| ▲ | jnwatson 4 hours ago |
| So much ignorance in this thread. There's nothing new here. All manufacturers worth their salt have this feature. This is ultimately about making the device resistant to downgrade attacks. This is what discourages thieves from stealing your phone. |
|
| ▲ | concinds 3 hours ago | parent | next [-] |
| I've been dismayed by how fast the "we should own our hardware" crowd has so quickly radicalized into "all security features are evil", and "no security features should exist for anyone". Not just "there should be some phone brands that cater to me", but "all phone brands, including the most mainstream, should cater to me, because everyone on earth cares more about 'owning their hardware' than evil maid attack prevention, Cellebrite government surveillance, theft deterrence, accessing their family photos if they forget their password, revocable code-signing with malware checks so they don't get RATs spying on their webcam, etc, and if they don't care about 'owning their hardware' more than that, they are wrong". It is objectively extremist and fanatical. |
| |
| ▲ | ShroudedNight 2 hours ago | parent | next [-] | | "No security features should exist for anyone" is itself fanatically hyperbolic narrative. The primary reason this event has elicited such a reaction is because OnePlus has historically been perceived as one of the brands specifically catering to people that wanted ultimate sovereignty over their devices. As time goes on, the options available for those that require such sovereignty seem to be thinning to such an extent that [at least absent significant disposable wealth] the remaining options will appear to necessitate adopting lifestyle changes comparable to high-cost religious practices and social withdrawal, and likely without the legal protections afforded those protected classes. Given the "big tech's" general hostility to user agency and contempt for values that don't consent to being subservient to its influence peddling, intense emotional reaction to loss of already diminished traditional allies seem like something that would reasonably viewed compassionately, rather than with hostility. | |
| ▲ | bri3d 2 hours ago | parent | prev | next [-] | | I’ve posted about this on HN before; I think that there’s a dangerous second-order enshittification going on where people are so jaded by a few bad corporate actions that they believe that everyone is out to get them and hardware is evil. The most disappointing thing to me is that this has led to a complete demolition of curiosity; rather than learning that OTP is an ancient and essential concept in hardware, the brain-enshittification has led to “I see hardware anti-*, I click It’s Evil” with absolutely no thought or research applied. | |
| ▲ | userbinator an hour ago | parent | prev [-] | | Given how the opposition has radicalized into "you should own nothing and be happy", it's not surprising. None of the situations you mentioned are realistic or even worth thinking about for the vast majority of the population. They're just an excuse to put even more control into the manufacturer's hands. |
|
|
| ▲ | 3 hours ago | parent | prev | next [-] |
| [deleted] |
|
| ▲ | foxes 3 hours ago | parent | prev [-] |
| How is graphene considered the most secure phone os but you can still flash on new firmware? I don't care if they can downgrade the device, just that I boot into a secure verified environment, and my data is protected. I also think thieves will just grab your phone regardless, they can still sell the phone for parts, or just sell it anyway as a scam etc. |
| |
| ▲ | jnwatson 2 hours ago | parent [-] | | The attack is simple: the attacker downgrades the phone to a version of firmware that has a vulnerability. The attacker then uses the vulnerability to get at your data. Your data is PIN-protected? The attacker uses the vulnerability to disable the PIN lockout and tries all of them. There's over a 10x difference in fence price between a locked and unlocked phone. That's a significant incentive/deterrent. | | |
| ▲ | foxes 21 minutes ago | parent [-] | | Don't pixels have a security chip that is supposed to make that infeasible? It has some increasing timer for auth, and if you try and factory reset it - it destroys all the data? As I said its less important that the thief can boot a new os, the security of my data is more important. How is that compromised? It feels like a thief is just going to opportunistically grab a phone from you rather than analyse what device it is. |
|
|
