Comment by kelnos

Comment by kelnos 4 days ago

36 replies

View on Hacker News

I enjoy cool features like this, but as usual, I'm wary of the consequences.

Android is becoming more and more locked down like iOS. Even if it weren't, it's still always been more locked down than a standard desktop or laptop machine running an operating system of the user's choice.

With the advent of smartphones and tablets, already I see non- and semi-technical users often dropping their laptop or desktop and just using their phone or tablet. (I know people who don't even have a laptop/desktop anymore.)

Android having a full desktop interface will just add fuel to this fire, and further normalize running a locked-down OS and device that users don't truly own or control as their only computing platform.

ssl-3 4 days ago

It wasn't always so locked-down as it is today.

The OG Motorola Droid, for example: While it clearly wasn't a design intent, there was really nothing of any gravity to stop people from using it in any way they wished.

Rooting was a simple matter of running a hacked su command, and voila: One becomes root. The bootloader wasn't locked at all. Custom kernels and userlands were normal. It was a great little pocket computer to goof around with for anyone who cared enough to give it a swing.

Just install the "missing" su binary and...done.

At the time, I felt that this was a perfectly acceptable way to keep it working reliably for regular folk.

Reply View 8 replies
  • palata 4 days ago

    In a way I don't know what I think about them preventing me from modifying "their" certified OS. Many products do that (if I buy a Marshall smartspeaker, it's not like if I can modify the software, is it?).

    What I want is to be able to properly install an alternative OS (just like I don't care about what Windows or macOS do, as long as I can install Linux), and that goes with the bootloader unlocking/locking.

    Reply View 7 replies
    • bluGill 4 days ago

      The problem is for every person who wants to do this, there are hundreds (thousands?) who wouldn't want to - and these people are vulnerable various security exploits that would allow someone evil to take over their device.

      This isn't just a made up situation: There are nations that have large teams of people who's job is to figure out how to get software installed on your device of their choice/make/design, allowing them to do whatever they want.

      Reply View 6 replies
      • palata 4 days ago

        This isn't quite true. The Google Pixels allow me to unlock the bootloader, install my own system, and relock the bootloader. As a result, I run an alternative OS called GrapheneOS which is more secure than Android.

        The fact that I can unlock and relock the bootloader is not a security issue or a risk. People who don't know what that means cannot possibly do it by mistake.

        Now allowing root access to users on Android, that's a security risk because a user can be tricked into giving root access to some evil app. I don't have root access on my GrapheneOS, even though I chose to install it myself. Because it is more secure like this.

        So it sounds like a fair compromise to me: they make Android the way they want, and if I don't like it I can install an alternative OS. Just like I can install Linux if I don't like Windows. What I don't like is that most Android manufacturers actively try to prevent me from doing that, and I don't like it.

        Reply View 5 replies
palata 4 days ago

I have mixed feelings as well.

The security model of Android and iOS is vastly superior, and for "normal" users it is not so much of a problem if they don't have control they neither need nor want.

On the other hand, I obviously don't like it when I don't have control over my hardware. But what I hate the most is when the manufacturers prevent me from installing an alternative OS. I like being able to install something like GrapheneOS.

Also the fact that I'm forced (in practice) to use the Play Services is not really about the device being locked down.

Reply View 24 replies
  • ece 4 days ago

    Vastly superior security doesn't make you give up freedoms for security. But do tell me how successful the war against scams has been for the average user.

    Reply View 22 replies
    • palata 4 days ago

      I am not sure what you are trying to say.

      Convincing a user to give their password will always be an issue, that's fundamental. But because phishing exists does not mean that security does not matter.

      Without security, there is no need to phish, because the system does not protect anything. Once you have a good security, then the best attack is phishing because it's easier to trick the human than the system. This means that the security is good, not bad.

      Reply View 21 replies
      • pluralmonad 4 days ago

        I think one of the points is that all this attestation stuff does not protect against the majority of the ways users are compromised. Its just remote control with real security benefits, just those benefits largely accrue to companies and at the expense of the user.

        Reply View 7 replies
      • ece 4 days ago

        This level of security exists on open as well as closed platforms, the problem is the closed platforms not allowing you to do things that aren't giving your password away (like installing fdroid or using beeper easily). I just have a hard time believing this is superior in any way.

        Reply View 6 replies
      • Borealid 4 days ago

        You can't provide a passkey to a malicious site without writing your own web browser. And the "password" is a 128-bit integer.

        It completely solves the phishing-password-stealing problem.

        Reply View 5 replies
  • hulitu 3 days ago

    > The security model of Android and iOS is vastly superior

    "This app requires access to all your files. OK [X] Close []"

    Reply View 0 replies
ulrikrasmussen 3 days ago

I am with you, and for this reason I really want them to fail. The PC is currently still a platform where the user has a relatively large amount of control and digital autonomy, and as long as a sizeable part of the population keeps using it, companies and government institutions cannot ignore it and must support it.

Once 90% of all internet clients are iOS or Android the open internet is dead, and the concept of a general purpose computer on which you can run any computation you want is also inaccessible to the average person. From that point on, everything is a service that you rent from either Apple or Google.

Reply View 0 replies