| |
| ▲ | b_e_n_t_o_n 12 hours ago | parent | next [-] | | > If some piece of software I'm running is the only reason for you to refuse the connection, then you should be obligated. Obligated how? Like through violence? What happened to freedom of association? | | |
| ▲ | Dylan16807 9 hours ago | parent | next [-] | | The same violence that stops you from running a red light, yeah. In my view, it's more important to have freedom of software choice than to have the very narrow freedom of association based on what software someone else chooses. Because again I'm fine with you rejecting me for just about any other reason. But that one? No, I think we should all have to interoperate. Another way to look at it is that I should be able to keep what software I use private. Also the important part is applying this rule to companies with 7+ figures of revenue. Not so much to actual people. | | |
| ▲ | b_e_n_t_o_n 7 hours ago | parent [-] | | I mean, we all have things we'd rather not have people reject us for, that doesn't mean it should be illegal to do so. We already have the (legal) right to keep our software preferences private. In general I'd caution against trying to use legalisation to solve problems like this because they usually introduce more problems. At the very least I'd expect banks to no longer carry liability for fraud, so perhaps one intended consequence of this is that if you get defrauded the bank no longer protects you. That would suck imo. Perhaps they could make it so you waive all protections by using unauthorised software. That would probably require changes to existing legislation, and then of course people would complain that the banks have too much power etc... | | |
| ▲ | Dylan16807 2 hours ago | parent [-] | | > At the very least I'd expect banks to no longer carry liability for fraud Respectfully to you but not to banks, fuck that. You can use your computer under your control to access a bank and it's fine. You don't have to give up fraud protection. Phone apps should be the same way. |
|
| |
| ▲ | kuschku 5 hours ago | parent | prev [-] | | In Germany, the banking system had an open API, so you could even access your bank account from KMyMoney and do transactions. And you still had proper fraud protections. How is it that accessing my bank account with KMyMoney is fine, but banks don't even allow me to access my smartphone's root account without blocking me? |
| |
| ▲ | shadowgovt 14 hours ago | parent | prev [-] | | > If some piece of software I'm running is the only reason for you to refuse the connection, then you should be obligated. In general, the obligation has been soft: "If everything adheres to the protocols, it will interoperate" is how we got the Internet. And the Internet was generally useful and so self-incentivized making software work with it with minimal stumbling blocks; nobody was gating FTP clients on only working with Oracle-branded FTP servers because then you couldn't access all the other FTP servers. But that's not the only model, and I don't see an obvious argument for why should enters into it here. How does that "should" work? Is there legal compulsion? On what moral or philosophical grounds? > It's slightly similar to how protected class laws work. You can block me for no reason, but not that reason. Yes, and instituting those laws was a messy uphill battle over immutable properties of human beings. That is a far philosophical cry from "No thank you; I'd like to use all that Apple cloud tech without buying an Apple computer please." I suppose, unless we break the back of capitalism as a societal structuring model, in which case... Yep. We can make whatever laws we want if we throw out the current system. | | |
| ▲ | matheusmoreira 14 hours ago | parent [-] | | > I don't see an obvious argument for why should enters into it here This threatens to destroy everything the word "hacker" stands for. Everything this site is about. Gone. I can't even get people on Hacker News to care about this. It's over. | | |
| ▲ | shadowgovt 14 hours ago | parent [-] | | Hackers will be fine. If anything, this kind of measure-countermeasure foolishness from corporations gives them a really meaty problem to dig into. It's just very unclear that the force of law is the right tool for the job to address that problem. (Also, people on Hacker News can care about a lot of things simultaneously. One of them can be that adding the government's cudgel to the problem may very well make it worse; do we really want the government having to well-define things like "protocol" and "communication" to craft that law?) | | |
| ▲ | matheusmoreira 13 hours ago | parent [-] | | > It's just very unclear that the force of law is the right tool for the job to address that problem. Remote hardware attestation is cryptograhic proof of corporate ownership of the machine. They're using cryptography against us. Everyone here knows how devastating cryptography is. Cryptography is subversive. It can defeat police, judges, governments, militaries, spies. I'm actually worried that the force of law might turn out to be not nearly enough. > do we really want the government having to well-define things like "protocol" and "communication" to craft that law? Just ban corporations from using remote attestation to discriminate against us. If they try something else, ban it too. Don't even ban the technology, it's useful to us when used with our own keys. Just stop this abuse and discrimination. | | |
| ▲ | shadowgovt 12 hours ago | parent [-] | | > Just ban corporations from using remote attestation to discriminate against us. Whelllp, there goes my OneTouch login on my MacBook. :( | | |
| ▲ | Dylan16807 9 hours ago | parent [-] | | Using one device to authenticate another device can work just fine without any anti-consumer lockdowns. | | |
| ▲ | shadowgovt 2 hours ago | parent [-] | | It can right now. Get the government in the business of deciding what is and is not "remote attestation" and good luck with that. |
|
|
|
|
|
|
|
