Hacker News new | ask | show | jobs
by transpute 619 days ago
If a banking app or DRM-encumbered streaming app can run in the official attested VM, what would be the benefit of running such closed apps in unmodified Linux VMs?

If banks and streaming vendors don't trust unmodified VMs, why would open-source Linux VMs trust closed apps with binary blobs?

One benefit of running open-source Linux VMs is access to the vast corpus of mature open-source software applications packaged by Debian, Fedora, etc.
1 comments
josephcsible 619 days ago
> what would be the benefit of running such closed apps in unmodified Linux VMs?

That you wouldn't need the official attested VM anymore.

> why would open-source Linux VMs trust closed apps with binary blobs?

The point is that with an open-source Linux VM, the user could decide what to trust instead of some megacorp deciding for everyone.

> vast corpus of mature open-source software applications

The problem is that there's a lot of proprietary apps that are both (1) necessary for a lot of real-world things, e.g., the SeatGeek app for tickets to shows, and (2) not replaceable with FOSS because the company will ban you if you connect to their API with a third-party client.

link
transpute 619 days ago
> That you wouldn't need the official attested VM anymore.

As hardware, sensor and cellular radio standards continue to evolve, someone has to pay for timely development of bare-metal software to drive new hardware. Today, that is the vendor providing the "official attested VM" and drivers. If Arm can reach x86 levels of backward compatibility and stable interfaces, it may be possible to extend the lifetime of mobile devices with OSS bare-metal drivers. It has taken many years to achieve this on relatively open x86 PCs. Even Arm SBCs still struggle, see the efforts of Armbian. Mobile devices are less open and more complex.

> proprietary apps ... not replaceable with FOSS because the company will ban you if you connect to their API with a third-party client.

Regulations and technology are evolving in the direction of more control, not less. Customers will need to find forms of collective and competitive action to influence vendor policy in sensible directions, because it will be increasingly expensive to bypass. Try to support vendors who use technology responsibly in service of their customers. Encourage OSS competition where feasible.

link
rascul 619 days ago
Is SeatGeek a great example? The web site seems to work fine on my phone.
link
josephcsible 619 days ago
For one show I went to, I needed the app to be able to get in the door, because I had no option to print the tickets, have them mailed to me, or pick them up at will call, and the web site didn't let me see what they needed to scan.
link
floydnoel 619 days ago
my bank websites work fine on my phone, too. i don’t run anyone's apps any longer as corpos just take the chance to add invasive data harvesting, location tracking, etc.
link
josephcsible 619 days ago
> my bank websites work fine on my phone, too.

But don't they disable some features if you don't use the app, e.g., mobile check deposit?

link