I admire your optimism, but we are pissing in the wind.
Microsoft is shoving this copilot in all its products? Alright, Linux and open source it is.
Windows 11 is forcing people to throw away functional computers that Microsoft seems “not secure enough” (it’s lacking TMP 2.0)
This means you can get a great deal on one of these “inscure pc”… but in the long run your pc now and tomorrow will have TPM. As time progresses, the use of TPM/attestation will become more and more entrenched in application, web pages, everything. … and Linux, with its 4% user base, will be left out in cold.
Google is bugging with its spyware? Well, I only use a Pixel phone, and ironically, its the best phone to put GrapheneOS on it.
Currently, many banking apps won’t run on Graphene (or any custom firmware) due to attestation.
Graphene issued calls for help, because Google is restricting public access to the latest android source code (I cannot find the links atm).
Gmail? I don’t remember when I opened mine the last time…
Today things like “email reputation” make it difficult to host your own mail server, so your stuck paying someone who has a better “reputation”.
My point is: today, you and I can resist with some (minor) success, but our days are numbered.
In regard to Linux users being left out in the cold… how so? Do you think that distros are going to start enforcing attestation? I doubt that it will be a hard requirement for most, even in the next decade or two. It’s an option, yes, but mandatory?
FWIW, all of my banking apps work just fine with compatibility mode enabled on Graphene. Also, I’m not sure saying it’s inevitable is the right way to go, it certainly won’t make others care about their privacy and security.
In regard to Linux users being left out in the cold… how so? Do you think that distros are going to start enforcing attestation? I doubt that it will be a hard requirement for most, even in the next decade or two. It’s an option, yes, but mandatory?
It does not matter if Linux supports attestation or not, because ultimately the application (or website) will determine if it wants to run on Linux. It’s up to the company developing it’s application or website to determine if they want to support more than windows/Mac.
Graphene has its own variation of attestation (they cryptographically sign requests with their own key - and not googles), but it requires additional hoops for each application - few companies are willing to do this.
Attestation is a wet dream for companies. You don’t need DRM (as the OS will enforce it) and you can be certain your competitors/hackers cannot reverse engineer/pirate your code or run the application in an emulator. And the implementation effort to support it, is as simple as “make function call and check the response”.
Linux will still exist (especially on the server side) and developers will still use it as a desktop machine. However, (as I implied) non-Linux games will stop working, accessing you banks website from linux will be rejected, emulation will cease - it’ll be a corporate paradise… the stocks will go up.
FWIW, all of my banking apps work just fine with compatibility mode enabled on Graphene.
I’ve complained, they don’t care. The bean counters have done their risk calculations and decided that the personal data they collect/mine (and the integrity of that data) is worth more than losing a few graphene users.
Also, I’m not sure saying it’s inevitable is the right way to go, it certainly won’t make others care about their privacy and security.
You do have a valid point: giving up after trying nothing won’t help. However, I fear there will need to be “government intervention” to allow hardware and software to be “open for everyone”. I’ll admit my bias in wonder how well governments (of late) are representing the best interests of the people. But, these topics are complicated for even technically inclined people - let alone politicians. And the strawman argument against intervention is always going to be “in the name of security”.
From my perspective, the writing is on the wall. This apocalyptic future won’t happen over night, but it will be a slow boil over the next 10 years (or so).
If you’ve got ideas for how to avoid this, I’m all ears.
Advancement in technology will always happen, and if your prose is to stop progress, you are up by your own by your own choice. Your argument about TPM is moot.
Quite a lot if banking apps are compatible. If your banking app doesn’t work, use the jail/sandbox compatible mode.
The fact that Linux has 2, 3, 4, 64467% has nothing to do with what is available at your disposal. Strawman fallacy here.
No one talked about hosting your own email server, there are alternative to the fucker-corps with privacy in mind.
You, my friend, are already defeated, but rest assured there are a ton of us still on our feet.
TPM has nothing to do with any privacy invasion, AI, or anything bad really.
are you living under a rock, or have you been not using an Android phone in the past decade? that’s exactly what is happening! through the use of the TPM, apps can verify whether you run a google corporate approved operating system, or something else, even if just slight differences, but also if you use a real clean and respectful system.
plenty of apps do this. including banking apps, while banks are restricting their web banking sites to not work on phones (because that “gives us security from hackers”, no I’m not joking this is what my bank told publicly 2 months ago, in the EU), pps that use some form of DRM, and even work related apps that show you your current working hours and needs to be used for work related manners!
TPM is a secure part, a cryptoprocessor with some memory, isolated from everything else, very basically.
It stores keys and other sensitive data, like your “hello windows pin”… Or any other PIN if you want…
This secure “box” can also be used for DRM by using the secure nature of the TPM to store the keys, or to encrypt the harddisk of your work laptop. Multiple of uses really. It’s kind of like all piece of technology, it seems like.
At that point, it’s like you are saying that encryption is bad because it can be used for DRM or validate if a piece of software is valid or not.
The TPM by itself isn’t bad or related to privacy invasion. Nor the internet or a browser is only used to spy on you.
Unfortunately, you are incorrect, and everything WhyJiffie has said about trusted computing on Android hardware is correct, and there is currently nothing to stop it from happening on PCs too, when TPM is more ubiquitous.
This is the same technology that locks printers out of 3rd party ink, or restricts the ability of farmers to repair their own tractors.
thats like saying a CPU cannot be used to run malicious code and be used against you, because all it does is maths, and maths cant hurt you, and would you really outlaw maths just because someone uploaded a picture of you to facebook?
TPMs have a use, that can be good for users too, I don’t doubt that. but because of its capabilities it enables so much user hostile shit. and frankly the tradeoffs are not worth it. just look at what happened, and still is evolving by the way on android, but iOS too. bootloaders that are not possible to unlock were bad already, but this is terrible, that they are literally making it impossible to take ownership of your own devices, to get rid of all the factory malware, if you need to use certain services that most people don’t want to or simply just aren’t allowed to give up.
We can, but part of it is accepting that our tech will be a decade or two behind. Its not the worst thing. Life is more convenient now, but all in all i think it was better before.
The masses will go for convenient, and thats ok. You have near total control of how you live your life; you just cant have your cake and eat it too is all
I admire your optimism, but we are pissing in the wind.
Windows 11 is forcing people to throw away functional computers that Microsoft seems “not secure enough” (it’s lacking TMP 2.0)
This means you can get a great deal on one of these “inscure pc”… but in the long run your pc now and tomorrow will have TPM. As time progresses, the use of TPM/attestation will become more and more entrenched in application, web pages, everything. … and Linux, with its 4% user base, will be left out in cold.
Currently, many banking apps won’t run on Graphene (or any custom firmware) due to attestation.
Graphene issued calls for help, because Google is restricting public access to the latest android source code (I cannot find the links atm).
Today things like “email reputation” make it difficult to host your own mail server, so your stuck paying someone who has a better “reputation”.
My point is: today, you and I can resist with some (minor) success, but our days are numbered.
In regard to Linux users being left out in the cold… how so? Do you think that distros are going to start enforcing attestation? I doubt that it will be a hard requirement for most, even in the next decade or two. It’s an option, yes, but mandatory?
FWIW, all of my banking apps work just fine with compatibility mode enabled on Graphene. Also, I’m not sure saying it’s inevitable is the right way to go, it certainly won’t make others care about their privacy and security.
It does not matter if Linux supports attestation or not, because ultimately the application (or website) will determine if it wants to run on Linux. It’s up to the company developing it’s application or website to determine if they want to support more than windows/Mac.
Graphene has its own variation of attestation (they cryptographically sign requests with their own key - and not googles), but it requires additional hoops for each application - few companies are willing to do this.
Attestation is a wet dream for companies. You don’t need DRM (as the OS will enforce it) and you can be certain your competitors/hackers cannot reverse engineer/pirate your code or run the application in an emulator. And the implementation effort to support it, is as simple as “make function call and check the response”.
Linux will still exist (especially on the server side) and developers will still use it as a desktop machine. However, (as I implied) non-Linux games will stop working, accessing you banks website from linux will be rejected, emulation will cease - it’ll be a corporate paradise… the stocks will go up.
Revolut explicitly goes out of their way to not work on Graphene.
I’ve complained, they don’t care. The bean counters have done their risk calculations and decided that the personal data they collect/mine (and the integrity of that data) is worth more than losing a few graphene users.
You do have a valid point: giving up after trying nothing won’t help. However, I fear there will need to be “government intervention” to allow hardware and software to be “open for everyone”. I’ll admit my bias in wonder how well governments (of late) are representing the best interests of the people. But, these topics are complicated for even technically inclined people - let alone politicians. And the strawman argument against intervention is always going to be “in the name of security”.
From my perspective, the writing is on the wall. This apocalyptic future won’t happen over night, but it will be a slow boil over the next 10 years (or so).
If you’ve got ideas for how to avoid this, I’m all ears.
You are arguing for the sake of arguing…
TPM has nothing to do with any privacy invasion, AI, or anything bad really. It was conceived by a computer industry consortium called Trusted Computing Group (TCG). It evolved into TPM Main Specification Version 1.2 which was standardized by International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC).
Advancement in technology will always happen, and if your prose is to stop progress, you are up by your own by your own choice. Your argument about TPM is moot.
Quite a lot if banking apps are compatible. If your banking app doesn’t work, use the jail/sandbox compatible mode.
The fact that Linux has 2, 3, 4, 64467% has nothing to do with what is available at your disposal. Strawman fallacy here.
No one talked about hosting your own email server, there are alternative to the fucker-corps with privacy in mind.
You, my friend, are already defeated, but rest assured there are a ton of us still on our feet.
are you living under a rock, or have you been not using an Android phone in the past decade? that’s exactly what is happening! through the use of the TPM, apps can verify whether you run a google corporate approved operating system, or something else, even if just slight differences, but also if you use a real clean and respectful system.
plenty of apps do this. including banking apps, while banks are restricting their web banking sites to not work on phones (because that “gives us security from hackers”, no I’m not joking this is what my bank told publicly 2 months ago, in the EU), pps that use some form of DRM, and even work related apps that show you your current working hours and needs to be used for work related manners!
TPM is a secure part, a cryptoprocessor with some memory, isolated from everything else, very basically.
It stores keys and other sensitive data, like your “hello windows pin”… Or any other PIN if you want…
This secure “box” can also be used for DRM by using the secure nature of the TPM to store the keys, or to encrypt the harddisk of your work laptop. Multiple of uses really. It’s kind of like all piece of technology, it seems like.
At that point, it’s like you are saying that encryption is bad because it can be used for DRM or validate if a piece of software is valid or not.
The TPM by itself isn’t bad or related to privacy invasion. Nor the internet or a browser is only used to spy on you.
There is a limit to the conspiracy…
Unfortunately, you are incorrect, and everything WhyJiffie has said about trusted computing on Android hardware is correct, and there is currently nothing to stop it from happening on PCs too, when TPM is more ubiquitous.
This is the same technology that locks printers out of 3rd party ink, or restricts the ability of farmers to repair their own tractors.
I recommend learning more about it, and reading what Cory Doctorow writes about it. https://pluralistic.net/2024/01/18/descartes-delenda-est/#self-destruct-sequence-initiated
thats like saying a CPU cannot be used to run malicious code and be used against you, because all it does is maths, and maths cant hurt you, and would you really outlaw maths just because someone uploaded a picture of you to facebook?
TPMs have a use, that can be good for users too, I don’t doubt that. but because of its capabilities it enables so much user hostile shit. and frankly the tradeoffs are not worth it. just look at what happened, and still is evolving by the way on android, but iOS too. bootloaders that are not possible to unlock were bad already, but this is terrible, that they are literally making it impossible to take ownership of your own devices, to get rid of all the factory malware, if you need to use certain services that most people don’t want to or simply just aren’t allowed to give up.
We can, but part of it is accepting that our tech will be a decade or two behind. Its not the worst thing. Life is more convenient now, but all in all i think it was better before.
The masses will go for convenient, and thats ok. You have near total control of how you live your life; you just cant have your cake and eat it too is all