As always people see the happy path down the middle of the forest, not the creatures waiting to leap out and eat them two steps down the line.
"Is your stuff going to keep working? There's literally a website dedicated to the products Google has killed. What makes you think you're so special that they won't do that to something you use?"
Of course, you're probably sleeping on the couch that evening...
I would find quite a bit of value in getting that person locked out of their google accounts and forcing them to deal with the consequences; Especially if the lock-out was just me getting in and changing their password so that their access can still be recovered. A little controlled scare would be far better than getting locked out at some unknown/unprepared-for point in the future.
So perhaps in your case, the wise thing to do would be to ask your gf to try to pretend she was locked out of her google accounts for a week. Force her to see how much she relies on it, and how bad it is when that spf actually fails. You could probably accomplish it by allowing her to change the password to something she doesn't know for a week.
Once upon a time, I was a homeless teenager running from a cult. If not for software I wouldn't have gotten out of that.
WEI (and other such things) are mainly about regulating who is allowed to write software, and so the way I think about it is this: If WEI existed when I was a homeless teenager, I might be dead.
I do not think I would like your girlfriend very much if she said keeping "her" stuff working was more important than my life, although I could understand her not understanding how big of a deal it is when you talk abstractly about the "open nature of the web" without putting it into human terms;
The "open" part is really important to get across because it means anyone who has the ability to can contribute: Does such a high level academic with a strong mathematical and logical background understand what can be lost not just to industry, but to science itself when a church wants to name itself the arbiter of who can work?
"I can keep buying this stuff, and can't practically avoid it, therefore it doesn't affect me."
Most people don't want to dedicate hours a day to a "vote with your feet" attempt that will not even register on corporations' balance sheets.
No, it's about being able to prove that your device is secure. Attestation doesn't stop you from writing software for your device.
>if she said keeping "her" stuff working was more important than my life
Arguing that you would be dead if your viewpoint isn't correct is a bad argument.
>what can be lost not just to industry, but to science itself when a church wants to name itself the arbiter of who can work?
It would be a better analogy to say that "employers can run background checks on people who want to work for them." Because it is up to each website to choose which attestors they trust and the websites have the choice of doing whatever they want with information or not requiring attestation at all.
>Even if it's signed and approved, malware can still hijack it....
At which point the vulnerability in the software or hardware should be fixed and the old version should be blacklisted.
On personal level we have health - why can't I have fries and ice cream all day, everyday. That's what any sensible children would choose. Education - why can't I play video games and watch tik tok attention grabbing videos all day. In fact many do.
On country level, why would we want to help Ukraine or Taiwan. Why would we want to reduce carbon footprint. Stuff just keeps working.
Lead pipe worked just fine. Asbestos worked just fine. Smoking was just fine. Until they aren't.
Secondary effects require experience and education. We are not so good at grasping causal relationship when the results aren't immediate.
It takes many years of activism to build awareness for these sorts of issues. I worry that increasingly tight technological control over various aspects of our lives will create more of these situations and eventually overwhelm our capacity to build awareness. The result could be widespread cruelty.
The solution cannot be for each and everyone of us to be aware of and emotionally enganged with every possible predicament in which others could find themselves. It's just not possible psychologically.
We need to design our rules and systems to be resilient in the face of unexpected things going wrong and in the face of permanent partial brokenness of everything, including rule making itself. It's very difficult and I'm not optimistic.
Most people are not qualified to give a crap.
We don't adopt medicines on the basis of "most people's" opinion, we don't adopt anything technological with potentially harmful impact on the basis of the opinion of large uninformed masses.
Thats why we have regulators and other institutions that should be informed and give an informed crap. On a ongoing basis and not only a result of popular outrage.
Which brings us to regulatory capture and said institutions actually failing their mandate to serve the interests of the people that fund them.
But now we have something that most people should give a crap about. This is not technical, it goes to the foundation of democracy and governance. Otherwise we might as well stop voting and accept we live in a corporate oligarchy.
It’s about proving your device meets an unspecified standard. Today that standard would probably involve a signed browser binary and kernel verified by a hardware root of trust.
Tomorrow it could be “Please drink verification can.” or “Your social credit score is too low for you to use this feature.” or any other arbitrary criteria that gets cooked-up.
> Attestation doesn't stop you from writing software for your device.
Attestation means the metes and bounds of your computing experience are defined by a third party.
What you use your computer for today might not be permitted tomorrow. Look at the invasive software mechanisms that games use for “anti-cheat” if you want to see one possible eventuality.
This is “Right to Read” territory we’re walking into. We’re already there with phones because we ceded freedom for “security”. (“Phones aren’t computers.”, “I just want my phone to work.”, “I don’t want to remove malware from the phones of the oldsters in my life.” Blah. Blah. Blah.)
Now we’re going to do that with personal computers.
We’re getting what we deserve, so guess.
How do I prove my device is secure while also being able to run any software that I want?
I find the easiest way to make these people think, is to attack it from a money angle. Disregard all the ideological, practical, security, surveillance related issues. Ask them how would they feel if from tomorrow, they would need to shell out money, a $100 equivalent of their local currency when buying any kind of computer (ipads, mobile phones, pcs, macs) for a stamp of approval, and then having to fork over $10 every month for renewing an "attestation license".
You are not forced to get this stamp. There will be some websites restricted that you can't access, but your computer will keep working fine. First it will be your bank website, then streaming sites, then food ordering services, and so on, until eventually all the major services will be walled off until you pay.
Because that's what will happen (among other things). All this infrastructure will need setup, maintenance, and it will not be free, and you can bet your ass that FAANG (or whoever will be running the attestation services) will be charging whoever is using their services, and they will be forwarding the bill to you, the end user.
You can be against something and not have the resource to fight it. The person in question said they don't see the problem which is the former.
People should never be expected to make meaningful decisions in their life only because someone with degrees said it's best for them, or even worse make no decision because the leader already made it for them. People need to be able to think for themselves and make their own decisions, even if the few experts may disagree with the decisions made.
In my opinion, this should have been the most important lesson from three years of pandemic response. We had a small group of experts getting out over their skis and speaking with certainty about the virus and what everyone must do. In reality these experts had much less research-based data to support this level of confidence, and in some cases the data even contradicted them. In the meantime we were all forced or coerced into various decisions and protocols that didn't seem to pan out, for a virus that we once got kicked off social media platforms for comparing to the cold or flu while that's precisely how said experts discuss it today.
Experts should absolutely weigh in and attempt to educate people on what's at stake and why they should make one decision of another. But a system in which a few at the top decide for and control the rest of the population is extremely dangerous and should be reserved for only the absolutely most important situations.
Yes, but unlike say construction, the environment, or medicine, when it comes to IT, most of our gov representatives in charge of regulations are horribly out of touch with what's happening in tech world and how fast things are changing.
Just look st the senate hearings of Zuckerberg and the TikTok CEO, what questions they were getting: "can TikTok access my Wi-Fi?". I rest my case.
They have no clue how the whole "internet-thingamajigs" work, nor do they care to listen to people who actually do know, because they can also be easily lobbied by big-tech to look the other way, especially since for the US-government, having US companies dominate everything IT related on a global scale is a national-security asset rather than a curse, which could be say if Chinese companies were to take over instead.
I don't think there is or there will ever be perfect regulation. Pick any sector (banking is a prime example) and you can identify recurring failure, capture, complacency and other pathologies on top of the intrinsic difficulty of working out the unknown-unknowns.
Ultimately the only structural mitigation available is to have as many checks-and-balances as possible and transparency about motivations and incentives of all actors involved.
But that is not the immediate problem with "tech". I put the term in quotes because even that is a conceit. The accurate term is probably "random conglomerates that were first movers in adopting digital technologies, with user-data based advertising the overwhelming business model".
The shtick has been that "heavy handed" regulation of said "tech" will stifle innovation and other such drivel. Indeed, if by innovation we mean drifting ever deeper into the black hole. For more a decade now we are trapped in an egregiously suboptimal situation.
why should that be accepted though? There are plenty of experts to consult and (like the very salaries of politicians) none of that expense is out of their own pockets.
> a national-security asset rather than a curse
when every excuse fails national security is invoked. Somehow advertisers are now a critical element in keeping the free world free.
When discussing tradeoffs, it's not about correctness but value judgments. Is it preferable for people like geocar to die than to continue allowing people to access all websites with arbitrary devices and software?
Of course, there are services that could be exposed through a website where the consequences of improper use would be catastrophic, but I would argue the web is usually inappropriate for control of life-critical systems without other safeguards or redundancies.
GF: "If my stuff keeps working, why is it a problem?"
BF: "Is your stuff going to keep working? There's literally a website dedicated to the products Google has killed. What makes you think you're so special that they won't do that to something you use?"
GF: "If Google deploys this and then kills it, my stuff will keep working. So why is it a problem?"
...and she would be right. If it doesn't break her stuff when some websites start relying on it for user device attestation, then if Google kills it making it so sites can no longer use it for user device attestation those sites aren't going to just say "Oh no! User device attestation no longer works! Let's shut down the site!". They will go back to whatever they were doing before it became available.
How are you drawing this conclusion? What about paying Apple for verification would imply that any of that money would go to the websites you're visiting, or would make it any easier for those websites to collect payments from you?
The operating system should properly prevent software from violating the security of the system. If you mean that you want to be able to run an OS that does that provide a level of security that is expected then you shouldn't be able to prove that insecure OS is secure.
Neither of those require attestation.
>Look at the invasive software mechanisms that games use for “anti-cheat” if you want to see one possible eventuality.
A future where people can't cheat when playing with me is a positive direction to take computing.
>This is “Right to Read” territory we’re walking into.
I assume you are talking about "The Right to Read" by RMS. It is already illegal to redistribute ebooks if you don't have the rights to do so. We already live in that world. Unlike the essay as an industry we have chosen to focus on hardware based security instead of making debuggers illegal.
This presents enormous barriers of entry to both hardware and software entrants.
Any assumption the client is "trustworthy" requires attestation. I was certainly being hyperbolic with my examples. Using a more concrete example of, say, a device's camera and LIDAR claiming a living human is interacting w/ the device would require software and hardware attestation with a chain of trust extending to the camera and LIDAR hardware. Without that one could connect emulated inputs to those devices and game the system.
> A future where people can't cheat when playing with me is a positive direction to take computing.
I agree, provided that the architecture of the anti-cheat relies on that infrastructure happening server-side. Any architecture that requires the client to be "trustworthy" requires attestation and runs afoul of freedom.
I think having anti-cheat is a poor trade off for user freedom on personal computers.
> I assume you are talking about "The Right to Read" by RMS. ... we have chosen to focus on hardware based security instead of making debuggers illegal.
You can make a literal interpretation if you'd like. My takeaway from "The Right to Read" is a cautionary tale about architectures of control being used to remove user freedom. That rings true to me irrespective of the mechanism employed in the story, or even that it deals with ebooks specifically. That Stallman didn't think about tamper-resistant hardware, e-fuses, and key material locked up in embedded processors doesn't change the message of the story.
Might that apply to the software geocar credits with saving their life? Without knowing more, we can't say. There's a good chance it applies to things like running open source operating systems and browsers.
It also enables more software to be popular because it will be cheaper to run sites and sites can be more profitable that before.
Failing attestation does not mean you get blacklisted. It means that you are not as trustworthy. Not every CVE breaks an OS's security model.
Reach out to an attestor and discuss with them what the process is for them to trust you.
>How much will it cost?
It will likely be free. If not it will be significantly less than the cost of writing an OS.
>This presents enormous barriers of entry to both hardware and software entrants
Hopefully they are high enough that fly by night malicious actors do not bother with trying to get their insecure hardware and software to be trusted, but row low enough that good actors can prove that they can be trusted.
Sure, but that sounds useful.
>Any architecture that requires the client to be "trustworthy" requires attestation and runs afoul of freedom.
Okay, but I would give up freedom if it means there are no cheaters. Not all cheats can be detected server side. The cost of stopping name cheats server side is more expensive to do than stopping them client side. If the cost of anticheat is cheaper it means that games can be developed for cheaper incentivizing more and higher quality games to be made.
As an industry we are getting better at security and finding and patching vulnerabilities.
>Attestation does not prove that a device meets any security bar.
But it can prove that a device's software and hardware is running software and hardware that does pass your security bar.
>No, it doesn’t provide any guarantee other than the power that be are empowered to grant themselves and their friends privileged status while leaving everybody else without a device that can run the software they want.
Security doesn't have to be perfect in order to be beneficial.