Shared publicly  - 
 
"I want the ability to buy a device that can’t be easily hacked, even by me."

I think we’ll see many more specialized devices that are engineered as part of end-to-end experiences, not easily hackable, with limitations imposed by app stores and digital signatures.

The reason that the full system is “locked down” and the app store is curated is to keep out malware. And I would bet the number of people who are affected every year by malware is an order of magnitude larger than the people who want to buy a PC with one OS installed and hack it so they can install something else.


For many people, especially nontechnical users, the availability of that type of device is a good thing.

Ironically, the “open hardware” movement wants to restrict my choice. I want the ability to buy a device that can’t be easily hacked, even by me.
Let's talk about Windows 8 PCs. The new specifications make it very clear: All versions of Windows 8 shall be UEFI-compatible … All client systems must support UEFI Secure boot … MANDATORY: Enable...
4
ed callway's profile photomike smith's profile photoIan Betteridge's profile photoDonovan Colbert's profile photo
28 comments
 
Lousy policy, Having a simple hardware switch (al la Chromebooks and many Android phone) give the right balance. MS is hoping to lock the hardware as a last gasp to gain and retain control.
 
it is possible to create an unhackable device for instance by storing incremental changes to cloud which are checked for malicious activity and reversed in case such activity is detected

but our world is socially engineered in such a way that there is a wide spectrum in deployment states
Ed Bott
+
1
2
1
 
Well, +Tom Brander, for security reasons I DO NOT want a device with that switch on it for me or my family or employees. As long as there's plenty of competition, why should YOU dictate what hardware makers are required to build?

If it's such a lousy policy, won't the market reject the crummy one and reward the one that meets your needs?
 
Ed's right: The "Everything must be open!" approach is pandering to the techies at the expense of everyone else. If there's demand for open devices (and there is) then people will make them. But that doesn't mean that every device has to be open, if it means a worse experience for non-techies.
 
I think there can be a balance. The problem with locked down ecosystems is that they give too much control to the corporations behind the platforms. They're not transparent enough - and it is clear that disclosure is not a top priority for the organizations behind these kind of devices. You can lock down a system for consumer end use, but still make it easily hacked and opened by more technical consumers.

Android has everything in place to make the default end-user experience more curated - all they would have to do is start policing their market better. At the same time, it is an easy thing to enable side-loading and to allow "development" apps to run. The TF201 by ASUS is a great example of a product where the device sells with a locked down boot-loader, but they've made the utility available so that you can disable the locks if you're inclined - at your own risk.

Settling for mandatory walled gardens is giving away the liberty to use your hardware as you see fit. I don't think we should let the convenience and safety of the lowest rung of technology users set the defaults for user access to hardware and platforms. This is kind of a variation on the classical theme of giving up liberty for security. I don't want the lowest common denominator setting the bar for the accessibility of my devices.

Someone said if there is a demand for open platforms, it will be met. But if it is a niche of technology users, the price for those platforms will be outrageously inflated. It goes without saying that open systems allow the technically adept to investigate and protect everyone else, as was the case with CarrierID. On a system that is locked down to the point where it is difficult for anyone to hack, those kind of secrets are less likely to see the light of day. I sound like Chad Perrin defending the Many Eyes/FOSS model - and I guess that is exactly what I'm doing here.

There is no reason why mainstream devices can't provide a carefully monitored and curated experience while also maintaining accessibility and openness for those who are skilled and willing to take the risk. This emerging philosophy from Microsoft is one of the major deal-breakers for me with WP7. I don't want to be restricted by Apple's walled garden - why would I settle for Microsoft's?
 
+Ed Bott Regarding how the market responds to this - well, that remains to be seen. Microsoft reps tried to spin the lack of SD and the lack of tethering in WP7 as security enhancing features by design when I reviewed the Trophy. Organizationally, Microsoft has adopted some wrong-headed approaches and philosophies to this in the past several years. In my opinion, this is really about extending Windows Genuine Assurance - not about providing a more secure and reliable Windows end-user experience. I don't think it is the solution to the troubles Microsoft faces currently.
 
NONONONO!
If you can't open it, you don't own it!
If you want only dumb consumers, you will get a second rate country.
Innovation is all about DOING stuff, and every good engineer I've ever met started out as a kid hacking and modifying - cars, alarm clocks, everything.
Locked down means more stoopid. And there's enough of that on FOX now.
 
+ed callway Ed, the assumption you're making is that being able to open something is empowering. For most people, it's not: the point at which you open something is the point at which it's broken, and you have no idea how to fix it.

Having to do to a geek and say "can you fix this for me?" doesn't make me own an object more.
 
If the Nook Color hadn't been rootable, it wouldn't have been the sales hit it is. Of course a product must work as expected without hacking, but to prevent hacking to make it better "to make it better" is just wrong. Having a great product - and knowing you can go to a geek and say "can you make this better for me?" makes me want that thing way more.
Ed Bott
 
I want to repeat what +Ian Betteridge said, because, well, it bears repeating:

"If there's demand for open devices (and there is) then people will make them. But that doesn't mean that every device has to be open."

Yes yes yes yes yes.
 
No no no no no... See my counter-point. If Open devices are limited to a niche of technically oriented users, two things happen. You lose economies of scale and volume, and those open systems become outrageously priced niche devices. You also lose the accountability of having platforms open to technically adept end-users who are not internal to the organizations that own and control the platforms - re: The CarrierID debacle. Finally, if mainstream consumer platforms are locked, then by weight of market momentum, other users, technical or not, will have to fall in line to be on the dominant, supported platforms. This is the, "Everyone uses Windows because everyone creates Office documents" principle that had an arguable stranglehold on the PC market for at least a decade.

It reminds me of nothing so much as the scenario where Detroit was putting out death-traps and lots of people knew it, but there was no impetus to change things until Ralph Nadar wrote a book about it. You had to have a car, and if all of the big 3 were putting out driving petrol-bombs, your choice was to walk, take the bus, or drive a rolling firebomb with a horrible suspension. Again - I don't want my choices to be limited because we're catering to the dullest device end-users out there - but that is the potential market reality that arises from this.

I generally agree with everything you write, Ed - but on this one, I think it is short sighted and dangerous of Microsoft to pursue this path. There isn't any REAL value add that can't be realized through more open avenues - and there are all kinds of negatives.
 
+ed callway "If the Nook Color hadn't been rootable, it wouldn't have been the sales hit it is."

Evidence?

"Of course a product must work as expected without hacking, but to prevent hacking to make it better "to make it better" is just wrong."

Why? Saying something repeatedly doesn't make it correct.

"Having a great product - and knowing you can go to a geek and say "can you make this better for me?" makes me want that thing way more."

Makes you want it more. You are not everyone, and your expectations of how something should work should not be imposed on everyone.
 
+Ian Betteridge What is LOST if they don't lock the boot-loader and they allow savvy end users access to the device at the hardware level, with the understanding that doing so voids warranty and increases your odds of encountering malware, exploits, or other unwanted behavior? You claim, "Saying something repeatedly doesn't make it correct". Adding something that doesn't have any actual benefit that introduces demonstrable liabilities isn't any better.
Ed Bott
 
+Donovan Colbert I notice in your response you didn't mention malware at all. That is the point that trumps everything for me. Open to hacking equals open to social engineering, only on a 10x or 100x scale. We've already seen that.

I don't believe open devices will go away. I don't believe they will be limited to only a tiny slice of techies. But I see these ARM-based devices as closed ecosystems where the platform owner can finally take a stand, security-wise.
 
+Donovan Colbert Except that history shows more closed systems are less open to malware and tend to be more reliable. I'm not just talking computer history, here. Pick any product category, and the trend always moves from open/tinkerable/less reliable to closed/less tinkerable/more reliable.Cars, radios, even spinning wheels - all technology moves in that direction.

This trend isn't accidental. And in all product categories, there are always products made for the kind of people who want to tinker. But they're never the ones bought by people who just want something to work reliably, which is always the majority of customers.
 
+Ed Bott "...with the understanding that doing so voids warranty and increases your odds of encountering malware, exploits, or other unwanted behavior?" (emphasis mine). Like I said above - if Android only vetted apps like Apple, that would reduce the majority of malware on that platform. Side-loading and non-market sources aren't the major vector for Malware on Android, the Android Market is. And I think most FOSS/Linux advocates would disagree with you that open to "hacking" means open to social engineering. The evidence bears out that closed systems have been victims of socially engineered malware attacks far more frequently than open platforms. I'm not doubting that allowing side-loading and open boot-loaders increases the opportunity for these kind of exploits - it would be silly to suggest otherwise. But the people who are doing those kind of things should generally be well aware of the risks, anyhow.

I'd like you read a little rant I blogged here:

http://donovancolbert.blogspot.com/2011/12/jail-breaking-and-unlocking-are.html

It touches on many of the subjects we're discussing here, from a first person, real life perspective. This is what closed platforms that are locked down like this mean to me. It creates as many problems as it solves. I'd argue that the ARM-based devices or their platforms are not any inherently stronger or weaker on security than any other paradigm (and that this applies to FOSS concepts of security, too). It all comes down to end user accountability. On Windows, on Linux, on OS X, on Android, iOS or any other platform.
 
+Ian Betteridge Where were you on my posts on Tech Republic where Chad Perrin was tearing into me about closed versus open philosophies of OS platforms? I could have used the assist. Your points are well made. You may be right - and mass consumer penetration of computing technology may mean the end of the weekend-warrior mechanic tinkering on his big-block Chevy in the garage... or, er, his AMD quad-core DIY tower in his workshop... whatever. In the sense you've painted it, that may be inevitable. I've actually used the analogy before that iOS is like a Ford Taurus. It is a grocery-getter of personal digital media devices used by Soccer-Moms to get from Point A to Point B on the digital superhighway. In my analogy, I used the Lotus Elise to describe the Android platform. Purpose built and in all ways superior in engineering to the Taurus... but not good for getting the kids to soccer practice at all. But, that doesn't mean that seeing this direction, I have to like it - and even then, I'm not certain the analogy works in this case. This is more like buying a Chevy and only being able to use it on Chevy approved roadways. Sorry, this road only accepts Fords. There are manufacturers who've tried to make the application of their product that narrow and defined. There is a point where that "appliance-like" ease of use, reliability and convenience becomes unnecessarily restrictive. My position here is that this particular case starts to stray in that general direction.
 
Even 'locked down' devices like iOS are hacked, jailbroken, whatever. Better to not require hacking to do it, but to design it open.
 
"Even the best door locks can be broken or picked. So you might as well leave the door wide open."
 
Wow a real discussion on Google+. This is an internet first. Thanx to all!
My car's computer is pretty much locked down (good) - but hackers can already break in through the RF tire pressure sensors or USB music sticks (bad). This level of protection and attack is normal in many situations. What I DON'T want is legislation that says if I hack into my phone or car to mess with it at my own risk, I am suddenly a felon just for that activity alone. Look back at all those Popular Mechanix encyclopedias from the 20th century: "build a cement mixer with a Model T axle and a washing machine motor". Great stuff that trained generations of American entrepreneurs. All hardware hacks. Just because the 21st century version involves software should not make modifying and hacking illegal. You want dumb you'll get dumb.
 
+Ian Betteridge "Locks just keep the honest people honest". In this case - I still haven't seen what keeping the honest people honest achieves. I still haven't seen a compelling argument for why we can't accommodate both by having locked machines that can be unlocked by those seek that route out. Again, the ASUS Transformer Prime is the model I have in mind - which comes locked down, but they offer a software application that will unlock it for you. When you unlock it, it prevents certain DRM restricted apps from working right, and it voids your warranty. Everyone who seeks this option out understands the trade-off they're making. I'm OK with having it locked down by default - but I think that as the OWNER of the device, I should be able to fairly easily do what I want with it. That is where I disagree - not that "I want a device that cannot easily be hacked" but "even by me". And I agree with +ed callway trying to enforce bypassing bootloader security as a criminal action is the worst case scenario. Right behind that is manufacturers trying to maliciously brick devices that have been used in an "unauthorized manner". In fact, I'd like to see it go the other direction - where manufacturers were required to make it easy to unlock and bypass this kind of security, and where they were required to make it relatively easy to UNDO a botched attempt to make changes not intended by the manufacture.
 
+Donovan Colbert Donovan, there's a computer in your TV set. Is it easily hackable by you? As you rightly point out, there are tablets, phones, etc out there that are easily hackable, and as long as there's a demand for them they'll continue to be so.

So choose those! But don't demand that all devices must meet your needs, when doing so makes them less suitable for other people, more expensive to produce, or has other effects.
 
+Ian Betteridge Although I dig the response from +mike smith , I'll admit you've got a point here - but I think you may have stumbled onto something here by accident. The line is blurring between PCs and consumer appliances driven by microprocessors.

Recently I moved my Xbox 360 up from my basement because it is being remodeled. I hooked it up in my office to the HDMI port on a wide-screen LCD. When I powered it up and got to the Metro-style dashboard and saw Bing, Nextflix, Facebook, Twitter... I realized that with a keyboard, if there was a full-fledged browser and an e-mail client (although arguably, your XBox account IS a form of web based e-mail) - that the Xbox 360 could replace a traditional PC for MANY users.

Later on, I was in my living room, watching Netflix on my Samsung Blu-Ray player. When I exited, I thought to myself, "I haven't really checked out the Samsung App Store for this player". So I did. Twitter, Facebook, and other apps, including a web browser and games. Not only did I realize, "Wow, not only my iPad and my Transformer - nor my Xbox and my Wii, but even my Blu-Ray player," - they are all really potential PC replacements for the majority of PC related tasks many consumers do today.

So the line becomes blurred, and your question does have value. I've asked for an opinion on this in this thread, though - What IS the harm in having these devices easily hacked? How does it make them less suitable for other people? How does an unlocked bootloader make it more expensive to produce, or what other effects does it have? I don't think anyone has answered my questions. If I am informed and I acknowledge that hacking my TV's firmware, ROM and processor voids my warranty and may disable features - who is harmed by that action? If I want to softmod my original Xbox - what is the problem? Honestly, who is soft-modding original Xbox consoles to pirate GAMES at this point? They're doing so to enhance FEATURES and increase lifecycle on a platform that would otherwise be wasting in basements and landfills.

Isn't that REALLY where the harm comes from? Consumers who can do something like soft-modding their Xbox extend the useful life of that device, causing a disruption of the artificial life-cycle that vendors and manufacturers want to enforce on those products. The harm is to corporate profits - not to end-users. The harm isn't caused by "bypassing security measures", stealing or piracy. The harm is caused by users empowering themselves to utilize their own hardware to its limits - rather than the arbitrary and unnaturally low limits that vendors have designed into their devices.

Ultimately, I think you argument deserves consideration here - but I think that allowing users to access their devices in the way they see fit is still the best policy. Locking them down and making it illegal to get around those locks only serves the interests of corporations and corporate profits. The supposed "end-user benefits" seem dubious, at best.

Sorry for the long response. I hope you had the patience to read it all.
 
+mike smith That's awesome hackery, Mike :)

+Donovan Colbert Don't be sorry for the long response - long, thought-provoking responses are good! :) I totally agree that once you buy a device, it's yours to do with as you want. Hack it to whatever point you can, technically, use it in the "approved" way, stick it in a blender - you've bought it, use it any way you want (I'd draw the line at, say, copying the firmware and using it to create pirated versions of the same device, but that's something entirely different).

I think part of the problem comes from expectation: There's an expectation that because a device like an iPad (or Android tablet) works like a general purpose computer of the old style, that it should use exactly the same model of access as an old style general purpose computer. That, I think, is a category error: I think devices like an iPad is simply a tool to do a range of non-technical creative things in as elegant, safe (in the malware sense) and easily as possible. They don't replace computers, in the sense that a minivan doesn't replace a six-wheel truck, despite both being capable of driving you from A to B.

Incidentally, if you haven't seen it already, it's worth checking out Cory Doctorow's talk on "The Coming War on General Purpose Computation" (http://craphound.com/?p=3848). Despite being friends, me and Cory disagree a lot about stuff like this - and this is no exception - but he's always worth reading.
 
+Ian Betteridge I think that this is where we have a common ground and where our disagreement lies, too. I agree with what you have to say above completely - and I think you're right to draw a category distinction between classic computing platforms and the new era of light-weight, app-centric appliance-type devices.

My concern is that there is a terrible incentive for vendors to do away with the old model for the majority of our computer end-user interfacing, while putting a tremendous emphasis on moving us to this new model. This emerging model of computing DEVICE (as opposed to computer) allows for manufacturers and vendors to maintain far more control and many more restrictions on use than traditional computing. Right now it doesn't seem like such a threat. Honestly, my feeling is that the Microsoft decision to lock down ARM based Win8 tablets is only likely to affect Microsoft loyalists who opt in to this plan. That is no different than Apple loyalists who opt in to Apple's model - and I think there is plenty enough room for 3 vendors in this space and that most Android vendors and manufacturers will still concede to the demand among that user-base to allow mostly unfettered access to Android based devices.

So a lot of this is an academic debate at this point. But I worry about this slowly eroding the expectations of the larger user base and eventually it becoming a place where we forget a time when our computing devices were ours to do what we wished with. To me, it isn't an end-of-the-world "this must be stopped" issue - but it furthers a disturbing precedence already set in motion by Apple.

I'll follow the link you provided. Sounds like an interesting read.
Add a comment...