden on individuals to prove that another organization is using data to persecute them and the definitions or persecution. Before GDPR did you know how vast the network of 3rd parties handling your data was? I didn't!
Without this, the next best thing is anonymity which is simpler to enforce and covers future eventualities.
>The solution is what it is in real offline life. A regulated legal framework that allows most and limits little, a open dynamic culture that accepts diversity and constant change.
The real offline life where people can be punished in the US for aiding abortions? Or where homosexuality is illegal in many countries? Or where people conflate a mental disorder (paedophilia) with a criminal act (child sex abuse) (intentionally edgy example to highlight the edge of what's acceptable).
>and the solutions are still the same - democracy, voting, making a noise, agitating our neighbours.
This is good advice for the Belarusians with bloodied faces and no change. Or the million people who marched against the Invasion of Iraq.
We have many offline problems - yes abortion is now more or less illegal in the US. You know what chnaged that? voting. You know what can change it back. Democracy. A VPN won't. Democracy will.
Double down on democracy. It's hard complicated and messy. But there are no silver bullets.
Look Brexit was shit. But it was democratic shit. 20 million people did not get tricked by their Facebook feeds. Hell 20 million people did not get mind controlled by Nigel Farage's "I'm just sayin" approach.
20 million people were asked "the country is run by thousands of highly educated,
slightly patronising, articulate, over-achieving technocrats who want the best for everyone and frequently find the laws of unintended consequences bite and have not yet worked out that not everyone lives in leafy surrey. Do these people annoy you? vote now"
Oh hell I don't know why 20 million people voted for economic and cultural self harm. Because we aren't sharing out the wealth properly I guess. But it was not because "we were tricked". It's because "we refuse to accept the model of how the world works thet you are operating on and want to use ours. The democratic version of Adam Savages "I reject your reality and substitute my own"
The problem is without an agreed reality to substitute everyone put in their favourite untested political world view.
Yes you are immune to the efforts of a trillion dollar industry that has spent the best pet of a century working out exactly how to manipulate you without you even knowing.
It’s an important question because “digital freedom” tends to be code for “I want the Internet like how it was when I was younger”, and then throw in some stuff about jailbreaking iPhones or whatever for good measure.
I want to not have to worry about a government 30 years from now being able to quickly and quietly make unmonitored person-to-person communication illegal. There should be a whole bunch of difficult and complicated steps involved if they don't want to just shut down half their IT.
I want to be able to use the Os I want on the computer I want, with the browser I want to be able to connect to my bank and my government websites.
As banks and governments move critical parts of their working online, it becomes harder to not use their online tools. If I'm not free to use the tools I want to do so, my freedoms were infringed.
> Youtube, Gmail, Spotify, banks and a few other major websites start using Google's WEI API for internal user reputation scoring, forcing non-compliant browsers through more captchas.
I can't even read scientific journal articles (on their journal sites) anymore because the big publishers are putting themselves behind cloudflare walls that just don't work in any browser I try. Pretty much my only access these days is waiting years for it to get on sci-hub or in some of the sciences, finding it on arxiv.
The "boiling pot" is rubbish as a literal claim but quite apt as a metaphorical one: the Overton Window moves over time, particularly as people misremember history ("rose colored glasses") and as folks are born or grow up after major shifts.
There are folks on HN today who weren't alive on Sept 11th, or were in the US but were too young to remember it -- their idea of "normal" is very different from folks who were 20 or 40 or 60 years old on the day of the attacks. That's an example of the "boiling pot".
I remember talking with a college student in the mid 2000s about music and he was excited that he didn't own physical media, and instead had DRM copies and subscriber access to more. He was a "tech savvy" exception then, but the window has shifted and college students don't buy physical copies of music. In another decade, I doubt they'll buy physical copies of movies.
The irony is that we invent a myth to explain our own fallacies, pointing to the frog and claiming we're not alone. Yet the truth is that we are alone!
The majority of the population lives in poverty. It's very-very difficult to have any values other than survival while poor. There's also very slim chance poor people to be educated. They work 12h/day at jobs where they can't even go to toilet. When would they have the time to read about a bootloader?
This is the core problem. A person should be able to refuse attempts once he understands the goal. The problem is not technology, but the obfuscation through it (and privacy policies, lobbying).
I don't think it's a values problem. The technical issues here are complex. Can you explain bootloader locking or remote attestation to your grandmother?
Personally I think a better approach is to push the phrase "right to recycle and repurpose" as much as possible. People get that. Everybody personally has seen the unsettling amount of e-waste that passes through their ownership and into a landfill somewhere.
Right to repair isn't enough, because these restrictions don't block you from keeping things working the way they did when you bought the device. Recycling and repurposing is something everybody can understand. It answers the question of "wait don't only evil hackers care about that?"
How does it follow though. Bootloader locking and remote attestation don't stop you recycling devices or even repurposing them. They stop you changing the OS stack to an unknown one and then using them for the exact same purposes as before. That's much harder to explain and it boils down to in most cases, people still in love with the idea that one day a hacker/grassroots OS may become popular. Which is fun for developers to imagine but has no relevance to any end users.
Anti-theft features aren't anything to do with remote attestation, and this feature does not stop recycling the devices, it just means that only Apple can recycle them. Which would likely be true anyway due to how integrated the components are.
> Anti-theft features aren't anything to do with remote attestation, and this feature does not stop recycling the devices
Activation Lock relies on a remote attestation mechanism. It will not unlock without a connection to Apple's servers and can't be bypassed on the device.
>it just means that only Apple can recycle them.
Which would be a problem
>Which would likely be true anyway due to how integrated the components are.
You don't need Apple to melt down gold
It's not enough for the majority of people to oppose a trend. There are plenty of issues where trends continue despite scattered opposition from the majority.
Widespread activism could make a difference. If it becomes a major point of contention in elections, that could make a difference. These don't happen 'by default' though.
I wonder if you travel by plane, and if you voluntarily consent to the full body scans in European and USA airports? Or do you oppose it by opting out?
Knowing EU it could be altered to "Google removes the ability to install non-sanctioned alternative stores which don't have strict content filtering and anti-piracy policies, as per the EU directive" while preserving the (high) level of plausibility.
I mean, all you need to do is make it so that it violates some kind of “integrity” protection on the device, after which banking apps, android wallet etc stop functioning.
Its enough incentive to kill third party app stores for the vast majority of people.
Staying within the letter of the law is pretty easy.
Good as this is, it's missing the parts which lie outside browsers and it doesn't have much regarding mobile devices.
In a matter of decades or shorter, I expect the following to happen as well:
* Governments will give themselves new, expanded legal rights for mass-surveillance on their citizens through their electronic devices.
* AIs will be plugged to surveillance data-streams to search for "criminal behavior," whatever that be for each country.
* As part of the above, a signal-processing mechanism similar to the Chinese social score, but way more sophisticated and comprehensive, will be implemented, by almost every nation with the resources to do so. One nation, China, already started. In the decades to come, other major nations will lean on threat of XYZ to follow suit. (In case you need some examples of XYZ: ordinary terrorism, bioterrorism, avoidance of laws limiting AI, child pornography, access by children to pornography, minor solicitation, parent abuse, sexual harassment of nature X, lax morals regarding Y, information warfare by foreign powers).
Even if those things seem unimaginable to us now, it is a slow slope to roll down through a year at a time. Public perception will gradually change enough to tolerate the privacy invasions. And who knows, for certain category of threats, it may be that the general public of the time enthusiastically supports the surveillance. (For example, I would love to see a study where people with children are asked if they believe that the government should have access to the telephones of people who are statistically likely to engage in CP, like men who are single and under a certain age, in order to prevent CP).
One factor this ignores is that there already exist tens of billions of general-purpose computing devices capable of running arbitrary code. They aren't going to magically disappear. They've already been made and they can't be unmade.
Given enough nuisance, people would just stop upgrading. We've already seen this with Windows itself — I know people who are still, in 2023, using Windows 7 daily for the simple reason of hating everything that came after it.
I'm not afraid of not having the hardware for running my Linux desktop, doing my developer work, reading Wikipedia and HN. But imagine banks ("security"), chat apps ("spam"), youtube and maybe even common websites (to enforce no adblockers) requiring a remotely attested smartphone and WEI.
Mozilla has ended support for Firefox on Windows 7 (and 8). In a couple of years, less and less websites will work on that last-supported Firefox version. Other cloud-related software like Dropbox will also remove support sooner or later. The more difficult it gets to use online services and the web on Windows 7, the more people will switch. It will end up in a small hobbyist niche like people who run Haiku or Serenity.
Unlike between XP and Vista, there isn't that much win32 API difference between Windows 7 and later versions. I'm sure in due time people will come up with DLLs to shim the few missing functions.
The requirement of a TPM in w11 will make companies throw millions PCs into shredders in 2025 with the EOL of w10.
Of course there will be enough PCs to go around for practically forever, but the march of time is not going in a direction that you and me will probably like.
That TPM requirement is artificial and is easily bypassed though. But then big corporations would probably not do that for the fear of angering Microsoft.
It just makes me angry that Microsoft seems to have no clue what they're doing now. They seem to put their own agenda above all else. They base their system requirements on their misguided vision, not on the actual technical requirements of their software.
And ReactOS is still unfortunately as far from being usable as it's ever been.
For that to happen you need just two things: 1) somewhere to land where it is not boiling and 2) a trigger.
Today there is nowhere to land where it is not boiling. So triggers do nothing but further desensitise the frog.
People have tried with FOSS in its various strands but its not working.
You cant built a platform for society to land while ignoring how that society works. Principally the money it uses to keep count and the organizational patterns it uses to mobilize resources.
There is nothing predetermimed about the architecture of digital society and it certainly not axiomatic that it must be a dystopia.
Excessive focus on personal freedoms misses the fact that society is not organized around individuals, but rather around coalitions, clans, corporations, collectives etc.
An alternative digital philosophy or platform needs to educate and entice these bigger 'frogs' to act in their own best interest. The rest will be history.
I don’t think the main point is that these are exactly the increments. Rather, that it _is_ a series of increments where each step builds on the ones before and enables the next ones. It’s also illustrating the iterative loop from tech vendor to government and the increase from “recommended” to “mandatory.”
We are well along this process already.
Larry Lessig wrote “Code and other laws of cyberspace” back in the 90s (I think). It’s scary how much of what he wrote now looks _optimistic_.
VPNs wont be outlawed. But they will be KYC and backdoored encryption - so like an typical internet service provider. VPNs are used all the time in the cloud for legitimate reasons so outlawing is impractical (like outlawing a kitchen knife)
We're veering towards Chinaesque authoritative regimes if that's the case. A social credit score could be down the line for the West, unless we fight for the future we want. And by fight, I don't mean lurking on Internet chat-rooms complaining, I mean literal protests in the streets and donating half your income to the EFF and other freedom fighting initiatives.
...call me what you will, but I know what I am, and why I do what I do. What you call me changes not what I fight for.
If behaving is defined as kowtowing to authoritarian control mechanisms, and furthering the goals and reach of tyrants, then I unabashedly aim to misbehave.
There are huge economic interests driving the tremendous advancements in mobile computing hardware and software. The same economic interests are leading to creation of things like private-access-tokens and web env integrity as a way to differentiate themselves and to protect their business models from external existential attacks on them.
The alternative economic business models have been applied to build open-source hardware and software stacks that preserve this sense of digital freedom. But the result is a stack with vastly inferior capabilities and experiences.
Now, someone can demand I want the capabilities and experience of the former with my notion of digital freedom. But unfortunately there's no economic model that would make that work and there aren't enough users who care deeply enough about this to create the economic motivation needed to force the change.
Most voluminous usage of Internet by most number of humans is not via web browser anymore. It is via mobile apps. This means more restrictive and intrusive things than WEI have already happened and they haven't noticed or didn't care.
In the late 2000s, we built a strong cryptography based privacy preserving secure mesh network and node software for organizing and sharing your personal digital collections (photos, videos, emails, documents, messages etc) and got no traction in the market. Nobody cared about the privacy and security aspects. A few years later unencrypted cloud backups and cloud hosted personal data services became not only normal and accepted but actually preferred and so we gave up on our vision. (We also got a nice and tidy exit via acquisition). Many years later, after many data breaches, Snowden revelations etc, some of us thought people would care now, but alas no, they still don't. Without this basic economic motive force, any such attempt to fight against this will miserably fail.
> Nobody cared about the privacy and security aspects
Do people care about the privacy and security of their homes?
They obviously do.
Now why would the same people not care about the digital privacy and security of their homes?
Maybe they are incoherent idiots. That is certainly part of the explanation.
But maybe, just maybe, nobody credible and on a high enough podium ever warned them their digital homes are being pilfered with gusto. That, indeed, all sorts of valuables are taken from them, except they are intangible.
Your arguments about economic model viability are right, except they are not. Economic models follow laws and regulations. If you mandate that digital privacy is a right and its violation is theft, then there will be a viable industry built around that.
The shape of the tech industry is increasingly determined by political views rather than economic or technical constraints.
Private comms will stay private as long as you can install an illegal decentralized chat app that won't spy on you. Once you can't do that without losing bank account access on the device, most people simply won't install it and stick to monitored comms.
The world is headed toward a dystopian nightmare, much as science fiction has envisioned throughout the years. The evidence of worldwide government malfeasance is unambiguous. The collusion between government and Big Tech is equally self evident. China and their social scoring system has been in place for a while and it's popping up in the Europe and the States. The proliferation and reliance on "AI" accelerates the decline. It's probably too late to stop it. And the author of the piece is probably more optimistic than is warranted -- it's not just digital freedom.
VPNs will never disappear, they'll just get more expensive. Privacy isn't for the masses, you see. But it'll always be necessary for senators who drop trou in the men's room with their underlings.
In shifts toward totalitarianism, it's normal for slime to rise to the top and to enjoy all the freedoms they stole or killed to deprive from others.
Which, of course, leaves the opportunity for hackers to use the holes that they have to leave in their systems.
Then just give it a generation or so for the dictators and their spawn to fully decay.
There are I think certain issues with this timeline, for starters I've yet to hear a counter proposal to drm to protect the artists work (the real issue is not even usually piracy but instead parasitic piracy and forgery, hence why copyright exist originally).
Instead you'll hear anecdotes or idealistic arguments for why an artist have to gamble with getting money for their work.
Similarly there are most likely valid reasons for certain other implementations on this list, to combat spam or bots.
In other words it's the unscrupulous and lazy uses of these tools that is I think the issue and also the fact that the passion and energy we project so often gets caught up in an absolutist crusades agenda instead of using said energy and passion to learn and listen to understand why these things develop so we can either politically change or create better alternatives.
Look at FSF as an example, it has lost a lot of relevance because it's been pushed and guided to only hiss and screech at anything that moves that isn't pure free software based on its own definition, what FSF could instead use to fund gnu projects that are better alternatives to the proprietary one (like gcc) or they could create a new middle of the road license that better competes with permissive licenses.
Another example is the right to repair lobbying, this is an excellent case of how you make actual change happen.
So I'm personally is not a fan of these actions and tools on the list but you have to understand the nuances of why they exist to properly work against it.
> I've yet to hear a counter proposal to drm to protect the artists work
> Instead you'll hear anecdotes or idealistic arguments for why an artist have to gamble with getting money for their work.
This is the current state for nearly every single artist even with DRM, because things like DRM seem to almost exclusively benefit a handful of people at the rest of the world’s expense.
> we should focus on coming up with better alternatives to what we have
Agree.
But the best alternative might actually be one where artists (Disney included) can’t “own” their art and where you can’t make money selling copies of digital files.
I don't think so, it's too idealistic in todays world, even if we eliminate all form of material capital - art I think will only increase in value as it will become more valuable and competitive for us.
I think a better solution as of right now is a redefinition of copyright, that copyright is handled primary by a agency like the Copyright Office that deals with registration and licensing of said copyright work.
And copyright itself would be granted to the individuals who created said creative work (we would probably need to make clear distinctions between say creative art and more "logical" things like code) and they would be payed loyalty for each type of license the copyright office would issue (license for private use, in a 1 time production, continuous and lifetime license).
Companies could sponsor said creative work and get a free lifetime license.
Obviously I'm not a lawyer but I believe something like this, where copyright is as rigid in protection towards the original creators and allows for a much more fluid exchange of information depending on circumstance is at least a step in the right direction.
This isn't a boiling frog situation, because people lack a sense of temperature for technical freedom.
The whole tech universe is opaque & unobservable. Free software exists, but a user using kde desktop isn't really that much more likely (beyond their higher likelihood to self selecting in & find out) to get good at computing over time.
There's been so few efforts to make computing visible, to make it real. HyperCard is still nearly the only famous example of a technical environment where you could "turn the object over" and see what it did. I adore open source, but its not enough. Live code environments, with strong modularization sandboxing and snapshotting are required baselines for users to exercise freedom. Making computing accessible - making it easy to see what's happening - and making it safe/fun to muck around in are the frontier past opening the source that we - the citizens of planet earth - need to begin to experience digital freedom.
We need a bolder way for the computing environment to be Augmenting (computer) Intellect. Freedom expands itself if folks can exercise it, and the barrier to really using your will is - even with open source - too high, too many barriers. Those positive cycles are missing today, so we don't notice a lack of freedom. The best base I know of today for this realization & the effort to open up computing to the rest of the world is https://malleable.systems .
> The user wants open software, software that can be modified, and that can participate in a progressive improvement process. - J.C.R. Licklider
> 2027: Non-WEI compliant websites are marked as "insecure" by Chrome and Safari. Accessing them requires confirmation through a "yes, I accept the risk" dialog box.
Did I misunderstand WEI? It's an API a website can use to confirm that a client is "authentic", so shouldn't this rather be "Goodle/Apple/Facebook/... drops support for Non-WEI compliant browsers".
Think of it as a way for Google coercing websites into implementing WEI.
Any site can be marked as insecure if it doesn't block non wei compliant devices.
You may ask why does that make a website insecure? They can give any number of reasons that can be silly, made up or outright lies as long as they are able to convince larger public.
For example, they can claim that a site that allows shady(read wei non-compliant) clients is more susceptible to hacking and can be a threat to your data and your devices as well. Therefore it is insecure.
This may come across as silly to techies, but it can sound reasonable to people who don't understand the web in general.
> Think of it as a way for Google coercing websites into implementing WEI.
And why exactly do you think they'd want to do that? What do they gain from it? What do you even think the WEI is that you think this motivation makes the tiniest bit of sense?
> What do you even think the WEI is that you think this motivation makes the tiniest bit of sense?
First let me add some snippets on what the authors of WEI think can be gained from it:
* This is beneficial for anti-fraud measures. Websites commonly use fingerprinting techniques to try to verify that a real human is using a real device[1]
One of the proposed use cases: Detect non-human traffic in advertising to improve user experience and access to web content* [2]
Another snippet :
we could standardize the set of signals that browsers will receive from attesters, and have one of those signals be whether the attester recommends the browser for sites to trust (based on a well-defined acceptance criteria). As new browsers are introduced, they would need to demonstrate to attesters (a relatively small group) that they pass the bar, but they wouldn't need to convince all the websites in the world [2]
This is clearly an attempt at gatekeeping both web client software and the clients themselves.
> What do they gain from it?
I think we can agree that Google is primarily an advertising and search company. One of the threats to Google's revenue as an advertising company is ad-fraud and this 'anti-fraud' measures protect their bottom-line. Another threat is ad-blocking and though they don't explicitly mention it, the WEI "bar" mentioned above can potentially be used to prevent ad-blocking by denying attestation to clients capable of ad-blocking (either directly or by allowing plugins).
Client attestation also prevents bots(both good & bad bots of all types including new search indexing bots) from accessing websites. This has a nice side-effect for Google that it restricts building a new search engine(a competitor) without its blessing. Search is a gateway to Google's advertising.
> And why exactly do you think they'd want to do that?
Like any product that any company introduces, it is to drive adoption? The more websites use it, the more normalized and legitimate WEI becomes. Once it becomes a standard and an integral part of web, it is easier to dictate terms that keep their position entrenched.
We can argue whether ad-blocking or bots are good or not and whether these concerns are all pure speculation or hyperbole. But once the technical capability is there and it is only the ethical/moral belief of corporate executives( and probability of government intervention) that prevent it, I wouldn't trust them to do the right thing especially when money is involved.
Ok, so I think below are the only parts of your reply relevant to the "force every website to implement it" idea:
> Client attestation also prevents bots(both good & bad bots of all types including new search indexing bots) from accessing websites. This has a nice side-effect for Google that it restricts building a new search engine(a competitor) without its blessing. Search is a gateway to Google's advertising.
Um, no. Let's imagine a world where Chrome starts warning about "websites that don't support WEI". What does that actually mean? At most it'd mean warning about websites that don't request an attestation. It cannot possibly be a warning about how the website uses the attestation, or whether it even uses it. So in this world where you imagine that Google Search can attest that a request is coming from their crawler, and every site in the world has been strongarmed into requesting an attestation by the mustache-twirling villains at Chrome, nothing about crawlability by smaller search engines has changed. Other search engines can provide their own attestations, and the sites can choose whether to trust them. Websites can choose to ignore the attestations entirely.
> Like any product that any company introduces, it is to drive adoption? The more websites use it, the more normalized and legitimate WEI becomes.
Normalized and legitimate in whose view? Why do they need that legitimacy? It's normally an invisible feature to the users. If it ships in Chrome and is available for Google to use for protecting their own properties against abuse, that's all they really need. They want to make the mechanism available for other sites and other browsers, but not because that third-party adoption is particularly important.
The reality is, anyone with an anti-abuse problem will be delighted to have this signal available, especially as the browser fingerprinting surface will keep shrinking over the next few years. There will be no need to coerce sites to use the API.
It's just a really stupid idea. High visiblity, absurdily high risk of a backlash (having it be a security warning would be obviously untrue), and all for literally no rewards. I will happily take a bet at 100:1 odds that this prediction will not become true. It will not happen by 2027 like the author thinks. It will not happen by 2033. And if that's really the most realistic threat to digital freedom that you can envision, we're in a pretty good shape.
Any random website can implement WEI, using it as a means to deem a website "safe" doesn't make much sense. You could use a list of "trusted" domains for that to mark websites as "safe". WEI's intention/threat is to kill smaller browsers that refuse to implement it.
You could argue for "Websites that don't validate client's WEI compliance are marked as insecure by Chrome". But that's a stretch, your version makes much more sense. The real fear is that if WEI happens, in 10 years banks and major websites will reject non-blessed browsers and OSes. All for the user benefit, of course.
Takes a lot these days to keep this timeline from popping up in one's head and follow some conspiracy theories about total governmental control through perverted usage of language and weird (incompetent?) regulations on things digital (speaking as a German here, pointing at EU regulations).
I mean, the only thing we (as "the informed people") can do about it, is to keep open and working alternatives for "the masses" to step in on an instant when things are going south with commercial or governmental controlled products.
An example that comes up is Mastodon. It's weird, not necessarily bug-free and has a steep learning curve, compared with commercial alternatives. Still, it manages to attract those people that you want to talk with and every time I'm skimming through the timeline, I'm seeing something remarkable.
We do already (Fairphone, Firefox, etc.) but should work more on keeping up the good tradition of providing free alternatives. When we're too powerful, we'll be getting criminalized but that would just add some more fun to it.
Important topic, absolute garbage article. It's more fiction than facts and 1. on hn ofc because the headline sounded nice. I get the intention of exaggerated fiction and landing on what is happening now or before but that's propaganda 101...FUD at its best. Disgusting.
Obviously everything that's in the future is not a fact - or "wildly speculative and hypothetical" as the article itself puts it. See it as a call to action to ensure that it remains fiction.
Call to action? The author did nothing to encourage engagement on the topics only on his article. No information about how you could get active yourself or how you could approach the topic politically just FUD.
They were calling attention to the problem, not proposing a solution. But calling out a problem is a call to action for people to try to come up with a (or multiple) solution.
Just because there isn't certainty that it would happen like this, doesn't mean there's not a possible future that looks somewhat like this. Nothing that was listed here seems particularly far-fetched to me, I don't think.
Done. So they're calling out things that could happen, driving the point home by placing them in a timeline. That makes the issue top of mind again for people, potentially spurring them into action - even if just by e.g. making it one of people's considerations in their next election.
2036: Virtual Reality Social Distancing becomes a thing, where people attend virtual parties by sending holographic avatars, ensuring they’re “virtually” present without the need to physically mingle. Emoji dance-offs are all the rage!
2037: The “Mind-Meets-Code” era begins, allowing developers to write code directly with their thoughts. Unfortunately, this leads to a surge in “accidental” code commits when programmers have random thoughts about pizza while coding.
2040: The “Everything-as-a-Service” (EaaS) model reaches its peak, where even physical activities like jogging or cooking are offered as subscription services. People realize they miss the old days of doing things for free and embark on a global “DIY Renaissance.”
The more tightly the control freaks seek to grip public communication, the more likely a rebirth of hard-copy pamphleteering, codes, and physical post amongst those not interested in living in "1984".
Mankind is not meant for some ersatz technocratic utopia.
I think it is notable that all the stuff that happened is fairly minor and all the stuff that is going to happen is going to economically devastate anyone who brings it in. Freedom does amazing things for an economy.
So glad I started using Linux years ago. Last time I logged into Windows 1 year ago, I found it completely unusable (as a developer). I also don't like Apple through it is more usable than Windows.
> 2025: Google removes the ability to install Android apps from outside the Play store, citing security concerns.
Ehm... This will be illegal in the EU very soon. A bit alarmist. Also not very fair to only include anti-piracy and anti-freedom legislation while ignoring milestones such as GDPR.
The other day I read an HN comment that thought that when you buy consumer PC hardware, it comes with a ToS that limits your property rights as the owner. It's the kind of uncanny experience I run into more and more often lately: talking with people so immersed in our new normal of cyberpunk dystopia, they seem not to remember how things were in the before-times. So accustomed to exploitative corporate gaslighting, we're forgetting the basics of civilization, like, what are ownership rights?
In the before-times, when you bought something, the seller relinquished all claims to it, as an established legal principle (and a social norm and a moral obvious-ity). You can do whatever the fuck you want to your own PC, in your own house! Who would step into your home and tell you "no"?
Stallman was right: if you erode the norm that you control your own software, you lose the hardware, too. Free software is sort of a consumer right that enshrines what ownership of computing hardware means.
This blew my mind as a younger person who took an interest in repairing tube radios from the 30's & 40's. One of the first things I realized was how generally easy it was to find schematics of popular brands and models. Some were even pasted right inside the radio shell!
I also hack and repair modern stuff, and it is so common to open up a product just to end up staring at an epoxy blob. User manuals hold no mention of service tips, but instead are near-useless "quick start" guides that might review functionality, if the manufacturer is feeling generous.
Modern tech seems so remarkably spiteful toward the consumer and consumers themselves just seem to roll with it. Sometimes I hear them use arguments like "Company X doesn't want Company Z making knock-offs" as though these knock-off manufacturers aren't already expert reverse engineers. I feel the locking down of consumer tech is more about forcing the consumer into a state of dependancy on the manufacturer than it is about protecting any intellectual properties. They conflate "repeate business" with customers being forced to return for repairs or replacements instead of willfully returning because they trust the quality and brand.
Every device/vehicle/system now needs to be connected to the internet and needs you to download an app.
Is that for the consumer? No. That's for the manufacturer.
For milking be reselling your data and/or spying on you and/or charging extra because they can and/or the capability to turn any device into literal trash by not providing updates or bug fixes to a half-baked alpha software that it shipped with.
Blame your government. There could and should be laws against that or at the very least incentives to prevent it.
>Blame your government. There could and should be laws against that or at the very least incentives to prevent it.
In a democracy the government is a proxy for the people. I blame the people. If the majority was conscious of their rights (or at least what these rights should be) the governments would have no choice and they'd bring laws that protect these rights. Yes, no democracy is perfect, there are lobbyists, corruption etc, but if the large majority of the population wants something all these lobbying and corruption can only delay it.
The issue with the government(s) is a symptom, not a cause. The cause is that the majority of people have no spine. They'll sell their privacy and rights gladly for a tiny bit of perceived convenience, entertainment or status. It's like this famous saying "people that are willing to sacrifice freedom for safety deserve neither". Substitute privacy/ownership for freedom and convenience/entertainment for safety and it will still be true.
Neither me nor my partner own a smartwatch/health band. Why? Because we literally found no brand that could be used without setting up silly "online accounts" and having our personal details (including health) harvested. The pine watch is an exception, but last time I checked the software was not ready for daily use.
Personally, despite the above, I'm a "long term optimist". I think people eventually will learn to value their privacy, their right to ownership/repair and they will stop buying and using devices and software that infringe on these rights. But not before a generation or two come and go.
Consider other revolutions in human condition. For example the industrial revolution. It brought magnificent benefits, but also (especially initially) it was horrible for many people including children. Eventually the masses started paying attention and worker rights were established, but not a second before the majority was ready to sacrifice a lot to fight for it. It will. Be like this with our "digital revolution".
Psychology is a science that studies human behavior, and like all sciences it works mostly. As a result, human minds can be easily hacked by those with the motivation to do so. Psychological science can be employed, things like A/B testing are very effective with enough data, which our digital systems easily provide. Ads are the wholesome version of that, because they are overt. We know the ads are trying to change the way we think and act. Corporate news is an example of the less wholesome side of using psychological science against humans. The humans aren’t to blame. Humans are animals and easy to hack, and our economy is largely, mostly I’d say, based on people hacking/behavioral engineering.
> They'll sell their privacy and rights gladly for a tiny bit of perceived convenience, entertainment or status.
How does that mean they have no spine? It sounds like they made a decision on what was more valuable to them. You could argue that they might not have been fully informed. But I think the reality is that they just don't care that much because they don't feel harmed by it. The segment of people that are going to even consider trying to repair a digital device rather than paying to get it fixed or getting a new one is probably vanishingly small (and very over-represented on this site).
I could easily see things going the other way, where the lack of digital privacy becomes even more of an unquestioned norm. These things can hold in a kind of equilibrium as long as the entities that hold the power don't use it to cause perceived harm above a threshold. We have the technology to do a lot more scanning of license plates, facial recognition, automated speeding tickets, etc. I'm kind of an optimist in that I think people will generally maintain this balance (or maybe a pragmatist - it's not really in their interest to upset the apple cart, but they will test the limits sometimes).
It's really evil and indeed against the customer, and it applies to pretty much any real product out there nowadays from cars to washing machines to water boilers. It's all designed to fall apart, break and stop working.
What about the incalculable environmental factor for all of this? Nobody cares.
It’s weird how people in tech think they are superior to their less-technical colleagues. Everyone outside of software development is a moron and the entire world would be better if programmers ran everything with no oversight. Somehow only engineers are moral and everyone else is purely motivated by profit. But engineers are above that! It’s so ridiculous.
The entire economic system was different. Even something as basic as a radio, fridge or TV cost serious money, so very few people had them in the first place, they expected it to last and be easily repairable, particularly as shipping took a lot of time and was expensive just as well. Farmers living out in the country had it even worse, for them the ability to repair devices literally in the field can be a question that makes their entire business viable or not.
Today? Everything is cheap, you can fedex something across continents in a matter of a few days. When the TV is broken, fuck it, a new one is a click and a day of waiting time away, free delivery included. Computers? Phones? Just the same.
Building products that last or are repairable just isn't competitive enough any more. Yes, there are niches like Fairphone, Framework and Pine, but that's the point: they are niches for nerds who care and are able and willing to spend the money.
On top of that, technology has gotten ever smaller and smaller. Up until a decade or two ago, most electronics was through-hole stuff that even a complete dunderhead could repair with a soldering iron, a bit of solder and some tweezers. Modern SMT? That needs highly specialized machines and an awful lot of knowledge about stuff like temperature ramps, not to mention passive components being as small as a tiny piece of sand. And if you want to verify signal integrity, some random scope won't cut it either at modern high speed buses.
How many people cared about those schematics? Most people would say "Gee, instead of this paper of things I don't understand, having a list of the radio stations in this spot would be more useful"
As someone who found computing in general through the joy of taking broken electronic things apart and trying to fix them, it does sadden me too when I see a black blob over a circuit board but most people are just happy they're cheap and easy to replace and toss em away. Most developers I know today can't understand basic electrical circuits, even though they are the very foundation of everything we do. But like my previous analogy, most would rather just see the magic happen when they install something, write a little bit of code, and see results.
Some of us do value privacy, security, and even the underlying things that make stuff work. We're in the minority. The vast majority of people simply don't even care. I've tried explaining it to my wife, or my mother, that some piece of software might track them, know about them, restrict them, whatever, and the opinion I usually get back is "Oh, it doesn't already do that?" People joke about Facebook ads being something they just talked about all the time and it doesn't even phase them that the reality is very near to that.
People simply don't care enough to make a change in the laws that would prevent things like this.
Privacy loss is like climate change. People don’t care because the really bad things haven’t happened yet. People who keep telling them about the bad stuff that is likely to happen are alarmists, and like with climate change there’s an industry with a vested interest in downplaying the issue.
A sneak peek may be coming with what some states are doing to police travel for abortion. Does the algorithm think you might be pregnant? Congratulations, you may now be stopped on state lines and charged with a crime because you are driving someone one state over. Even if you have no intent of getting an abortion you may have to prove that in court if a prosecutor is feeling particularly self righteous today.
People in the US are not accustomed to totalitarian politics. We have rights. But loss of those rights are one populist demagogue away.
When that happens all that surveillance and remote control will suddenly become as relevant as Antarctica’s Thwaites glacier would become if it fell in the ocean.
(Left wing populist demagoguery and authoritarianism are possible too. I’m just picking on the right wing sort because it’s the kind that has traction most recently. But that too can change.)
I'm turning to the opinion that if we really want to fix this, we need to have government mandates that "takeout" style exports are provided by every company/service, in a standard machine-readable format.
If you collect and store any personal data about a user, there needs to be a standard way for them to request a usable copy.
Then allow third parties to build tools that work with those to educate users, which is why standard and usable format are key criteria. E.g. "visualize what X knows about you"
It's the details that would motivate people, but the details are precisely what's invisible right now.
(Disclaimer: talking from a US-centric viewpoint, for the majority of states that don't have digital privacy rights)
That’s the neat thing! For most people, you don’t! Until it breaks and you need to fix it, and the manufacturer is out-of-business. But then you can present that strange schematic to your local electronics repairer who can fix it up with a few spare commodity components.
The Atari (400/800, from the Warner Brothers ownership era) also had full schematics /available/ (you had to buy the 'technical reference manual') but they were available. And part of that tech. manual was a printout of the 6502 assembly for the ROM OS.
And if I remember correctly, the tech. manual was something like $20.00 (in circa 1984 dollars, roughly $58 today, and you got about 400 pages of paper, printed on both sides.
So while schematics did not "come with the product in the retail packaging" one could obtain them with only the trouble of ordering a ~$20 (at the time) "book".
I wouldn't say they are intentionally spiteful, just that modern electronics are complex enough, especially highly integrated stuff like smartphones, that the OEM's suppliers would be unhappy if detailed schematics were released. Since they would not be willing to guarantee on the record that they are correct, nor would they want stuff impinging on actual trade secrets to be revealed.
That wasn't less true for any other appliance that's ever existed, largely because of the availability of the schematics.
People have a right to know what they're buying. Companies are testing legal and cultural boundaries, silently changing functionality and usability by altering software or access to required services after sale.
It's not "too complex", it'd just be a hassle if people knew.
Microsoft showing it's totalitarian real character again. So happy that Minetest[1] exists and gives that warm Open Source glow, just knowing that your using Microsoft free software and it works fine on Linux too.
A valve radio had ~50 discrete components[1]. The first semiconductors had triple that number of components in a square millimeter in 1971[2], a modern CPU is in the tens or hundreds of millions of transistors per square millimetre. That's more components than the Encyclopedia Britannica had words in 29 volumes[3]. How are you going to 'know what you're buying' if you don't know anything about the bit which makes up most of the complexity and does most of the work? How are 'people' going to know anything about the CPU by getting lumbered a dozen bookshelves worth of schematics?
All this means is that you move one level up on what it is you are diagramming and replacing. I don't expect to replace the integrated circuit on my instant pot, but I do expect to be able to replace the control board or the thermal fuse. And instructions on how to do these things would be great! A simple diagram showing how the larger things are connected is all that's necessary. I don't need a map of all the traces, or a list of the surface mount components.
Not to say it wouldn't be useful to someone, somewhere, or save you 10 minutes, but I suspect if you are capable of replacing the control board and thermal fuse, willing and motivated to do so, have the equipment and workspace to do it, willing to spend almost as much on a replacement control board as you would on a new Instant Pot, and don't need a map of all traces or list of components, you can likely find the fuse yourself without much bother.
But that's still a different argument to the one I was responding to which was "People have a right to know what they're buying" - and the claim that products are "not too complex" for that. At the point we turn it to a diagram which says "fuse connects to System-on-Chip blob ground pin 0 and data pin 7. Button board connects to blob ground pin 0 data pin 8" are we any closer to "knowing what we're buying" in a meaningful way?
This is false, there are thousands of examples of products 'in the wild' containing trade secrets that are difficult enough to figure out by reverse engineering that they are effectively considered such, even by industry experts.
e.g. Apple's fixed glass trackpads
Also by definition they cannot be 'invalidated' since trade secrets are never 'validated' in the first place, unlike patents, copyrights, or trademarks.
This is false, there are thousands of examples of products 'in the wild' containing trade secrets that are difficult enough to figure out by reverse engineering that they are effectively considered such, even by industry experts.
That's not how trade secrets work. If you give me a device, and I figure out how that part of it goes together, the trade secret dies. There is no protection except an attempt at secrecy, and once someone is retail sold hardware, they may do anything they choose with it, thus the idea of trying to maintain a secret, when it is in someone else's hands, is silly.
Also by definition they cannot be 'invalidated' since trade secrets are never 'validated' in the first place, unlike patents, copyrights, or trademarks.
Trade secrets are valid, until they no longer are. Copyright (in many jurisdictions) require no validation either, they're merely valid upon creation.
There is no validator for the 'validity' of trade secrets, it's simply nonsense to say that they can be 'validated' or 'invalidated'.
You can't dodge this point, which you appear to be doing as I never claimed copyright law is uniform in all jurisdictions worldwide, nor was that implied.
If you don't understand how these things work, it's better to not make bizarre claims.
I never claimed copyright law is uniform in all jurisdictions worldwide, nor was that implied.
What on earth are you even talking about?
Regardless, you can invalidate anything. EG, one can make a claim "Hey, that manufacturing process is my trade secret!", and that claim can most certainly be invalided. It can also be validated.
> Trade secrets are valid, until they no longer are. Copyright (in many jurisdictions) require no validation either, they're merely valid upon creation.
Some types of copyright requires approval via some organized entity in many jurisdictions, that is easily discoverable via a quick Google search by any passing reader. The prior comment appears like a deflection from the main point, since the fact that some jurisdictions operate differently is simply irrelevant as I never claimed otherwise, nor was that implied anywhere in the preceding comment chain.
Like I said you can't avoid the fact that 'invalidating' trade secrets makes no sense. They can be revealed, they can become so widely known that the label no longer applies, and so on.
But 'validity' whether legal, logical, etc., can not apply to them.
And in any case there are many real world products which so far have not been reverse engineered to a sufficient degree to recreate, such as the fixed glass trackpad previously mentioned. If you can prove otherwise then I would welcome a link.
Michael, my simple point was that copyright, like trade secrets, requires no validation in some jurisdictions by default. For some reason you view this as a distraction, instead, it was merely illustrative.
In terms of validation, I have no idea why you think one cannot invalidate someone claiming to have a trade secret. You can literally invalidate anything, someone is trying to assert as valid.
A bottle blonde could claim that is their original hair colour, and one could invalidate that claim too.
You seem stuck on an internal definition of 'validate'. Your internal definition seems wrong.
Well if you want to avoid getting into the weeds, since it appears you have a peculiar idea of validity that does not reflect the legal or logical usage, then by all means.
Anyways I agree this is a tangent from the main comment chain, if that's what your implying. I included the last paragraph for that reason:
> And in any case there are many real world products which so far have not been reverse engineered to a sufficient degree to recreate, such as the fixed glass trackpad previously mentioned. If you can prove otherwise then I would welcome a link.
You don't get how trade secrets work. What makes them enforceable, actionable.
The classic example was during the 90s. A company was building a new factory, and as a result, it was open to the air. A competitor, wanting to legally discover how the manufacturing process of the company was orchestrated, flew over the construction site, taking photos, pictures.
The competitor claimed, that they obtained such information without trickery. The company said that they had taken reasonable precautions, to conceal their manufacturing process, with employee NDAs, and security around the construction site, yet ... that there was absolutely no precaution which could be taken to protect from plane or satellite, and thus, the took all reasonable precautions. That the plane + photos were akin to someone sneaking into the factory, and taking photos as well.
The company won, their trade secret was protected.
The point of this illustrative story, is that reasonable attempts at secrecy of things such as manufacturing processes must be attempted.
A key part of a trade secret is in its name, secret. You cannot keep a secret in public, and even if you do, for a brief period of time, you are not attempting to conceal it if everyone and their dog may look at it. Nothing you sell to a consumer is a trade secret. Nothing. Not a single thing.
You may have a trade secret in how that product was made, but you do not have a trade secret in how that product fits together. At all. A schematic of a circuit board is not a trade secret, and this is the context you started this conversation on.
To speak to this, if anyone, ever, discovers how to take apart and repair this glass trackpad you discuss, there is no trade secret, and no judge will ever ever help anyone enforce protections on the same.
To put it another way, and going back to the example at start of this message, if you hold tours of your factory with trade secret manufacturing processes in it, you no longer have trade secret manufacturing processes. Your competitors may tour it at whim, as part of the tour group, and use such information to derive and copy your no longer enforceable trade secrets.
That's simply how it works.
And there's nothing more public than selling something to the public.
I think you are confused, because Apple may claim it's a 'trade secret', in how they manufacturer said glass trackpad. But the part in consumer hands is not a trade secret. You can put the blasted thing under an x-ray, an electron microscope, and yes these are valid ways to examine things, and there's literally even remotely a trade secret to enforce from this angle.
This, any schematics provides are not going to invalidate what already exists.
I won't bother looking back at this any more, for two reasons. First, it's falling off the first page of my comments I look at, for replies. And second, your over the top, absurd attack on a correct use of the word 'valid' is quite odd, and smacks of a lack of good faith.
You've said your part, I've said mine, and I don't see much value beyond my extended attempt to discuss my reasoning re: trade secrets, how I believe they work, etc. above.
Oh, one final note. I've noticed some larger corporations, and some dark corners of the legal profession attempt to shift the line in terms of rights. We've seen absurd attempts at this in the last 20 years, and we've seen industry practices which are in effect for 10 to 20 years, in terms of IP shot down again and again.
Part of me suspects you may have fallen into a trap, where perhaps Apple claims something they cannot claim, such as extending trade secrets to devices held in people's hands. If they are, they will fail in this, unless there is a deep legislative change, and even then I doubt it won't be kicked, and you should not listen to such absurd claims.
You appear to be assuming that the 'schematics', even if they were provided by the manufacturer, describe the actual product in your hands, which is probably the source of confusion.
They don't, at least not for modern products of some intricacy.
Going back to the example of Apple's glass trackpad, there's a decent chance that literally every Macbook ever sold with it has a unique trackpad, because some transistor(s) were slightly off, due to manufacturing tolerances, requiring slightly different resistor(s) to compensate, etc..., and so on.
And there are hundreds of components just in the trackpad.
So even in the literal sense of examining it under various microscopes and so on, I think it's pretty fair to say that it's secret enough for it to be very very difficult to recreate.
But this all seems like arguing at windmills, because in practice, Apple's shareholders, board, management, employees, suppliers, customers, and competitors behave as if it was a trade secret. Which is more then sufficient for all practical purposes most HN readers are concerned with.
I took apart an old bakelite phone to replace the cord with an RJ11 one (connected two old phones together with a Cisco SPA adapter, the kids love calling each other) and was surprised when there was a little bit of paper wedged between two components with the full schematic!
Your and others' comments on this thread remind me of a though I had lately.
In the "before times", you would buy things that would last. So naturally, the companies that made them could not sell new products.
Planned obsolescence was one natural outcome that we ended up with. An electrical engineers I know told me how designing a CPU that would last a lifetime is relatively easy compared to designing an equipment that will fail only 5 years from now, but not earlier.
I wonder if there was a way we could take the other path. Keep manufacturing solid, long lasting products but also being financially sound. Right now economy, to me, seems like a thing of perpetual growth, but in a cancer-like way.
> I wonder if there was a way we could take the other path. Keep manufacturing solid, long lasting products but also being financially sound.
Regulation.
Fun fact: this is still possible! It's a little harder – it'll have to be steadily introduced, in multiple countries at once (so we don't break international trade), starting in the areas where it's cheapest to produce lasting equipment (so enforcement doesn't take out entire sectors), and I don't yet know what the regulations would look like, but if it's possible to make lasting things, it's possible to require manufacturers to make things last.
We need to do this, sooner or later, anyway: we simply don't have the raw resources to continue as we are.
I’m in favor of regulation, but that’s not happening now for the same reason that we have the problem in the first place. We’re all tied up together in capitalism, and anything that slows the acceleration of growth that our retirement funds require is not going to fly. If it’s going to happen, it’s because enough people have been excluded from the rewards of the system (we’re getting there).
Easy to nay-say, though. To me, a solution starts with spreading those values that make it possible for _consumers_ to stop sliding down the growth-over-everything slope. Mittelstands, shinise, Patagonia, yada yada. Can you as an entrepreneur make a sustainable business that isn’t just for well-off conscious consumers? What’s the product where longevity is inextricable from the core feature set, not just a trade-off with cost?
Right-to-repair is a decent example of where regulation has enough support across the ideological spectrum to get a foot in the door. It would be cool if a company who made profit on service now decides it doesn’t want to compete on service and instead takes more profit upfront with a higher-quality product. Forcing USB-C on phones feels like a small thing to me, but if it sets a precedent where interfaces are standardized for sustainability, that could be amazing. (No, I’m not worried about governments slowing progress. Locked ecosystems are doing just fine at that.)
I wonder if gaming consoles had a big hand in this? Going back to Atari pong in the early/mid 70's and I don't recall if any of the major players (Magnavox, Atari, Coleco, Sears) included anything close to schematics.
It was mostly the mobile revolution. Consoles were always considered something separate from computers. It was phones that normalized not only locked down OSes but surveillance as a normal thing.
I remember in the late 2000s hating everything about the mobile revolution and predicting where it would go. I was mostly right but wow did people ever think I was nuts. Tech groupthink back then was the literal phrase “mobile is the future” repeated like something out of a political talking points memo.
What I got wrong was underestimating how evil social media would become. I never imagined how addictive it could be made or how toxic the content would get, or how it would help re-mainstream a whole raft of horrible ideologies. The addiction factor and brain dead content machine really hit with mobile too, so it’s not unrelated. Something about that little screen that is always there and swiping to scroll seems to facilitate addiction better than a PC or laptop screen.
Agree with everything you said, but what bugs me most is that I like computers, and phones are computers but they're designed for people who don't like computers, so they pretend not to be computers. Worse, those same ideas have infected the desktop too.
The Atari 400/800 computers had available as an extra cost purchase (IIRC about $20 in 1984 dollars) a "technical reference manual" that included full schematics for the computers, a printout of the 6502 assembly for the ROM OS, and a lot of narrative describing technical aspects of the computers.
So for at least Atari, and at least with the 400/800 computers, they did release the information. For an extra cost, but it was released.
> Very large-scale integration (VLSI) is the process of creating an integrated circuit (IC) by combining millions or billions of MOS transistors onto a single chip. VLSI began in the 1970s when MOS integrated circuit (Metal Oxide Semiconductor) chips were developed and then widely adopted, enabling complex semiconductor and telecommunication technologies. The microprocessor and memory chips are VLSI devices.
> Before the introduction of VLSI technology, most ICs had a limited set of functions they could perform. An electronic circuit might consist of a CPU, ROM, RAM and other glue logic. VLSI enables IC designers to add all of these into one chip.
I agree with you, I am just highlighting companies' thinking why they would wanna protect their source code. security by obscurity. Also having a copy of source could also mean the companies might have cut corners. Many leaks of future products are now guessed from source code. Also it is so easy to copy as well by other companies.
There is a circuit block diagram, a PCB layout diagram with all the components' part numbers that I guess you can replace broken ones (?), and circuit diagrams for the power supply and for the keyboard circuit. (starts on page 97) Skimming the text, the manual seems to assume an owner has access to a multimeter, an oscilloscope, and a soldering iron.
I bought a vintage printer (juki 6100) to tinker with recently, I was pretty shocked how the manual included circuit and timing diagrams, and gave instructions on how to construct adapter cables for various machines.
Also the "driver" installation for IBM PC is just instructions on how to manually patch wordstar to work with it.
In Russia it was the case even in the 90s, but all locally produced consumer electronics in ex-USSR quickly got replaced by Japanese and Western devices.
All I can say is that in the modern era you have to lead by example. Run Linux and Firefox. Use the services from the tech giants as little as possible, you won't be able to eliminate them, but you can minimize the amount of money and attention you give them.
Tell other people.
Contribute. If you work long hours, give a little money to FOSS. If you have spare time, spend a bit of it contributing, doesn't need to be a lot.
The timeline in the link is not set. The tech world has been disrupted many times, if it hadn't been, we'd all be on IBM mainframes and typewriters or something. There is no fate but what we make. Very few people are aware enough to show up on this website and read this thread, so it's on you to do something. If you're reading this you are the resistance.
General purpose desktop computing isn't dead yet. It's still available - but barely. Now is the time to save it, or it will be gone soon.
The same thing happened to TVs. There are nearly no 'dumb' TVs that doesn't do anything more than just display the video signal. All the 'smart' ('over-smart' is more appropriate) TVs out there take too long to start and they almost always phone home to their overlords. The really worrying part is how normalized it is. I remember someone here on HN contemptuously dismissing my concern, saying that dumb-TVs are called 'computer monitors'. How many affordable 'computer monitors' above 30 inch do you know? And give it enough time - even computer monitors will become 'smart monitors', unless something is done now.
If you are big TV brand player, the way it works is you go to a contract manufacturer and say you want to do a TV. They will tell you what options you have – what sizes, features, quality levels etc (configuration) and at what price they will sell to _you_ at different order volumes and the timelines for them to deliver to you. The offer you get will not be same as the offer they make to a bigger player who is a more favored partner to them. They will tell you if you become big, you will get better deals. You come back home. Then, you do your market research and decide where in the market's price/feature/quality curve is an opportunity for you today and what is your 10 year strategy to become big. Then, you also find out someone is doing a higher quality product but somehow pricing it lower - they are cross-subsidizing it. In the recent decade that has been through data/ads deals. Then, you study what happened to those players who didn't do data/ads deals and launched the product at actual the price with some decent margin built-in. They didn't do so well. Consumers cared more about feature spec and price deals than about data/ads fine-print. A lot of the features are to do with software OS. Then you discover that the software OS vendor has lock-in contracts with the contract manufacturer. You want to use that manufacturer who has great quality TV hardware components, you don't really have a choice but to use that software vendor's OS that comes baked into the TV by the manufacturer and let them take your customer's data forever. That's the current world we are in.
TVs long ago used to take up to 10 seconds to startup because the electron gun at the back of the CRT needed time to heat up. The advent of TFT panels gave us the hope that that wait would be a thing of the past. Now instead we wait minutes for its spyware, adware and bloatware ridden OS to boot up and phone home. We're living is a world that's the opposite of what technology promised us.
TV has no purpose connecting to internet in the first place. But that's the reality now. It's more or less guaranteed that this slippery slope will lead to TVs that won't start without an internet connection - and only such TVs soon afterwards.
but not everyone wants/is capable of buying a 150lb NEC tv made to resist vandalism and such, they just want a flimsy plastic panel that takes hdmi from their laptop and pushes it to an appreciably large 1080p panel
It won't disappear because it's a different market. A digital signage display is a large computer monitor. It has a remote, and typically also an RS232 interface to communicate what is pressed on the remote (as an alternative to HDMI CEC).
In theory, markets should regulate and competitors should be able to rise and provide products over never ending services and be successful. That doesn't seem to happen though. Is it because service designs expose real business costs of continued investment in R&D sort of deal, is it because such reliable products are bad for business (you provide something so good, reliable, and cheap you kill your own revenue stream) or what?
Similar to the concept in medicine that it's bad for business to cure vs good for business to treat something. From the consumer side, clearly you want cures but markets don't seem to function that way. Treating kidney disease is far less lucrative than providing a cure (if possible). Your only option as a business to find this appealing is to somehow look at the treatment option, roll all expected profit and revenue up, and tuck that into a "cure" option. If altruism in medicine isn't there, I don't know why we'd hope for it in something as artificial as electronics and software. I don't know what the solution is here if we want to continue to pretend markets self regulate in a healthy way for the general population and not for businesses.
I mean ... the market has spoken on this. It just isn't something that enough people value enough for it to have a positive return on investment. Like pretty much everyone else here, I think that sucks, but I also struggle to begrudge the preferences of people who just don't care about this.
So the question is just, is this a market failure in the sense that the market outcome is undesirable to society such that there's a strong case for regulation? Or is it a market success in that most people are getting what they prefer (cheaper products)?
If we were to get regulation passed on this, and prices for digital products and services were to rise, would people broadly cheer or jeer us? I think it's pretty clear that most people would be unhappy with this, at least above some level of price increase (which may be zero).
So to me the question is (like with all regulation) whether this can be regulated without increasing costs to people beyond the value of the regulation to society. Maybe so, but unfortunately I'm pretty skeptical that's the case.
If companies released just the hardware without the services, then we could have open source jumping in to provide those services, and things would be cheaper.
Unless of course you want to argue that without financial incentive nobody would ever do such a thing, and open source is a fairy tale that can't really exist ...
There is a reason that open source thrives in the niche of tooling for other software developers, and ... thrives less outside that niche. The target audience for software development tooling ascribes huge value to being able to read and modify the source of the tools we use. And for good reason, it's not just a principled stand; open source directly helps us do our jobs better.
But outside that niche, nobody really values this capability, and it's not a mystery why not. What good does open source do an accountant? Any given work-a-day accountant is never going to read or modify the source of their software. They just have no interest in that. They may have a computer enthusiast friend who has made a compelling case to them for why this stuff matters, so they may agree in theory, but they aren't going to do extra work or pay extra for this. It just isn't a direct enough impact for them.
In the before times there were phones owned by AT&T attached to landlines in every home and business. Attaching your own phone and repairing the phone company's were not allowed.
This seems a lot like the same business model you're saying didn't exist before.
In fact, AT&T was more draconian. People can pay off their cell phones today. The old wall-tethered units had a monthly rental fee in perpituity.
So many folks don't seem to have remember this. IBM was also the same with the giant mainframes. Even now, if you have a power system, it's pretty much mandatory to pay an ongoing "service agreement" or very quickly you'll discover you have major issues.
I hate that the system has it where you don't own anything and you are supposed to be happy with it. But from a market perspective what else can they do? They need to make a regular income to pay for the development and such, but they also need to deal with the fact that a competitor who offers a freemium or product at a loss but where they can at some point in the future hide future costs will just naturally win.
> In the before times there were phones owned by AT&T attached to landlines in every home and business. Attaching your own phone and repairing the phone company's were not allowed.
The difference is, culturally that didn't go too well with people so hating in MaBell was a thing. Enough so that it forced politicians to enforce anti-trust laws and break it up, eliminating all these restrictions.
I fear there is no political backbone today to do anything to the monopolists that own the hardware we "buy" from them.
I'm hugely thankful someone highlighted this conflict - that our property law has largely been eroded by contract law - in a nice pull quoting from Web scraping for me but not for thee.
It's abhorrent in extreme to strip away the rights of the citizens like so. Our ability to experiment with the world & explore the things about is fundamental to maintaining the human spirit, to keeping us homo sapiens.
Which ownership rights do the sellers retain now that they didn’t previously? I’m not familiar with any ToS that permits a company to repossess your PC or parts of it.
If you’re talking about manufacturers making their devices more difficult to repair or voiding warranties based on minor modifications, that doesn’t mean you can’t do what you want with the item. It just means you can’t force the company to fix or replace it free of charge when you do.
> I’m not familiar with any ToS that permits a company to repossess your PC or parts of it.
I would call iCloud locking an embodiment of this. It's probably an unpopular example because people seem to broadly like it, but it does demonstrate the principal that the seller retains full control of the hardware and can "repossess" the device. The original purchaser does not receive a master unlock code.
Even if locking yourself out of your device is "your fault", it doesn't alter the fact that at that point only Apple retains control of the device.
Same with bios locks and management engines on PCs.
The idea that possession = ownership is gone. And we're almost all ok with that especially since it makes us a little safer and more "secure". At least until we can't trust Apple, Intel, etc. anymore.
One could argue that the black market value for your locked phone compared to unlocked phone is a proxy for how much you actually own the phone.
> I would call iCloud locking an embodiment of this.
Activation locks were required by law to deter armed theft.
> A new report from Reuters found that iPhone theft dropped by 50 percent in London, 40 percent in San Francisco and 25 percent in New York. The drops represent theft activity as measured during the 12 months following Apple’s introduction of the remote locking feature in September 2013 as part of iOS 7.
With iOS 8, Apple made its so-called said “kill switch” active by default, in accordance with California regulation, and that should help the rates of theft continue to trend downwards.
Laws pretty much always mean a loss of freedom, with the intent of promoting some other positive goal (often, some other freedom). That's why we make them.
Balancing these goals is not easy, but we don't get to avoid it just because we want "freedom" as an abstraction. It's an important consideration but only one when you put a lot of people with conflicting goals together.
It isn’t ironic, it’s precisely how it’s supposed to work.
Laws take freedom (as in do whatever you want) from people and give it to other people so the total expected gains are bigger than without the law, pretending that dishonest lawmakers don’t exist (false obviously). Also, all laws are bets on their outcomes and sometimes they go south.
Now there's a product. "Universal safety and security".
Universal safety and security is pushed almost ubiquitously. Like it's a holy truth. Trumping all other concerns. And anybody who argues for anything else is just selfish or whatever.
It's not that the PCs come with more strings attached than they did before - it's that many people, especially younger generation, are so used to those strings controlling their lives through their mobile devices and everything being a service, that they don't realize the same isn't true with a regular PC. At least isn't yet.
The only example I can think of is beer bottles. I know it's not related to computer hardware, but I'm just trying to think of examples where you purchase a consumer item and it's still not legally yours.
The reason why it remains property of the brewery, is so that they can re-use it when you recycle it. It might be something that's specific for my country, though.
They don't. I think the commenter was guessing by generalizing from software/subscription service ToS's, which are ubiquitous; plus the fusion of hardware/software in inseparable packages, like the iPhone hardware, which is a brick without an ongoing Apple subscription.
This just isn’t true. You don’t have to give Apple another dime to use an iPhone perpetually. Any paid Apple subscriptions are optional for cloud or streaming services.
It may be a free subscription, but it's still an ongoing, no-opt-out commercial software service relationship with Apple, Inc. That's why it has a Terms of Service [0] – which is effectively a ToS for the iPhone hardware itself, as there is no way to use it without Apple's OS.
(And I think it's noteworthy how that ToS' language bounces freely between "hardware" and "software"; how it fluctuates between "software license agreement" and "by using your iPhone ("device"), you are agreeing to...". Apple hardware and software are fused together: there is no practical difference).
Agreed its optional. But Apple will do their best (worst?) to get you to use it. Defaults to the free 5g, resetting preferences after OS upgrades, nagging prompts, etc.
Consumer PC hardware is the exception though. Android and iOS are more or less exactly that: computers that you may have paid for but that you do not actually own. Ditto Chromebooks.
I remember, aged 10 or so, my fellow schoolkids thought we should get paid for going to school because it was "work".
Around this point, same school but not necessarily the same year, someone else in the class thought I'd ripped off their idea in the classroom and that this was a copyright violation.
Now?
Now I understand that the work done at school is not a product, it's at most an extended pre-interview test much like a code challenge (not that literal code challenges were really possible when I was 10, given a decent C compiler would've cost something like 2 week's pre-tax income).
> So accustomed to exploitative corporate gaslighting, we're forgetting the basics of civilization, like, what are ownership rights?
...
> Stallman was right: if you erode the norm that you control your own software, you lose the hardware, too. Free software is sort of a consumer right that enshrines what ownership of computing hardware means.
The teeming masses praising Steam for cutting out the middleman seem unacquainted with the first-sale doctrine.
>In the before-times, when you bought something, the seller relinquished all claims to it
and also, all responsibility for it. in the more recent "before times" that you're probably talking about, most things you bought came with a warranty, and if you did unapproved things with that product you would void your warranty. that's what the "warranty void if removed" stickers mean. and yes, when you buy consumer PC hardware there's all kinds of stuff that you can't do with it if you want to keep your warranty.
This hasn't really changed, we just expect more continuing service from our products now, so the list of conditions to recieve those ongoing services from the seller has increased. if you want to buy something and receive no warranty, no software updates, no bugfixes, no cloud sync, no remote access, or all the other modern conveniences, then yeah, you get to do whatever the fuck you want with it.
Looking at this list, open source software is the only thing that can help save us from this future. Whenever a corporation takes control of a widespread open source software (eg Oracle buying MySQL) it is forked by the community (MariaDB).
If you don’t have access to the source code, you can’t fork it. And ALL the Web 2.0 platforms of today (on which we have our public forums) won’t give you their back-end software. Not even HN. Nor Reddit, LinkedIn, Twitter, Facebook, Telegram or even Signal. They need to retain control because of the capitalism system in which they were conceived (Facebook, LinkedIn) or sold (WhatsApp, Instagram), and the shareholder class which the corporations must serve and extract rents from their ecosystem forever. It starts with venture capitalists and it ends with wall street ownership. https://en.wikipedia.org/wiki/Surveillance_capitalism
If you look at my posts for the last decade, I have been openly saying this. Those of you who saw the movie iRobot back in 2004 may remember the tagline: “One Man Saw it Coming”. I feel like Will Smith’s character. Except that I have been doing something about it.
1. From Digital Feudalism to a Free Market
We are living in Digital Feudalism, and like serfs, we have very little say. And all of this is because we don’t have a viable open source alternative. The first step is to have this software be available to everyone.
There were attempts with diaspora* and Mastodon has so far been the most successful. We’ve quietly been building something far, far beyond Mastodon and attracted 10 million people in over 100+ countries. But you probably haven‘t heard of it. It’s a web-based, open source, general-purpose Community Operating System, on which anyone is free to develop just as they are on Linux or Wordpress.
While an app like Telegram or Signal could be easily banned from app stores by governments, something like this is much harder to censor. If millions of websites use https and some may be hosting Qbix widgets, then how will governments and corporations ban it? They may have to insist on having a backdoor to the https certificates, which means enough people would have to fork Chromium / Blink (open source on the front end). But until then, it’s a way for We the People to continue building an innovating in the face of corporate and government crackdowns.
In a free market you have a choice of landlord (eg who will host your Wordpress or Qbix instance). But you still have a landlord.
This is the part that some on HN are allergic to. I’m going to extol the virtues of automomous networks, because they’re the most benign “Landlords”, who can be trusted to uphold the rules and never change them (if enough of the community doesn’t like the changes, they can fork and continue the old rules).
Blockchains and smart contracts are JUST THE MOST POPULAR VERSION of this at the moment. There are many other architectures, including Hashgraph, IOTA DAG, and more generally, networks based around Distributed Hash Tables / Kademlia, such as BitTorrent, IPFS, and the ultimate in safety, safenet (I am not affiliated with them, but am a big admirer, see https://safenetforum.org if you want to participate, they have been active since 2004 and are still going strong.. that’s dedication!!)
I don’t just build things, but I seek out and connect with people who design, administer and build all these open source platforms and distributed systems. Back in 2014 I met Tim Berners-Lee. I corresponded with Leslie Lamport over the years. In 2018 I met up with the inventor of Kademlia, Petar Maymounkov, who went to my school (NYU). I also hung out with Bram Cohen (of BitTorrent fame) although I didn’t keep in touch w him. I also try to invite them onto our community forum and publicly interview them on our YouTube channel. Here is my discussion with Ian Clarke, inventor of arguably the first decentralized autonomous file sharing network, FreeNet.
If you want to understand why Web3 is important, or at least the type of distributed software it represents, here is my rebuttal to Moxie Marlinspike, as he had the most substantive critique of it:
Closed software and intellectual property is a product of a private ownership without limit embedded within a capitalist system. “I built it, I own it”. You end up with Zuck controlling Facebook and no one can vote him out. Or Elon controlling Twitter. Oh, I mean “Meta” and “X”. And if they want to, they’ll gradually boil the frogs until they all spend their lives in the virtual reality metaverse, or inside X.com’s “everything app”.
On the other hand, open source software is either a pure gift economy, or since 2014 can be a socialist economy where people collectively own the means of production and eliminate the shareholder class (just as they do in various cooperatives, credit unions, etc). Software produced in this way doesn’t end up with central control (Linux, MySQL, PHP, etc.)
To me, utility tokens represent a “libertarian socialist” alternative to the “capitalist” system in which our current infrastructure has been developed. Stallman’s Free Software Movement is more like a gift economy, or perhaps “distributism” (a 19th-century Christian economic system). Those are actually really good, but to pay for resource use in the ecosystem we need an accounting system, and that’s utility tokens.
Utility tokens represent a way to monetize it in a way that happens to fit the dictionary definition of libertarian socialism: “collective ownership of the means of production.” Note that it doesn’t require a central government, but collective ownership.
When you sell utility tokens to finance your startup, the buyers only have a claim to the goods and services of your eventual network. They don’t start to demand that your company extract rents forever (eg Uber taking 50% of all the money that goes from riders to drivers). Instead it becomes a giant socialist cooperative (like eg a driver’s cooperative, or FileCoin for IPFS). Vitalik Buterin and Juan Benet simply don’t exercise the kind of total control over their platforms as Zuck and Elon do.
When you sell shares to finance your startup, you introduce an ever-growing shareholder class which will exercise more and more control over the ecosystem you build, and at every steps will insist that you retain control and extract rents so they can profit.
It can sometimes be as overt as Peter Thiel saying “competition is for losers, build a monopoly” and together with Sean Parker killing all Mark Zuckerberg’s open source tendencies (such as when he eventually gave away Synapse as open source instead of giving it to Microsoft for $1 million https://www.thecrimson.com/article/2003/10/23/not-so-artific...) and dreams of decentralized file sharing software: (https://techcrunch.com/2010/05/26/wirehog/amp/) but he always retained a soft spot for open source when he personally funded diaspora* (a decentralized facebook competitor) and now, you should be thanking his open source sympathies as he is literally having his company give away open source LLaMa and other AI which his company spends a ton of money training. Without someone stepping up and doing this, the AI woukd belong to only a select few, just as Web2 and all our public forums do today.
When a few at the top of a corporate ladder hold all the power, then they can boil any frog. And if they don’t want to, they’ll be replaced by those who will. That’s how the system works.
Opt out. Embrace open source and distributed systems. Take a few hours a week. It’s out there, it’s free to try. Contribute, get certified, serve your local communities, and make money doing it!
What's the alternative to "I built it, I own it"? Seems like forced open sourcing under threat of government force would be worse than what we have now.
Also Meta these days is open sourcing more ML tools than any other corp, so I'm not sure the claim that "killing ... all open-source tendencies" is supportable.
This reads like you’re taking their post in bad faith or otherwise didn’t read all of it. They go on to mention:
> ... you should be thanking [Zuckerberg’s] open source sympathies as he is literally having his company give away open source LLaMa and other AI which his company spends a ton of money training. Without someone stepping up and doing this, the AI [would] belong to only a select few ...
You’re right that such sympathies weren’t exactly “killed” (instead “discouraged”) by advisors but pressing this mistake in phrasing is certainly a bit of a straw man argument.
I'm imagining something like a "software choice" act which requires all network connected devices to be able to, in principle, have their bootloader unlocked and an alternative operating system loaded in with relative ease. No specialized tools, you can't say "well just unsolder this chip" but you can display a prominent warning that the bootloader is unlocked. Basically do it like android does it, but by law.
There are obviously some specifics there, like if the camera on my phone has a firmware blob, does that need to be able to have the firmware updated? A lot of little caveats like that make such a law difficult, but I think with hardware access the open source community can flourish on devices like smart TVs, etc.
People naturally tend to give things away in a gift economy when the marginal cost of making a copy is zero. Dan Pink explains it here: https://m.youtube.com/watch?v=u6XAPnuFjJc
Consider science: it is a privilege in most scientific disciplines to publish one’s discoveries openly for everyone to build on. Except in the bio and pharma departments — there, the intellectual property system has made generically engineered crops trap farmers and has made drugs extremely expensive in the very country that enforces this system. I wrote about Open Source Drugs a whopping 12 years ago: https://magarshak.com/blog/?p=93
Newton said, “if I saw further, it’s because I stood on the shoulders of giants”. He didn’t pay rent to the giants for those shoulders.
Thomas Jefferson said, “He who receives an idea from me, receives instruction himself without lessening mine; as he who lights his taper at mine, receives light without darkening me.”
Albert Wenger, a friend of mine who is a venture capitalist, general partner at Union Square Ventures here in NY and who raised their climate fund, wrote an entire book called World After Capital about this very thing, and is giving it away: https://worldaftercapital.org
Back then, USV and other VCs were really bullish on Utility Tokens as a way for the participants to own the network, and to incentivize open source voluntarily, without government force:
I also mentioned Meta open sourcing ML, and said you should be thankful to Zuck’s tendencies, which he can exercise in an area that isn’t a core business proposition of facebook. The capitalists have stranged Mark Z’s tendencies in every area where Facebook could extract rents and profits from its ecosystem. And in this, it could have easily gone another way had an IP-loving Steve Jobs type been at the helm. Had FB chosen to branch out into it, like Apple did into, say, banking or cars, then you would see FAR LESS open source competition in AI. Maybe Bloom model?
Thank you, for this comment and for the work you've done, all this time.
- - - -
THe thing that gets me is that people seem pretty much content with things. E.g. they'll complain about Amazon and then in the next breath admit that they still shop there. Etc.
Some of it is complacency. (A friend of mine, an academic, was talking about "the pain" of switching from Twitter to Mastodon. I had to stop him. You just click some buttons? You don't even have to get out of your chair.)
A lot of it seems to be apathy.
And then there's contentment with ignorance.
People say that this is just "human nature" but I feel that's a cop out.
- - - -
FWIW I think of Capitalism as a kind of economic API. It's very useful, but you have to run it within certain resource limits and policies. (E.g. don't "eat the rich", just tax them at the rate that we did fifty years ago, eh?)
Science and capitalism have delivered technology and wealth, we won history. We just haven't really noticed yet.
We have to stop fighting each other and take care of each other.
That's a long diatribe for what can be reduced down to "another techbro excuse why climate-destroying pre-mined (for shareholders!) shitcoin is better".
The only thing shitcoin made "better" was how to pay the ransomware industry.
Pretty sure you’re reading your own biases into this
Where did anyone mention climate-destroying proof-of-work? Last I checked, only Bitcoin uses that amount of energy — every other decentralized system does not.
Shitcoin is a term bitcoiners use for every other coin so your own diatribe is incoherent.
Most people on HN are techbros
Blockchains are not the most efficient distributed systems architecture. But if you think you can do better, please do it!
For instance, I am. I think we can do better than BlockChain. That’s why I designed InterCloud, and putting together a team to build it.
I care about open and free technologies. Dat/Hypercore. IPFS. Maidsafe/Safenet. Matrix. Nostr. Literally none of them fit anything you’re bitching about.
In every case, people like you prefer bitching while the frog is being boiled, and actively spreading FUD about any open, free, permissionless alternatives. You’d do better by doing nothing, getting out of the way and let innovation happen. You seem to have no solution.
> Pretty sure you’re reading your own biases into this
“It is difficult to get a man to understand something, when his salary depends on his not understanding it.” -Upton Sinclair
> Where did anyone mention climate-destroying proof-of-work? Last I checked, only Bitcoin uses that amount of energy — every other decentralized system does not.
All shitcoin uses inordinate amounts of energy and resources to do wasteful calculations to prove a thing. Bitcoin chews through massive amounts of power. Ethereum chews through GPUs and lowers expected lifetimes. CHIA chews through SSDs in weeks of massive amounts of writes. Even running IPFS client chews through CPU/RAM/network like there's no tomorrow. Filecoin is 10x worse.
> Shitcoin is a term bitcoiners use for every other coin so your own diatribe is incoherent.
I include all of them. But how quaint that you invalidate me as some round-about defense of your own shitcoin.
> Most people on HN are techbros
Most != all. Some of us are actual socialists. You know, "know thy enemy" and all that.
> Blockchains are not the most efficient distributed systems architecture. But if you think you can do better, please do it!
Its already been made. Its called Hawala ( https://en.wikipedia.org/wiki/Hawala ). And its an easy way to send money across areas and even currency changes. And its based on reputation, not some silly climate-destroying math, so you shitcoiners cant make money pre-mining the chain before opening it up to the public.
Again, thats really the problem with all this decentralized "currency". Its a terrible merge between money transmitter and money printer. And you posit "But if you think you can do better, please do it!"... and you refuse the counter-question of 'Do we even need this?'
> For instance, I am. I think we can do better than BlockChain. That’s why I designed InterCloud, and putting together a team to build it.
I repeat: “It is difficult to get a man to understand something, when his salary depends on his not understanding it.” -Upton Sinclair
Basically, I'm saying this for others who read this now, and not for you. This is a tacit admittance that you cannot look at other perspectives in this realm, and must see your path as the "only and true path", because otherwise you would be rejecting your own idea and business plan. (And I know very few who can dispassionately look at their own passions.)
> I care about open and free technologies. Dat/Hypercore. IPFS. Maidsafe/Safenet. Matrix. Nostr. Literally none of them fit anything you’re bitching about....In every case, people like you prefer bitching while the frog is being boiled, and actively spreading FUD about any open, free, permissionless alternatives. You’d do better by doing nothing, getting out of the way and let innovation happen. You seem to have no solution.
And in every case, the whole network is actually run by a quorum on the backend. The breathless claims of "decentralized" arent even defensible. And the other scam here is that all these with shitcoins attached have been heavily pre-mined to "pay the upfront investment cost". But again, with you being a shitcoin founder, you're well aware how this grift works.
I used to run the blockchain meetup here locally. Some of my contributions are still used by a lot of folks. But after a hard deep dive into dozens of blockchain systems, the only real benefit is to the ransomware industry. Well, that, and a whole bunch more decomissioned power plants being spun back up for shitcoin of various types. https://www.theguardian.com/technology/2022/feb/18/bitcoin-m...
But again, I know what I'm arguing against. And frankly, you're wrong and deluded that anti-government hyper-capitalism money is the way to accomplish this. It aint.
I don’t refuse to counter-question “do we even need it?” I have written articles at length why we need smart contracts, and I linked to it in the original comment (answer to Moxie). You just ignored it in your rush to ascend your soapbox!
I know that Upton Sinclair quote. Who pays my salary?
I could say the same about you. I realize who pays the salary of many of the startups that go through YC. The venture CAPITALISTS do. The Web2 ecosystem that banks at the same bank (Silicon Valley) and had a bank run on that bank kicked off by Peter “build a monopoly” Thiel. You support that ecosystem, and therefore are against any decentralized alternatives. Do you support Palantir and precrime as well?
Perhaps the above doesn’t describe you, only a bunch of tech bros like you in the very shareholder-based ecosystem that has led to the Big Tech oligopoly and is the subject of “boiling the frog” we are talking about. But then again, you are doing the same to me, assuming things based on whatever “Web3” means to you.
First you trot out incoherent strawmen about proof of work and shitcoins. Then, when I point out the issues with what you say, you do an adhominem.
You continue to be deluded. I just got through criticizinf hyper-capitalism like Thiel’s that would make many capitalists blush. Then I proceeded to advocate alternatives that fit the dictionary definition of “libertarian socialism”. You turn around and call that hyper-capitalism.
Well, how about this… in your system, you have monopolies and hardly any competition. It’s digital Feudalism. You are like the slaves supporting the system because the slavemasters were kinda good to you. In the system I advocate, everyone is competing to provide better infrastructure (hosting, security, storage etc) and you are not locked in. There is redundancy, no single point of failure. And no one can usurp power easily.
>All shitcoin uses inordinate amounts of energy and resources to do wasteful calculations to prove a thing.
Sigh. You sound like you’re in 2013. Are you talking about Bitcoin? Because I had the same criticisms of it since before you were in crypto. I made them publicly in ArsTechnica and was covered in the BBC, Newsweek, etc back in 2018. We actually experimented with allowing people to do Monero mining as a way to pay for our apps, and the whole thing went bad pretty quickly and we removed it for precisely this reason. I called out the incentives publicly 5 years ago:
You seem to ignore that every other coin besides Bitcoin and Monero doesnt fit your description, let alone the other distributed systems…
> And in every case, the whole network is actually run by a quorum on the backend. The breathless claims of "decentralized" arent even defensible.
Really? “The whole network” of Dat/Hypercore and Bittorrent and IPFS and safenet are run “by a quorum”? You should read up a bit more on what distributed hash tables are before spouting such nonsense.
Your response is to throw shade and FUD it without engaging in anything approaching substantive, intellectually honest discussion. I back up everything I say with myriad examples that illustrate general patterns. I have arrived at this position by battle-testing my ideas and being open to changing my mind. Are you?
Saying “you’re wrong and deluded” and declaring “it aint” unilaterally isn’t actual substantive argument. It’s just asserting bias.
As a software engineer, I don't think capitalism is the only factor preventing big companies like Facebook, Twitter and Reddit from releasing their back end code... You'll find that their back end code is a real mess with millions of lines scattered all over the place, with various parts tightly coupled to specific hardware and software vendors; I can almost guarantee that if Facebook made their back end code fully open source, you'd probably need a team of 100 full time engineers working round the clock for 1 year or 2 to launch a Facebook clone... These platforms are way over-engineered; the technology essentially cannot exist without the people. Facebook as a platform is not merely code; it's an insanely complex amalgamation of both people and code. It would be useless to make their back end code open source as essentially nobody else would be able to run it.
That's why Twitter software engineers were making fun of people wanting to release the Twitter algorithm... They were well aware of what a complex mess it was and how unrealistic that was. People have the right intuition though; it doesn't need to be so complex. It is complex by design.
You may have missed this part further down in the economics section: Stallman’s Free Software Movement is more like a gift economy, or perhaps “distributism” (a 19th-century Christian economic system). Those are actually really good, but to pay for resource use in the ecosystem we need an accounting system, and that’s utility tokens.
I believe that decentralized movements need to be named properly. If Stallman named it “Liberating Software” instead of “Free Software”, his movement could have attracted a lot more devotees from the wider open source movement.
Similarly, I believe (my personal viewe) thay if BLM had simply called themselves BLAM (Black Lives Also Matter) their message would have been crystal clear and would have attracted far less controversy and much more support across the political spectrum, avoiding such rejoinders as “All Lives Matter.” In fact it rolls off the tongue better and stronger: BLAM!
When starting a decentralized movement, the naming is crucial as it affects positioning long after it has become bigger than those who began it.
This misses a wider context of increasing freedom:
Prehistory: We lived is small groups. No privacy. About 1/3 or males die by being killed by their own species. Say something against the alphas and risk death.
1600s. trials for heresy etc. Brits sail for the new world to get free speech and freedom of religion. Their colonies do ok.
2020s mobile computing everywhere. Free exchange of information largely possible everywhere even if you have to use VPNs in China, Russia etc.
2030s - optimistically totalitarianism crumbles a bit more (https://ourworldindata.org/democracy) especially if Russia collapses some after it's recent adventure - it's been one of the strongest forces on the Big Brother side of things.
So even if our devices get a bit locked down against malware I think the trend's positive. Our instincts evolved in the prehistory stage and so are perhaps a bit out of adjustment for the present day.
Which begs the question, what would a good investigation look like here? Why is this important? Who are the actors? How can we know their end goals and strategies? What things have happened in the past that we can predict will be attempted again in the future?
It would look like the familiar investigative journalism, studies, surveys, and actual source materials from the companies involved.
And it's important because without due diligence, you get snake oil, Rush Limbaugh, anti-vaxx, and other such bullshit from some rando's wild ravings that people just latch onto out of laziness and familiarity. Could you imagine if court cases were held by such standards? Or if elections could be overturned simply by a president's unsubstantiated assertions?
- 20 years ago it was impossible to buy a PC, especially a laptop, without MS Windows : today there are several suppliers: System76, LaptopWithLinux, TuxedoComputers, to name but a few.
- It is only in the last few years (less than 10) that Linux is perfectly usable on the desktop, so I don't care what decision MS will take for Windows, it is irrelevant if you have other options. For office suites we have: LibreOffice, OnlyOffice, FreeOffice
- FreeBSD has come a long way as a desktop too,in the long run will be usable as Linux
- There are now many alternatives (free or paid) to all the Google services. What Google decides to do with its own services is irrelevant to me, there are alternatives: ProtonMail, Tutanota, Infomaniak, OpenStreetmap, MagicEarth, OrganicMaps, ...
- There are several open source alternatives to Google Android, solid, complete and usable: Iodè, e/OS, to name a few, and we already have an open source app store: F-Droid.
- Linux is also making huge improvements on mobile phones (see PinePhone). It will take a few years, but I'm sure we'll have a viable alternative to Android in the near future.
- There are many messaging apps and protocols that are decentralised and resistant to censorship.
What is really in danger, in my opinion, is net neutrality and the clamps that Google and other big tech companies and governments will try to impose, but in the recent years we have seen a rise of decentralised protocols and services.
My humble suggestions:
- don't use the services of the big tech companies : look for and use only open source alternatives, if possible
- use an open source version of Android on your phone, without the Google services
- prefer decentralised solutions whenever possible