And so that's why I never liked nor trusted this whole idea of code signing with non-self-signed certificates, especially on desktop OSes. This notarization mechanism introduced a single point of failure: Apple. And now there is concrete evidence of how exactly this is bad.
On a device I own, there should be no parties that are trusted more than myself. It's ridiculous I even have to write this.
Richard Stallman founded the Free Software Foundation (FSF) for this very reason. You might think it's ridiculous but the fight for the right to modify the software running on devices you own has been raging for 35 years and is bigger than ever.
It hasn’t been a quarter in which i haven’t told myself how richard stallman was right, and a visionary, and how much we were fools to consider him an extremist.
The nominee is quoted as saying that if the choice of a sexual partner were protected by the Constitution, "prostitution, adultery, necrophilia, bestiality, possession of child pornography, and even incest and pedophilia" also would be. He is probably mistaken, legally--but that is unfortunate. All of these acts should be legal as long as no one is coerced. They are illegal only because of prejudice and narrowmindedness.
14 September 2019 (Sex between an adult and a child is wrong)
Many years ago I posted that I could not see anything wrong about sex between an adult and a child, if the child accepted it.
Through personal conversations in recent years, I've learned to understand how sex with a child can harm per psychologically. This changed my mind about the matter: I think adults should not do that. I am grateful for the conversations that enabled me to understand why.
Stallman's former view on this was always wrong. But it is good to hear he has changed his mind, and I think to be fair to him, if one brings up his former views, one should also bring up his more recent disavowal of them.
I've always thought of Stallman as the canary --- the extremist at the edge. I don't agree with a lot of things about him, but I think it's important that such people exist in order to "delineate the boundaries". Him changing his views towards "acceptability" should be taken as a bad sign, regardless of what those views are.
fwiw I don't think framing everything in as a sign in the sad story of a society on the way to 'X', is a particularly productive way to think about this kind of story. I could be that this is just a personal story of an individual who is internally consistent, and changed a view based on discussion and new information.
To be fair, that disavowal came after his former behavior and views - which went not only accepted but defended by his peers and followers for years (including on HN following his "cancellation") finally became too much for people around him to bear. No other public figure with a history like his would be given even a shadow of a benefit of the doubt over nothing but a brief blog entry. If he were a politician or a celebrity HN would want to see him hanged with the rest of the degenerate elites.
I hope that he has changed his mind, but until there's some evidence that he's changed his behavior, there's no reason to assume he was doing anything but covering his ass (possibly at the behest of someone else) and trying to save his position and status. That's what would be assumed of anyone else, that's what should be assumed of him.
The consequence of power is such that it emboldens an individual to believe that limits on themeselves, are a moral wrong. The common knowledge acceptance of sexually deviant debauchery, has been pervasive across time (Caligula to Epstein). It is much harder to expose, with the extreme wealth disparity.
I'd bet you have to be really sloppy nowadays to get caught.
If only it were possible to expose the behavior of such people through some public channel and then use collective action and social pressure to force some degree of consequence on them.
When I was a teenager, back in the 1990s, I idolised RMS. The GNU project and FSF were what I idolised him for, back then I'd never heard his views on these issues. As I grew older, I started to think that the hardline position of the FSF was impractical, at least for my own life. I wouldn't say I idolise him any more.
I think his former views were completely wrong, but I try to understand where he was coming from: RMS comes out of a progressive 1970s cultural milieu in which a lot of people were willing to question all aspects of traditional moral values, including age of consent laws. I can think of a number of now-mainstream European politicians, who in the 1970s were willing to associate with (or at least tolerate) "pro-pedophile" advocacy groups, and that way they behaved in the 1970s has come back to bite them – Daniel Cohn-Bendit, Harriet Harman, Jack Dromey, Patricia Hewitt. Someone like Allen Ginsberg, who was an open member of NAMBLA – and, by at least some accounts, actively abused underage boys – was nonetheless an acceptable figure in polite society – something that would be quite unbelievable in the year 2020. In the 1970s, a lot of what is now the mainstream gay rights movement was willing to associate with organisations like NAMBLA; by the 1980s, the mainstream gay rights movement had fully severed those ties, which was a prerequisite for the cultural and political successes of the LGBT movement of today. In the 70s, the victims of child sexual abuse were largely invisible, they were not being heard in the conversation in the way they are now, and society (including much of the radical left) had not yet begun to take their experiences seriously.
What makes RMS a bit different, is that figures like Cohn-Bendit, Harman, Dromey and Hewitt, realised their mistake (or at least cared enough about social acceptability to move with the times.) RMS clung to this view long after it had become seriously socially unacceptable in a way it had not been in his twenties. Why?
Well, it is obvious to me that RMS has a lot of autistic traits (as do I myself). I'm not the only person to notice this – https://news.ycombinator.com/item?id=20969320 – to arrive at and defend socially unpopular positions through application of abstract reasoning, completely divorced from real world human experience, and then to cling to them pigheadedly, is something a lot of people with autistic traits end up doing at some point. So I think his autistic traits are another big part of the picture here that other people may not be seeing.
RMS' former views were always wrong: I'm the father of two young kids myself, to me their wrongness is completely obvious. But I can understand how something which is completely obvious to me, even to most people, might not have been obvious to him, and why it might have taken some real world interaction with abuse victims for him to understand it. And, to the best of my knowledge, these wrong views of his were purely theoretical, I've never heard any claims he's actually acted on them, or even had any personal interest in acting on them – unlike someone like Allen Ginsberg.
I'm not saying this because I think he should be the leader of the free software movement. I think he has done an enormous amount for that movement, but it probably now would be better served by someone younger and more attuned to contemporary culture. But he's a human being, and I feel the urge to understand him sympathetically, rather than join in a mob out to get him.
For what it's worth I think the right thing happened to him for possibly the wrong reason, and the community around him is as much to blame as he for enabling the damage he's done for as long as they did. If not for that whole debacle of an email conversation being leaked and made public, he would still be in a position of authority and still be normalizing the acceptance of behavior like his in tech culture.
There should always be room in society for someone to see the error of their ways and amend, but it's going to take more than a tweet's worth of text to make up for decades of - and let's be honest - sometimes passionate advocacy for reprehensible behavior, and the anecdotal evidence of creepy behavior towards women IRL, and that's not unreasonable. Sympathy doesn't mean one shouldn't expect growth.
What makes you think that there's only been a tweet's worth of text on the matter? Furthermore, why should the movement he spearheaded suffer because others can't be bothered to try to understand a brilliant, eccentric, neurodivergent individual?
Frankly speaking, I think most of the "normal mainstream" that condemned Stallman without even bothering to check up on and verify the facts of the accusations made against him outed themselves as easily manipulated, savage, and unstable individuals with little or no consideration for the damage they heaped upon a man who was doing nothing more than trying to encourage postponing of judgement until the facts were all in. In that one, tragically twisted-by-the-media email, Stallman did exactly what any civilized person who believes in the tenets of our system of justice should have done. He called for calm, and to give his friend the benefit of a doubt until all the facts were in. The "weird creepy guy" acted more in line with the ideal of normalcy than anyone else!
I'd take 100 more people just like him with all the inherent quirks than any of the mob who rushed to condemn him without even so much as getting to know him. I mean, good God. Show me someone who hasn't had a questionable view in their life from lack of reflection, and I'll show you someone who hasn't actively tried to get to know all the many facets of their species, or consciously come to terms with their own capacity for atrocity.
Let he who is without sin cast the first stone! Til then, people need to nut up, shut up, and take a damn number. Thank who/whatever they worship they woke up this morning, and give thanks but that there for the Grace of $Subject_of_Worship go I.
Now get off my lawn, and keep your damn chickens out of my garden! They may be cute, but they're ruining my sprouts!
>What makes you think that there's only been a tweet's worth of text on the matter? Furthermore, why should the movement he spearheaded suffer because others can't be bothered to try to understand a brilliant, eccentric, neurodivergent individual?
If there were anything else, fanboys like you wouldn't hesitate to mention it every time you want to pull the "autism sympathy" card to make anyone who's been creeped out and offended by his behavior out to be " easily manipulated, savage, and unstable individuals" who can't comprehend the tragic, broken genius who's too good for this world.
The movement will be fine. The movement doesn't need him, and if it does, it's not a movement, it's a cult.
>I'd take 100 more people just like him with all the inherent quirks than any of the mob who rushed to condemn him without even so much as getting to know him.
Yes, well, you can have your hundred quirky middle aged pedophile apologists, as society seems to have enough to go around. I'll be satisfied when they're kept away from positions of authority and their behavior stops being defended by people around them. Just be sure to burn your sheets after they stay over.
I suspect part of the explanation is: Part of what manifests as brilliance is early development of the mind. Consequently, brilliant people tend to think, "Well, I was mature enough in my early teens, and surely there must be others like me—perhaps some even younger. The law should not restrict those who are mature enough; that is like restricting adults." The train of thought may continue with something like "There are already mechanisms for having a child make an adult-level decision: parental approval, child emancipation", or "The legal age of consent varies enormously around the world and throughout history, and is clearly arbitrary". (The biologically non-arbitrary age points would seem to be "puberty"—probably around age 12-16 depending on which pubertal milestone you choose—and my 7th grade science teacher's favorite, "when the brain's frontal lobe finishes developing", which would be age 25 or so.)
If the person is also resistant to discarding views merely because those views are hated, then, well, it's easy to see how their beliefs might end up where they do.
Why? It's one of the only things that you can get in trouble for without even knowing it was there. You could have taken them yourself or your children, did, it's seen in your house and they assume it's yours, now you can have a big lawsuit. With the quality of cameras and common usage of them I see a huge problem looming. It's used to plant investigations on innocent people. It's turned innocent people into jobless hated people for something they didn't do or simply were accused of.
I don't think it is a black and white issue as much of a tool of entrapment. I am not pro possession of it, but the laws are clearly entrapping innocent people. Romeo and Juliet laws exist for underaged people, should a similar law exist if you make it yourself so you don't get labeled a sex offender for making a video of yourself?
During his time it was about not legislating everything. Dworkin who was anti pornography debated a conservative judge, who saw no difference of exploitation of children as of women. Here she debates a conservative judge on wanting to make it illegal.
https://m.youtube.com/watch?v=zt8KVB8AunQ
Sure. I don't think you should be arrested or put on the sex offenders list for taking / possessing a picture of yourself as a minor. I think it's clear from context that this is not what RMS was referring to, and I don't think your strawman argument is helpful.
His public image has been degraded from toe-jam eating and supposedly outrageous riders for speaking engagements (which I think everything in was pretty level headed but some people think it was 'nuts')
> "GNU" is pronounced as one syllable with a hard g, like "grew" but with n instead of r.
TIL I learned "GNU" is somehow pronounced with one syllable ("gnew") and not two ("guh-noo"). (I know lowercase "gnu" is pronounced with one syllable.)
He seems really insistent on not being ID'd for buses or trains, but its a requirement for flying which has a whole section. Is there something going on with buses and trains that are under more scrutiny? Also, if he can get around the ID with fake names via buses and trains why would he even accept flying?
It starts out reasonable, but then has gems like "please buy bus tickets only with cash under a fake name", "find me a parrot", "go to the hotel and figure out if their phone jacks do dial-up because that's most likely the only thing that will work with my machine".
The latter may have adjusted with the times, since the document is old; but then again, the demands he places on streaming technology etc. are perfectly reasonable nowadays, but a massive obstacle back then.
> please buy bus tickets only with cash under a fake name
This is because he's actively against surveillance. It's not a hard requirement, I've lent him an anonymous (i.e. pre-paid) public transport card before, and while he didn't like the requirement to both check on and check off, he did it anyway.
> find me a parrot
That's a misrepresentation. It's a "it'd be nice if" type thing. There's also the "don't buy one" comment, because you can be sure someone has done that.
> go to the hotel and figure out if their phone jacks do dial-up because that's most likely the only thing that will work with my machine
That might be really old, his machine definitely has wifi. And if the request is from the pre-wifi with free software drivers days, it's completely reasonable for someone who lives a chunk of their life on the internet to request internet access.
It's much, much more reasonable than you're making out, especially if you consider it in the context of why you're probably asking him to speak at some event.
He has expressed skepticism that "willing participation" in pedophilia harms children. And given a couple of bizarre quotes on bestiality (essentially, "if the animal initiates it then what's the problem?").
More recently, he was pushed out of MIT and the FSF last year for questioning whether one of Jeffrey Epstein's victims was truly a victim or not.
He prefers Emacs over Vim.
There are probably other examples, but that's off the top of my head.
> questioning whether one of Jeffrey Epstein's victims was truly a victim or not.
I’ve never really been much of an RMS fan beyond admiration for what he has done for free software, but this is not what he said, at least according to his words as quoted in the post that initiated his cancellation[1]. I’ve pasted it from that post below [2]. The author of that post quoted this and then somehow inferred this [3]. How she (and everyone reading it thereafter) went from one line to the next from “she PRESENTED herself as willing” (not that she actually was willing), “assuming she was being COERCED by Epstein” somehow got reinterpreted as “she was entirely willing”.
Nothing RMS said stated he thought she wasn’t a victim, just that Minsky may not have known due to how Epstein coerced her to present herself.
[2] We can imagine many scenarios, but the most plausible scenario is that
she presented herself to him as entirely willing. Assuming she was
being coerced by Epstein, he would have had every reason to tell her
to conceal that from most of his associates.
[3] and then he says that an enslaved child could, somehow, be “entirely willing”.
I'm an RMS fan overall & think he's been fairly prophetic over the years even and respect him for sticking to his Free Software guns even when his views were unpopular, but these comments of his regarding the Epstein case were stupid. Yes, RMS is correct, the term "sexual assault" is perhaps too vague in this case–the legal term for sex with an underage person is "rape."
The context also make his comments strain credulity beyond the breaking point. "We can imagine many scenarios, but the most plausible scenario is that she presented herself to him as entirely willing." So this 73 year old man has a 17 year old approach him for sex on one of his patron's famous young-girl-harem flights, and I'm to understand that Minsky can't apply his AI-pioneering genius to figure out what's going on? Like, am I supposed to believe that he thought this girl young enough to be his granddaughter was just attracted to his magnetic personality? Give me a break.
> Minsky may not have known
Can you really look me in the screen and tell me you believe that? Again I say: give me a break.
I think it's better to call a spade a shovel here and concede that Minsky knew what he was doing. The fact is Stallman probably _didn't_ consider Minksy to have done anything wrong, and that's why he spoke up, and he was "cancelled" because it was pretty plain to everyone else that it _was_ wrong.
> because it was pretty plain to everyone else that it _was_ wrong.
I think you’re relying heavily on hindsight here. Yes it’s obvious to us looking in from the outside, but thinking back to any large events/conferences I’ve been at, especially if alcohol was involved, if somebody pretended to be willing because they were coerced to do so, I’m not sure it would have been so obvious and it’s easy to get caught up in the moment and not realise something was off.
But, that’s not the issue here. I don’t necessarily disagree with you and if the argument had stated what you said then it would have been ok to call RMS out.
But that’s not what happened, instead people twisted his words to make him out even worse. Nobody said “how can you believe that Minsky didn’t know something was wrong?” They said “you said she was willing and not a victim! How dare you!”, when he very clearly did not say that.
So you figure 73 year old Minsky was on this plane or whatever, a highschooler offers to have sex with him and he just figured, what, she was caught up in the heat of passion? Maybe high schoolers offer to have sex with him in the normal course of his geriatric affairs?
I think you’re still not really being honest by trying to construct some scenario where Minsky could have not realized this young girl was either paid or ordered to have sex with him. Walk through it in your head and I defy you to come up with a scenario where Minsky could have not known this was a girl being either paid or ordered to have sex with him.
> a highschooler offers to have sex with him and he just figured, what, she was caught up in the heat of passion?
No, I meant he might have been caught up in the moment and ignore his better judgement. Also, I dunno about you, but I iften find it very dificult to tell the difference between a somewhat mature looking highscooler and someone who is 19 — 21 ish. Of course, I also don’t have sex with people in that age group, but my point is that its often very hard to tell if someone is late teens ir early twenties, so, again, in the heat of the moment, especially with alcohol or other substances, its not hard to think that she’s young, but not underage.
I’ve been in plenty of situations where there were “groupies” willing to sleep with much older guys because of fame or oerceuved money or power, where nothing nefarious was going on. So, no, I don’t think its a stretch at all that he could have thought this. I obviously have no idea what the reality was in thus particular situation; neither of us know what Minsky was or wasn’t thinking. I’ve also heard reports that withesses said he turned her down, but I can’t find anything to back that up now, so could be BS.
I’m not saying he’s innocent, he could have been completely willful in the situation, but I do not believe its a 100% clear that he’s definitely guilty either.
And in the context of RMS, I think what he said, in context, wasn’t particularly unreasonable. I think people should have challenged his views and had a conversation like we’re doing, instead if twisting his words to tell a false narrative because they don’t like him and wanted an excuse to attack him.
Agreed that people shouldn't have twisted his words, and agreed that his comments were, at least from a very technical read, not inappropriate.
To be honest you've changed my mind a bit here & I'm a bit more on RMS's side now. Agreed that a witch-hunt was in progress, which caught some "actual witches" and lots of others along the way.
But from an optics perspective, ffs why would you defend an Epstein associate & fellow-traveller at that point in time. I mean he's dead, he's not going to be hurt by the accusations at that point. ️ oh well.
This is exactly what my issue is with many of his detractors. He's brave enough to state his opinions good and bad, and most people don't think beyond the first step of why or the context and continue the myth of it being a fact. It is depressing to see how this is not common news even here and people have every reason to dislike him for other reasons but they just wanted a reason to hate him.
That's why he was kicked out by people the like of Garreth who named him "enemy of the FSF" and mocked him on Twitter calling Stallman "bad" but he's a former Google employee...
Is this that thing, where someone posts something controversial that is bound to generate lots of discussion, to deflect and derail the discussion from the real topic at hand.
Richard Stallman has been way off the rails and a detriment to his own cause for years.
I'm not talking about the pedophilia comments, the sexual harassment of women in tech, or the toe jam. All those are well documented and don't need restating. No, if you look at the FSF's recent policies regarding software freedom, they are also bass-ackwards.
The FSF had a "respects your freedom" certification which is designed to encourage devices to be less free, thanks to a concession for blobs and proprietary firmware. Effectively, they know that it's impossible to build modern hardware without blobs, so instead what they did is require those blobs to be hidden, immutable, un-freeable, un-auditable. That way they can claim, for all the clueless free software evangelists, that the devices are 100% Free (because there are no closed blobs in /lib/firmware! They're just... elsewhere, where you can't see them, audit them, touch them, or actually replace them with a free version). I wrote up the story in this Twitter thread, it's crazy:
Then there is also the AGPL, which isn't a Free Software license, but rather an end-user license agreement (EULA), because it violates Freedom Zero: the freedom to use software however you want. All free software licenses only impose restrictions on distribution, making them copyright licenses - you can use original or modified versions of e.g. GPLed software at will, with no condition, as long as you don't redistribute them to others. The AGPL requires advertising and offering source when used as a network server, which is a condition on usage, and thus incompatible with the Free Software definition. rms will never admit to this, but AGPL-licensed software is, by any reasonable reading of the Free Software definition, not Free Software, and shouldn't be included in the Debian main repository, for example. It's just that nobody seems to be able to read past the "AGPL is from the FSF so it must be free software" idea.
These are just some ways in which the FSF and rms are hurting their own cause. If you want to support an organization, I would recommend the FSFe instead of the FSF. The European branch is actually doing good work for free software advocacy, instead of all the nonsense the FSF is doing which only makes the movement look worse.
> Then there is also the AGPL, which isn't a Free Software license, but rather an end-user license agreement (EULA), because it violates Freedom Zero: the freedom to use software however you want.
If you have this opinion of the AGPL, then you should also have it about the GPL, since the only difference between the two is section 13 of both of them (seriously, just diff them) which says that conveying over a network also triggers copyleft. This is just a modernisation of plain ol' copyleft from the days when conveying was mostly done on physical media instead of over a network. If some day we discover a way to distribute software over neither a network nor physical medium (I can't imagine what that could be... quantum entanglement?), then the definition of "conveying" should be updated to reflect the new technology.
The GPL has long been considered open source by OSI and free software by the FSF. You are free to use the software however you want -- you're just not free to deny this freedom to your users or clients, with neither the GPL nor the AGPL.
The AGPL section 13 isn't about conveying the program itself, it's about making it available as a service for network interaction. It may be just a one paragraph difference, but that difference is what makes the AGPL into an EULA. It's a requirement on users. The GPLv3 has zero requirements on users, only on distributors.
You might think this is a valid clause to include, and like its effects, and that's fine (though a close reading of that AGPL clause reveals a myriad of problems; it's extremely poorly thought-out and I find it unlikely that it would survive in court if properly challenged, with many workarounds possible, or causing problems for normal usage, depending on interpretation). But it doesn't change the fact that, suddenly, it makes it into an EULA, since it imposes a condition on usage, not distribution.
The GPL and other Free Software licenses strictly give you rights. You have no right to copy software by default under copyright. Those licenses give you the right to do so, subject to certain conditions.
The AGPL removes rights. It removes the right to use (not distribute) the software as you wish if you do not follow certain conditions (that you don't modify it without making those modifications available to remote users who are otherwise not receiving a copy of the program anyway, and not invoking copyright).
Linux distributions should be including the AGPL as a click-through license when users request to install such software from the repositories. In the current status quo, users are required to abide by terms they haven't been required to read, and might accidentally violate the license by doing something that is otherwise legal, such as editing a script in /usr that is part of such an app and exposing it over the Internet.
It's not a requirement on users anymore than the GPL requiring you to distribute corresponding source on CDs was a requirement on users. Morally and legally, the distribution medium does not make a difference. When you make the software available over the network you are no longer the user -- the users of the software over the network are the users. When you convey the software over the network you are a network operator and a distributor. Being a network operator and a distributor imposes obligations upon you.
It is not a EULA. The AGPL even says, in the same section that the GPL says (to wit, section 9) that you don't need to accept it in order to be granted its rights.
You seem to have trouble understanding the difference between network usage and distribution.
If I give you a CD with nginx, I'm distributing it.
If I send you a .tar.gz with nginx, I'm distributing it.
If I bring up nginx on a server, put some HTML files in the webroot, and give you a URL to it, I am not distributing nginx. I am merely using nginx, and offering you a service using nginx. I am not offering nginx itself. I am distributing my HTML website, and I am merely using nginx for it.
Cases 1 and 2 invoke copyright. Case 3 does not. In the absence of a license, you are not allowed to do 1 nor 2, but you are allowed to do 3. I can give you software I created, say nothing whatsoever about its license (which means, implicitly, "all rights reserved"), and international copyright law says you can not do 1 nor 2, but you can do 3.
The GPL, BSD, and other free software copyright licenses say you can do 1 or 2, under certain conditions.
The AGPL, and other EULAs, says you can NOT do 3, unless you meet certain conditions (other EULAs may, for example, limit the number of users, which would be typical for typical proprietary software server EULAs; the AGPL limits how you can serve the software, in that you must provide source changes to users of the service).
Therefore, the GPL and BSD strictly grant rights (to copy). The AGPL both grants rights to copy and restricts rights to use. It is therefore not a copyright license, but a contract, an EULA, a click-through usage agreement. And anyone who treats it as a copyright license (i.e. users are not expected to care) is doing a disservice to their users, because they are, in fact, not allowed to use the software without abiding by that contract (license).
If nginx were AGPL-licensed (thankfully it isn't), and I made a change to the source for personal use, then the AGPL would require me to stick a download link to that modified source in the footer of every website served using that copy of nginx, even if I am not serving the nginx binary itself.
The GPL is already perfectly suited to cover distributing software on the internet, as tarballs or whatever. The GPLv2 had some outdated provisions referencing a "medium" and written offers (e.g. the CD story), and the GPLv3 already covered that by saying you can just send the source via the same medium as the binary, e.g. from a network server.
The AGPL is a very different beast, and it has nothing to do with updating the GPL to allow for network transmission of the source, as you seem to imply.
Have an example: I run a Nextcloud instance for personal use. It is AGPL-licensed. Thankfully I have not made any changes to the code. However, if I touch a single php file in my /var/www/nextcloud (other than config files - hopefully, the AGPL is too vague to say for sure), that means I now need to figure out how to package and distribute that change to literally every visitor to my instance, which could be anyone on the internet (even if they just hit the login page). This is NOT possible with a purely copyright license. And my distribution did not warn me about it (like they did for proprietary software EULAs, which require an explicit ack), because they erroneously believe that the AGPL is not an EULA, because the FSF wrote it.
This kind of sillyness of calling AGPL a contract is incorrect because it assumes that copyright law only care about distribution. It does not.
It is an copyright offence to perform any of the following acts without permission of the owner:
Copy the work.
Rent, lend or issue copies of the work to the public.
Perform, broadcast or show the work in public.
*Adapt the work.*
A person who take a copyrighted software and adapts it into a online service need to get adaptation permission from the author. If the work is given out under a AGPL license then that license is proof of permission as long as the person follow the terms, just as with any other copyright license.
You do not need permissions from a copyright license unless the action a person does falls within the scope of copyright. If a person don't copy, rent, lend, issue copies, perform, broadcast, show, or adapt the work, then the AGPL conditions are irrelevant because the user do not need permission in the first place. An EULA or contract however is not limited in this way and can restrict usage of a program outside the scope of copyright.
Do you have any case history supporting this interpretation of copyright law?
While it is true that copyright protects the right to create derivative works, that is, in practice, usually applied to creating such derivative works and distributing them. Otherwise, scribbling with a pen on a book you bought would be a copyright violation.
Similarly, while technically running a program requires copying it into memory (and thus requires a license), no court in this day and age is likely to rule that running software which was acquired legally, but which does not come with a license to run it, is a copyright violation.
Scribbling with a pen on a book you bought would be a copyright violation if it would qualify under the definition of recasting, transforming or adapting the book. It must be substantial and original. A full translation, scribbled on the side, would be a pretty obvious violation regardless if you made further copies. Similar if you bought the movie rights to distribute you still need additional permissions to add translations or to cut it into new versions. There has also been cases where a broadcasting station got sued because they added commercial breaks without having copyright permission to create new adaptations (the author had a very public opinion against commercial breaks).
The memory issue has been well discussed and handled in the past. The law has an explicit exception made with this in mind where legal owners of the software has a right to both copy and adapt software if it is an essential step towards utilization of the program. licensees however does not have this right and are restricted to the terms under the license. Naturally this is designed more towards the world of proprietary software where such distinction is more clear.
In the broadcasting case, obviously broadcasting/distribution was involved, which is not the case here. Do you have any examples where someone making a private modification to a copyrighted work without distribution was legally liable for it after it was discovered?
The AGPL attempts to control any changes made to the code, not just, say, a substantial refactoring or reworking. So in principle a one-line patch is sufficient to trigger AGPL clause 13.
>If nginx were AGPL-licensed (thankfully it isn't), and I made a change to the source for personal use, then the AGPL would require me to stick a download link to that modified source in the footer of every website served using that copy of nginx, even if I am not serving the nginx binary itself.
People add links to the source code because it's much less work than responding to emails. It's entirely voluntary. Users have a right to the source code of AGPL software you make accessible to them and you can satisfy that constraint any way you see fit.
> your modified version must prominently offer all users interacting with it remotely through a computer network [...] an opportunity to receive the Corresponding Source of your version by providing access to the Corresponding Source from a network server at no charge [...]
An email does not cut it. It has to be a direct link to the source, or some kind of equivalent mechanism to directly download it from a server. Merely providing you the opportunity to ask a human for it does not cut it (an email bot might, but that'd be dumb).
You seem to have trouble understanding that you are not the user of nginx: the users who visit your website and use nginx to serve files to themselves are the users.
Copyright law doesn't say anything about users of software, it talks about copying, performing (no, you are not "performing" nginx for your remote users, that's not how it works), etc.
In fact, courts have repeatedly ruled that the output of software (i.e. the packets nginx sends over the network, but which aren't its own code) is not covered by the software's copyright itself.
If I lend you my phone, in the absence of more restrictive EULAs, and excluding media (which is reproduced verbatim by the phone), you are free to use any software on it without being subject to the copyright of said software.
You seem to have trouble understanding that copyright is irrelevant to determining who the users of the software are. The users are the ones using the software. That there is a network between them and the software they're using is irrelevant.
Copyright is irrelevant also because you are not redistributing the program to those users (and possibly not at all).
Yet, the copyright law is what the AGPL is trying to wield as its basis.
It does not seem valid. Has anyone tested it in court?
I don't think that copyright can assert use restrictions. You cannot say that someone is not authorized to have a copy of something if they do not use it in such and such a way.
It's exactly like a "license" written in the flap of a book which says that you must read only the even-numbered pages. If you read any odd-numbered page, then you are breaching the license under which you're permitted to have a copy, and must destroy the book.
I would cheerfully deploy a modified AGPL program and not reveal the code to anyone. Nothing would happen at all.
I'm surprised Google are so allergic to the AGPL. If it came down to it, they could crush this bullshit in court like swatting a mosquito.
So you're saying that the license does not impose restrictions on users of the software, but I am not the user, so it can impose restrictions on me? Then what am I, and why does the license get to impose restrictions on me beyond copyright obligations without violating Freedom Zero?
You're grasping at straws here. There's provisions based on copyright, and then there's everything else. Redefining users to exclude the person running the server and implying that means the person running the server loses all rights under the Free Software definition is ludicrous.
You are free to run our hypotheticlly AGPLed nginx for whatever purpose you want. You can serve a military website or an online shop from our hypothetically AGPLed nginx. There are no limitations on usage. You are the user as long as you are operating and using nginx.
Once you serve to other users, though, they also become users of nginx. In this regard, you have an upstream/downstream relationship between you and the other users of nginx that you've made users by giving them access over the network.
You are still free to use nginx for your military website or your online shop or whatever. Your usage of nginx has not been restricted for any purpose.
By granting network accesss to our hypothetically AGPLed nginx, though, you now have an AGPL obligation to provide a link to the source code of nginx, in case you modified that source yourself. This isn't taking any rights away from you -- indeed, the AGPL is only granting you rights. You wouldn't have the right to even serve nginx to other users or to modify its source code if it weren't for the AGPL.
None of this is substantially different from the GPL except for the method of interaction with the software.
This is not correct. Those agreements are based on the idea that your license to use the copyrighted software is predicated on accepting a large number of conditions outside of copyright.
Merely receiving a license-free piece of software (i.e. "all rights reserved") with no strings attached gives you a certain set of default rights (i.e. anything not in violation of copyright), such as to run it for any purpose. EULAs like a shrink-wrap agreement from Adobe, or the AGPL, then attempt to remove some of those rights.
Though, sure, you can look at it from the point of view that in the absence of a license at all, nobody would've been able to distribute the software to you in the first place, and therefore you'd have had no rights as a result.
The doctrine under copyright law is that you have no right to have a copy of a work without the copyright holder's permission. From that basis, various forms of asshole on the face of this Earth, and their lawyers, have come up with various licenses that inject all sorts of behavioral conditions, far outside of the scope of copyright law, on the granting of a permission for you to have a copy. The idea is to turn the non-compliance with those conditions into copyright infringment. "Oh, you're violating clause 37? And still have a copy of the work? That's not allowed! You must comply, or else destroy the copy!"
I fail to see how meeting someone in person is a requirement to form an opinion on them based on their public actions.
Claiming that it is, though, sure sounds like a common dismissive tactic in politics, and especially when defending people who otherwise commit undesirable, even detestable public actions ("but he's a great guy, he'd never hurt anyone" etc).
I am fine with this for most things except my phone.
I trust Apple more than any party in the world. Even the government. Fortnight devs, Epic, whatever are not even on the same radar. They'll sell your privacy in milliseconds if they can get 2.5 cents for it.
I would never ever own an open source phone. Not because the operating system is open source (probably good that it has eyes on it) but there is no way to control third-party apps. Even the os builds can get hacked and I cannot trust it. I have so much personal stuff on my phone on it that I cannot afford to entertain Richard Stallman and his righteousness.
I respectfully disagree in my case. I don't consider myself a security expert at anything, especially at computers. This is probably 99.999% of the Apple customers.
People like yourself can probably manage their own security, have a secure NAS, multiple firewalls, etc.
Do you see it from the perspective of average Joe (or me)?
That's fine, but you're telling everyone else that, because you personally are not willing to take responsibility for the security of your devices, it's ok for a corporation to dictate that no one is.
This doesn't need to be an either/or situation. You can outsource your security and privacy decisions to Apple while simultaneously allowing others to take full control of their devices.
No, that's not a fair take. I am saying that everyone is probably more akin to not knowing a darn thing about security (outside of HN caccoon) than people who are commenting here to setup their own security infrastructure.
Given the conditions of how ignorant large percentage (~ 99.999%) of the Apple customers are, I would trust Apple more than any other party to keep them and myself safe.
Can you imagine third parties siphoning off data, metrics, photos, etc. without Apple safe guarding user's interest?
I would pay a lot of premium for security if I don't have to do it myself.
I think maybe you're missing the point? I don't even disagree with what you're saying, but we can have it both ways: the alleged 99.999% (I suspect you're exaggerating) can have by-default strict security with no apps allowed unless installed through Apple's App Store, and the rest could do whatever they want.
I trust Debian to supply and maintain the software on my machine. But, at any moment, I can choose to add other trusted parties, or remove the Debian repositories, or add my own patched version of some app.
I usually choose to trust them, because it's convenient and because they probably know better than I do. But my trust in Debian is completely voluntary, non-exclusive and revocable.
Android has that, but you can also side-load apps if you think you are knowledgeable enough to want to. That's the main contention with how Apple runs things, there is no proper escape hatch.
Do note that trusting other people is not incompatible with trusting yourself. Often you can trust yourself to the point where you know you will be over your head, and then hand off that trust to someone else.
And what about giving people choice? Androids often come with locked bootloader and users can unlock it. Unlocking permanently deletes all user data. Apple is not giving any such choice!
You're right, but that fundamentally changes how I look at apps on my iPhone and my device or the ecosystem as a whole. Right now, any app icon I see on my phone, or any Apple device, I implicitly trust, because I have outsourced my trust to a corporation. This does not mean there are not scummy/weaselly apps out there (tiktok/Facebook/etc. for example).
Like root certificates, you have to trust someone, at some point. I am choosing to trust Apple.
By allowing side-loading apps, that is eroded, even if the tiniest bit.
Yes, when it comes to keeping things secure, I honestly trust Apple more than myself (I've forgotten to lock my car upteen number of times) and my family.
I am not saying that Apple is not prone to hacks, gov influence, but based on their past record, their stance on privacy - who else could be more trust worthy?
Can you provide examples of whom you would trust more if you owned an iPhone to manage your phone?
Right now, if I was running some open source OS on an open source hardware, with random 3rd party unverified apps, etc. - I would have no confidence in myself to keep that thing secure.
I agree that things like openssh can be more secure because there is a huge number of individuals and corporations using it, there are a lot of eyes on it. It is open source and secure.
That's not the same as something as big as an iPhone. iPhone is an ecosystem of apps, cloud data, biometrics, hardware encryption (secure enclave), etc. and finally the physical device.
For some reason a lot dev's cannot seem to comprehend that a lot of people(Including myself) are not capable/wish to maintain/keep up with security.
I rather use my brain cycles for something else. This is compounded for people who have no interest in tech but rather just want to use them to perform certain tasks.
Are some of practices unfair sometimes to a small subset of companies/developers. Definitely yes, But what are the other options that have this level of privacy or trust worthiness with a similar ease of use/setup. I don't know of any.
My guess is just beliefs. It's pretty similar to what happens in code at-least where i work at.
Dev tries to make it super flexible, tries to make it fancy, implement DRY like one's life is dependent on it ultimately resulting in a hard to read/maintain messed up spaghetti code.
Also i don't see how can a person know all of the security stuff with a beast like Android unless they spent/are willing to spend an insane amount of time on keeping up latest exploits, architecture etc.
But there could be a switch to allow installing apps from untrusted sources" default off. It's sad that people are so ignorant and gave apple so much power. :(
I think you're over-generalizing. Most people with an iPhone do not care about side-loading apps. They may be ignorant, but they also do not care. The same reason I am ignorant about the rules of NBA, or Cricket - I simply do not care.
The power you're talking about (and the risk you're not talking about) are of no value to me.
For what it's worth, I agree with you. I work in software and the number of times I have inspected the source of something I'm running could be counted on one hand. I trust Apple, I trust the open-source community to look for me, etc.
I think this needs to be questioned. Visually show downvotes with a number or a red color somewhere. But, making it difficult to read needs to be challenged.
I use an app for HN, and it doesn't show me points. I've never cared enough to check and see if I can make it do so. Similarly, I've never bothered to check and see if I have the capability to downvote, which it also isn't showing me, because it's rare enough that I want to do so that I just don't bother.
I am glad I can express my opinions on HN and I am ok with downvotes as far as people don't flag me for disagreeing (but ok to flag if I violate HN rules).
I stand by what I think makes sense, what my conscience tells me and based on the evidence of data, experience and perspective.
Without people challenging the status quo, generating healthy discussion, we would have a massive echo chamber. I don't feel offended by downvotes.
And that's the issue. The overwhelming body of evidence in recent years suggests Apple does not consider the devices they make to be "yours." Rather, their attitude seems to be that those devices forever belong to Apple, and Apple simply allows you to pay for the privilege of using them.
It basically is that - most owners replace their iPhones regularly, and if you replace your iPhone with purchase price $P every M months, that's just as good for Apple as you paying P/M per month, with some additional benefits:
The user is locked in to a large minimum spend; the user is responsible for EOL disposal of the device; the users perform self price discrimination, where more wealthy users replace their phone more often so effectively pay a higher monthly rate.
Also, this is true for windows OS. Once you installed it, the computer would not belong to you. They would force updating, updating, and updating. Even if you were in meeting, that speaker stopped the talk and went back to find another computer.
It is ridiculous. Nowadays, physician could do a surgery in remote. How about during operation there is an update.
No they won't. You can configure windows out-of-the-box to completely disable updates (it won't even check to see if there's updates). And there's all kinds of settings in-between.
Uh... How?
In my memory, different version of windows needs different approach to disable windows update. Although you manually disabled updating it would somehow turned on by other process/service/reboot... And, it might not be able to apply to next version. Like a Tag game.
Some of versions does not have ability to stop updating (maybe current version of Windows 10 Home?).
It's important to note that you can still run unsigned Mac apps. Apple isn't preventing users from running a tool they want to run, it's just showing them a big scary warning and making them jump through some extra hoops.
It's incredibly scummy and inappropriate, but I would put it more along the lines of an attack-ad than an outright ban.
Edit: Now, one thing that isn't totally clear is whether or not devs who have their own developer accounts, and use Unreal Engine to target iOS, can still make iOS builds. If not that's a much bigger deal, though the fundamental issue would still lie with iOS, not macOS.
According to the court filing, Apple is denying Epic access to any development tools, software betas, APIs and the like. Epic will not be able to keep Unreal Engine up to date. Including on MacOS.
The end result will be that Unreal Engine, and all applications developed with it will be dead in the water on MacOS/iOS/iPadOS.
From the the legal filing:
>... when Epic sued Apple to break its monopoly on app stores and in-app payments, Apple retaliated ferociously. It told Epic that by August 28, Apple will cut off Epic’s access to all development tools necessary to create software for Apple’s platforms—including for the Unreal Engine Epic offers to third-party developers, which Apple has never claimed violated any Apple policy. Not content simply to remove Fortnite from the App Store, Apple is attacking Epic’s entire business in unrelated areas.
and...
>Apple stated that unless Epic capitulates, Apple will also block “[e]ngineering efforts to improve hardware and software performance of Unreal Engine on Mac and iOS hardware [and] optimize Unreal Engine for the Mac for creative workflows”.
IMO, it’s about the moral equivalent of using dark UI patterns to trick users into performing actions they don’t want to do.
The scary warning and convoluted workaround for running un–notarized apps is ostensibly to prevent non–technical people from compromising their computers. Now Apple is abusing that security mechanism for Business Reasons that have nothing to do with protecting users.
The fact that users can technically bypass it is a weak defense; if it’s an effective way to stop malware, it’s probably an effective way to prevent people from running Unreal Engine games as well.
> if it’s an effective way to stop malware, it’s probably an effective way to prevent people from running Unreal Engine games as well.
Probably only one or the other. If Epic produces legitimate software that users have a legitimate reason to run, some of them will become accustomed to clicking through in order to run a legitimate program. Then, they will become more likely to click through on other programs: "Oh, they're probably banned for business reasons like Epic, not for security reasons like malware".
Apple is clearly hoping that is not the outcome, and that Epic simply loses as close to 100% of their Apple-based customers as they reasonably can.
The pop-up box you get when you try to run unsigned applications gives the user absolutely no hint as to how they can jump through those hoops to run the thing. You need to know what to google for to find the right magic incantation to enter into the macOS terminal.
On Windows, at least, the “Run anyway” button is merely behind the “More information...” link.
Right. I'm just saying, user-freedom is technically preserved. This is a huge inconvenience, and bad for Epic's business, but it's not a ban. As an owner of Mac hardware, I still have control over what I can do with my machine.
Do you honestly think Apple is going to keep this true for Macs in 2 years? 5 years? 10 years? I think there is slim to none chance that they give a shit about the "openness"of Mac.
As far as I'm concerned, Mac openness is just a cat that got out of the bag, before anyone knew they could produce a _mint_ from rent seeking walled garden platforms. I find it highly unlikely Apple is not looking to correct this mistake on Mac, even if it's done so gradually that by the time the pull the trigger, no one even bats an eye.
I believe they’ll likely keep this the case, not out of generosity, but because the most valuable thing Mac gets them is developers writing apps for iOS. This will only become more true in time unless there’s a sudden reversal of the trend towards phones and tablets over laptops. They may not care about power users in general, but allowing developers to run their own code to target their platforms is crucial, and there’s no mint to be made on macOS by fully locking it down due to the reduced marketshare.
I would not be shocked however if at some point they switched to developers having to buy special Macs to have this capability, and normal Macs would cease to be able to turn off secure boot and SIP and would require code signing/store distribution universally.
Given you need to be a bona-fide security researcher to qualify to gain access to a partially-unlocked iPhone[1] - I think you’re on to something: having DRM built-in to the lowest levels of the hardware means it’s possible for Apple to truly control the system.
Even Steve Jobs knew you needed "trucks" of computing. I'm generally fine with my phone being locked down, because I use it for straightforward tasks. I (and the many other developers who use Macs) need my laptop to be a "truck". If it stopped being that, I'd stop being a customer. But we're not at that point yet and I think Apple would be really dumb to go there and alienate a huge market.
That's not freedom. Most users are going to think the unsigned app just doesn't work, and almost none of them are going to know that there is a magic ritual they need to perform in the Settings app to launch the program they wanted to run in the first place.
This isn't a social app, it's a professional tool that multimillion-dollar businesses are built on (most of which have in-house engine programmers). They'll figure it out if they have to. Heck, Epic could publish instructions for doing so.
Unreal Engine isn’t a shared iOS component. Apple doesn’t care about signatures on individual lib/so files: only the signature on the published app package. When you make an app or a game using an existing engine then only you become responsible for it.
A ragtag band of devs all banned-for-life from Apple’s stores could put together a new app-engine or game-engine that other devs use as the basis for their app and provided that those apps don’t break the rules about undocumented APIs or malware (and no-one in Apple’s higher-ups gets suspicious...) then those apps will appear. I don’t believe Apple has any way to automatically ban or delete all apps that use the same third-party libraries by using their macOS Notary system or iOS Certificate revocation system - they’d have to inspect every published app-package individually (granted, this would be automated, but you know what I mean).
> You need to know what to google for to find the right magic incantation to enter into the macOS terminal.
You right click it and select “Open”...
Almost all MacOS users even the non-technical types encounter this at some point unless they go 100% Mac App Store which almost no one does if they have a job.
I tested this just now on my Mac and “right-click -> Open” on an untrusted .app gave me the same warning message with no obvious way to force-open the app.
Because it's “right-click -> Open” not once but _twice_. It's exactly the reverse of intuitive. There's also going to the Settings app and allowing the app, but no signs given to the user about that.
And in that situation you have the much less obvious solution but still not Terminal: go in System Preferences -> Security and you will see a new button appear to allow the specific app to open
You use a pavlovian adequation mechanism on your users for some time, labeling as "dangerous", until you completely ban the thing.
By then users wont miss.
I´ve never used anything Apple by this same reason. Apple seems to think that once you by one of their products, they own you.
Its not just inappropriate, for me its pretty scary and humiliating.
Its like that girlfriend or boyfriend who thinks it owns you, and want to say what you should dress or if you can hangout with our friends.
It dont get it how people can be ok with this kind of stuff (as this is just one example) and later just say it snarkly as if it was your kid being naughty, where actually it can have severe consequences if they can get away with it, and future generations wont even argue because its already normalized for them.
Apple, with code-signing signalling, will actively be telling users Fortnite is a security danger. It is not the same as code signing, which would be vendor-agnostic and politically neutral. I would be surprised if the European Commission does trigger an inquiry into abuse of dominant position.
You can also disable AMFI, the component that enforces signatures and entitlements, altogether, but you have first to disable SIP completely by either booting into Linux of by patching the kernel and then setting the requisite NVRAM variable directly.
(`spctl` does not, in fact, disable it completely.)
Sorry, I mixed up spctl and csrutil. SIP state is stored in an NVRAM variable that is a bitfield of what is allowed. You can't change all bits with csrutil, and you can't set the variable from within macOS, both main and recovery. You have to bypass that mechanism by either patching the macOS kernel to allow setting whatever you want, or booting into an OS that doesn't perform these checks in the first place. And you need to set the bit for IIRC kernel debugging for it to honor the `amfi_get_out_of_my_way` argument.
I agree with you in principle, but disagree in practice.
For every person who knows what they're doing and can trust themselves, there are 1000 who will install malware and other crap and end up at an Apple store getting it fixed, and they'll blame Apple instead of themselves.
You talk like this is some unique problem. This has been solved for a long time. Warranties have terms of service. If your car is under warranty and the engine fails due to a defect, warranty covers it.
If your engine fails because you drove it into a river, then the warranty don't cover it and you'll pay out of pocket for repairs.
That's not a good analogy, though. What's the car equivalent of a ransomware app that pretends to be a video game?
And, now that I think about it, I don't even know what the equivalent of "driving into a river" would be, and that's as a software engineer who's been working with computers for 25 years.
So you're effectively saying that Apple must allow a user to install malware (likely unintentionally), but then Apple is also responsible for paying to fix it?
I feel like I have to be misunderstanding you because that makes no sense.
What it seems like they're saying is that Apple should operate like a car manufacturer, wherein if you put some aftermarket shite in your engine, you can't get a warranty service, and likewise if you don't do your due diligence with what you put on your PC, Apple should be able to deny service.
While perfectly fair, it would still lead to unhappy customers, which aren't exactly known to be receptive to reason.
While I may not always agree with Apple's approach I can understand their reasoning and don't believe that it simply comes down to earning a few extra bucks with the 30% cut in question and all the seemingly drastic measures that come with it.
Apple is put in the position of a judge right now. They decide what malware is, and the user has no say. The problem is, the user should be allowed to choose not to delegate the task of setting definitions.
Most users do not want this, but some do.
Some users will consider a RAT a way to fix things, while others will consider some game to be a malicious drug. Both should be allowed to make their own decisions if they really want to.
I'm forcibly reminded of how one jackass forgetting to renew a certificate stripped almost every Firefox installation on earth of all its extensions, resulting in probably thousands of malware infections and possible identity theft.
Apple is the curator of the product. They can do what they want. Maybe at some point I won't buy it. But totally agree they have every right to do this.
Is John Deere the curator of the "tractor" product, so they have every right to determine who can repair it?
Is Chamberlain the curator of the garage door opener product, so they can determine what remotes can be used?
You may prefer a world where DRM and the DMCA can be leveraged beyond preventing copying to constrain consumer choice, but I consider that a poorer and less innovative world.
The notion that the platform owner is somehow doing you a favor by denying you that choice is nothing but a manifestation of Stockholm Syndrome in action.
That advice might be feasible for the average HN reader, but what about the average person? How resistant do you think they will be against a social engineering attack telling them to disable code signing?
So let them install that malware and have their data stolen despite all warnings because they deserve it? We can't have safety nets everywhere, and we, in fact, don't. We allow everyone to drive, use knives and handle all kinds of potentially dangerous stuff every day, but for some reason can't trust them with their own phones.
Some mistakes are costly, but people learn from them. Such is life.
They do, but a car is still a very dangerous thing. Judging by /r/IdiotsInCars on Reddit, there are people who don't quite realize that despite having a driver license.
Ah, these are pretty simple things. We don't allow to sell any drugs, or some drugs without prescription, because drugs are hard and require education. So do computers.
The big question here is one simple thing: property.
Imagine someone selling you a house and despite that you think you own the house the seller defines what things you can or cannot have in your own house, and even the ones he let you have, you must buy through them (so they can get a tax and force control) and if suddenly they are not ok with that anymore, it can simply vanish from your home.
"Hey look, you cant have that knife that its not from Apple Houses, it will hurt your kids.. we are always thinking on your safety"
Then you buy a car that you think its the one you like, but its not on you Apple Home store, so you are not allowed to drive that car.
But hey Apple homes have said its for your own safety,
because that car was evaluated and could kill your wife.
In this case its clear "Apple Homes" succeeded in through marketing in psycological tatics to influence the house owner to do be ok with those things and still think he actually owns the house while the property is in reality leased where they define what you can access to or what can simply vanish even if you bought them.
I just cant understand how people can try to defend this sort of behaviour even when its clear it goes against their self interests and can damage them in several ways.. as the parent have said, just some sort of "stockholm syndrome" can explain this.
> Imagine someone selling you a house and despite that you think you own the house the seller defines what things you can or cannot have in your own house
That's exactly like housing in developed world works, lol. When you buy a flat in Germany, you implicitly agree on a huge set of rules.
No one would allow you to buy a flat and turn it into a brothel or a disorderly house, or even run a pretty legal business in it) And many have additional rules, like not playing piano too loud.
But your analogy is wrong. Apple doesn't prohibit you to do something with your phone, they regulate the service they provide to you on a constant basis. Following your analogy if you've bought a flat, nobody is obliged to deliver food to you, especially when some food vendors do not comply with delivery's rules.
Rules for society and commutative living is understandable, as the rights of a collective should be as equal or bigger than the rights of a individual.
This line of thinking doesnt apply in the relationship between Apple, its developers and its consumers.
Its a direct relationship and we are trying to understand here what rights Apple have vs. the rigths their developers and consumers have.
> Following your analogy if you've bought a flat, nobody is obliged to deliver food to you, especially when some food vendors do not comply with delivery's rules.
What you are lacking here is that theres a conflict of interest going on.
The better scenario would be "Apple Homes Inc" also owning a fast-food chain, having the power to define, the food delivery you have access to.
The key thing here, is that they do it before you are even aware you are lacking options. So you wont feel as freedom of choice is being taken from you, because when you look at the "food store", you have options. And having options make you feel that you have choices and freedom, while you actually dont.
Some people like you, could be fine with it. But my main point is that its breaking foundamentals laws our societies are built on. Freedom, property, etc..
There is no specific law yet, because its unregulated. But im pretty sure that once law experts decide to really tackle this issue, some of those things will get much clearer.
A company like Apple or Google have too much power with this, and you can imagine the mess if somehow the powerful of the world get their hands on this powerful pipelines that can control the lifes of so many..
Without good and effective laws to really regulate them, we can be in a mess real quick.
(And im not even debating the rights of people who create apps and are dumped with clients wanting their products but not being able to reach them, because Apple forbid them with bogus reasons)
The risk coming from malware to end users on laptops is about 0.1% of the risk from cars, and following the message in scary red letters is pretty simple too.
>We allow everyone to drive, use knives and handle all kinds of potentially dangerous stuff every day, but for some reason can't trust them with their own phones.
Can you get social engineered into crashing a car or stabbing yourself? The difference here is that people most likely know the consequences of their actions, unlike with phones/computers where the consequences are nebulous.
> unlike with phones/computers where the consequences are nebulous.
So maybe they need to be educated on that? Or just, in general, to think critically at all times?
> Can you get social engineered into crashing a car or stabbing yourself?
There were cases of people "social engineered" into wearing bomb belts and blowing themselves up. It's just that this social engineering was much more sophisticated than telling someone to send bitcoin to have it doubled.
I support you wholeheartedly, survival of the fittest and evolution show us it's the only way to ensure getting better as species, but current point of view (equal opportunities, maximum protection) all but guarantees those who scream louder survive, not those whos skills are more useful in a long run .
More like, you have to pay $100/yr to be a Bleach Safety Expert, which allows you to handle bleach. Actually come to think of it, don't we have the same thing, but for cars?
The problem is that most people know nothing about software distribution, signatures etc etc, and would become an easy target for fishers, as they do on Windows or Android. People oft underestimate how little avg user knows about computers and basic hygiene.
The problem is that most people know nothing about software distribution, signatures etc etc, and would become an easy target for fishers
That doesn't sound like my problem, or, frankly, yours.
If you create an environment where careless people never experience the consequences of their carelessness, then rest assured, you won't get fewer careless people or less careless behavior as a result. You will get more of both.
You will have bred a culture of dependency... which is certainly financially convenient for Apple.
They are not careless, they are uneducated on topic. Are you advocating for finishing FDA and drug regulation, because if people bought wrong drugs, it's their carelessness and consequences are just?
That's nonsense. Historian should not know much about computers, just like me, a computer guy, should not know much about drugs. If there is a company allowing safe computing, which Apple is, people are better to stick with it, and you are better choosing linux or something and stop advocating for reducing people's choice.
Anti-phishing and malware mechanisms should just be "recommendations" to users and not straight blocking and banning. It's sad people don't see that difference. Browsers warn you about potentially harmful websites but still give you the choice.
> malware mechanisms should just be "recommendations"
Not when people don't thoroughly understand the possible consequences, no. Same as why drug prescriptions are not just recommended, and driving license is not optional.
It's either the enforcement of training, or the walled garden.
> On a device I own, there should be no parties that are trusted more than myself. It's ridiculous I even have to write this.
This is only true if you contain at least the minimum amount of knowledge to built said device yourself. If you cannot design the type of CPU required, you must trust the vendor. If you cannot design the RAM, you must trust the vendor. If you cannot design the motherboard, you must trust the vendor.
You must also have the ability to supervise every step of construction. If you don't have that ability, then your knowledge is worthless.
You can only be the most trusted party in your system if you can be personally 100% certain nothing was inserted into the system without your knowledge. This is not restricted to the software, which theoretically you could inspect the source code to.
Maybe there SHOULD be systems where you are the most trusted party, but realistically, there are almost none. You have to trust the engineer who designed the road, the worker who delivered the package, the maker of the chips that go on the board, the company who makes the air filter in your home HVAC, etc.
The misunderstanding here is because the word "trust" has been misappropriated in this context to mean something slightly different from its everyday meaning.
You do indeed have to trust the designers, manufacturers and suppliers of your equipment, in the sense that they are in a position to cause you harm without a realistic way to prevent that beforehand.
However, when "trust" is used in the sense of "what is allowed", what we're actually talking about is sovereignty or authority, not "trust". I believe the word is used in this context because giving a third party authority over your device necessarily puts them in a position of trust, but it is actually the authority that is important here, and the fact that you have some measure of trust in a party does not imply that the party should also be granted authority.
If you recast the GP's comment in these terms, I believe it captures the essence without muddying the waters with "trust":
> On a device I own, there should be no parties with more authority than myself. It's ridiculous I even have to write this.
Of course. But from my point of view, Apple designed a capable device and deliberately limited its capabilities for its own advantage. They have the private key to sign apps that iOS will run, but you do not. They empowered themselves, while depriving the user of that power at the same time.
It's as if you bought a house but couldn't repaint the walls and rearrange the furniture to your liking. You'd have to call a special person from the company that built the house.
On a device I own, there should be no parties that are trusted more than myself. It's ridiculous I even have to write this.