Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
necovek 10 hours ago

Locked devices are created to supposedly ensure the security of a device user, not because malicious users exist.

SIM card is a good example. Technically, that's trivially solvable with a PKI infrastructure (a malicious user can't trivially and successfully misrepresent as google.com): operator runs their CA, and by signing your certificate, they attest that you are the owner of a particular phone number. No malicious user can mess with that (other than attacking the CA).

What they can do is attack end-user devices through different cheaper means (social engineering, malicious apps, exploits...), and extract individuals' private keys, thus allowing them to misrepresent as that individual. A SIM card protects against this by not making private key accessible in the first place.

This is exactly what locked devices do: they protect customers from not knowing how to properly (including securely) use their devices.

This is what we need to focus on as technologists: if we know how to securely use our devices, how do we opt out of others "protecting" us, and take full responsibility and liability for security lapses?

matheusmoreira 9 hours ago | parent | next [-]

It's got nothing to do with protecting users. It's got everything to do with protecting the corporation from the users. Especially the corporation's bottom line.

If you have a free computer, you can make it save a copy of the film the corporation is streaming to you. It's your computer, you are in control.

If you have a corporate owned computer, it will not let you do that. They own the computer, they are in control. If you manage to subvert their control, it will be detected and they will not stream the movie to you.

Substitute corporation with government, and streaming with cryptography. Now consider the fact Europe is trying hard to enact laws that force client-side scanning of our end-to-end encrypted messages.

That is the war we are fighting. The fact we are losing hurts me deeply. It is hard to put into words my disillusionment.

necovek 8 hours ago | parent [-]

I did use "supposedly" in there. While media lobbies are strong, that's not how they are convincing governments to line up: it's about protecting the naive, non-techy user in this tech-heavy world.

To me, that's why we need to rise and say: I need no protection! Media companies can do what they please and still insist on "secure attestation" (like Netflix does with Chrome on Linux, still limiting to lower quality streams), without essential services like government services, banking services, communication services etc. being allowed to do the same if the user decides against that "protection".

oneshtein 8 hours ago | parent | prev | next [-]

Jails are created to secure users. Jailbreak is created to make users insecure!!!

rockskon 6 hours ago | parent | prev [-]

?

They can represent themselves as users just fine without extracting keys from the Secure Enclave. What are you talking about?