The purpose of a locked boot system is privacy. A MacBook is a less secure device, and one that’s been rooted and had linux installed is basically open season for any attacker. An iPad trades off the ability to put some other OS, for fairly close to total security. State-level enemies can torture you or run expensive intrusion software… and Apple improves the defenses against the latter every time. Now it reboots if it hasn’t been used in a while, say sitting in an evidence locker.
Boot loader aside, you can write code on an iPad.
There are plenty of code editors, interpreters, and several of them have compilers. The premiere one is Pythonista, but I’m also fond of LispPad (R7RS Scheme). There are a few “linux in a box” things like ish, which give a full shell in a sandbox where it’s safe.
I wasn’t able to find any pico or nano apps, but there are several Vims and emacsen.
This is simply incorrect. Implementing a lock on a bootloader is not dissimilar to a lock on your house. A person breaking in doesn’t care that they are breaking the law, they just need to find the how of breaking in. If I as a consumer want to enter my house or give a copy of my key to someone else as a backup I should be able to do so. If I want to leave my door unlocked I should have that right however foolhardy it is. And when it comes to locking the bootloader of a computer most people won’t notice it in general use but that isn’t the point. It is about the edge cases, the end of life for the device, the lack of security updates.
The locked bootloader is having a lock at all. Without that, anyone can enter at any time.
In reality, home door locks are merely suggestions, they’re trivially picked or broken open, windows can be entered through. But if you DID have a secure building, you wouldn’t want any of the security systems to be replaced.
You get full access to operate in a secure building once you’ve used the key/biometrics/passwords/interrogation. You don’t have access to replace the locks with tinkertoy homebrew shit, because we know that’s not as competent.
I disagree. The current setup is like having the real estate have a key and you have a swipe card. The swipe card let’s you into parts of the house but you don’t have access to the basement or electrical box. If you wanted access to those you could ask but the real estate basically says no unless they really messed up, and even then they send a tradesperson to do the work and give them the key. If that tradespersons loses the key or gives it to someone else the real estate shrugs and says “What do you want us to do about it? Security is hard.”
They also have a contract for all the furniture, most of which is bolted down, so you can’t even rearrange your house, let alone install a hand rail in the bathroom for your disabled brother who needs support getting in and out. You also can’t install anything on the walls like a TV or a picture frame, and attempting to do so would lead to the possibility of piercing a pipe or cutting a wire in the wall because you don’t have schematics.
You can’t put a different OS on, you can’t modify the one you have, and breaking any of the protections on software is a violation of the DMCA, so you are a renter. You rent the device, they control the features, they decide what parts are available to the public (usually none), they decide when it will be end of life, and they make it very technically difficult to repair anything by using parts pairing. If they sold the device as a subscription with hardware upgrades included, repairs included, ongoing support included, then maybe locking it down would be OK, but otherwise no, it is unreasonable and I don’t think we really own our devices in a meaningful sense.
This opinion is so backwards, it’s actually impressive.
The purpose of a locked boot system is to control what the device does as much as possible, which intentionally, or incidentally (it makes no difference) means the manufacturer and only the manufacturer gets to decide how much privacy they get to invade.
A MacBook is a less secure device, and one that’s been rooted and had linux installed is basically open season for any attacker.
Its less secure cos u have the freedom to run the software u want. Trading liberty for security is tyranny.
An iPad trades off the ability to put some other OS, for fairly close to total security. State-level enemies can torture you or run expensive intrusion software… and Apple improves the defenses against the latter every time.
They can torture ur password out of u regardless of what software ur running. Almost all apple devices are vulnerable to state actor hacks. The only operating system that has security that is outpacing the general police level device access tools in grapheneos.
Now it reboots if it hasn’t been used in a while, say sitting in an evidence locker.
Grapheme os implemented that 2 years ago. Apple is 2 years behind the known security issues. Grapheme is a custom operating system.
Boot loader aside, you can write code on an iPad.
If u ignore all the killing torture and general awful behaviour of the Nazis they where very industriouse. If u ignore the bad parts u can make anything a positive.
There are plenty of code editors, interpreters, and several of them have compilers. The premiere one is Pythonista, but I’m also fond of LispPad (R7RS Scheme). There are a few “linux in a box” things like ish, which give a full shell in a sandbox where it’s safe.
I want to do X.
Sorry u can’t do X but u can do Y
I want to do X not Y.
Also I get that ur part of the apple cult but if u never try something else you will forever be living trapped inside a metaphorical box unaware of what ur missing. Plato’s cave etc etc.
No. Once you strip away all the rhetoric, the purpose of a locked boot system is control (over who or what can boot the system).
Current secure boot implementations are like a door lock installed by someone else, which you are not allowed to replace and that may or may not allow you to cut your own duplicate keys for it. You have no control whatsoever over who the people who installed the lock may have given keys to, and if it turns out that the lock has a fundamental design flaw that means it can’t do its job properly, well, sucks to be you. You can’t even guarantee that the lock won’t morph into a new shape randomly or under the control of the installer, invalidating your existing keys in the process.
Rooting a device is a tradeoff. An unreliable door lock that you don’t entirely control may be better than none, but if you know you’re leaving the door unlocked, you also know you need to take other precautions to safeguard what’s inside (or simply not leave anything of value there in the first place).
The ideal would be a locked boot system that is installed by the user and is fully under their control, but I have yet to encounter one.
The purpose of a locked boot system is privacy. A MacBook is a less secure device, and one that’s been rooted and had linux installed is basically open season for any attacker. An iPad trades off the ability to put some other OS, for fairly close to total security. State-level enemies can torture you or run expensive intrusion software… and Apple improves the defenses against the latter every time. Now it reboots if it hasn’t been used in a while, say sitting in an evidence locker.
Boot loader aside, you can write code on an iPad.
There are plenty of code editors, interpreters, and several of them have compilers. The premiere one is Pythonista, but I’m also fond of LispPad (R7RS Scheme). There are a few “linux in a box” things like ish, which give a full shell in a sandbox where it’s safe.
I wasn’t able to find any pico or nano apps, but there are several Vims and emacsen.
This is simply incorrect. Implementing a lock on a bootloader is not dissimilar to a lock on your house. A person breaking in doesn’t care that they are breaking the law, they just need to find the how of breaking in. If I as a consumer want to enter my house or give a copy of my key to someone else as a backup I should be able to do so. If I want to leave my door unlocked I should have that right however foolhardy it is. And when it comes to locking the bootloader of a computer most people won’t notice it in general use but that isn’t the point. It is about the edge cases, the end of life for the device, the lack of security updates.
To expand on this analogy: Your (mobile) computer is your property, you shouldn’t be treated as if it was only a flat for rent.
The locked bootloader is having a lock at all. Without that, anyone can enter at any time.
In reality, home door locks are merely suggestions, they’re trivially picked or broken open, windows can be entered through. But if you DID have a secure building, you wouldn’t want any of the security systems to be replaced.
You get full access to operate in a secure building once you’ve used the key/biometrics/passwords/interrogation. You don’t have access to replace the locks with tinkertoy homebrew shit, because we know that’s not as competent.
I disagree. The current setup is like having the real estate have a key and you have a swipe card. The swipe card let’s you into parts of the house but you don’t have access to the basement or electrical box. If you wanted access to those you could ask but the real estate basically says no unless they really messed up, and even then they send a tradesperson to do the work and give them the key. If that tradespersons loses the key or gives it to someone else the real estate shrugs and says “What do you want us to do about it? Security is hard.”
They also have a contract for all the furniture, most of which is bolted down, so you can’t even rearrange your house, let alone install a hand rail in the bathroom for your disabled brother who needs support getting in and out. You also can’t install anything on the walls like a TV or a picture frame, and attempting to do so would lead to the possibility of piercing a pipe or cutting a wire in the wall because you don’t have schematics.
You can’t put a different OS on, you can’t modify the one you have, and breaking any of the protections on software is a violation of the DMCA, so you are a renter. You rent the device, they control the features, they decide what parts are available to the public (usually none), they decide when it will be end of life, and they make it very technically difficult to repair anything by using parts pairing. If they sold the device as a subscription with hardware upgrades included, repairs included, ongoing support included, then maybe locking it down would be OK, but otherwise no, it is unreasonable and I don’t think we really own our devices in a meaningful sense.
This opinion is so backwards, it’s actually impressive.
The purpose of a locked boot system is to control what the device does as much as possible, which intentionally, or incidentally (it makes no difference) means the manufacturer and only the manufacturer gets to decide how much privacy they get to invade.
Get real.
No its not
Its less secure cos u have the freedom to run the software u want. Trading liberty for security is tyranny.
They can torture ur password out of u regardless of what software ur running. Almost all apple devices are vulnerable to state actor hacks. The only operating system that has security that is outpacing the general police level device access tools in grapheneos.
Grapheme os implemented that 2 years ago. Apple is 2 years behind the known security issues. Grapheme is a custom operating system.
If u ignore all the killing torture and general awful behaviour of the Nazis they where very industriouse. If u ignore the bad parts u can make anything a positive.
I want to do X. Sorry u can’t do X but u can do Y
I want to do X not Y.
Also I get that ur part of the apple cult but if u never try something else you will forever be living trapped inside a metaphorical box unaware of what ur missing. Plato’s cave etc etc.
No. Once you strip away all the rhetoric, the purpose of a locked boot system is control (over who or what can boot the system).
Current secure boot implementations are like a door lock installed by someone else, which you are not allowed to replace and that may or may not allow you to cut your own duplicate keys for it. You have no control whatsoever over who the people who installed the lock may have given keys to, and if it turns out that the lock has a fundamental design flaw that means it can’t do its job properly, well, sucks to be you. You can’t even guarantee that the lock won’t morph into a new shape randomly or under the control of the installer, invalidating your existing keys in the process.
Rooting a device is a tradeoff. An unreliable door lock that you don’t entirely control may be better than none, but if you know you’re leaving the door unlocked, you also know you need to take other precautions to safeguard what’s inside (or simply not leave anything of value there in the first place).
The ideal would be a locked boot system that is installed by the user and is fully under their control, but I have yet to encounter one.
How is it privacy if it locks you into using an OS that reports on you?