[ynniv]

The core problem with trusted computing is that users are never allowed to install their own root certificate. My grandmother should be able to install a root that someone she trusts controls, which will include but not be limited to the OS vendor.

[salvar]

"What is a root certificate?" - All grandmothers everywhere

[ynniv]

"Hey grandma, run this and click Ok. Nevermind, just let me see it for a minute." Don't be a ridiculous strawman, everyone has friends or family they trust that are better aligned to their cause than multinational hardware vendors.

[pilif]

How do you make sure that grandma only does this if you tell her but not if the app she wants to watch that movie in or that email with your brother's address in the from field tell her to?

[bskap]

Everyone? They all have people that they trust, and at least one of those people is tech-savvy enough to evaluate root certificates?

[SAI_Peregrinus]

"Hey grandma, you won a new iPad! Just click here, then click ok in the box that pops up! Free iPad!"

[dpark]

How would that accomplish anything? Are you going to sign the latest Firefox for her yourself?

[vetinari]

In the world of Linux distribution, they can have multiple independent repositories. When adding another one, you usually import their PGP key to establish trust. When you install Google Chrome on Linux, you will add another repository that will be responsible for further Google Chrome updates.

In the Android world, multiple app stores exist. There are stores by Amazon, Yandex, Baidu, etc.

If Apple wanted, similar mechanism could be made for iOS too.

[salvar]

> In the Android world, multiple app stores exist. There are stores by Amazon, Yandex, Baidu, etc.

Do you think non-technical users regard this as a positive or a negative?

[vetinari]

Good thing then, than in other areas of life we don't limit ourselves to lowest common denominator.

Imagine, if economy or politics worked only according to the naive users.

But to answer your question: they would get used to it. Just like to multiple tv channels or multiple car brands.

[salvar]

I could not disagree more with this view on designing for usability, but to each their own.

[tzahola]

Though politics does cater for the lowest common denominator...

[vetinari]

... by smokes and mirrors, thus selling the appearances, not by inner working.

[johnsea]

It wouldn't matter as non-technical users would use the default store as today.

[brisance]

I'm sorry but this is hypocrisy at its worst.

You say that Apple is doing this for its own financial interest yet on the other hand Yandex, Baidu, Google, Facebook and all the other companies also have to obey local laws, and are just as bad if not worse since their system of persistent user tracking is far more insidious.

Don't like Apple? Don't buy their products. Your involvement with them ends there. Don't like Google? You can't avoid them no matter what OS you are using, no matter what browser you're using etc.

[vetinari]

> I'm sorry but this is hypocrisy at its worst.

You must elaborate that more, because I can't see it.

> Yandex, Baidu, Google, Facebook and all the other companies also have to obey local laws,

Sure, but the option of third party app stores opens also option of sideloading. In the case of Apple, when Apple says no, you are without the app, period.

> and are just as bad if not worse since their system of persistent user tracking is far more insidious.

Not sure about their tracking, but they do not have an equivalent of Play Services on the devices. If you want to be really sure, use F-Droid or apps stores with the principles of F-Droid.

> Don't like Google? You can't avoid them no matter what OS you are using, no matter what browser you're using etc.

That's not true. When you use Google Search, Gmail or Youtube, it's you who entered the URL into the location bar. You can stop doing that exactly the same way, like you can not purchase Apple products.

[brisance]

>Sure, but the option of third party app stores opens also option of sideloading. In the case of Apple, when Apple says no, you are without the app, period.

This is a non-issue that people have brought up countless times. First of all, are we in agreement that app stores and other legal entities have to obey local laws? So your point is moot. Side loading is possible on iOS. You don’t even need to own a Mac to develop for iOS. [1,2,3,4] There is also the open web to fall back on.

And you are incorrect about user tracking. Just a day ago Google was caught tracking users even when location services are turned off. [5] And please educate yourself about modern ad tracking [6]

[1] https://www.outsystems.com

[2] https://www.xamarin.com

[3] https://cordova.apache.org

[4] https://www.xojo.com

[5] https://qz.com/1131515/google-collects-android-users-locatio...

[6] https://donttrack.us/

[vetinari]

> This is a non-issue that people have brought up countless times.

Does not make their argument right or correct.

> First of all, are we in agreement that app stores and other legal entities have to obey local laws?

Proactive censorship, company policies or business interests do not align to local laws 1:1. Porn, BitTorrent, gab.ai or countless other banned applications are not illegal, yet you are not going to be able to install them on your Apple device.

> Side loading is possible on iOS.

By jailbreaking?

> You don’t even need to own a Mac to develop for iOS.

We are not talking about development, but about loading a binary on the device and running it. TWO DIFFERENT THINGS.

> And you are incorrect about user tracking. Just a day ago Google was caught tracking users even when location services are turned off.

On Android devices with Play Store (aka Google proprietary app) installed. And they apologized for that, and are removing it.

> And please educate yourself about modern ad tracking

If you are concerned about ad tracking and you don't use any adblocker, at least educate yourself about capabilities of the current browsers[1].

[1] https://www.ghacks.net/2017/11/22/how-to-enable-first-party-...

[chakalakasp]

"My grandmother should be able to install a root"

She can, it just yields plants, not apps.

In all seriousness, this was an unintentionally hilarious comment. You can be against walled gardens, but one of best arguments for their existence is because grandmas in general can't be trusted to install root certs.