Readit News logoReadit News
aesh2Xa1 commented on The Framework Desktop is a beast   world.hey.com/dhh/the-fra... · Posted by u/lemonberry
wtallis · 16 days ago
I think it's important to make a distinction between secure boot features that are local-only, and remote management features. The "Remote Device Management baked into firmware" claim above carries with it some pretty important implications that are, as far as I can tell, not actually true.

It's not too different from scaremongering about Intel ME/AMT which is often maligned even in the context of computers that don't have the necessary Intel NICs for the remote management features.

aesh2Xa1 · 16 days ago
I agree with your point about OP's statement regarding "where is not not needed Windows in any way, to the Remote Device Management baked into firmware as Apple does with its hardware" I also read that to mean that the firmware solution is self-contained and complete, even though that's pretty misaligned when you consider the meaning of a "remotely" managed device (remotely managed by what?).

But it's still entirely factual in my own description. When a device checks in during initial setup, the firmware-level boot process can receive policies that block alternative OS installation, and that absolutely is a feature of the firmware.

Anyway, I tried to interpret OP's meaning, and provided more detail on how Apple's firmware is special.

aesh2Xa1 commented on The Framework Desktop is a beast   world.hey.com/dhh/the-fra... · Posted by u/lemonberry
wtallis · 16 days ago
I don't think it's fair to describe MDM as a firmware-level feature. I think it's entirely implemented and enforced within the environment of a booted macOS; the firmware isn't going to be bringing up a whole network stack to phone home.

If you had Linux on a MDM-enrolled Mac there wouldn't be anything MDM-related running during or after the boot process. But presumably any sane MDM config would prevent the end user from accessing the settings necessary to relax boot security to get Linux installed in the first place.

aesh2Xa1 · 16 days ago
Yeah, your point about implementation is correct -- much of the MDM functionality runs within macOS.

But, eh, I still think it's fair to describe it as a feature of the firmware. The enrollment and prevention of removal have firmware-level components through Apple's Secure Boot and System Integrity Protection. A user can't simply disable MDM because these firmware-level protections prevent tampering with the enrollment.

Case in point, getting Linux installed in the first place would be blocked by firmware-level boot policies, right? I'm not too knowledge about this, and maybe you are more so.

aesh2Xa1 commented on Sandstorm- self-hostable web productivity suite   sandstorm.org/... · Posted by u/nalinidash
swah · 17 days ago
What could have been? I remember being so excited about this at that point, I was sure it was going to take a significant chunk of [famous web services still around]. They even send me stickers for Cap'n'proto..
aesh2Xa1 · 16 days ago
If I understood it well enough, the intention was to formalize/standardize self-hosting such that it became easier (and with an emphasis on security).

With that done well, perhaps the next step would have been ready-made images. I could see it reducing friction for people if they'd rent a VPS, upload an ISO/IMG, and the resulting system was reliably secure. Then they'd use the Sandstorm interface to install apps with a web GUI.

There is still a roadmap documented here:

https://github.com/sandstorm-io/sandstorm/tree/master/roadma...

aesh2Xa1 commented on The Framework Desktop is a beast   world.hey.com/dhh/the-fra... · Posted by u/lemonberry
vaylian · 16 days ago
> the Remote Device Management baked into firmware as Apple does with its hardware?

What do you mean? Linux had SSH (and before that rlogin) for a very long time already.

aesh2Xa1 · 16 days ago
Apple devices support MDM. When you purchase the device, the device's firmware is configured to check in with an account owner. The firmware has an integrity feature such that this configuration cannot be removed by a user: https://it-training.apple.com/tutorials/deployment/dm005/

If OP just meant remote management through a BMC then that's not common except for server hardware, and it would have features like Redfish to configure the hardware itself. Apple devices don't have this.

You can also buy hardware to act as a remote keyboard/mouse/monitor and power button, and it supports systems whose motherboards have the right headers: https://pikvm.org/

aesh2Xa1 commented on Mastercard deflects blame for NSFW games being taken down   pcgamer.com/games/masterc... · Posted by u/croes
makeitdouble · 22 days ago
You should bark at Steam if you want more curation.

What people are pissed at is a card payment network abused for moral regulation.

aesh2Xa1 · 22 days ago
Furthermore, there's no public list of exactly which games were removed.

Deleted Comment

aesh2Xa1 commented on Many countries that said no to ChatControl in 2024 are now undecided   digitalcourage.social/@ec... · Posted by u/nickslaughter02
terminalshort · 25 days ago
How does direct democracy mitigate the issue that the representative is uninformed and not even reading what they voted for?
aesh2Xa1 · 25 days ago
I think my argument was written in a way that could allow this misinterpretation, sorry. I wasn't claiming direct democracy makes people more informed, but I was saying it removes the additional corruption layer.

Direct democracy doesn't cure ignorance, but it eliminates the corrupted/coerced middleman. An uninformed public voting directly is still more aligned with public interest than uninformed representatives voting for whoever influenced them most.

aesh2Xa1 commented on Many countries that said no to ChatControl in 2024 are now undecided   digitalcourage.social/@ec... · Posted by u/nickslaughter02
Arainach · a month ago
>Direct democracy mitigates these issues. Influence must be exerted through broad, public persuasion. This forces special interests to operate in the open, creating a higher and more transparent barrier to subverting the public will.

Have you paid attention to any US or global election since 2016? The special interests stay hidden and their influence works wonders.

If direct democracy could have ever worked, that opportunity died the moment social media became popular.

aesh2Xa1 · 25 days ago
You are correct that mass manipulation is a critical issue. However, this vulnerability is shared by any system reliant on voters, including the representative one. It is not a unique flaw of direct democracy.

So there are three issues we're talking about in this context:

1. Reps are also uninformed.

2. Social media manipulation of the populace (or, generally, propaganda).

3. Concentrated influence on a handful of legislators.

Direct democracy eliminates the third vector.

Furthermore, the stakes and incentives for corruption are vastly different. A lobbyist gains far more from corrupting one senator who decides for millions than from swaying individual voters. The return on investment for corrupting concentrated power is orders of magnitude higher.

Even if propaganda shapes opinion, the resulting decisions still represent the people's will at that moment. Representatives can betray even that will for personal gain, adding another layer of distortion between what people want and what they get.

aesh2Xa1 commented on Many countries that said no to ChatControl in 2024 are now undecided   digitalcourage.social/@ec... · Posted by u/nickslaughter02
Arainach · a month ago
It's impossible for people to know about every topic. That was true in Plato's day and is dramatically more true now. People defer to what someone on TV or Tiktok told them and have no time to look into facts or primary sources.

Direct democracy would get you solutions that sound emotionally appealing but do not work. That or gridlock where you can't get 50% to agree on anything.

If you ask people "do you want A, B, C, or D" a majority may well say to do each. If you only have budget for one, getting them to come to consensus is impossible at the scale of direct democracy.

aesh2Xa1 · a month ago
Representative systems vest political power into concentrated points of influence. The reps are often as uninformed as the citizens. The US just had some infamous legislation pass that representatives didn't even read, and publicly stated so.

The system also makes reps uniquely vulnerable to targeted lobbying, corruption, regulatory capture, and threats. I find much to be faulty with opaque dealings with a few key individuals.

Direct democracy mitigates these issues. Influence must be exerted through broad, public persuasion. This forces special interests to operate in the open, creating a higher and more transparent barrier to subverting the public will.

aesh2Xa1 commented on Graphene OS: a security-enhanced Android build   lwn.net/SubscriberLink/10... · Posted by u/madars
b8 · a month ago
I'd install Graphene OS in a heartbeat on my Pixel if they'd add support for Google call screening and feature like Hold for me. Thise features are why I bought my pixel and it's too much of an inconvenience to go without them now. Spam calls have went down significantly and has saved me a lot of time.
aesh2Xa1 · a month ago
I believe spam detection in the Google Phone app does work on GrapheneOS.

For spam, install their sandboxed Google Play, and then install Google's Phone and Speech Recognition & Synthesis apps. For SMS/MMS/RCS spam, you'd use an app supporting blocking (e.g., Google Messages).

I imagine that Hold For Me works if you also install the Google app and whatever other dependencies.

a

u/aesh2Xa1

KarmaCake day597April 20, 2017View Original