I like the essay but it fails to realize the goal posts are not fixed on the field. General purpose computing is alive and well and cheaper than ever, you can build the equivalent of a PC/AT for about $50 in parts.
What Cory misses is that when we were building CP/M machines and IBM PC clones, there already was a big pile of computers that were locked down so that somebody else could make money off of you using them. I went to school at a time when you were allocated a fixed number of kilocoreseconds (kilowords of core you could occupy on the big computer charged on a per second rate) and I had my kit Z80 system and felt very superior.
Computers got more powerful and now the one that was sold to you has the more than the capabilities than the one where it was already proven you could extract value for using it, so people continue to extract that value. And when their extraction is sidestepped, they work with computer makers and software makers to regain the upper hand. The goal posts moved.
What has also happened is that the backbone of what used to be the "personal computer" market was people who were more fascinated with the computers themselves than with the software they might run on them. The manufacturers worked to appeal to the tool users, the architects, engineers, and others who understood the value of computation for their job and so they were willing to invest for the right tools. There are a lot more of those people then nerds who like computers. The goal posts moved.
Today's "computer" market is not really about computers, its about a platform for consuming digital products. Whether it is entertainment, or navigation, or gaming. That you could run a compiler on that thing and make new programs that it could run is nearly incidental (and certainly insignificant) to the market who buys it. The goal posts moved.
We have reached the point where general purpose computers are these $35 and $50 things for people interested in computers and for no one else. Even when people try to push them that way.
I don't believe there is an assault on general purpose computers, what is happening is that thing you called a computer before is what back in the day we called a TV and a telephone and a radio and a record player, except all in one package that runs all day in your pocket. It has a computer in it but it isn't a computer in the original sense of general purpose computing. There are lots of general purpose computers, and there are now FPGAs that are easily loaded with general purpose computation. You just can't run gcc on your TV.
Even most people interested in computers don't want just some barebones chip on a piece of PCB anymore. They want programmable pocket-carriable device with peripherals, too. That without relying on opaque blobs, without obsolescence plans of the manufacturer, without having to share memory with opaque and dangerous modem. There is NO such thing for $35 and $50, or for any price.
With FPGAs too you can't do anything more involved, like interface DDR memory, without reliquishing control to proprietary blobs on proprietary toolchain, subject to manufacturer obsolescence plans. This isn't something I can call "general purpose computing" with clear conscience.
The way I get it, you are saying that the risk article mentions has already materialized: we have a bunch of general-purpose computers running in a bunch of devices which are artificially limited from performing general computation.
It seems to me the article does not really hit the point with those who are not already on-board with "all software must be free" (in the FSF sense).
If you don't believe you should have the right to modify software running on your paid-for general purpose computer called a TV (and it is a general purpose computer, some even run mostly general purpose operating systems like Android or WebOS on ARM SoCs), the article is trying to warn you that you'll be soon the victim of software on those TVs: like the webcam and microphone issues with Samsung TVs recently.
Only when anyone can explore and run software they wish on their general purpose computers masquerading as specialized devices (that's what the article aims for, imho) will everyone, including your mom, brother or yoga teacher, be safe from the risks hacker community is all too well aware of.
I don't think the article is very clear in what it tries to convey, because general purpose computers will always remain, but public at large is being steered away from them, and that's where the risk is.
I'd be interested in speaking with anyone who has tried. =]
But moreover, I think your point about the goal posts is apt given "the goal" is to have "cheap GPC" since the definition of cheap changes (in dollars adjusted for time) but the definition of GPC also changes. And so, you might say we're even moving them in (at least) two dimensions.
You could run gcc quite nicely on the little rockchip boards in a lot of smart TVs (people do repurpose them quite a bit) but I bet you'd melt the TV if you tried to compile gcc on there!
I think it's interesting that some of the distinguishing features of a "real" computer in the 80s (I/O, realtime capability) have become the features of a "toy" computer (Arduino etc.)
Weve been on this road for a long time unfortunately with hdcp, region coding, and the contamination of the ecosystem by IME and similar systems. The new open source risc architectures at least offer a glimmer of hope
Virtually every alarmist article from the past 50 years about mass surveillance, tech lockdown, etc. seems prescient now. Today's surveillance capitalism exceeds the wildest fever nightmares of 1990s shortwave radio conspiracy nuts.
My fear for the future is that any computing device must have a government provided co-processor, and it will not be able to connect to a network without it. Any citizen found with an illegal device would be punished.
Government-provided? Not likely. The state has long since lost (well, more like willingly let slip) control to corporations. You already have those black-box coprocessors, like the Intel Management Engine.
You fear the government doing something like this but the corporation already has. What difference is there? Please don't claim that the government has a monopoly on violence, that is certainly not the case.
I don’t think many large technology sector corporations employ physical violence. We do have organized crime, and private defense contractors like Halliburton, obviously, but in the context of companies that manufacture or influence manufacturing or distribution of computing components, if you want to say they do more physical violence than the government, I’d say that warrants a citation and evidence as an odd/irregular claim.
> You fear the government doing something like this but the corporation already has. What difference is there? Please don't claim that the government has a monopoly on violence, that is certainly not the case.
Can you please give an example from recent history (past twenty years) of corporations forming a duopoly on violence?
This is already the case for mobile networks. Open source basebands are illegal. The best you can do is sequester your proprietary government-aproved co-processor as far as possible from your main processor, but most computers with such network adapters built-in aren't designed this way - they're designed to promiscuously share memory.
> This is already the case for mobile networks. Open source basebands are illegal. The best you can do is sequester your proprietary government-aproved co-processor as far as possible from your main processor, but most computers with such network adapters built-in aren't designed this way - they're designed to promiscuously share memory.
I don't think open source basebands are illegal per se. I thought the legal encumbrance was due to the NDAs under which documents related to wireless chipsets are released. Can you explain a bit more?
It's not that there's a law (that I'm aware of) forbidding baseband software where the source is public - it's that operating a device with uncertified firmware is illegal. That means that devices with user-modifiable baseband firmware are also illegal (or at any rate, no manufacturer will take responsibility). So open community development of baseband firmware, in the usual model, is impossible - you can't legally test it (at least not without a questionably-legal SDR, a femtocell, and a faraday cage) and you can't certify it.
So while it might, technically, be true to say that open source basebands aren't illegal per se, the fact remains that they are functionally impossible because of the law.
> People who took the software without paying for it were untouched.
This is a fundamental issue of DRM: people who "break the rules" end up better for it. If you annoy people, they will find ways around your rules, and then you won't be able to touch them.
On the other hand, such rules are more easily applied to corporations and government organizations. I say we should start making big companies use Trusted Execution technologies to use people's data, so we can keep the keys and take away their access when we want to.
>"fix the Internet so that thepiratebay.org no longer resolves," sounds a lot like .. “take that pizzeria on the corner off the phone network," and not like an attack on the fundamental principles of internetworking.
I don't get this - disconnecting the pizzeria from the phone network seems more severe than simply removing it from the yellow pages. If you remove thepiratebay from DNS you can still reach it via its IP address, you can still link to it, and you can probably still find it using search engines.
DNS is a fundemental component of the internet. Currently, computers trust their upstream DNS servers to resolve correctly. Imagine if tpb resolves incorrectly on some networks. People on those networks may choose to use a different DNS server that resolves TPB correctly, but maybe has a grudge against Google and resolves an IP for Yahoo instead. Other DNS servers may have other grudges, or policies, or political pressures.
The end result is that DNS cannot be trusted, and so the design entirely breaks. Imagine ordering a package but not knowing if the delivery driver will see your address at your house or someone else’s.
This isn’t just removing something from the yellow pages, it’s introducing distrust into the phone system itself.
As briefly mentioned in the article, SOPA proposed DNS-level blacklisting against copyright-infringing websites. But the fact that you are able to choose what DNS server you use almost guarantees that at some point someone would set up a DNS server outside of the US that would bypass these blocks anyways.
Savvy users could simply bypass a SOPA-enabled recursive DNS server by pointing their DNS settings to an off-shore recursive DNS server... What would happen to users if an infringer decided to setup a “free, non-SOPA” recursive DNS server for users to use – one that additionally hijacked legitimate banking, ecommerce and business websites, too? [1]
Right click bundle icon, click `Open', follow instructions (such as they are). It's been like this for years.
You might have to tick the 'App Store and identified developers' option in the General section of the Security & Privacy preference pane? - but my recollection is that if you don't, you just need to right click a bit more often...
I was a mite concerned when they introduced this stuff, but the net effect has been minimal, and I've (so far?) found no reason to disable it.
All it takes to disable Gatekeeper is a single Terminal command. All it takes to disable System Integrity Protection is a single Terminal command run from recovery mode. By my count, that is ten minutes of work at most to allow not just unsigned software but unsigned drivers that run at a super low level.
Add in a few more Terminal commands and you can even disable really arcane things like amfi [1]. I don't know why you'd ever want to do that, and it's probably a bad idea, but you can, so by all means please go nuts.
When Apple starts taking away Terminal commands you are free to start screaming, and I'll be there with you. For now, all Apple has ever done on macOS is remove UI options, which keeps inexperienced users from running into them.
P.S. Microsoft, by contrast, does not let you permanently disable driver signing on 64 bit Windows 8/10. This perpetually drives me nuts, but no one else seems to care for some reason...
Test mode and `nointegritychecks` work for some drivers and not others—I've never been able to figure out why. Monitor EDID overrides are a quick example of what doesn't work in test mode. You need go through the whole advanced startup process, which only takes effect until the next reboot.
That is the case. The defaults are 'developers who were vetted by apple', it is up to the user to trust or distrust individual applications and running non-signed ones is trivial.
When AI gets smart enough to do bad things there will definitely be a lockdown. What happens when you can program your robot to commit crimes for you? You won't be able to load certain types of programs by law. They are already doing this with geofencing for drones.
I disagree. It may be a convenient narrative for those who want to lock down computers, even on the desktop, but remember that our desktop computers have had intelligent agents capable of committing crimes for decades, and it hasn't been a big problem all things considered. Of course, by "intelligent agent" I'm referring to the animal that operates the computer by pushing buttons.
If machine learning and other advanced AI produces sophisticated programs capable of assisting in these crimes, or of performing the crimes automatically, how will that change anything? The human pushing buttons committed a crime and got caught, the advanced AI committed a crime and got caught, what's the difference? Either way the person responsible for the computer is punished.
Of course, if computers reach super-human intelligence, then all bets are off, and having access to general purpose computers might be the least of our concerns.
You neglect the scale of the damage done in the various crimes. Yes, the person giving the command is tesponsibke, but law enforcement also includes crime prevention. This means keeping the most terrible crime supporting stuff out of the hands of the people (guns, anyone?) and dissuading people from doing bad things.
A network commected computer rarely leads to more than deleted files and leaked data elsewhere. In the hands of capable, well funded hackers, devastating damage could be done to infrastructure these days, but few actors are interested in that and they mostly exist in a space where conventional law enforcement is powerless.
An autonomous roving robot that could be patched to turn into a murderbot is facilitating crimes of a completely different magnitude. There will be political will to rein that in as soon as the possibility becomes real.
This will have an effect on self driving cars as well: these will be locked down completely, mostly by political mandate. And the cause will be reckless hackers building uncertified firmware that is either of low/unproven quality or capable of breaking the law on request in some reckless form or other.
What Cory misses is that when we were building CP/M machines and IBM PC clones, there already was a big pile of computers that were locked down so that somebody else could make money off of you using them. I went to school at a time when you were allocated a fixed number of kilocoreseconds (kilowords of core you could occupy on the big computer charged on a per second rate) and I had my kit Z80 system and felt very superior.
Computers got more powerful and now the one that was sold to you has the more than the capabilities than the one where it was already proven you could extract value for using it, so people continue to extract that value. And when their extraction is sidestepped, they work with computer makers and software makers to regain the upper hand. The goal posts moved.
What has also happened is that the backbone of what used to be the "personal computer" market was people who were more fascinated with the computers themselves than with the software they might run on them. The manufacturers worked to appeal to the tool users, the architects, engineers, and others who understood the value of computation for their job and so they were willing to invest for the right tools. There are a lot more of those people then nerds who like computers. The goal posts moved.
Today's "computer" market is not really about computers, its about a platform for consuming digital products. Whether it is entertainment, or navigation, or gaming. That you could run a compiler on that thing and make new programs that it could run is nearly incidental (and certainly insignificant) to the market who buys it. The goal posts moved.
We have reached the point where general purpose computers are these $35 and $50 things for people interested in computers and for no one else. Even when people try to push them that way.
I don't believe there is an assault on general purpose computers, what is happening is that thing you called a computer before is what back in the day we called a TV and a telephone and a radio and a record player, except all in one package that runs all day in your pocket. It has a computer in it but it isn't a computer in the original sense of general purpose computing. There are lots of general purpose computers, and there are now FPGAs that are easily loaded with general purpose computation. You just can't run gcc on your TV.