| HN Mirror

Y	Hacker News new \| ask \| show \| jobs

by lrvick 1993 days ago

Kind of like all the work Sony did to allow Linux on the PS4 only to kill it later?

You don't own a mac. You can only do on it what it is profitable for Apple to let you do, today.

As much as I respect the incredible RE skills required for this task, I feel like this is shaky foundation unless an unpatchable bootrom exploit is discovered. Even then new models would be patched leaving existing users with an insecure platform that they can't replace when it breaks.

3 comments

oneplane 1993 days ago

You don't really own any high-tech stuff anyway (with that interpretation). You can't boot your Intel of AMD CPU without their signed and sometimes encrypted code. You can't even initialise a single core, let alone the DRAM controllers.

Everyone likes to point at Apple, because that's easy, but it's neither new nor big nor special. There are practically three things at play:

- root-of-trust, if you have a better solution than CA-based signing, by all means, let the world know

- NDA/IP/Lawyerisms

- Apple and many others aren't selling hardware, they are trying to sell experiences or ecosystems, and that is the only reason they exist at all and also the reason a lot of the beige box hardware companies are either less visible, less profitable or both

Is it fun? No. But it's not some sort of automatic malice or 'haha you don't own things but you thought you did' all the time either.

jmnicolas 1992 days ago

> You can't boot your Intel of AMD CPU without their signed and sometimes encrypted code.

Except that Intel and AMD don't care what you run on your machine, they don't lose money if you don't run their software.

When you run Linux on a MAC, Apple isn't getting money from their iCloud subscriptions and from the store so they have a motive to stop you from escaping the walled garden.

Grustaf 1992 days ago

You don't need iCloud to use macOS. And macOS itself is free, as is their awesome office apps, XCode and a lot of other useful apps and services.

jmnicolas 1992 days ago

Of course but if you run Linux they're sure you will never earn them any money from these services.

So at one point they could decide that they don't want people to use Linux on their Macs and there's nothing you could do.

Look at what happened to CentOS.

Grustaf 1992 days ago

If they can sell you a mac for $1500 I don't think they are very concerned that you're not spending 50 bucks a year on iCloud.

I mean, if they prevent Linux you probably won't buy a mac at all, you won't prioritise using an M1 macbook over using Linux if you're a hardcore Linux nerd.

Bottomline is that yes they are greedy, but they are not trying to stop people from installing Linux on macs just to perhaps earn some extra dollars.

lrvick 1991 days ago

Counter point: they have no problem charging $1000+ for iPhones and lock them down to only run the operating systems and apps they approve because consumers of them were largely not technical enough to understand they don't own their own devices.

Apple is motivated to do this as soon as they feel they can get away with it and keep profits as high or higher.

oneplane 1992 days ago

iCloud is free unless you pay for extra space or features, and most people I know of don't.

monocasa 1993 days ago

PS3, and supposedly that was because some jurisdictions treated game consoles and computers differently for import tariffs (computers being cheaper to import), but those jurisdictions changed to not having a distinction.

Agreed with the underlying point you're making though. They allow this because it aligns with their current strategic objectives, and changes to those objectives can be arbitrary and capricious, at least from the viewpoint of the consumer.

pricci 1993 days ago

I remember it was because geohot "jailbreaked" the PS3 using the Linux capabilities to some extent.

But I could be wrong.

svenpeter 1993 days ago

There were two versions of the PS3: The original model and a slimmed down version released after a few years.

the timeline was something like this:

- Sony released the original PS3 with Linux running under a hypervisor that locked certain things (e.g. 3D rendering and their DRM)

- Sony released the PS3 slim without Linux. They claimed they didn't have the resources to make Linux run on it. (We later figured out all that was required were a few incredibly simple kernel patches)

- geohot found a somewhat unstable hardware glitch that, with some luck and a few tries, could escalate to hypervisor mode and enable e.g. 3D rendering from Linux. Their DRM was still untouched at this point and no one really cared.

- Sony released an update for the old PS3 models to disable Linux as well citing "security concerns"

After that more people started looking into the PS3 and marcan, me and others at fail0verflow eventually figured out their security wasn't all that great. It was actually so bad that we could calculate their private keys. Then they sued us for that but that's another story.

paulryanrogers 1993 days ago

Got a link to that story?

svenpeter 1992 days ago

zarvox already linked to the talk we gave at https://media.ccc.de/v/27c3-4087-en-console_hacking_2010.

We talked about how you could compute private keys but didn't release any keys for obvious reasons.

Essentially Sony had N different sets of keys protecting different levels of their system (e.g. one keyset for the hypervisor and another one for the kernel). What we found allowed to compute the private signing key given two public signatures.

Due to some technicality this meant that you needed another bug which allowed to extract these plaintext signatures. (The best comparison today would be that we found a universal code execution bug but you still needed to find your own info leak to defeat ASLR which we either didn't share or didn't have for all keysets).

What happened then was that geohot used this flaw we found together with a simple bug that leaked two plaintext signatures to extract one of the most important keys and published that one on his website.

Sony responded by suing him and us as well - probably because they assumed that we worked together. After a few month they reached a settlement with geohot where he promised to never hack any Sony product ever again. At the same time they simply dropped the lawsuit against marcan, me and a few other friends from fail0verflow without having ever served us. Those months resulted in quite some stress for me and personal and legal issues for another friend.

zarvox 1993 days ago

https://media.ccc.de/v/27c3-4087-en-console_hacking_2010

michaelmrose 1993 days ago

I actually think other os got canned before the jailbreak. If I recall correctly it provided extra incentive.

They may have wanted to make it harder to jailbreak. Another argument is that they weren't profitable to sell as computers but largely become profitable via the money they made off games sold for the platform including money paid by game developers.

colonwqbang 1993 days ago

The same goes for any device you can buy today. We should demand more of manufacturers in general, I agree.

But you cannot expect that Apple should give you a legally enforceable contract (or whatever) pertaining to a product you haven't bought yet and they haven't even made yet.

The fact that the boot process on the M1 chip is explicitly not locked down on release is at least showing a modicum of goodwill.