Hacker News new | past | comments | ask | show | jobs | submit login

A point that often lacks mentioning in "trustable" hardware devices is the abuse potential. As soon as there is a practical venue of increasing "trust" in any kind of device, it will be immediately abused by DRM and other noxious actors - try rooting your Android phone: not only will you not be able to lock the verified-boot keys to your own (to prevent others from flashing malicious firmware), you'll get greeted at boot with a "can't trust this device" message (great, I already know I'm rooted, I'd love to know though if someone like the US CBP tries to mess with my device), and not just Netflix will severely degrade performance, but other applications (Google Pay, most banking apps and a ton of games) will refuse to run entirely.

I'm not sure which world was better, the old PC world where rootkits and other similar malware had free reign, or the modern "trusted" world.




> I'm not sure which world was better, the old PC world where rootkits and other similar malware had free reign, or the modern "trusted" world.

Indeed, I would choose the old PC world, though I concede that most users would not. The saddest part of it is that they aren't mutually exclusive and shouldn't have to sacrifice one for the other. You do lose a little bit of "security" by trusting the user (and therefore anyone with physical access), but this is something I think the owner of the device should get to decide. If it's not configurable, we should be very clear about the fact that when you "buy" it you're merely renting with no specified return date.


> Indeed, I would choose the old PC world

So welcome to the world of GNU/Linux phones, which currently has Librem 5 and Pinephone.


> I'm not sure which world was better, the old PC world where rootkits and other similar malware had free reign, or the modern "trusted" world

I'll take the old world over the new one, no contest. Sure, I had to actively work to protect myself from bad actors in the old one. But in the new one, I also have to protect myself from the devices themselves. That's a much more difficult prospect.


>not be able to lock the verified-boot keys to your own (to prevent others from flashing malicious firmware)

Am I mistaken in believing that installing GrapheneOS on a Google Pixel phone completely takes over the phone including taking over the phone's verified-boot subsystem with the result that GrapheneOS can tell if the boot process has been tampered with, e.g., by an evil maid?




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: