Hacker News new | ask | show | jobs
by _qulr 2051 days ago
"I always advocate against opt-outs for security features like this"

The author conveniently overlooks the fact that customers pay literally thousands of dollars for Apple computers. We're not talking about a free online service here. This is why "you no longer own your computer" has so much traction. Shouldn't we own the devices that we buy?

The tech companies are trying to destroy the very concept of product ownership, and consumers ought to fight to the end over this. It's why "right to repair" is so important too.
2 comments
floatingatoll 2051 days ago
I pay extra money for Apple computers is specifically due to these security controls.

I spent decades building and running my own computers and I’m not interested in doing so anymore. I own the device that I buy, I knew how to turn off these controls and didn’t bother during the outage, and I generally refuse to do so. In return, I don’t have to deal with all the weaknesses of the liberated computing approach that you frame as the only optimal outcome.

Apple’s restrictions liberate me from having to spend time on fully-liberated computing. I’m glad liberated computing exists, but the idealistic view that all computing should be that way is harmful to my life’s priorities.

link
_qulr 2051 days ago
> Apple’s restrictions liberate me from having to spend time on fully-liberated computing.

This seems to conflate restrictions with defaults.

It's reasonable for Apple to configure Macs to be safe "out of the box". But it's not clear why it helps you to prevent other Mac users from changing the defaults.

link
zepto 2051 days ago
If you are someone who wants and understands how to use a machine with disabled security features, it obviously doesn’t help to have the defaults be unchangable.

For everyone else, it is a very important safeguard against social engineering attacks.

link
floatingatoll 2051 days ago
You’re right, “Apple’s out-of-the-box restrictions” is a better phrasing.

I don’t understand your final sentence about “prevent”, and it doesn’t seem to be connected to anything I said. I apologize but as a result I can’t consider or reply to it as stated.

link
alpaca128 2051 days ago
How would that be better than all the freedom but with good default settings? You're not forced to tinker with all controls, and if you don't agree with a default you can actually do something about it instead of saying "well, that multi-billion dollar company probably knows better what I need".
link
floatingatoll 2051 days ago
What settings are you unable to tinker with in macOS Big Sur?

Are we discussing generic theoreticals or are there actually specific settings you think you don’t have the freedom to modify?

I haven’t seen anyone say “I can’t modify this setting on Big Sur” and have that inability remain unsolved for more than an hour, yet there’s a huge ruckus about lost freedoms, so I’d love to understand where the rubber meets the road here.

link
alpaca128 2051 days ago
How about this whole thread's topic? Can you just turn off OCSP so the Mac doesn't ask Apple servers before running any executable? And I don't mean turning off wifi.
link
floatingatoll 2051 days ago
Sure, add it to /etc/hosts, ds flush, done. Everyone knew that half an hour into the event, thanks to lap’s tweet, and some knew it years prior to the outage, too.

Or if the loss of Mac App Store access that results bothers you, write a simple http filter proxy that only rejects gatekeeper OCSP and place it into your Network preferences Proxy section.

macOS won’t stop you. This is all basic decades-old Linux admin knowledge, and the only Mac-specific command is know how to flush the DNS resolver cache without rebooting. I am not yet persuaded of your argument.

What other specific instances do you know of where you think macOS won’t let you do something to your own device?

link
zepto 2051 days ago
“You no longer own your computer” has no traction outside of ideology.

There are a few people who bring it up, and then use manipulative rhetoric:

“Shouldn’t we own the devices we buy?”

Of course, who would disagree with that! But this is manipulative because you are affirming the consequent. I.e. leading the reader into accepting the conclusion that you don’t own your computer.

“The tech companies are trying to destroy the very concept of product ownership”

This is an ideological claim with no factual basis, there are no memos or recordings supporting that anyone is trying to do this. It’s just you claiming to know the plans of ‘the tech companies’.

It could just be that Apple is trying to stop malware. Perhaps not a secret plot! Maybe there is no conspiracy!

It’s also a laughable exaggeration, as well as black and white thinking . Do you own your house? Presumably not since there are many legal restrictions on what you can do with it. Do you own your car? Presumably not, since you can’t install your own software on its computers. Do you own your toaster oven? Presumably not since you can not reprogram the microcontrollers.

Perhaps the conspiracy is deeper than I realized!

“Consumers ought to fight to the end over this”

More manipulative language. Frame things in terms of a fight between corporations and consumers, and a ‘fight to the end’.

Are you a ‘consumer’?

But more importantly, what is ‘this’? It seems like you are asking to fight over the belief that ‘Tech companies are trying to destroy the concept of product ownership’. I.e. divide people and exhort them to fight over an ideological claim you are making about intentions that you haven’t substantiated.

How about examining some of the technical issues instead of ideological rhetoric?

Here’s one: If the security features can be disabled, how can I trust a Mac I haven’t maintained custody of the whole time?

Here’s another: If people don’t want their computer software to come from Apple, they can buy something else. What is wrong with that?

I have to assume you neither own nor lease any Apple devices. Why are you trying to control what other people do?

link
_qulr 2051 days ago
> How about examining some of the technical issues instead of ideological rhetoric?

Way ahead of you: https://news.ycombinator.com/item?id=25074959 https://news.ycombinator.com/item?id=25076588

> I have to assume you neither own nor lease any Apple devices.

This was a ludicrously bad assumption.

link
zepto 2051 days ago
It was also a tongue in cheek assumption.

However the question I have is given your views, why?

link
_qulr 2051 days ago
> However the question I have is given your views, why?

I came to the Mac almost 20 years ago. It was very different back then. The first decade of Mac OS X was brilliant. I felt it was the best consumer OS ever made. It was also a fairly "open" system: Mac UI on top, UNIX underneath.

The second decade of Mac OS X (now macOS), has been a disaster IMO. It just keeps getting worse and worse. All of the restrictions we see now were added in the past 8 years or so.

In short, I was already fully committed to the Mac before it started to get locked down, but I'm becoming increasingly uncomfortable with it as time goes on. There's not a great alternative, however.

link
tonyedgecombe 2051 days ago
It was only like that in the first ten years because it wasn't common enough to become a malware target.
link
zepto 2051 days ago
There's not a great alternative, however.

I don’t think waging ideological war on Apple is doing anything to help us get one, especially not if you dismiss the real security benefits of their approach as part of some conspiracy to undermine the concept of ownership.

What would help is some analysis of how technically to achieve both security and openness. Nobody has achieved this yet.

Apple’s security strategy does place them as a trusted party in the system. I don’t see them changing this any time soon, since it’s an unsolved research problem, and they need to keep shipping.

I am curious what a system with no centrally trusted authority would actually look like.

link