| HN Mirror

Y	Hacker News new \| ask \| show \| jobs


	by moduspol 9 days ago
	The threat is that users who are not sufficiently tech savvy will shoot themselves in the foot, including using methods they don't understand. This is a pattern we've seen play out numerous times. The more secure platforms are overwhelmingly the ones that protect the users from themselves, and (most) users value security over absolute computing freedom.

3 comments

Wowfunhappy 9 days ago

> The more secure platforms are overwhelmingly the ones that protect the users from themselves

More secure by what metric? I would expect that by definition, they are equally secure until the security settings are disabled. If the user disabled a security setting, of course that system is less secure, that's a choice the user made in exchange for some other benefit.

> (most) users value security over absolute computing freedom.

How do you know this? I think that if they're disabling security settings, it's probably because they value freedom/capabilities over security. And you may think this is the wrong choice, but it's theirs to make.

link

xp84 8 days ago

Accurate enough. Those platforms are more secure. But given that many players have a liability-related interest in making sure everyone uses Secure Platforms:

- Many important things that are needed or at least highly useful for daily life will only support "Secure Platforms"

- Everyone will have to use "Secure Platforms" whether they would value computing freedom or not

- "Not As Secure Platforms" will be unsupported and treated as roughly equivalent to malware.

We can see this already literally playing out - it's the whole point of the browser attestation idea.

So thanks to this thinking, we'll get one secure package - Firmware, OS, Browser, all cryptographically sealed. None of them changeable, no "tampering," like adblockers, tracking blockers. No programs that could, say, show you what other programs are phoning home. No third-party programs at all, unless they've paid the platform fee and agreed to Platform Vendor's terms.

You can always use Linux, if you can figure out the drivers, and if you're ok just browsing GNU websites and the Indie Web. Everyone else will block that dirty, non-attested traffic. "It's probably bots," they'll say.

link

BobaFloutist 9 days ago

The most secure platform is one that protects the user from themselves by never letting them log in, or even turn it on.

link