[jeff_vader]

It really depends on the threat you are planing against. If for some reason I'm target of US government - I'm screwed anyway. If my concern is trusting the laptop after I left it in train station and got it back from some random dude - it's good enough.

[lovelyviking]

>It really depends on the threat you are planing against. What about oppressive let's say Russian government while you travel let's say in Ukraine and then occupation occurs. Not a fantastic scenario by the way ...

It really doesn't depend on the threat at all. It's about the model of the society you wish to have and what values you promote.

It's about who you wish to be responsible : the 'big company' caring about your safety and taking your freedom on the way or you caring yourself about own safety and preserving freedom on the way. I do not really think there is a choice here because the first option will always be abused at some point.

Freedom does matter and it comes with responsibility. THIS is the main issue here. THIS is what separates society with responsible citizens from the society with 'irresponsible people' who wish to trade their freedom for 'safety' resulting in loosing both (and democracy itself after some time).

[hraedon]

All sentiments like this one and those similar to it elide the facts that 1) we’ve tried relying on “user responsibility” before, and excusing the comically bad outcomes through victim blaming doesn’t change them; and 2) we didn’t get together and vote Apple the only manufacturer of computers.

If you don’t like their model, choose someone else. Why should average users who would otherwise be served perfectly well by Apple’s solution be required to be “responsible” for some subset of personal security you think denotes a “responsible” citizen from an “irresponsible” one?

[lovelyviking]

>If you don’t like their model, choose someone else.

Many follow their example and without push back there will be no someone else because average users my not understand consequences unless they are educated by people who do understand them. Like with many other areas requiring certain level of expertise to understand consequences of certain desicions.

> we’ve tried relying on “user responsibility” before, >Why should average users who would otherwise be served perfectly well by Apple’s solution be required to be “responsible”

Do you believe in choice? If you do then average users should have a choice whether to rely on Apple or switch such functionality off. Without having such choice people become less and less responsible. You can say they choose by buying such machines but I do not think this could be qualified as a choice just like accepting EULA. It's not really a choice.

[smoldesu]

User responsibility and device safety are not mutually exclusive. You can keep the iPhone exactly as-is and add a developer mode that would pretty much shut up every nerd this side of the Mississippi.

[marcan_42]

Which is exactly what they did with M1 (add a developer mode that doesn't put their normal users at risk by allowing for persistent supply chain compromise attacks), but it doesn't seem to be enough to make some people happy...

[Wowfunhappy]

To be fair to the other side of the argument, I think people are mostly upset about the iPhone. There's an implicit fear (which I don't agree with!) that if Apple is so insistent on keeping the iPhone locked down, that must be their ultimate goal for their other platforms as well.

I think if Apple was to add a developer mode to the iPhone, 99% of people would actually shut up.

[marcan_42]

People seem to forget that the iPhone is 15 years old, and Macs are still an open platform. It hasn't happened yet, but somehow it's always "going to happen"...

[lovelyviking]

How about much simpler scenario, no threat at all. Just dumb bug in software that puts your computer in DFU mode that says, please connect it to another Mac. Nice isn't it? And then you should run and find 'another mac'. What if there are no other macs around? What if you travel and have no connection to the internet or it's limited ? This is not a hypothetical situation, this is exactly what have happened in my case. And then you are stuck in the field without any way to recover your machine. Nice isn't it?

"When Apple's servers go down you lose the ability to do low-level recovery on these machines anyway, since DFU flashing requires phoning home to get a ticket for your machine as well as low-level configuration data"

https://news.ycombinator.com/item?id=29704923

[mlyle]

> Just dumb bug in software that puts your computer in DFU mode that says, please connect it to another Mac. Nice isn't it? And then you should run and find 'another mac'.

If your fundamental firmware-stuff is screwed up on any platform, you are going to have a bad time. Being able to plug into an off-the-shelf machine and fix it, or to plug into another PC running special software, is much better than I'm accustomed to.

[lovelyviking]

>If your fundamental firmware-stuff is screwed up on any platform

Sure I just have an impression after some googling that this DFU happens much more frequently then one would expect. Certainly I didn't expect it to happen in the first day after purchase but it did. So perhaps this pleasing 'much better' ability to fix it by just connecting it with another device that you probably do not possess(in my case) comes with another pleasure of having to do it more frequently. If that is the case then I really prefer the state to which you are accustomed to.

[mlyle]

I have never had to deal with firmware on Apple hardware (excepting "zapping the PRAM" on classic Macs). I've had to deal with it dozens of times on other platforms.

We have 3 Apple Silicon based Macs in the house, and there's 4-5 others that I support. So far 0 incidents in about 3 device years. I don't think it's tremendously common like you imply.

In the same time period, I built two Ryzen machines, and had to swap in older processors to run BIOS updates on each, and the laptops in my wife's classroom all decided to take themselves out of service for an hour one day to do BIOS updates that were delivered by Windows update and then only triggered on the second reboot after update when we all thought we were safe.

[marcan_42]

I've bought one of every major M1 model for testing purposes and have done all kinds of crazy things to them, and the only time something weird happened was with the original firmware version where I managed to break recovery mode by messing with diskutil, but I was able to fix it from macOS without requiring a DFU flash. It's never happened again and I've done the same thing dozens of times, so I think that was some silly bug in the shipping firmware version that has long since been fixed. I never actually had to resort to DFU recovery (though I still tested it a bunch as part of improving support for it in idevicerestore).

[argsnd]

Just use https://github.com/libimobiledevice/idevicerestore on a Linux or Windows machine.

Yes, if you don't have internet access you have a problem, but I'm personally happy enough with the benefits of this security model that I'm willing to accept the tradeoff.

[lovelyviking]

>I'm happy willing to accept the tradeoff.

For now ... Thank you for the link but may I suggest you to think about the future and where it leads.

[marcan_42]

The Mac has existed for 37 years and the iPhone for 15 of those and the Mac is still open to running whatever OS users choose. You really need to find an argument other than an unqualified "the future is doom and gloom" when after all this time that future hasn't come and the platform remains open.

[lovelyviking]

>The Mac has existed for 37 years and the iPhone for 15 of those

So iPhone is closed for 15 years already and thus "the future is doom and gloom" is happening for 15 years already. The more important question is what will be next.

>You really need to find an argument other than an unqualified "the future is doom and gloom" when after all this time that future hasn't come and the platform remains open.

Argument can be qualified or unqualified depending on the topic. It is unclear which topic assumed here.

[marcan_42]

> So iPhone is closed for 15 years already and thus "the future is doom and gloom" is happening for 15 years already. The more important question is what will be next.

"I disagree with one product's direction, therefore all other products from the same company are doomed to that direction" is not a valid argument, especially not after 15 years of it not happening. Companies are capable of producing products targeting different markets and use cases.

"Domino's added a pizza I don't like to their menu, what will be next? Their entire line up will be a horrible inedible mess in a few years!"

See how stupid that sounds?

All you have to do is not buy an iPhone (like I didn't either) and stop spreading FUD about Macs.

[marcan_42]

> What if there are no other macs around?

https://github.com/libimobiledevice/idevicerestore

[microtonal]

Additionally, many of these security measures are put in place to prevent that rootkits/malware can compromise the firmware, boot loader, or operating system.