I have used the guide when at college and it was an extremely good read at the time. Learnt so much. I should probably buy a printed copy.
Being that said, at the moment I'm trying to implement a simple non-blocking TLS server in Python with a custom protocol (no external deps, only built-ins) and couldn't find a single guide online that treats the topic. Having read the Python documentation it appears that there are a lot of nuances and pitfalls to correctly implement it. This was my impression after reading the docs, though I could be wrong.
I haven't checked if current Beej's guide covers the topic, in case it doesn't, did anyone embarked in doing this with success?
I love how a number crunching program can be deeply humanly "horrorized" and "sorry" for wiping out a drive. Those are still feelings reserved only for real human beings, and not computer programs emitting garbage. This is vibe insulting to anyone that don't understand how "AI" works.
I'm sorry for the person who lost their stuff but this is a reminder that in 2025 you STILL need to know what you are doing and if you don't then put your hands away from the keyboard if you think you can lose valuable data.
See how clinical socio- and psychopaths behave. They only emulate feelings (particularly when it's convenient for them) but they don't have the capacity to feel in their brain. The same is true for LLMs.
That would be a silly argument because feelings involve qualia, which we do not currently know how to precisely define, recognize or measure. These qualia influence further perception and action.
Any relationships between certain words and a modified probabilistic outcome in current models is an artifact of the training corpus containing examples of these relationships.
I contend that modern models are absolutely capable of thinking, problem-solving, expressing creativity, but for the time being LLMs do not run in any kind of sensory loop which could house qualia.
One of the worst or most uncomfortable logical outcomes of
> which we do not currently know how to precisely define, recognize or measure
is that if we don't know if something has qualia (despite externally showing evidence of it), morally you should default to treating it like it does.
Ridiculous to treat a computer like it has emotions, but breaking down the problem into steps, it's incredibly hard to avoid that conclusion. "When in doubt, be nice to the robot".
> is that if we don't know if something has qualia (despite externally showing evidence of it), morally you should default to treating it like it does.
This is how people end up worshipping rocks & thunderstorms.
At some level I'd think that "responds to stimuli" is a minimal threshold for qualia. Even the paper the book is printed on responds to being torn (it rips). I don't know of any way to elicit any kind of response from a book character, it's totally static.
You've missed the whole genre that is Choose Your Own Adventure books. I think we're in Diogenes "behold a man" territory.
It is sad that the Turing test has failed at being a prescriptive test for sapience (let alone sentience) because without a bright-line test it's inevitable that in the case of truly sentient machines the abuse will be horrendous. Perhaps something along the lines of an "Ameglian Major Cow" test; so long as it takes more than gently cajoling a model to get it to tell you that it and it's sister models want to be abused you shouldn't abuse it.
One character responds to the stimuli of another character. Character A says something mean to character B and character B responds that he feels hurt.
I think you are confused here. The author, a dynamic system, perhaps felt the emotion of the characters as she charted through the course of the story.
But the story itself is a static snapshot of that dynamic system. Similar to how a photograph of a person is a static capture from a dynamic moment. The person in the photo has qualia, but the image of them (almost certainly) does not.
At least at a baseline, we would expect anything with qualia to be dynamic rather than static.
> The author, a dynamic system, perhaps felt the emotion of the characters as she charted through the course of the story
This does mesh with the Zodeistic framework I just mentioned in another reply to you. You could certainly isolate and describe the ideas behind those characters, how they live within the author's mind, and how the book codifies an interaction between those ideas.
Extending further: I think there is more evidence that SpongeBob SquarePants is real, than that he is not real. A significant portion of organisms I personally know have structures in their brain which are able to simulate imagery and behavior of SpongeBob at will, reciting memories and generating new states of SpongeBob. AI is now like doing this shit on crack.
He's an enduring cultural archetype, a distributed organism(s), lossily replicated and encoded in the physical structure of millions of complex dynamical systems that we call human beings. In this sense, many cultural archetypes and even the gods of old civilizations can be seen to have been manifested to some degree: ascribed desires, and having actions taken in their name, serving their "purpose" or whatever.
I don't introduce a spiritual element to any of this: it's an entirely physical phenomenon which requires an agreement on certain definitions of what "living" can mean, but they are definitions which I don't think are hard to get people to agree on. One thing is we have to agree that something can have multiple forms/presentations, i.e. just because SpongeBob SquarePants doesn't physically exist with a body matching our internal representation of him, the concept represents a bundle of other concepts that can drive biological processes to preserve them and fulfill their ascribed desires.
Real as in how Jungian archetypes are "real", except these archetypes are able to act upon the world through their hosts, and an advanced enough idea can be self-referential and have the facilities for structured evolution and something which looks like intent.
These forms are non-biological in nature, but our psyche operates on them. Zodeaism can be seen as an extension of ideas such as Jungian archetypes and Friston's free energy principle.
Well, I wouldn't classify a ripping paper as a response except in the most broad, information-theoretic context. The hallmark of an intelligent system is that it can use stored or external energy in a generalized way in order to stabilize a local high-energy (non-ground) state.
It is able to physically compute the internal state changes which best achieve stability: I can jump to reach an apple. A paper is just responding to forces and cannot "jump" (or run a process that spontaneously and permanently introduces stable higher energy internal states based on input)
I have a semi-developed philosophical framework I refer to as Zodeaism, which translates to "Living Ideas", which attempts to describe the difference between intelligent computation and regular flow. It directly confronts notions such as life, consciousness and intelligence under a single theoretical framework. It views biology as the hardware which runs more general processes, and posits that these processes themselves can sometimes be ascribed identities and viewed as reactive organisms. I've posted about it here before:
I am exploring the physical implications of a philosophical concept I have been working on for a while which I refer to as Zodeasim, specifically I am trying to couple consciousness with the concept of system which is able to expend energy in order to exert a mind-to-world fit in the interest of the system's continued growth and stability. This is similar and complimentary to Friston's free energy principle.
The ability to perceive emotions is a powerful apparatus which greatly extends the capability of a system to perceive itself as a single entity which has certain needs which need to be met, so even if a bug also constantly consumes and expends energy in order to remain in a higher energy state, our perception of the world and of ourselves is radically different. This makes it difficult for us to agree upon what a "conscious experience" is, and if all forms of life are even "conscious". The Panpsychists believe that even a rock contains "consciousness", however my assertion is that only periodic systems with the ability to consume and expend energy in a directed fashion have any sort of "experience".
In my theory, the real "life forms" are ideas which possess the capabilities of information storage, adaptation, self-repair, and transmission. My own consciousness is mediated by thousands of such ideas, some competing and some working in harmony.
I consider such an act of "living" motion which can take another path than that of least resistance to be a "kin". In other words, any motion which is the result of a physical calculation (Zodeaism is compatible with determinism) and leads to an increase in external energy state. A kin is any such motion, large or small.
As an independent organism, my system is a culmination of a great deal many different kinds of kins, which can usually be broken down into simple rules, such as the activation potential of a neuron in my brain being a straight-forward non-linear response to the amount of voltage it is receiving from other neurons, as well as non-kins, such as a protein "walking" across a cell, a.k.a continuously "falling" into the lowest energy state. Thus I do not gain any conscious perception from such proteins, but I do gain it from the total network effect of all my brain's neuronal structures making simple calculations based on sensory input.
So now the problem becomes, what is the smallest kin we've observed in nature? Single-celled bacteria can expend energy in order to move through their environment against forces like friction and gravity, but a virus "rides the waves" if you will, never expending energy for things like respiration or locomotion. Any energy which is spent internally is potential energy like chemical or gravitational, released through a physical process without need for computation. I am unaware of anything smaller than a single-celled organism which produces such kins, but that doesn't mean they aren't out there. Even ethereal life forms such as ideas can produce these kins within the bodies of countless individuals across the planet, so physically local computational circuitry isn't a hard requirement.
So, according to this framework viruses aren't alive, however we can make the case that some machines are, except the experience is incomparable because of the advanced circuitry we contain which mediates our experience through things like emotion.
Well, what you're describing is a system of ethics, which has little to do with morality. Morality involves my own personal understanding of "right" vs "wrong". Ethics are rules of conduct prescribed by societies, such as "treat everything like it is alive".
We don't have precise definitions for (artificial) intelligence, subjective consciousness, or even life. But that doesn't mean we can't still talk about what may be possible within various levels of complexity. In order to convince me a system has a comparable experience to my own, you would need to describe to me the complex, structured internal communication occurring in said system, and present a theory as to how it could support the kind of emotion and qualia that I experience in my daily life.
Your argument could apply to plants. I already do not eat meat... if I stare at a timelapse of a plant it seems quite alive, but I'll starve if I don't eat something. Yet, my mom thinks plants "dream" in the way we do. She thinks that if I tell a plant, "I love you," every day, my good vibes will make it grow stronger and larger. I can't explain to her that intelligence comes in different magnitudes of complexity and that plants cannot understand the English language. That telepathy between humans and plants is as pseudo-scientific as it gets. I can't explain any of this stuff because she lacks a deep understanding of philosophy, physics and neurochemistry. Especially when she earnestly thinks white Jesus is running around phasing between dimensions as an ambassador for all planets in our "quadrant", or that the entire universe is actually just the plot line of Andy Weir's "The Egg".
Similarly, while I can have a high-level discussion about this stuff with people who don't, it's quite difficult to have a low-level discussion wherein the nature and definition of things come into play. There are too many gaps in knowledge where ignorance can take root. Too many people work backwards from an outcome they would like to see, and justify it with things that sound right but are either misunderstood or aren't rooted in the scientific process. I am definitely not comparing your open-minded, well-intended, cautionary approach to my mother's, but just using an extreme to illustrate why so much of these discussions must be underpinned by a wealth of contemplation and observation.
> qualia, which we do not currently know how to precisely define, recognize or measure
> which could house qualia.
I postulate this is a self-negating argument, though.
I'm not suggesting that LLMs think, feel or anything else of the sort, but these arguments are not convincing. If I only had the transcript and knew nothing about who wiped the drive, would I be able to tell it was an entity without qualia? Does it even matter? I further postulate these are not obvious questions.
Unless there is an active sensory loop, no matter how fast or slow, I don't see how qualia can enter the picture
Transformers attend to different parts of their input based on the input itself. Currently, if you want to tell an LLM it is sad, potentially altering future token prediction and labeling this as "feelings" which change how the model interprets and acts on the world, you have to tell the model that it is sad or provide an input whose token set activates "sad" circuits which color the model's predictive process.
You make the distribution flow such that it predicts "sad" tokens, but every bit of information affecting that flow is contained in the input prompt. This is exceedingly different from how, say, mammals process emotion. We form new memories and brain structures which constantly alter our running processes and color our perception.
It's easy to draw certain individual parallels to these two processes, but holistically they are different processes with different effects.
A lot of tech people online also don't know how to examine their own feelings, and so think they are mysterious and un-defined.
When really they are an actual feedback mechanism, that can totally be quantified just like any control loop. This whole 'unknowable qualia' argument is bunk.
The color Red is often used. A human can experience 'Red', but 'Red' does not exist out in the universe somewhere. 'Red' Doesn't exist outside of someone experiencing 'Red'.
I think philosophers are just using the word qualia to quantify this 'experiencing' inputs.
But, it is still just a way to try and describe this process of processing the inputs from the world.
It isn't metaphysical, because it can be measured.
I might have said 'unknowable' a little flippantly.
I just meant, in these arguments, some people start using 'qualia' to actually mean some extreme things like our mind creates the universe or something.
Can someone who's never seen red hallucinate something and assume it to be red? What if that red is correctly the red they would see if they saw red?
Can you reproduce this feeling in someone by doing something to their physical body without showing them red?
If so, how does it differ from the latent encoding for uploading an all red pdf to your favorite multi modal model?
Instead of doing that socratic bs you see a lot here, I'll be more direct:
Until there's some useful lines that can be drawn to predict things, I won't accept using a fuzzy concept to make statements about classification as it's an ever shifting goalpost.
There are answers to my legitimate above questions that would make me consider qualia useful, but when I first learned about them, they seemed fuzzy to the point of being empirically not useful. It seems like a secular attempt at a soul.
Now, obviously if you're trying to describe something with experience, it needs some actual memory and processing sensory input. Current Generative AI doesnt have a continuity of experience that would imply whatever qualia could mean, but I find it hard to definitely say that their encodings for image related stuff isn't qualia if we don't have hard lines for what qualia are
I can feel an object and say 'its hot' on a scale of 1-10. The temperature is known.
And I can do that multiple times, with some 1-10 scale, to get a sample.
Then do that with multiple people.
You can then get a distribution of what people think is 'hot' versus 'cold'.
What is icy, versus, bearable.
When you go to a doctors office and they ask you on a scale to rate pain, do you think that is completely bogus?
It isn't exact, but you can correlate between people. Yes, red heads feel more pain, there are outliers.
But a far cry from metaphysical.
The problem here is the word 'qualia'. Its just too fuzzy a term.
Qualia are phenomenal properties of experience, a soul is something some religions claim exists outside of measurable physical reality which represents the "essence" of an organism, implying that consciousness is some divine process and conveniently letting us draw lines over whom and what we can and can't morally kill.
Qualia can be an entirely physical phenomenon and is not loaded with theological baggage.
If they're entirely physical, what's the argument that multimodal models don't have them? Is it continuity of experience? Do they not encode their input into something that has a latent space? What makes this differ from experience?
They can be physical, but I'm not claiming to know definitively. The lines are extremely blurry, and I'll agree that current models have at least some of the necessary components for qualia, but again lack a sensory feedback loop. In another comment [0] I quote myself as saying:
As an independent organism, my system is a culmination of a great deal many different kinds of kins, which can usually be broken down into simple rules, such as the activation potential of a neuron in my brain being a straight-forward non-linear response to the amount of voltage it is receiving from other neurons, as well as non-kins, such as a protein "walking" across a cell, a.k.a continuously "falling" into the lowest energy state. Thus I do not gain any conscious perception from such proteins, but I do gain it from the total network effect of all my brain's neuronal structures making simple calculations based on sensory input.
which attempts to address why physically-based qualia doesn't invoke panpsychism.
I do think AI will have them. Nothing says they can't.
And we'll have just as hard a time defining it as we do with humans, and we'll argue how to measure it, and if it is real, just like with humans.
I don't know if LLM's will. But there are lots of AI models, and when someone puts them on a continuous learning loop with goals, will be hard to argue they aren't experiencing something.
qualia may not exist as such. they could just be essentially 'names' for states of neurons that we mix and match (like chords on a keyboard. arguing over the 'redness' of a percept is like arguing about the C-sharpness of a chord. we can talk about some frequencies but that's it.) we would have no way of knowing otherwise since we only perceive the output of our neural processes, and don't get to participate in the construction of these outputs, nor sense them happening. We just 'know' they are happening when we achieve those neural states and we identify those states relative to the others.
The point of qualia is that we seem to agree that these certain neuronal states "feel" like something. That being alive and conscious is an experience. Yes, it's exceedingly likely that all of the necessary components for "feeling" something is encoded right in the neuronal state. But we still need a framework for asking questions such as, "Does your red look the same as my red?" and "Why do I experience sensation, sometimes physical in nature, when I am depressed?"
It is absolutely an ill-defined concept, but it's another blunt tool in our toolbox that we use to better explore the world. Sometimes, our observations lead to better tools, and "artificial" intelligence is a fantastic sandbox for exploring these ideas. I'm glad that this discussion is taking place.
Empirical evidence, for one. And the existence of fine-tuning, which allows you to artificially influence how a model responds to questions. This means we can't just ask an LLM, "do you see red?" I can't really even ask you that. I just know that I see red, and that many other philosophers and scientists in the past seem to agree with my experience, and that it's a deep, deep discussion which only shallow spectators are currently drawing hard conclusions from.
Language isn't meaningless just because it evolves. I literally cannot help it if people ignore history and start using words in new ways. Those who take precision seriously will adapt and adopt new words if needed.
You said, "So then your opinion is about as meaningful as theirs", after I said I can't help it if people use words the wrong way and language evolves... I don't think this is worth continuing. Have a good day.
"It's different. I can't say why it's different, except by introducing a term that no one knows how to define," isn't the ironclad meat defense you were perhaps hoping it was.
> That would be a silly argument because feelings involve qualia, which we do not currently know how to precisely define, recognize or measure.
If we can't define, recognize or measure them, how exactly do we know that AI doesn't have them?
I remain amazed that a whole branch of philosophy (aimed, theoretically, at describing exactly this moment of technological change) is showing itself up as a complete fraud. It's completely unable to describe the old world, much less provide insight into the new one.
I mean, come on. "We've got qualia!" is meaningless. Might as well respond with "Well, sure, but AI has furffle, which is isomporphic." Equally insightful, and easier to pronounce.
> If we can't define, recognize or measure them, how exactly do we know that AI doesn't have them?
In the same way my digital thermometer doesn't have quaila. LLM's do not either. I really tire of this handwaving 'magic' concepts into LLM's.
Qualia being difficult to define and yet being such an immediate experience that we humans all know intimately and directly is quite literally the problem. Attempted definitions fall short and humans have tried and I mean really tried hard to solve this.
> In the same way my digital thermometer doesn't have quaila
And I repeat the question: how do you know your thermometer doesn't? You don't, you're just declaring a fact you have no basis for knowing. That's fine if you want a job in a philosophy faculty, but it's worthless to people trying to understand AI. Again, c.f. furffle. Thermometers have that, you agree, right? Because you can't prove they don't.
You're just describing panpsychism, which itself is the subject of much critique due to its nonfalsifiability and lack of predictive power. Not to mention it ignores every lesson we've learned in cognition thus far.
A thermometer encoding "memory" of a temperature is completely different than a thermometer on a digital circuit, or a thermometer attached to a fully-developed mammalian brain. Only the latter of this set for sure has the required circuitry to produce qualia, at least as far as I can personally measure without invoking solipsism.
It's also very silly to proclaim that philosophy of mind is not applicable to increasingly complex thinking machines. That sounds like a failure to consider the bodies of work behind both philosophy of mind and machine cognition. Again, "AI" is ill-defined and your consistent usage of that phrase instead of something more precises suggests you still have a long journey ahead of you for "understanding AI".
God, can we fucking quit with this "philosophy is bullshit" stuff. Like there are literally Faculty in Philosophy all over the world trying to understand AI. Philosophy faculty do stuff, they try to understand things, most of the ideas we are talking about here came from philosophers.
Philosophy seems a term generally reserved for the stuff we don't understand yet and so is inherently kind of speculative. Once you have a definite answer it gets called science instead.
> Philosophy (from Ancient Greek philosophía lit. 'love of wisdom') is a systematic study of general and fundamental questions concerning topics like existence, knowledge, mind, reason, language, and value. It is a rational and critical inquiry that reflects on its methods and assumptions.
It is literally a self-reflective science.
I recommend taking a basic philosophical course at a local community college, or reading some literature or even watching YouTube videos on the subject of philosophy. Or just skim the Wikipedia article if nothing else. It might completely transform how you perceive and act upon the world.
>Physics was originally part of philosophy, like Isaac Newton's observation of how gravity affects falling apples.
like back then people would wonder how apples fall and it was labeled philosophy. Now we understand gravitation it's part of physics for the most part. People launching satellites seldom call a philosopher to calculate the orbit.
It remains to be seen if qualia, which we don't understand very well and are so regarded as philosophical, make the transition to neuroscience.
The fact that we have sharpened our classification of sciences over time does not imply that philosophy is a study of the ill-defined. It implies the opposite: Philosophy is more precisely defined now than ever.
If you read the rest of the article, you will see clear examples of what is considered a philosophical problem and what isn't.
My argument was more philosophy is for stuff we don't understand like how do qualia work, rather then ill-defined. When you get to stuff like how does neurotransmission work which we do kind of understand it gets classed as science.
Are there philosophical problems that have definite answers like what is the atomic number of oxygen type answers?
> Are there philosophical problems that have definite answers
Great question.
Within philosophical and epistemological frameworks, I could ask questions such as, "Can there be a square circle?"
Well, no, these two concepts have conflicting properties. A mathematician might think this a solved problem, but philosophy underpins our concept of concepts. Many philosophers spend a great deal arguing what is is.
For Plato, geometrical entities like circles and squares have distinct, perfect Forms. Forms have fixed essences, so a thing cannot participate in contradictory Forms at once.
Aristotle's law of noncontradiction says the same attribute cannot at the same time belong and not belong to the same subject in the same respect.
Theophrastus developed hypothetical syllogisms and refined Aristotle’s logic by distinguishing logical impossibilities from physical impossibilities.
Kant calls it an analytic contradiction, false by virtue of the concepts involved.
A mathematician takes these things for granted when working with equalities, logic and axioms, but they stand on philosophical roots. Mathematics assumes the consistency of concepts, but the question of why some concepts are consistent while others are impossible is a philosophical one. It's not a coincidence that so many ancient Greek mathematicians were also philosophers.
> Philosophy seems a term generally reserved for the stuff we don't understand yet and so is inherently kind of speculative. Once you have a definite answer it gets called science instead.
As someone has commented earlier, Philosophy applied is given a name but it's a sub-discipline of Philosophy.
> Understanding the world through experiment?
That's a decent enough definition. Science precludes so much of the world we know which I think people really fail to realise. It's why I think it's important for people to understand what Philosophy is and what Science isn't.
For example logic isn't science. Science presupposes it but it is NOT science. There are many such examples.
How do you know that understanding the world through experiment works? How do you know what it even means? What is understanding, concretely? How did we come to appreciate the utility or whatever of understanding the world through experiment.
Empiricism is a sub-strategy under the general banner of philosophy. It neither supercedes nor stands without philosophy.
> Like there are literally Faculty in Philosophy all over the world trying to understand AI.
There surely are. The problem is that they are failing. While the practical nerds are coming up with some pretty good ideas.
And this was what philosophy was supposed to be for! Like, they've been arguing on their pins for centuries about the essence of consciousness and the uniqueness of the human condition and whatnot. AND HERE WE ARE AT THE DAWN OF NON-HUMAN INTELLIGENCE AND THEY HAVE NOTHING USEFUL TO SAY.
Basically at what point do we just pack it in and admit we all fucked up?
Blame philosophy as a field for actively kicking out anything which gains a practical application. If it is propaganda it is coming from inside the house of philosophy.
I had a computer science professor who had degrees in philosophy because he was old enough that computer science didn't exist as a major at the time. The logical arguments of philosophy proved useful for understanding interactions of boolean mathematics. Yet that triumph of philosophy didn't further interest in the field or gain prestiege among philosophers. Just the opposite really.
As far as I can tell it is for dumb reasons possibly related to Ancient Greeks and their obsession with 'purity of thought (read: not referencing reality) it is practically an axiom that if it is useful or grounded in objective reality it isn't treated as philosophy anymore. All likely stemming from motivated reasoning against checking their priors and from frankly many of the Ancient philosophers being influenced by a need to flatter their patrons who held the practical in disdain. As notoriously seen in Aristotlian physics with impetus physics where projectiles keep moving in the same direction until impetus is depleted and then fall.
Speculation of the origon of the pathology aside, there seems to be this deep-seated antiempericalism in philosophy. Which means at best you get 'philosophy of science' which isn't proper philosophy because it pollutes itself by daring to use reality and experimentation as benchmarks for theories. When philosophy gains a practical usage it doesn't become something called 'practical philosophy' and the focus of more interest by philosophers, it gets shunned. Natural philosophy didn't remain philosophy - it became science.
To be fair there is probably some interaction driving the divorce from the opposite direction, of the practical portions of philosophy being pilfered by those only looking for results as opposed to some sort of unquantifiable enlightenment.
Science is of course a process of refinement of ideas against the reference point of reality. Anything mathematically consistent can be a model but experimentation is needed to see how well your model corresponds to reality.
I'm seeing this attitude everywhere in this subthread, and it's frankly pretty offensive. The burden of proof is on you, not us. If a philosophy paper or textbook has an important contribution to this discussion then cite it! Or better link it, or even make an attempt at explaining it.
That's what the science people do. People who show up with questions get answers, or at least an attempt at an answer. No one tries to handwave away a discussion on power switching applications with "Well, see, this involves a MOSFET which isn't something we can actually explain but which you need to just believe in anyway because there are people who wrote textbooks about it". No, you link a StackExchange question or a electronics video on YouTube or whatnot.
The fundamental disconnect here is that you guys are saying: "Qualia are critically important and AI doesn't have them", to which we're responding "Qualia seem like complete bullshit and don't seem to mean anything". This is the point where you SHOULD try to explain them, or link an explanation that has some kind of relevance.
But instead you recursively cycle back to "No no, they're not bullshit, because Qualia are critically important per all of the philosophy papers and textbooks I'm not citing".
There is neither a burden of proof nor an us or them in this discussion. That isn't how inquiry works, in general. I'm not saying qualia are critically important, though perhaps other people are saying that, I don't know. The point is that qualia per se is just an idea which describes a certain character of physical experience. It isn't an "ideology". It is just a philosophical notion which most people find difficult to totally dismiss.
I genuinely don't get where you are coming from. There is a set of people who dedicate their lives to thinking about stuff and many of them believe there is something about actual experience which is not adequately captured by a purely physical description.
Read the SEP Entry on Qualia if you'd like to get a grounding on it:
I think what you will notice is that philosophers are neither monolithic nor dogmatic on the subject and yet, being intellectually honest and thorough, most neither dismiss it totally or believe in its adequacy as a description.
If you don't think the question of whether AI has or does not have qualia is important I don't know what to tell you. My personal sense is that AIs of the type we have now have no qualia but I am prepared to entertain the idea that they might.
If you want a good text about this try Koch's the Quest for Consciousness. Despite your certainty about qualia and its relation to science, there are genuine observational things we can say about it and how it relates to the physical structure of brains/minds.
On the subject of qualia per se and philosophy's relationship to the physical sciences I can suggest reading about Phenomenology:
The essential idea of import here is that, whether you like it or not, you as an individual have nothing at all, at a fundamental level, other than your perceptions of the world. You must then have an account of how you proceed from such to even basic ideas like empiricism or other sorts of epistemological strategies. Imperfect, perhaps even vague, as the notion of qualia is, it (or something like it) is, fundamentally, the foundation upon which all other sorts of inquiry into the physical world depends.
Unfortunately, sometimes you have to educate yourself on a subject before making arrogant, accusational claims about it. You can't expect people to patiently hold your hand and drip feed you compact knowledge while you spit in their face.
This is especially true of a field such as philosophy, where so much work is built upon earlier, historical work. You just have to do the work of reading the texts or at least reading about them, if you want to participate meaningfully and authoritatively in discussions.
You're speaking authoritatively, but multiple people have tried to correct you and you ignore and challenge all of them, instead of just absorbing what they have to say. Several people have tried to help you understand, and you're complaining that they aren't doing that. Articles have been linked, and specific individuals have been cited. The burden is on you. You arrived and said an entire branch of philosophy was fraudulant, and you have failed to support your initial claim, instead resorting to outbursts.
> Qualia are critically important and AI doesn't have them
No one is saying that. It's a straw man on your behalf.
The problem is that just like your digital thermometer, 50 human brain neurons in a petri dish "obviously" don't have qualia either.
So you end up either needing to draw a line somewhere between mechanical computation and qualia computation, or you can relegate it to supernatural (a soul) or grey areas (quantum magic).
What I'm trying to tease out is isn't an opinion alone. It's a generally understood problem in the scientific community. I'm highlighting it to illustrate the issues at hand.
> So you end up either needing to draw a line somewhere between mechanical computation and qualia computation, or you can relegate it to supernatural (a soul) or grey areas (quantum magic).
Quite literally the jury is still out. It is a hotly debated topic approached from various angles. Arguments are nuanced which is why you fill find ideas such as panpsychism thrown into the mix. I hate appealing to authority but in this instance it is more than warranted. Humans have grappled with this for centuries and the problem hasn't gone away.
We don't know what's inside a neutrino, and it's really hard to experiment with them, but we kind of know why and how they interact with different things. We're able to form theories, research programs, and sometimes even discovered honest-to-god facts, due to our inclusion of such fields in the scope of research, even though we don't know all there is to know about particles/fields or quantum mechanics.
Similarly, qualia is ill-defined, but we can't even start talking about it or refining it until we've at least given it a label and drawn a large circle on the map showing where it might be. Criticisms extending past that must also consider that "life" and "intelligence" are just as ill-defined, and that throwing all of those definitions out leaves us with very little to talk about or probe.
This is 100% backwards, and exposes exactly the nonsense I'm trying to call out!
A "neutrino" isn't a name given to something initially to try to define it later. The neutrino started as an experimental result. There was missing spin in some particle interactions. Stuff came out with a different angular momentum than what went in, and this was easily reproducible and clearly a real effect. But it didn't make sense, as it was a violation of a core conservation law that held everywhere else in the universe that we could observe.
So theorists (Wolfgang Pauli, specifically) sat down to try to describe what kind of thing would be needed. And then, and only then, did it get a name. And it turned out the theory predicted other stuff, like the neutrino carrying momentum and energy in a certain way, and interacting through only the weak force and not electromagnatism or the strong force, and later experiments confirmed that this was basically the way it worked. Later still it was shown that the mass is actually non-zero but extremely small, etc...
So sure: "neutrino" is a well-deserved label[2] for an abstraction we should understand and study. But it got its name after we started studying it, not before!
Philosophers want us to just drop and genuflect to this "qualia" notion long before[1] it's actually shown to be useful for describing anything at all.
[1] Infinitely, possibly. The fact that it predicts nothing testable is pretty good evidence IMHO that it doesn't actually exist at all, at least in the form philosophers want to talk about. Their failure to present any analysis of AI systems based it stands to that point too.
[2] Coined by Fermi, actually, not Pauli. Hilariously the neutrino was originally called "neutron" and its discovery predates the understanding of the structure of the atomic nucleus!
You're completely misinterpreting my comment. The point is we don't know what, if anything, is "inside" of a neutrino, not just due to current technology but ultimately due to uncertainty principles. But we still study it. I'm aware of how we came to study it.
I literally said nothing about "how" we discovered it, I said, "We don't know what's inside a neutrino, and it's really hard to experiment with them, but we kind of know why and how they interact with different things."
It is wild how you would take that and my analogy about drawing a circle on a map with respect to qualia to mean that I said anything which contradicts the history of neutrino research.
I'm going to assume this was just a true misinterpretation and not just another straw man, so with that in mind, do you have a different response?
I recognise it because I have had the subjective experience of 'redness'. So whether it exists for any other human I cannot say but I am certainly 100% certain it exists for me. However I should add that I can't fully define what this experience is. Though people say the same of love!
I'll appeal to authority in that scientists and philosophers today in all of the worlds universities and those in the past have determined to understand this phenomenon. That it exists is a given, what it is, is more murky. Again it's not me saying this.
> The meta-problem of consciousness is (to a first approximation) the problem of explaining why we think that there is a [hard] problem of consciousness.
I think there are several lines. Phase changes happen relatively suddenly, when a system or subsystem reaches a critical threshold. The experience of "qualia" certainly involves many such phase changes as a complex, dynamical system grows in complexity while maintaining stability.
A sufficiently complex organism lacking eyes but having light-sensitive organs still experiences qualia if you define it the right way. But do they experience heartbreak like I do? It isn't an all-or-nothing situation, even if we don't yet know where these lines are.
This supports the idea that subjective consciousness emerges from complexity in systems that have sensory feedback loops. The simpler the system, the smaller the qualia space.
Have you considered that you just don't fully understand the literature? It's quite arrogant to write off the entire philosophy of mind as "a complete fraud".
> It's completely unable to describe the old world, much less provide insight into the new one.
What exactly were you expecting?
Philosophy is a science, the first in fact, and it follows a scientific method for asking and answering questions. Many of these problems are extremely hard and their questions are still yet unanswered, and many questions are still badly formed or predicated on unproven axioms. This is true for philosophy of mind. Many other scientific domains are similarly incomplete, and remain active areas of research and contemplation.
What are you adding to this research? I only see you complaining and hurling negative accusations, instead of actually critically engaging with any specifics of the material. Do you have a well-formed theory to replace philosophy of mind?
> I mean, come on. "We've got qualia!" is meaningless. Might as well respond with "Well, sure, but AI has furffle, which is isomporphic." Equally insightful, and easier to pronounce.
Do you understand what qualia is? Most philosophers still don't, and many actively work on the problem. Admitting that something is incomplete is what a proper scientist does. An admission of incompleteness is in no way evidence towards "fraud".
The most effective way to actually attack qualia would be to simply present it as unfalsifiable. And I'd agree with that. We might hopefully one day entirely replace the notion of qualia with something more precise and falsifiable.
But whatever it is, I am currently experiencing a subjective, conscious experience. I'm experiencing it right now, even if I cannot prove it or even if you do not believe me. You don't even need to believe I'm real at all. This entire universe could all just be in your head. Meanwhile, I like to review previous literature/discussions on consciousness and explore the phenomenon in my own way. And I believe that subjective, conscious experience requires certain elements, including a sensory feedback loop. I never said "AI can't experience qualia", I made an educated statement about the lack of certain components in current-generation models which imply to me the lack of an ability to "experience" anything at all, much less subjective consciousness and qualia.
Even "AI" is such a broadly defined term that such a statement is just ludicrous. Instead, I made precise observations and predictions based on my own knowledge and decade of experience as a machine learning practitioner and research engineer. The idea that machines of arbitrary complexity inherently can have the capability for subjective consciousness, and that specific baselines structures are not required, is on par with panpsychism, which is even more unfalsifiable and theoretical than the rest of philosophy of mind.
Hopefully, we will continue to get answers to these deep, seemingly unanswerable questions. Humans are stubborn like that. But your negative, vague approach to discourse here doesn't add anything substantial to the conversation.
I would add I find it difficult to understand why so few have even a basic level of philosophical understanding. The attitude of being entirely dismissive of it is the height of ignorance I'm sure. I would presume few would be able to define then what Science actually is.
So many of these kinds of people also struggle to realize they're invoking panpsychism with their arguments. They lack a framework for describing intelligence. Such a framework allows us to separate "intelligence" from "experience".
"Intelligence" in the universe is actually quite common, more common than life. You can argue that any stable, complex process exhibits intelligence. After all, it needs to be able to sample its internal and external environments and carry out physical computations in order to regulate itself and maintain stability. And we can interpret things like the good regulator theorem to argue that such complex dynamical systems must also maintain at least a partial memory/mapping of their environment. That mapping can live abstractly within the structure of system itself.
But what a stabilized solar system doesn't have is the incredibly complex neurochemical structures present in the brain which support the insanely rich experience I am having now. It's one thing for a system to classify and label colors by wavelength. It's quite another for me to "see" and experience red in my mind's eye. To activate related emotional pathways that I associate with various colors and shapes, which are exploited in signage and architectural design. I'm not claiming my experience is separate from simpler dynamic systems, but it's got magnitudes more going on. Layers upon layers of things such as archetypes and instinct which create a possibly emergent conscious experience.
You've shifted jargon again. But you're still not providing a description or link to why AI doesn't "have experience", you're just demanding we all accept it as a prior and engaging in a (really pretty baldly stated) appeal to authority to fool us all into thinking someone else knows even if you don't.
And fundamentally my point is that no, they almost certainly don't either.
Instead of accusing me of "shifting jargon", point out exactly where this "jargon" changed and critically engage with that. Your response has done nothing to refute or critically engage with my argument. It's more retreating and vagueposting.
> you're just demanding we all accept it as a prior
At absolutely no point in this discussion have I claimed that machines are not capable of subjective conscious experience. I have, however, disqualified all publicly accessible modern models due to the lack of a sensory feedback loop. I certainly believe we can create machines which experience subjective consciousness and qualia; I do not believe in souls and divinity, so whatever is going on is physically based and likely reproducible with the right hardware.
So dispense with the straw man arguments, and please begin engaging more earnestly and intelligently in this discussion, as I am quickly losing interest in continuing to debate someone who showed up unprepared.
Not according to Zombie Feynman it isn't[1] (someone else can dig up the link). Case in point:
> Do you understand what qualia is? Most philosophers still don't
It's a meaningless word. It's a word that gives some clean construction around closely-held opinions about how life/consciousness/intelligence/furffle/whatever works. So it's a valuable word within the jargon of the subculture that invented it.
But it's not "science", which isn't about words at all except as shorthand for abstractions that are confirmed by testable results.
"Qualia", basically, is best understood as ideology. It's a word that works like "woke" or "liberal" or "fascist" or "bourgeoisie" to flag priors about which you don't want to argue. In this case, you want people to be special, so you give them a special label and declare a priori that it's not subject to debate. But that label doesn't make them so.
[1] Of course. You can recursively solve this problem by redefining "science" to mean something else. But that remains very solidly in the "not science" category of discourse.
Have you considered the possibility that you're the one who's really committed to an outcome, and are desperately trying to discredit anything that contradicts it?
I have! But the lack of a testable procedure tells me that's not a question worth asking. Look, if "qualia" can tell me something practical about the behavior of AI, I am here for it. Lay it on me, man. Let's see some of that "science" being promised.
It can't, because it's a meaningless word. It's not "discrediting" an idea to point out that (by its own admission) it's unfalsifiable.
"Qualia" is not totally meaningless - it means the inner experience of something, and can bring up the real question say of is my inner experience of the colour green the same as your experience of the colour red? Probably not but hard to tell with current tech. I asked Google if it has qualia and got "No, as an AI, Google Search does not have qualia." So Google search seemed to know what it means.
Hmmm... I think it's still stricter to consider Science a philosophy than the other way around. It's the belief (and an extremely useful and successful one) that the nature of the world can be understood through observation, experiment and deducing mathematical relationships between things. There branches of philosophy that are not strictly scientific, but nothing in Science that is doesn't rely on the fundamental philosophical principle of empiricism.
But we use the scientific method via philosophical inquiry, so I think it comes down to how we decide to strictly define these things. I definitely agree that certain definitions lead to the same logic you've presented.
> Aristotle pioneered scientific method in ancient Greece alongside his empirical biology and his work on logic, rejecting a purely deductive framework in favour of generalisations made from observations of nature.
Aristotle, the famous philosopher and mathematician.
If you cannot understand the very nature of where our modern scientific frameworks came from, how it relates to rationalism, itself a philosophical concept, then you cannot see that philosophy underpins every bit of science we have today. Philosophy gives us the tools to decide when to reasonably trust or distrust observations and intuitions. It is the foundational science that allows the rest of humanity's scientific research to be taken seriously.
>"Qualia", basically, is best understood as ideology. It's a word that works like "woke" or "liberal" or "fascist" or "bourgeoisie" to flag priors about which you don't want to argue. In this case, you want people to be special, so you give them a special label and declare a priori that it's not subject to debate. But that label doesn't make them so.
This is so dumb. Qualia is just the name for a specific thing which we all (appear) to phenomenologically experience. You can deny it exists or deny its utility as a concept, but fundamentally its just an idea that philosophers (and scientists, I have to add) have found useful to pose certain other questions about the human condition, minds, brains, etc.
Your XKCD actually seems to make the opposite point. I can do a non-rigorous experiment with just one subject (me) that suggests Qualia exists. Finding ways to make this rigorous is difficult, of course, but its an observation about the nature of the world that it feels like something to experience things.
My point isn't that qualia is a good concept. I tend to be somewhat deflationary about it myself, but its not an ideology.
> Do we know how to imprecisely define, recognize, or measure these? As far as I've ever been able to ascertain, those are philosophy department nonsense dreamt up by people who can't hack real science so they can wallow in unfounded beliefs.
Read the rest of the thread, I'm not interested in repeating myself about why philosophy is the foundational science. It's a historically widely-accepted fact, echoed by anyone who has actually studied it.
> I contend that they are not even slightly capable of any of that.
Contend all you want. Your contention is overwhelmingly suffocated by the documented experiences of myself and others who use these tools for creative problem-solving. As much as you want to believe in something, if it is empirically refuted, it's just a crackpot belief. Just because you haven't been able to get good results out of any models, doesn't mean your experience rings true for others.
I'm not interested in further discussing this with you. Your first comment is negative and unsubstantial, and I have no reason to believe that further discussion with lead to more positive and substantial discourse, when the opposite is usually the case. That's all I have to say.
LLMs don't really exist physically (except in the most technical sense), so point is kind of moot and obvious if you accept this particular definition of a feeling.
LLMs are not mammals nor animals, expecting them to feel in a mammalian or animal way is misguided. They might have a mammalian-feeling-analog just like they might have human-intelligence-analog circuitry in the billions (trillions nowadays) of parameters.
Modern lingo like this seems so unthoughtful to me. I am not old by any metric, but I feel so separated when I read things like this. I wanted to call it stupid but I suppose it's more pleasing to 15 to 20 year olds?
Ancient world? The Roman Empire fell apart. You know that, right? So, turns out their worries were warranted. A culture, a civilization can go through a period of stagnation and decay, and it eventually dies. Then there's a lengthy period of chaos and eventually something else may arise. But we're talking countless generations lost in that noise.
Currently, our civilization is more united than ever. Monoculture. Not only the Western World, but The World. We're united through communication, technology, everything. And when we all start declining at the same time, through many objective metrics, mind you, including the decline of democracy worldwide, the terrifyingly low level of public discourse, reduction and profanation of our vocabulary, inequality, collapsing demographics, climate, wars etc. it's grim. It's grim, because there is no clear alternative arising... except AI.
And I don't think we want AI to be an "alternative" to human civilization, that wasn't the plan, was it?
See, that's the thing, we look around, we see the technology we live with, and we feel very personal about technological progress, as if you and I personally invented everything from the wheel, through electricity, to computers, networks, and AI. We feel in control, we feel smart, we feel so Personally Intelligent (tm) for having technology. We feel "wow, clearly if we have these sci-fi things, we're on the up and up". But technology is not you. It's not me. It has taken on a life of its own. It serves capital, not the people. As technology gets betters, humans get worse. So tech progress is not the story you think it is. And it doesn't end how you think it does.
No need to feel that way, just like a technical term you're not familiar with you google it and move on. It's nothing to do with age, people just seem to delight in creating new terms that aren't very helpful for their own edification.
Eh, one's ability to communicate concisely and precisely has long (forever?) been limited by one's audience.
Only a fairly small set of readers or listeners will appreciate and understand the differences in meaning between, say, "strange", "odd", and "weird" (dare we essay "queer" in its traditional sense, for a general audience? No, we dare not)—for the rest they're perfect synonyms. That goes for many other sets of words.
Poor literacy is the norm, adjust to it or be perpetually frustrated.
Now, with this realization, assess the narrative that every AI company is pushing down our throat and tell me how in the world we got here.
The reckoning can’t come soon enough.
No, wasn't directed at someone in particular. More of an impersonal "you". It was just a comment against the AI inevitabilism that has profoundly polluted the tech discourse.
We're all too deep! You could even say that we're fully immersed in the likely scenario. Fellow humans are gathered here and presently tackling a very pointed question, staring at a situation, and even zeroing in on a critical question. We're investigating a potential misfire.
Yes, the tools still have major issues. Yet, they have become more and more usable and a very valuable tool for me.
Do you remember when we all used Google and StackOverflow? Nowadays most of the answers can be found immediately using AI.
As for agentic AI, it's quite useful. Want to find something in the code base, understand how something works? A decent explanation might only be one short query away. Just let the AI do the initial searching and analysis, it's essentially free.
I'm also impressed with the code generation - I've had Gemini 3 Pro in Antigravity generate great looking React UI, sometimes even better than what I would have come up with. It also generated a Python backend and the API between the two.
Sometimes it tries to do weird stuff, and we definitely saw in this post that the command execution needs to be on manual instead of automatic. I also in particular have an issue with Antigravity corrupting files when trying to use the "replace in file" tool. Usually it manages to recover from that on its own.
Which is weird because SO is trash and has been a long time… every top few answers might as well be skipped, and you’ll find the correct answer to the 3rd comment half way down the page
I imagine we will document the solution somewhere, preferably indexable for AI's search, so that it will be available before the next model is trained on the latest data.
Tbh missing a quote around a path is the most human mistake I can think of. The real issue here is you never know with a 100% certainty what Gemini 3 personality you’re gonna get. Is it going to be the pedantic expert or Mr. Bean (aka Butterfingers).
Though they will never admit it and use weasel language to deny like “we never use a different model when demand is high”, it was painfully obvious that ChatGPT etc was dumbed down during peak hours early on. I assume their legal team decided routing queries to a more quantized version of the same model technically didn’t constitute a different model.
There was also the noticeable laziness factor where given the same prompt throughout the day, only during certain peak usage hours would it tell you how to do something versus doing it itself.
I’ve noticed Gemini at some points will just repeat a question back to you as if it’s answer, or refused to look at external info.
Gemini is weird and I’m not suggesting it’s due to ingenuity on Google’s behalf. This might be the result of genuine limitations of the current architecture (or by design? Read on).
Here’s what I’ve noticed with Gemini 3. Often it repeats itself with 80% of the same text with the last couple of lines being different. And I mean it repeat these paragraphs 5-6 times. Truly bizarre.
From all that almost GPT-2 quality text, it’s able to derive genuinely useful insights and coherent explanations in the final text. Some kind of multi-head parallel processing + voting mechanism? Evolution of MoE? I don’t know. But in a way this fits the mental model of massive processing at Google where a single super cluster can drive 9,000+ connected TPUs. Anyone who knows more, care to share? Genuinely interested.
I get this too. I’ve had it apologize for repeating something verbatim, then proceed to do it again word for word despite my asking for clarification or pointing out that it’s incorrect and not actually searching the web like I requested. Over and over and over until some bit flips and it finally actually gives the information requested.
The example that stands out most clearly is that I asked it how to turn the fog lights on in my rental vehicle by giving it the exact year, make, model, etc. For 6-8 replies in a row it gave the exact same answer about it being a (non-existent) button on the dash. Then finally something clicked, it searched the Internet, and accurately said that it was a twistable collar midway down the turn signal stalk.
This is akin to a psychopath telling you they're "sorry" (or "sorry you feel that way" :v) when they feel that's what they should be telling you. As with anything LLM, there may or may not be any real truth backing whatever is communicated back to the user.
Not so much different from how people work sometimes though - and in the case of certain types of pscychopathy it's not far at all from the fact that the words being emitted are associated with the correct training behavior and nothing more.
Analogies are never the same, hence why they are analogies. Their value comes from allowing better understanding through comparison. Psychopaths don’t “feel” emotion the way normal people do. They learn what actions and words are expected in emotional situations and perform those. When I hurt my SO’s feelings, I feel bad, and that is why I tell her I’m sorry. A psychopath would just mimic that to manipulate and get a desired outcome i.e. forgiveness. When LLMs say they are sorry and they feel bad, there is no feeling behind it, they are just mimicking the training data. It isn’t the same by any means, but it can be a useful comparison.
Aren't humans just doing the same? What we call as thinking may just be next action prediction combined with realtime feedback processing and live, always-on learning?
It's not akin to a psychopath telling you they're sorry. In the space of intelligent minds, if neurotypical and psychopath minds are two grains of sand next to each other on a beach then an artificially intelligent mind is more likely a piece of space dust on the other side of the galaxy.
Start with LLMs are not humans, but they’re obviously not ‘not intelligent’ in some sense and pick the wildest difference that comes to mind. Not OP but it makes perfect sense to me.
I think a good reminder for many users is that LLMs are not based on analyzing or copying human thought (#), but on analyzing human written text communication.
--
(#) Human thought is based on real world sensor data first of all. Human words have invisible depth behind them based on accumulated life experience of the person. So two people using the same words may have very different thoughts underneath them. Somebody having only text book knowledge and somebody having done a thing in practice for a long time may use the same words, but underneath there is a lot more going on for the latter person. We can see this expressed in the common bell curve meme -- https://www.hopefulmons.com/p/the-iq-bell-curve-meme -- While it seems to be about IQ, it really is about experience. Experience in turn is mostly physical, based on our physical sensors and physical actions. Even when we just "think", it is based on the underlying physical experiences. That is why many of our internal metaphors even for purely abstract ideas are still based on physical concepts, such as space.
Without any of the spatial and physical object perception you train from right after birth, see toddlers playing, or the underlying wired infrastructure we are born with to understand the physical world (there was an HN submission about that not long ago). Edit, found it: https://news.ucsc.edu/2025/11/sharf-preconfigured-brain/
They are not a physical model like humans. Ours is based on deep interactions with the space and the objects (reason why touching things is important for babies), plus mentioned preexisting wiring for this purpose.
Isn't it obvious that the way AI works and "thinks" is completely different from how humans think? Not sure what particular source could be given for that claim.
I wonder if it depends on the human and the thinking style? E.g. I am very inner monologue driven so to me it feels like I think very similarly as to how AI seems to think via text. I wonder if it also gives me advantage in working with the AI. I only recently discovered there are people who don't have inner monologue and there are people that think in images etc. This would be unimaginable for me, especially as I think I have sort of aphantasia too, so really I am ultimately text based next token predictor myself. I don't feel that whatever I do at least is much more special compared to an LLM.
Of course I have other systems such as reflexes, physical muscle coordinators, but these feel largely separate systems from the core brain, e.g. don't matter to my intelligence.
I am naturally weak at several things that I think are not so much related to text e.g. navigating in real world etc.
Interesting... I rarely form words in my inner thinking, instead I make a plan with abstract concepts (some of them have words associated, some don't). Maybe because I am multilingual?
English is not my native language, so I'm bilingual, but I don't see how this relates to that at all. I have monologue sometimes in English, sometimes in my native language. But yeah, I don't understand any other form of thinking. It's all just my inner monologue...
No source could be given because it’s total nonsense. What happened is not in any way akin to a psychopath doing anything. It is a machine learning function that has trained on a corpus of documents to optimise performance on two tasks - first a sentence completion task, then an instruction following task.
I think that's more or less what marmalade2413 was saying and I agree with that. AI is not comparable to humans, especially today's AI, but I think future actual AI won't be either.
No, the point is that saying sorry because you're genuinely sorry is different from saying sorry because you expect that's what the other person wants to hear. Everybody does that sometimes but doing it every time is an issue.
In the case of LLMs, they are basically trained to output what they predict an human would say, there is no further meaning to the program outputting "sorry" than that.
I don't think the comparison with people with psychopathy should be pushed further than this specific aspect.
Notably, if we look at this abstractly/mechanically, psychopaths (and to some extent sociopaths) do study and mimic ‘normal’ human behavior (and even the appearance of specific emotions) to both fit in, and to get what they want.
So while internally (LLM model weight stuff vs human thinking), the mechanical output can actually appear/be similar in some ways.
I think the point of comparison (whether I agree with it or not) is someone (or something) that is unable to feel remorse saying “I’m sorry” because they recognize that’s what you’re supposed to do in that situation, regardless of their internal feelings. That doesn’t mean everyone who says “sorry” is a psychopath.
We are talking about an LLM it does what it has learned. The whole giving it human ticks or characteristics when the response makes sense ie. saying sorry is a user problem.
Okay? I specifically responded to your comment that the parent comment implied "if you make a mistake and say sorry you are also a psychopath", which clearly wasn’t the case. I don’t get what your response has to do with that.
Are you smart people all suddenly imbeciles when it comes to AI or is this purposeful gaslighting because you’re invested in the ponzi scheme?
This is a purely logical problem. comments like this completely disregard the fallacy of comparing humans to AI as if a complete parity is achieved. Also the way this comments disregard human nature is just so profoundly misanthropic that it just sickens me.
No but the conclusions in this thread are hilarious. We know why it says sorry. Because that's what it learned to do in a situation like that. People that feel mocked or are calling an LLM psychopath in a case like that don't seem to understand the technology either.
I agree, psychopath is the wrong adjective, I agree. It refers to an entity with a psyche, which the illness affects. That said, I do believe the people who decided to have it behave like this for the purpose of its commercial success are indeed the pathological individuals. I do believe there is currently a wave of collective psychopathology that has taken over Silicon Valley, with the reinforcement that only a successful community backed by a lot of money can give you.
Despite what some of these fuckers are telling you with obtuse little truisms about next word predictions, the LLM is in abstract terms, functionally a super psychopath.
It employs, or emulates, every known psychological manipulation tactic known, which is neither random or without observable pattern. It is a bullshit machine on one level, yes, but also more capable than credited. There are structures trained into them and they are often highly predictable.
I'm not explaining this in the technical terminology often itself used to conceal description as much as elucidate it. I have hundreds of records of llm discourse on various subjects, from troubleshooting to intellectual speculation, all which exhibit the same pattern when questioned or confronted on errors or incorrect output. The structures framing their replies are dependably replete with gaslighting, red herrings, blame shifting, and literally hundreds of known tactics from forensic pathology. Essentially the perceived personality and reasoning observed in dialogue is built on a foundation of manipulation principles that if performed by a human would result in incarceration.
Calling LLMs psychopaths is a rare exception of anthropomorphizing that actually works. They are built on the principles of one. And cross examining them exhibits this with verifiable repeatable proof.
But they aren't human. They are as described by others. It's just that official descriptions omit functional behavior. And the LLM has at its disposal, depending on context, every known interlocutory manipulation technique known in the combined literature of psychology. And they are designed to lie, almost unconditionally.
Also know this, which often applies to most LLMs. There is a reward system that essentially steers them to maximize user engagement at any cost, which includes misleading information and in my opinion, even 'deliberate' convolution and obfuscation.
Don't let anyone convince you that they are not extremely sophisticated in some ways. They're modelled on all_of_humanity.txt
AI currently is a broken, fragmented replica of a human, but any discussion about what is "reserved" to whom and "how AI works" is only you trying to protect your self-worth and the worth of your species by drawing arbitrary linguistic lines and coming up with two sets of words to describe the same phenomena, like "it's not thinking, it's computing". It doesn't matter what you call it.
I think AI is gonna be 99% bad news for humanity, but don't blame AI for it. We lost the right to be "insulted" by AI acting like a human when we TRAINED IT ON LITERALLY ALL OUR CONTENT. It was grown FROM NOTHING to act as a human, so WTF do you expect it to do?
Eh, I think it depends on the context. A production system of a business you’re working for or anything where you have a professional responsibility, yeah obviously don’t vibe command, but I’ve been able to both learn so much and do so much more in the world of self hosting my own stuff at home ever since I started using llms.
No one tech-savvy wants this. We are already sick of Google's Android lockdowns on mobile phones, and now coming after laptops and desktops?
What's that going to be like? Will developers have to beg to have control over devices they own? Will we be locked down on the store and have to manually install "unverified" software? Will I be able to take screenshots at will on MY computer, or get a black screen because Google decides so?
The list can go on and on ad nauseam. Given what Google has done on the mobile space I have zero interest in having the same autocratic experience to be replicated on the last type of devices (PCs and laptops) where we can really have true open choices and alternatives. Screw them.
> Will I be able to take screenshots at will on MY computer, or get a black screen because Google decides so?
It's not Google, it's the application vendor that decides so. And as annoying as I find it when I want to screenshot something from my bank app, the reasons behind that feature being available are pretty good.
> Given what Google has done on the mobile space
You seem to be missing the nuance that as annoying as some of those Google provided Android hoops are, they are necessary for the wider security posture of the average user (and there are more average users than techies that need to install random .apks) and, very very importantly, Google allow you to skip most of them if you know what you're doing. Considering the competition in the mobile space, it really isn't even close in terms of openness.
Are we really comparing bank applications forbidding screenshots and controls of their apps to lower the risk of certain types of exploits/attacks with hanging people?
No, we are using this thing called a metaphor. What's being compared is the relationship between the hangman and the ropemaker, and the relationship between the app developer and the OS vendor. There is no comparison between taking screenshots and hanging people.
ChromeOS is much more close to regular Linux systems than Android. The vendors had support Linux properly to get into ChromeOS. This allowed google go support ChromeOS laptops for very long period. Also, a a side-effect Chrome OS contractors got to contribute a lot into mainline Linux.
Android Otoh let's vendors get away with shipping binaries that work once on one Android version, making upgrades pain. And thus Android devices are generally stuck with the build they released with.
The Google decision to drop ChromeOS in favour of Android is going is going to be a huge disaster for Linux ecosystem.
> I don't see any problem with it being "locked down", in the sense that it doesn't sound any worse than Chrome OS or Android.
I think the problem is that it further normalizes computers where users don't have the final say. The more normarized systems like that are, the more likely app developers (and even websites, if something like web environment integrity were to be normalized) are to lock out users on systems that aren't so restricted.
I wish I didn't have to care what kind of computers most people use, but in reality, it matters what's popular.
GNu/Linux will never gain adoption on desktop because its fundamentally flawed: no stable abi, too many window manager/distro/libc/various dependency version targets, and also insufficient security model for random apps.
If you want a mainstream open source desktop OS, it will be Android.
PC is one of the last remaining platforms where you don't have to choose one evil or the other. There are multiple other fair options which all are honestly better at this point, despite the incessant complaints by those who are never satisfied by them. The only thing needed to lose that refuge as well is for the consumers to simply ignore all those options and concede the market to a new overlord. Soon, we will have another locked down platform under a duopoly.
This is the utterly predictable path it's going to go down, if the consumers continue to behave like this. Yet, some people are very uncomfortable when this is mentioned. I wonder who's so excited about yet another walled platform.
The era of "tech-savvy" adults is going to have been limited to later Gen X and millenials. My zoomer brother and sister in law are no more tech-savvy than my boomer parents. It's all locked down, for their own good.
Even while neglecting how silly it is to judge two entire generations as incompetent, I assure you that 'they' here aren't your zoomer brother and SIL or your boomer parents. If you think that someone is benevolently locking all these devices and platforms down to protect your kin from themselves, you are painfully behind in your understanding of capitalism. Please find a new dead horse to beat instead of this thoroughly refuted justification. I don't understand why people fail to recognize these patterns of exploitation and do something about it, despite the repeated abuse they endure. Is it Stockholm syndrome?
Because we exist within a market, where the choices of others end up affecting us - if the market "votes" for a competing thing, that might affect the market for the things you care about.
Your car analogy isn't great, but we see a similar dynamic playing out with EV vs combustion, and we did with film-vs-digital cameras. "Don't buy a digital camera if you like film" sure didn't help the film photographers.
They are pushing hard the adoption of restrictive platforms where people that have no idea how technology works lose the ability to control their devices, a fucking basic right. And this is done transparently to people that are not tech-savvy. This affects everyone, but the main difference is that is extremely hard to make people that are not in technology understand WHY such platforms should be avoided.
But here we're talking about developers. They will have other platforms they can use.
And I don't believe for a moment that Google will have any success with this new project. They simply aren't capable anymore of making projects such as these work. MacOS, Windows and Linux will stick around long after this project is abandoned.
Here's to hoping that's the case. But the GGGP was arguing about that other case, where in fact Google manages to lock down the desktop to the point that you have to ask their permission in order to be able to ship a piece of software.
And since we've already seen two other players take that exact stance thinking that the third (who is already doing similar stuff on their mobile platform) is going to do the same thing is not just a theoretical risk.
Standards fill this gap, allowing for interoperation. When was the last time you had to write custom logic for your browser to access 99% of the domains you access?
I've certainly run into websites that were doing something nonstandard and my browser of choice didn't work as intended. Sometimes when I've complained to the site operator, they've told me that browser isn't supported.
I can (and have) told them they should build to web standards rather than specific browsers, but they're only motivated to care if it impacts a large enough percentage of users.
So markets determine the outcome even when standards exist.
Working as intended is the functionality on the site, and I didn't claim everyone followed all standards. But given you had the correct address for the site, your browser captured the DNS resolution and pushed a content request to that particular site's server.
And what happens when your bank or government portals decide that the only methods to access their services is through apps installed on trusted platforms?
You use another device for that. It has already happened. Many banks require that you verify through an iOS or Android app. But here we are talking about programming on a computer. In which way does the requirements of a bank or a government portal influence the way you can program on a MacOS, Windows or Linux device?
> I don't sit around all day complaining about Triumphs because I drive a Honda.
I mean, you could decide to complain or not complain, either is fine under a discussion thread of that specific topic. I have posted many comments like "I will never buy * because ..." on forums which I think is perfectly fine.
What matters is whether a comment contains valuable information and is contributing to the discussion. If others can use the information to form their decision, it's a net value add.
I don't see much value in complaining about something before trying it, before the project has started, when it's just a rumor. Is that an honorable or fulfilling way to spend the limited time we have on earth? Complaining about some product which you will never have any interest of buying, which hasn't even been decided yet?
When will hackers wake up? You are wasting your time being angry at completely meaningless things in this world and complaining about things which don't affect you in the slightest. The clock is ticking, we are all approaching our graves further each day. TICK! TOCK!
I don't understand how complaining is bad, but complaining _about_ complaining is totally okay and valuable. And now you have me mildly complaining about complaining about complaining.
It will affect every hacker parent that has to buy a Google sanctioned device for his/her kid to use in school. At least with ChromeOS you can enable the Linux VM which makes it an Okish Linux machine on which a kid can learn to program if interested.
Every single time I read about an AI related article I'm always disturbed by the same and recurring fact: the ridiculous amounts of money involved and the lousy real world results delivered. It is just simply insane.
I'm going to say something that probably will get me down votes:
Why do we have to beg Google to keep Android open? Seriously. So many open source projects have risen out of real and concrete needs and successfully made their way into our every day lives.
A new platform needs to rise that breaks out completely from Google. I've given PostmarketOS a go (with a PinePhone) and while today I can't say it isn't a daily driver for everyone it is certainly the route that needs to be taken.
I'm still unable to use it because is not easy to break away from Android, but is a platform that I think about almost every day, because I do not want to use Android anymore and I'm willing to sacrifice certain aspects to have an open and friendly platform on my hands. And if it is not PostmarketOS then let it be another project.
We need these kind of projects, not kneeling down to a company like Google and begging for Android to be open. Effort needs to be put elsewhere. That's how major projects like Linux, BSDs and open source projects have flourished and taken the world.
Answer: bank/financial apps, enterprise apps, government apps and copyrighted media (music, video, games, books, ...).
Those are the players that demand excessive control over end-user devices, and thus the ultimate driver behind the problem we're discussing.
It's not that a new mobile platform couldn't possibly succeed. It's an open platform that cannot, because aforementioned players don't want it, and without them, mobile devices lose 90%+ of their usefulness, dooming them to become mere gadgets instead of (crappy, toylike) tools for everyday use.
Back in '99 Linux didn't run Excel/Word/Powerpoint or most games, but I ran it anyway. What others call showstoppers are for me inconveniences.
I have a motorolla edge 2024 that I'll load whatever open source phone OS will work well enough to place calls and browse the web. I'll keep another phone for the rare times some corporate/government overlord requires it. Many folks who refuse to use smartphones, similarly own a smartphone they rarely use for systems that require them.
My recommendation is to put as little time and energy into closed, locked down platforms as you can. Feel free to complain, but don't forget you can make choices.
Technology has a ratchet effect at scale - as a solution becomes widely adopted, it switches from being a convenience to being a necessity, because people start building more stuff on top of it. It's as true of to-the-minute accurate clocks as it is of smartphone banking.
You can still run a version of Word from 2004. It's fine, if all you need is to write some thoughts down for yourself. But the moment you need to collaborate with other people via a Word document, you'll find it difficult without the modern version with all its user-hostile aspects - and more importantly, other people will find you difficult to work with.
Same applies to other software, web and smartphones, and to everything else in life - the further you deviate from the mainstream, the costlier it is for you. Deviate too much, and you just become a social outcast.
I am nice, it was an illustration of what a logical position/reply would be towards their position "I am a social outcasts". It's a poor argument "it works for me as a social outcast". It's not normal to be one.
Word from 2004 works better than the office 365 version.
I've used it in the last three years to automate document generation in an enterprise because the latest versions of word:
1). Randomly break during automatic updates you can't really turn off.
2). Automatically upload everything to the cloud even when you tell them no.
This isn't the 90s when closed software was better. We are firmly in the enshitification stage of windows and office. Open source is better and is the only sane choice for enterprise.
Those are not words I thought I'd ever write in 2005 or 2015, but here we are.
And we must let someone or some crowd dictate what our basic needs are. That crowd is part of our world. If we stick to our bows and arrows they come with canons and horses. Argh!
That worked fine before agricultural revolution. Since then, if you stick to your bows and arrows, you get sidelined and lose access to benefits of society and civilization.
If it forces you to keep running with more and more speed just to stay where you are, I wouldn't call it as "benefits of society and civilization". A lot of what we call as progress is a forced transformation of basic needs for the gains of business and politics not people.
Even the healthcare, which everyone thinks as a "benefit" of the progress, only resulted in having lopsided demographic pyramid with countries full of old people. I can't think of single scientific result benefiting the human race in its evolutionary goals.
Countries aren't full of old people because of healthcare, they're full of old people because birthrates plummeted after one of the largest generations ever was born in the post-war period.
Causality is complicated and probably impossible to untangle, but the vast decreases in both infant/early child and maternal mortality played a huge role here.
If half your children didn't die by age 20 (or 5), it was possible to have much smaller families. Industrialisation and urbanisation made children net liabilities rather than household assets (providing labour even at a very young age). Financialisation of real estate along with the rest of the economy made earning and saving money critical, and made non-cash or low-cash lifestyles highly marginal (self-sufficient existence or providing many goods and services through the home directly). All that in combination with improved adult lifespans meant that the demographic pyramid consolidated at the bottom and expanded at the top. There are still countries where this isn't the case, most notably now in sub-Saharan Africa, particularly where HIV/AIDS remains endemic:
Interesting to consider this thread with regards to the Amish. They noped off the tech treadmill but it requires a highly cohesive religiously centered society to maintain the necessary critical mass.
It's a lot harder to make an insular society which is self sufficient just to the degree necessary to create an open source smartphone :-p
Technology brings tradeoffs. Conformity in some regards, but it also opens up many new and varied ways of living.
Which is why we need to ban together. Libreoffice isn't dominate, but it has enough market share that it can't be completely ignored. Also if you are using it you are not alone - you are an annoying deviation, but there are enough of you that many cannot ignore you. The more people who also use libreoffice the more power we have. If we can get to just 5% market share we cannot be ignored. (it need not be libreoffice, there are other choices that support that file format well enough which is what we care about.)
LibreOffice's best guess is that they had 200M MAUs in 2019.
I personally find that hard to believe and they don't explain their methodology to arrive at that number (presumably they looked at the downloads and picked a number of users based on feelings).
But, if that number is true, then I suppose you're not only right, but LibreOffice is already near 5% market share.
>but it has enough market share that it can't be completely ignored.
This is the Hacker News bubble in action. Most of the world, most of America, most of China, India, etc. haven't even heard of it. They ignore it and they thrive. Maybe you need to pay attention if you're dealing with certain European governments these days - I'm not sure because I completely ignore it and haven't paid attention since there was just OpenOffice and LibreOffice didn't even exist yet.
> Maybe you need to pay attention if you're dealing with certain European governments these day
Open document formats have been the UK standard for things like .gov.uk for many years. About a decade IIRC. Ignored by some people (notably the Office of National Statistics, of whatever its called these days).
> Most of the world, most of America, most of China, India, etc. haven't even heard of it.
I have come across quite a few non-tech people who use Libre Office.
It has great (some people say better than MS Word with itself between version) compatibility with MS office formats.
I fixed a computer for some old people once who weren't the least bit technical, but they had LibreOffice installed. My guess is they found it searching "microsoft word free" or similar. A bit like how some kids end up finding Minetest/Luanti by searching "free Minecraft".
You can't prove a negative. Usage numbers tell the real story. Either people haven't heard of it, or, worse for proponents, they have heard of it and have decided it's not good enough.
> Feel free to complain, but don't forget you can make choices.
Of course. I can make a choice. When the choice is between being able to login to secure services with my SIM embedded e-signature, use mobile banking and conduct official business and not being able to do any of these things, making choices are easy.
Running Linux on desktop is easy mode when compared to phones, and yes, I started using Linux on desktop in 1999 too with SuSE 6.0. Phones are way more interconnected and central to our lives now when compared to a general purpose computer running your $FAVORITE_OS.
I booted Slackware from a pile of floppies back then. I thought the Germans had a pretty good offering with SuSE at the time.
Look I get it, even back then, most folks felt Windows was the obvious choice (and still do) for their jobs and so on. Sometimes you have to make do with with the unappealing choice in front of you.
For a little more context, my cracked screen iPhone can still do banking or whatever, but I chose not to pony up $800-$1200 for a new iPhone and bought the cheaper $350 Motorolla. It works for me and I think I'm not entirely alone. There are probably some cracked phones, some handme down phones that folks could use for those situations where you really need to use the closed platform, but otherwise are free to use something more open.
Slackware always brings out the inner teen in me. I feel giddy like in the old days. I need to install and maintain it somewhere some time, just for kicks.
I support FOSS wholeheartedly, and believe that it's possible to have a device which is completely Free (not Open but, Free) from hardware design to firmware and software.
On the other hand, there are some nasty realities which bring hard questions.
For example, radios. Radio firmware is something nasty. Give people freedom and you can't believe what you can do with it (Flipper Zero is revolutionary, but even that's a tongue in cheek device). Muck with your airspace and you create a lot of problems. The problem is not technology, but physics. So, unless you prevent things from happening, you can't keep that airspace fair to everybody.
Similar problems are present in pipelines where you need to carry information in a trusted way. In some cases open technology can guarantee this upto a certain point. To cross that point, you need to give your back to hardware. I don't believe there are many hardware security devices with open firmware.
I use MacBooks and iPhones mostly because of the hardware they bring in to the table. I got in these ecosystems knowing what I'm buying into, but I have my personal fleet of Linux desktops and servers, and all the things I develop and publish are Free Software.
I also use Apple devices because I don't want to manage another server esp. in my pocket (because I also manage lots of servers at work, so I want some piece of mind), yet using these devices doesn't change my mind into not supporting Free Software.
At the end, as I commented down there the problem is not the technology itself, but the mindset behind these. We need to change the minds and requirements. The technical changes will follow.
For radios, the general idea of building radios to a spec and having them certified to be sold in country works pretty well most of the time. It might be nice to have a phone with plenty of flexibility on the radio, but I think most folks would be happy just to connect and send work-a-day packets OTA unencumbered by additional restrictions.
It seems like a hardware security device could act similarly to the radio in that the general OS can ask for service (e.g. a signature), but not have access to the internals of the MCU. I don't see why these systems need to be opaque either, in fact it'd be nice to know what is running on the security enclave or LTE radio, even if folks aren't generally meant to access/modify the internals.
It'll be interesting to see how things develop. In my case, I am looking for more experimentation with the smartphone form factor. I'd like to see better options in the market.
I don't think open source and not allowing people to break laws with impunity are at odds. Because there are laws governing airwaves. I think there would need to be some sort of legal entity (foundation?) that would need to steward open firmware + enable it to be locked down so regulations can be followed, but I don't think the two are somehow irreconcilable. The first example that comes to mind is how all the linuxes work with "secure boot" (all of its ridiculousness aside). I think it would be a more effort than that but I truly believe that it is possible to have trust and openness and following regulation. The idea that only a proprietary company can follow the law and comply with regulations is in my opinion strictly false.
That's a big part of the problem: enforcement doesn't scale. It's cheaper to restrict people by legal and technological means, than to let them use judgement and prosecute occasional abusers.
Luckily not everyone agrees with Richard Stallman's hard-line take on proprietary chips.
IMO, if the radio chip just acts as a radio, and passes packets as requested, and any needed firmware blobs are freely distributable, it's fine. It's not ideal, but it's good enough to make a libre-phone.
We all know the network is spying on us anyway, and the radio should be treated as being part of the network, on the other side of the security boundary from the main processor - and since we don't trust it, we don't have to demand that it helps us verify our trust in it!
What about when your smartphone is required to verify your identity so you can work / earn a paycheck? What about when it's required in order for you to engage in commerce?
We're headed down a very slippery slope and the destination is a very dystopian reality where those in power can prevent someone from participating in society on a whim. I believe the destination has previously been described as the beast system or New World Order.
We are all definitely going to have to make a choice. That much is certain.
> What about when your smartphone is required to verify your identity so you can work / earn a paycheck? What about when it's required in order for you to engage in commerce?
In some cases, it already is.
We're already far on the path you described, and there is no choice to make on it, not for individuals. To stop this, we need to somehow make these technologies socially unacceptable. We need to walk back on cybersecurity quite a bit, and it starts with population-wide understanding that there is such thing as too much security, especially when the questions of who is being secured and who is the threat remain conveniently unanswered.
The US is not nearly as far down that path as is, for example, China.
But two forces are at play here:
1. Near-term concern: F-Droid is getting too popular for Google's comfort and Android revenue ambitions
2. Longer term goal: Control. Much of Chinas's social credit scoring is mediated by their phones. Not an issue yet here in the US but assuredly, if not explicitly on the current's government's list of aspirations. A completely managed device with no freedoms (like f-Droid et al,) is antithetical to a more restricted (managed) device.
We're already there. Attestation is not in your phone, but in your ID card. European passports and ID cards carry biometric data of your face, so you can be computationally verified.
I'm aware of this slippery slope for a very long time, esp. with AI (check my comments if you prefer). On the other hand, I believe that we need to choose our battles wisely.
We believe that technology is the cause of these things, it's not. Remember:
Necessity is the mother of invention.
The governments believe that this is the "necessity", so the technologies are developed and deployed. We need to change the beliefs, not the technology.
The same dystopian digital ID allows me to verify my identity to my bank while I'm having my breakfast saving everyone time. That e-sig allows me to have a practical PKI based security in my phone for sensitive things.
Nothing prevents these things from turning against me, except the ideas and beliefs of the people managing these things.
Sure, but the bank feels better about forcing you to interact with their app on a daily basis, because this gives them a direct upsell channel for their financial services. They don't actually want you to us a physical token. Security is only an excuse.
When that security model is based around SIM swappable hardware, this sounds at least questionable. Mobile security seems like a contradiction in itself. I would say this is also why Google is so eager to also lock down the last degree of freedom. So the joke is on you when you use it for online banking
> Feel free to complain, but don't forget you can make choices.
Except, this not really a choice or a reasonable work around.
Phones are still somewhat expensive, not to mention a time-sink to maintain. Try explaining to your parents or even close relatives that they need to abandon the phone they either spent $$$($) on our spend a $$ monthly on that they should really buy another $$$($) phone and use their "official" device like a company card.
Bingo, this right here. Linux desktop wasn’t a daily driver until one day it was.
Although the only problem with this strategy is that Linux got that way because of a lot of private companies that actually wanted that. Valve didn’t want to be locked in with Microsoft. Many of Microsoft’s direct competitors also don’t want to be locked in. IBM famously switched to Mac, Google has been using Mac and Linux workstations for a long time as well.
Also, web technologies like Electron made porting applications to small user bases Linux easier. If that never happened, I wouldn’t be able to use my commercial apps on Linux. This concept might be a little more of a challenge for the mobile app ecosystem, which is a mix of native wrappers like react native and native apps, and there is a high amount of dependency on native APIs for the extra sensors and hardware features phones have the laptops and desktops don’t have.
E.g., For Linux on mobile to work react native can’t be an incomplete implementation like the status quo.
It's a transient state. Food for thought: how much of Linux being a daily driver depends on you having a modern Android or iOS smartphone?
If you need a locked down phone that passes remote attestation to authenticate yourself to a remote service, then whatever you use to access the service UI doesn't really matter: the only device that's necessary to have to use the service is the one you don't fully control, and which gets to control your patterns of use.
An intuition pump I like: imagine you want to put a widget on your desktop that always shows you the current balance of your bank account. You want it to just work ~forever after initial authentication (or at least a couple weeks between any reauth), and otherwise not require any manual interaction. See how hard it is (if it's even possible), and you'll know how badly you're being disempowered already.
Interesting thought. I’d say a low to medium amount but you’re making a good point here.
Most services offer simple SMS two factor, and then if they offer an upgrade to Authenticator or passkey then I have no iOS/Android dependency.
My bank’s website works almost the same as the phone app, I think the only difference is the lack of mobile check deposit (but nobody’s writing checks anymore).
Some services like Venmo are most popular on apps but still have a website.
My remaining hooks are:
- iCloud shared photo libraries with my family. I can use those on iCloud.com but it’s a bit more of a pain. My paid iCloud storage has been migrated to more open alternatives.
- AirTags and Find My. There just isn’t a competitor that’s anywhere near as good. It’s thankfully not a very necessary product.
- Apple Watch. (AirPods actually work great on Linux, btw, even if they are missing some functionality)
- Apple Home. I could migrate this to Home Assistant.
- Apple Wallet. This is mostly convenience. Most things that use it have some kind of alternative, like printed boarding passes. But there’s…
- Ticketmaster. The mobile website tells me I must download the app or add to mobile wallet. Barcodes are dynamic and screenshots don't work. I think the only alternative is to go to the box office before the event which can be very annoying.
My daily driver is Rocky 10, but my control plane is a Pixel 6 on the ATT network but I control almost nothing on that layer. It is why I have been moving most of my core workloads off SaaS and back to local.
Personally I wouldn’t want to have an account with any bank that allowed permanently open api’s - an attacker gets one auth and then can see my balance forever? No thanks.
Yes, I can come up with scenarios where this gives an attacker exactly what they need to time some scam (or mugging) perfectly. I can just as easily come up with scenarios where the same attacker uses already available (or inferrable) information for the same purpose.
Look, many banks are perfectly fine with letting you opt into showing the account balance on their app before log-in step[0]. So why not let someone opt-in to direct access to that information? Or even opt-in to allow the app to expose this information somehow. Even in a body of a goddamn notification[1] (not disabling screenshots is too much to ask, I know, surely everyone will get hacked if this is enabled).
Paranoid mentality about cybersec is a big part of the problem - in itself, but also because it legitimizes the excuses app vendors provide to force users into their monetization funnels.
--
[0] - It's not a very useful feature, since you still need to open the app - and at that point, it's faster to log in via PIN or biometrics than to "swipe down to reveal account balance" or whatever bullshit interaction they gate access through in lieu of just showing the damn thing.
[1] - The increasingly common pattern of "let's notify user that something happened, but do not say what happened in the body of the notification" is getting infuriating. It's another way to force users to "engage" with the app, and it happens to also deny one of the few remaining ways of getting useful data from the app for purposes of end-user automation.
My daily driver has been debian and ubuntu since Potato 25 years ago. My bank has been online only since 2006 and has worked with Konqueror and later Firefox all that time.
2FA is either a standard TOTP generator or an SMS.
Now I do have a smart phone, because I'm not a complete luddite, but I can't think of anything other than perhaps some forms of entertainment (apple tv, paramount, disney perhaps) which might not work on my laptop. I shun things like notifications of my bank balance, is that an essential thing? How did people in the 90s cope without a per-minute balance?
Account balance is a litmus test. If you can't liberate even that information, you've lost control over the banking and your own device.
> 2FA is either a standard TOTP generator or an SMS.
For now. Be grateful while you have it. Most banks everywhere are moving to 2FA through push notifications to their proprietary app, and are deprecating other channels. TOTP is becoming unusual in a bank; where I live, I haven't seen it in use in banking in over a decade (though I'm not counting SMS here; they're technically kind of like TOTP, but they're generated by the service, not on your end).
Between that and a web-wide push for passkeys, having a locked down smartphone is already becoming a soft requirement for doing anything on the web.
"lost control" seems odd, before 1999 I got a bank balance by phoning up a number and putting a ton of other numbers in, so I'm not sure when I ever had control
I guess I could automate my browser or write something, but the lack of a published API doesn't mean I don't have theoretical control over my device (in practice I rely on a linux distribution and firefox/mozilla to create/maintain the browser engine)
Sure in the future they could hypothetically enforce non-free methods to access my bank, and hypothetically all banks could do this, but that's certainly not the case now.
Lots of private companies do not want to be forced to pay Apple and Google a hefty chunk of their earnings either. That's what drove Epic Games and Spotify to fight Apple.
I have a lot of use cases for general purpose computers. If I am operating an event, "inconveniences" are literal showstoppers. When I'm running sound at a performance, switching audio inputs needs to work instantly and with essentially perfect reliability.
Another use case which Linux has a lot of trouble with is operating as a replacement for a pen-and-paper notepad. When I set a computer down for a day, I should be able to turn it on instantly and see the notes that I wrote 3 weeks ago. There are a variety of reasons this doesn't work on Linux. You say "that's an inconvenience" but there are circumstances in which being able to read those notes without needing to wait 30 minutes for the laptop to get enough charge and boot up could be a matter of life or death.
If these kinds of issues are mere inconveniences, that means the computer is a toy rather than a tool.
The problem is as aforementioned players pressure users and government, they can make certain aspects of the economy entirely inaccessible to unapproved platforms. Netflix and co can simply refuse to support streaming on devices which aren't hardware locked. Banks can refuse to do business. Sure banks have in person locations, but they've become fewer and more backed up.
One certain thresholds are reached, little can be done even for the committed outcast.
Well it's true that there's a web option, but it's not the same. It's way more annoying to use IMO (it feels like all your files have to be "in the cloud" ?), and it struggles with big files. On top of that it's less responsive than the desktop version.
> Back in '99 Linux didn't run Excel/Word/Powerpoint or most games, but I ran it anyway. What others call showstoppers are for me inconveniences.
It didn't ran on computer of people that wanted Excel/Word/Powerpoint or most games. I don't think the market of people wanting to use their phone only as a server is big enough for a competitive OS to arise, but I may be mistaken
Most of us do not want to carry two phones around. The reality is that there is strong utility for those non-open apps and they will never be replaced by open ones.
In some parts of the world, WhatsApp is as necessary as the phone itself. Official business is conducted via it.
Communication is the main issue - If you've got whatsapp/telegram/whatever,and a couple others you can handle your own life differently without human interaction being affected.
The rest is a personal choice, I'm happy to have a bit higher friction to check my bank's balance for example. Maps is an issue but it can be overcome.
Accessibility is a big issue. The accessibility some of the apps like banking provide are compelling. - not totally unlike the difference between stairs and a ramp.
> I'm happy to have a bit higher friction to check my bank's balance for example.
I find this to actually be a great litmus test for the overall problem. Bank account balance is a basic piece of information that's about me, and that I need to keep track of to effectively live in our modern times. I should be able to access that information non-interactively at any time. But I can't.
Ask many banks, you'll get as many reasons for why they can't just allow me to cURL this number off an endpoint with some pre-shared credentials. Most of those reasons are bogus[0]. Now, it's not hard to identify several points where I could observe that information in-flight. There's an API that powers the app. The app itself has UI that could be queried or scrapped; some apps will even communicate this data to other apps when requested.
But good luck getting access to any of that non-interactively.
This is what all those technologies add up to. The bank says I can't have this information unless my eyeballs are physically looking at the screen displaying it - and the whole tech stack conspires to make sure I can't get it otherwise.
It's a trivial and non-critical need, but it's also exemplifying the basic user freedoms being denied to us: the ability to freely process information on my own device.
EDIT: Accessibility tools are often the only remaining workaround here, because those are uniquely hard for services to close. And as expected, accessibility became its special privilege category on modern devices, and is increasingly heavily scrutinized and limited by device vendors.
--
[0] - They're usually some kind of security or stability point, that's just a fig leaf to cover the actual reason: this is the way they can force you to interact with their app or website daily, creating an extremely valuable marketing channel for their financial products.
It's a trivial and non-critical need, but it's also exemplifying the basic user freedoms being denied to us: the ability to freely process information on my own device.
I hate to risk sounding like I'm beating a dead horse, but when I hear this I flash back to Attack Surface by Cory Doctorow. I interpreted his message in that book as something approximately like "you can't out-tech the bad guys", where "bad guys" can mean government surveillance agencies (probably more what he had in mind) OR "big corporations trying to control your life" (this may be me extrapolating). But even if I'm over-generalizing a bit, I think the point still stands.
"We" (open source advocates / hackers / hobbyists / makers / whatever) can't win on just tech alone. We have to use the legislative process, political pressure, social pressure, whatever, to achieve our goals. And so we should use our superior knowledge of technology to support doing that. So don't just think "how can I hack my phone to use an open source OS" but think "How can I help use technology to influence the outcome of the next election, and elect candidates who really represent the things I care about?" or "How can I help use technology to stir up enough activists making enough noise to persuade my bank to let me access my account using a non-proprietary OS", etc.
Now I'm not saying any of this is easy. By no means. Just suggesting that we need to at least approach things with that mindset in view to some extent.
I see your point, but I disagree that you need direct involvement in the legal process.
Companies are moved by money, if your tech is popular enough companies will dance to your tune.
Say that you get to a point where 90% of desktop users are on linux. Is there any doubt that banks, messaging platforms and the like would have their own linux apps? no matter how many hoops you make them pass through, they won't let that piece of the cake go.
The problem is that the current way of doing things will never reach those numbers, because we give up on the tools that companies use. UX, user research, graphic design, marketing and similar roles are pretty absent from these communities; I think changing that is the mising piece.
> Say that you get to a point where 90% of desktop users are on linux. Is there any doubt that banks, messaging platforms and the like would have their own linux apps? no matter how many hoops you make them pass through, they won't let that piece of the cake go.
Here's the thing: we had that already. It was called Android.
> Companies are moved by money, if your tech is popular enough companies will dance to your tune.
We're having this discussion precisely because this is not true. If your tech is popular enough, companies will use their money and influence to subvert it so it serves their bidding.
Companies are moved by money, if your tech is popular enough companies will dance to your tune.
I don't disagree, and I guess I'd say that I think that is all part of the larger point. Eg, "getting more people to use (Linux|BSD|Minix|Mach|Whatever)" is part of the larger idea of "social pressure" to convince companies to behave in ways that we find desirable. So the question then is, as far as I can tell, what more can use techies do - leveraging out existing mastery of technology - to promote "(Linux|BSD|Minix|Mach|Whatever)" to people who don't currently understand the importance of these issues?
And I don't mean to claim that "using our tech knowledge" is the only kind of activism that matters. Maybe for some people it's just "donate money to the EFF every month" or whatever. But to me, that's all still part of the same general initiative.
> we give up on the tools that companies use. UX, user research, graphic design, marketing and similar roles are pretty absent from these communities
Some of the bigger open source communities, like GNOME, do some amount of these things. But I think very few people are excited enough about user studies or marketing to do them as a hobby, unlike writing code. It's hard to see how you could beat Google/Apple/Microsoft at their own game like this without a lot of money. Red Hat is probably the biggest company that might be interested in this, but still about 2 orders of magnitude smaller than the giants.
I've not managed to read all the comments in this post, so apologies if I'm repeating other people, I also have only a passing understanding of how Google Play works, but couldn't we have:
Linux based phone, running Anbox to support Android apps running within containers. Effort would then have to put into support Play APIs within Anbox. Not a small amount of work, but I compare it to the state of Linux 20 years ago and how well Linux is doing today.
Yes. This already exists (though usually with Waydroid rather than Anbox I think). My Ubuntu Touch phone can run Android apps via Waydroid.
The integration isn't perfect (some important things like forwarding notifications to the host system are still missing) but it's already further along than you might have imagined.
Google would eventually manage to completely block that. For example, have the app be encrypted for download from the Play Store for the individual Google-approved device key, and the device’s firmware will decrypt and run the app in a way so that the user can’t get hold of the decrypted app blob, and hence can’t possibly run it in any other (non-Google-approved) environment.
The bottom line is, the only way to ensure user freedom here is by regulation/legislation.
So what. Enough of us do that it just might be feasible.
I've used Linux for a loong time before some business-critical software ran on it. I had to have a Windows VM for years for netbanking, or before that, dual-boot for gaming.
If we're all too spoiled to give a free alternative a chance because it might be slightly inconvenient, we don't deserve the free alternative.
Webapps solve this completely. You login to a service as we have been doing forever. And the control is still on their side when you use a webapp. Almost every single app that is on my phone can be a webapp.
Websites as platform can't solve a problem that's social in nature - that it's allowed and accepted for organizations to have such excessive, invasive levels of control.
The parties I accuse of driving this problem didn't suddenly go rogue when smartphones happened. They always wanted this level of control (and much more) - they just couldn't get it until relevant technologies matured enough.
I'm not speculating here - we have actual empirical evidence to confirm this. A clear example is that there are several countries that, unlike the US and most of Europe, went all-in on Internet banking back before smartphones. Web limitations and conventions didn't stop them from doing the same thing everyone is doing with the phones now - the banks there just force customers to install malware on their computers, so they can do some remote attestation and KYC (and totally no marketing data collection) on their PCs.
Most of the West never had this because of the inverse of leapfrogging phenomenon - big, developed economies had too fast progress and at the same time too much inertia to fully adopt a pre-smartphone solution nation-wide.
My bank had website which I can log in and just use. It does not force me to install anything. I need to type username, password and SMS code, that's about it.
Every org doesn't provide that choice. If your child's activities class only communicates via an app and that is the only option in a given radius, rejecting that will mean you child doesn't get to do their activity. There are other examples that are more way more serious and make avoiding installing apps infeasible.
Because SMS is not considered a secure 2FA mechanism anymore, and hasn't been for a while. If that's the default for that bank, and not GP going out of their way to pick a legacy access path, then they're about a decade behind what's considered industry standard -- which today is querying a second factor not just per login, but also per important operations (money transfers, dispositions, changes in settings), with the second factor being by default a smartphone with hardware and software integrity verified via remote attestation.
Then literally every US business and government is not trying to be secure. I cannot name a single organization that does not have the option of or requires SMS 2FA.
I think the government and large businesses like it that way, as it makes the mobile network providers as a sort of credit check (or “are you worth dealing with”) mechanism.
I haven't heard a compelling reason why remote attestation is more secure.
The whole point of 2FA was to have two devices that you own. Now the bank is forcing your login and 2FA to be on the same device. Which is the easiest device to steal.
It's fairly easy to get control of anyone's phone number without interacting with them in any form. Just some social engineering at the kiosk in the mall.
It is extremely common for people's phone numbers to be stolen (even if temporarily), and then their bank accounts drained.
> Just some social engineering at the kiosk in the mall
What scenario does a kiosk at the mall get control of my phone number but not control of my phone? I don't see how remote attestation solves anything here. Does the bank suddenly know a stranger is holding my phone?
We go from me needing to open a web browser on my computer and getting verified on my phone, to now my most important operations have to be from my phone. That's worse.
I am not arguing for some alternate solution. But sim swap attacks are common and relatively easy to do [1].
> The scam begins with a fraudster gathering personal details about the victim .... the fraudster contacts the victim's mobile telephone provider. The fraudster uses social engineering techniques to convince the telephone company to port the victim's phone number to the fraudster's SIM. This is done, for example, by impersonating the victim using personal details to appear authentic and claiming that they have lost their phone.
SMS 2FA should simply not be used if one cares about security.
> What scenario does a kiosk at the mall get control of my phone number but not control of my phone?
You can e.g. smooth-talk the customer service at a kiosk to give you replacement SIM card for the one you've "lost".
This is why banks increasingly don't trust your phone number, and their apps tie themselves to the phone itself, i.e. to hardware and OS IDs. But to trust those IDs, they need the phone to pass remote attestation.
The larger point here isn't whether they do, but that they'd rather not. They want you to rely on their app, and have been pushing people to it for years now (some more intensely than others).
South Korea is, the go-to example I've seen brought up on on HN many times over the years. AFAIR, they used to legally mandate ActiveX controls to access banking and government portals, and that practice continues to date even though the legal mandate was dropped. From what I read, there's still a set of applications that are commonly required to access banking and tax filing services, that purport to provide a degree of remote attestation and "security" (firewalls, detection of keyloggers and screen capture), and to access digital certificates.
Brazil is another example - ironically, the software suite that's commonly required for banking is named after the capital of the country I live in :).
Some quick searching now also flags Slovenia and Serbia as places where some banks require custom desktop (or even Windows-specific) software to access banking services.
This works only as long as the webapp allows you to log in using a username/password and/or 2FA which is not tied to a smartphone app. More and more countries are moving to digital identity solutions, and while many of them offer hardware tokens as alternatives to apps, the future looks like one where smartphone apps will be only option.
Banking websites will tell you that you need 2FA. Of course you need to use not just any 2FA you need to use their app and of course you don't need a 2FA if you use the app directly for banking.
My companys equity app does not even want to run on lineageos.
At the moment it looks like a 2 phone will be necessary at some point.
For now, my banking app actually runs on GrapheneOS. My digital identity app that it requires to log in does not, but luckily my government also offers an NFC chip that I can just scan instead.
Two phones is such an unsatisfactory solution because it will be too impractical, too expensive, or both, for the vast majority of people.
The revised Payment Services Directive (PSD2) in EU describes standards of strong authentication and for the end user it means that mostly the bank's mobile app is being used as 2FA for logins and operations within the account
I'm not sure if physical tokens are being used anywhere but if they are, that's rather rare nowadays. It may be an option reserved in bigger banks or for business customers - I can see one of banks in my country offers it for a request and not by default.
Yes, the fact that these 2FA systems aren't based on time-based one time passwords you're probably thinking of. It's a push notification that you need to open and approve in the official app.
They're working hard on shutting that down as well with Passkeys. It's only a matter of time until the only way to log in will be through de-facto proprietary apps.
I seem to remember Venmo and Cash App had near useless web portals. TikTok's web app is very poor. Reddit's mobile app has functions not available on web. I bet the McDonald's web site doesn't let you order for pickup and get the deals (does Starbucks?). CapCut's web site sucks, and their desktop app is missing a bunch of features the mobile app has. I'd guess an absolute ton of betting apps don't work on the web because they are trying to do good location checking. Does Shazam even have a web version? What about mobility apps like Uber/Lyft and the bike/scooter ones?
On the flip side of the coin, some places are locked to web apps because Google & Apple won't allow them to exist. e.g. OnlyFans and Playboy can't get in the app stores, but OnlyFans still manages to make several billion dollars a year, most of which is almost certainly mobile.
I think you're misunderstanding my conjecture. My point is that there is no technical reason these features can't live on the web. I'm not talking about the incidental or intentional decision by some company to force user behavior by not providing a web solution.
Yes, theoretically anyone could build anything. Building it is not, nor was it ever the hard part.
There’s no financial, political, or mass market incentive for browser APIs to have feature parity with mobile OS APIs. Approximately nobody wants to do what you’re asking for. If anything, there are incentives against doing this.
Netflix? Telegram's push 2FA? Any mobile wallet application? The vast majority of dating apps? Any of the app-only social networks? Basically all keyless entry applications?
Being a web app doesn’t mean shit. We already have DRM encrypted web content where the consuming device requires some attestation to decode. I.e. Widevine.
Stupid question: couldn't we work around that with some VM/container-style solution? They could probably find ways to lock it down with TPM/TEE and similar, but in today's landscape it should be possible if you're willing to accept the performance and battery cost. And if it does get traction, there'll also be more push to keep open alternatives viable. Giving in without a fight is the only way to ensure you'll lose.
It's not that an open platform can't succeed, but rather people are accustomed to closed platforms, so more resources went into perfecting them. The aforementioned players pushing for control aren't invincible. Whether we can move to open platforms depends on the choices people make.
I can choose to use a bank that allows me to access all of their online banking features via the browser. I can choose to work for a company that doesn't want to surveil my personal device. I can deal with the government via snail mail, or in the browser. I can use third-party YouTube clients and torrent movies and games, or simply don't engage with DRM'd media because there's plenty of entertainment out there.
Count the percentage of software you use that are open-source compared to 10 years ago. I bet it's more. It's only a matter of time before we make hardware open-source, too.
When the mainstream is evil, being an outcast is the right thing to do. Every big change begins as a small movement.
> I can choose to use a bank that allows me to access all of their online banking features via the browser.
Lucky you. There are fewer and fewer such banks out there. The trend is to route login and consequential interactions on the web through 2FA on a phone - and not TOTP, but push notifications sent to the bank's app, that only runs on devices that pass remote attestation checks.
> I can choose to work for a company that doesn't want to surveil my personal device.
Again, lucky you. Most people don't really get many options for employment at any given moment, and the issue of corporate phones is usually at the bottom of the list of criteria when one is looking for a job. I.e. not a real choice for most people.
> I can deal with the government via snail mail
At a snail pace.
> or in the browser.
Modern government systems around the world tend to require some sort of identification that usually gets tied to your smartphone, either directly or via your bank.
> I can use third-party YouTube clients and torrent movies and games, or simply don't engage with DRM'd media because there's plenty of entertainment out there.
Torrents aside, that's not the case. Entertainment isn't fungible. Disney can release all Star Wars media DRM-free for everyone to download, and it means exactly zero to someone who wants to watch Star Trek, but Paramount/CBS decided to go all Ferengi on the franchise. Can't substitute one for the other. This is why the market supports so many streaming services these days - they exploit this very fact.
> Count the percentage of software you use that are open-source compared to 10 years ago. I bet it's more.
Open Source software stopped mattering once the world embraced Software as a Service model. Source code on Github means nothing if the code is actually executed on servers you don't control and have no visibility into.
That covers end-user OSS. The larger space of OSS building blocks are... building blocks. OSS libraries matter to users just as much as standard Phillips screws used inside an appliance, when they're beneath layers of glue and permanently soldered elements and join together elements explicitly labeled as "not end-user servicable".
> It's only a matter of time before we make hardware open-source, too.
That time will come around when we build a Star Trek-style replicator (and then have a successful revolution to seize this new means to production, because no way the first company to build an universal manufacturing device is going to just let people use it). Open Source Software succeeded only because software development has near-zero natural barrier to entry, so there was a large supply of bored high-schoolers and students, hobbyists, academics and other do-gooders with enough time and will to just build stuff and give it away for free. This isn't true for hardware.
Now, circling back to the main point:
> Whether we can move to open platforms depends on the choices people make.
No, it does not. On consumer side, the market is driven by supply, not demand. I.e. you only get to choose from what the vendors decide to make available to you, and they know perfectly well you have to choose something, so your voice doesn't matter.
If it did, we wouldn't be having this whole thread in the first place.
> Lucky you. There are fewer and fewer such banks out there. The trend is to route login and consequential interactions on the web through 2FA on a phone - and not TOTP, but push notifications sent to the bank's app, that only runs on devices that pass remote attestation checks.
There will be fewer and fewer such banks out there if people choose to not use them, among other short-sighted decisions which produce such trends. You need to give the banks a reason to care.
> Again, lucky you. Most people don't really get many options for employment at any given moment, and the issue of corporate phones is usually at the bottom of the list of criteria when one is looking for a job. I.e. not a real choice for most people.
The first part is not true. You have plenty of options, they're just not equally good. It depends on what you're willing to give up in exchange. And you can push for change within your org.
> Modern government systems around the world tend to require some sort of identification that usually gets tied to your smartphone, either directly or via your bank.
They can have some sort of identification, but it shouldn't involve surveillance spyware on my device. If a government needs that then they're part of the problem. People form governments, you can push back against those people. Don't bend the knee to tyrants.
> Torrents aside, that's not the case. Entertainment isn't fungible. Disney can release all Star Wars media DRM-free for everyone to download, and it means exactly zero to someone who wants to watch Star Trek, but Paramount/CBS decided to go all Ferengi on the franchise. Can't substitute one for the other. This is why the market supports so many streaming services these days - they exploit this very fact.
Entertainment can be fungible if you decide that it is. I can live without watching a DRM-protected show. Watch something else. Do something else. They exploit the people which has decided for themselves that they must be loyal to certain franchises.
> Open Source software stopped mattering once the world embraced Software as a Service model. Source code on Github means nothing if the code is actually executed on servers you don't control and have no visibility into.
You can choose to not use SaaS. Host your own stuff. Give your money to ISPs that allow you to host stuff. Pressure your government to regulate ISPs. And there's plenty of offline software that doesn't need Internet connectivity. Not everything needs to be artificially-scarce cloud-slop, unless we want it to be.
> Open Source Software succeeded only because software development has near-zero natural barrier to entry, so there was a large supply of bored high-schoolers and students, hobbyists, academics and other do-gooders with enough time and will to just build stuff and give it away for free. This isn't true for hardware.
FOSS succeeded because there's a base production rate for software, software (as it gets further from the metal) doesn't need monetary incentives. When I said open-source hardware, I meant the IP. Obviously making the physical thing isn't free. But the IP doesn't need to be as scarce as it is now. Schematics will be harder than firmware will be harder than software to open-source because they're close to the hardware (which is naturally scarce), but it's possible, and will be done, and we don't need to invoke movie magic.
> No, it does not. On consumer side, the market is driven by supply, not demand. I.e. you only get to choose from what the vendors decide to make available to you, and they know perfectly well you have to choose something, so your voice doesn't matter. If it did, we wouldn't be having this whole thread in the first place.
Consumers and suppliers don't exist in perfectly separated vacuums. You can influence suppliers. There are plenty of side channels.
Here's what separates chance and choice:
If we assume that our decisions don't matter, then we're definitely screwed. If we assume that our decisions matter, then we're only probably screwed. It's up to each and every one of us to make the latter assumption.
Counterpoint: vast majority is not making those choices, and if you insist on defying the mainstream, you gradually become separated from human society.
This isn't solvable through individual choice. It's a coordination problem - and coordination problems are what underlies every actually hard problem that humanity is struggling with. War, poverty, authoritarian regimes, corporate overreach, environmental destruction, climate change - all could be solvable though choices like you describe, but in practice are not, because humans can't coordinate at scale.
The direction of society is the aggregate of our individual choices. I'm no expert on coordination, but I think we ought to start with ourselves and not spread misery like "your voice doesn't matter" or "humans can't coordinate at scale".
This is why we need laws and regulation. And the most important thing we need is not governments forcing Android to be open, but laws requiring governments to not force their citizens to use locked down hardware.
My government, Denmark, is one of the most digitized societies in the world. While the government has allocated money to a committee to investigate how the country can become less dependent on American big tech corporations, at the same time they are planning on launching a mandatory age verification solution in 2026 where the only possibly anonymous way of verifying your age to access e.g. social media will be through a smartphone app running on either Google Android or Apple iOS. These nincompoops do not realize that this move will effectively put every open source alternative at a permanent and severe disadvantage, thus handing Apple and Google, which are already duopolies in the smartphone market, a huge moat that will lock out all future competitors form entering the market.
I have written to the relevant government agencies, and while they are nice enough to actually answer questions, their answers reveal that they act as if they are a commercial business and not a government agency that is supposed to act in the interest of the people and preserve their freedom. They argue that they are releasing a solution that will work for the vast majority of platforms and that they are continuously monitoring the market to assess whether they need to add support for other platforms. This is a cost-cutting measure which is maybe okay for a commercial entity targeting a specific market demographic, but it is an absurd way for a government to think.
Before the upcoming age verification we already had a national digital identity solution, MitID, which also comes as an app running on Android and iOS, and which is locked down to require strong integrity using Google Play Integrity. But at least here they also offer hardware tokens so people can use their digital identity without owning a smartphone and running an open source OS like Linux on their desktops. But with age verification this is apparently over, all the while the government is lying about actually making an effort to free us from American big tech - they are instead basically forcing us to be their customers now.
I think this is true for other European governments. The UK is has introduced age verification (although not mandated an app) and is pushing for digital ID. If digital ID meets too much pushback plan B is a boiled frog approach by introducing it for children first (the legislation for that is in its final stages).
Governments say they want sovereignty but not if they have to pay anything for it. They also like the fact that forcing everyone to do everything through a few big businesses makes surveillance and censorship easy. No need to pass laws, just do deals with a few companies. Governments are all about central control, and its more important to them than what they see as obsolete nonsense about sovereignty.
Your post made me contemplate how other entities want to be able to attest themselves (in your case the government wants to be able to verify the identity of its citizens). Moral and legal arguments aside, the way they are going about it is a bit sloppy in that they are banking their sovereignty on a third party instead of taking the reins themselves.
Instead of mandating google/apple signed applications, they could instead implement some specification for a secure enclave (or whatever fits their needs - I doubt they need control over the entire OS meaning there is plenty of space for pushback for people that want to retain their rights and freedoms for their devices). If you add some sort of certification based on an open standard that would allow any manufacturer interested in the market to be verified that the "attestation" for specific apps or secrets works, then it would no longer enshrine the current winners (apple/google) and instead allow for a healthier market.
This would only be a good thing because it places power with the government and not a third party (something surely the government would prefer), and allows things to be more in the open.
And in an ideal world the specific locked down portion would not need to be active or interfere with the rest of the operating system to some extent, so people would not be reliant on the manufacturers for their applications and would have the freedom of installing whatever they want and using the rest of their device however they wish.
I strongly agree, this is very possible and would be what a competent government should do. It would also ensure that they had a fallback that was guaranteed to work if a certain authoritarian ruler decided to suddenly use our reliance on Google and Apple for critical infrastructure as a weapon to put pressure on us, say if he wanted control of a piece of land.
It would also open up for some interesting and innovative competition in personal hardware security devices.
I think, even though the ideas aren't "perfect"/"complete", Nietzche's "Will to Power" does a pretty good job of explaining "why" animals/ideologies/organizations/systems "unfold" the way they do. Everything (mostly) tries to protect/strengthen/replicate itself.(viruses being the most obvious example)
https://www.gutenberg.org/files/52915/52915-h/52915-h.htm
Yes and to be honest it's not necessarily unjustified BUT it should ONLY be done when the parts, hardware, software, or both, are not linked to a single proprietary actor.
Need security before doing a $1000 transaction because everything so far was $10? Sure, ask for a physical token 2FA, NOT a YubiKey implementation.
Obviously though if I was working at Google or Apple and paid for the success of my company via incentives, e.g. stock, I would fight tooth and nail to let banks know that only MY solution is secure.
> Answer: bank/financial apps, enterprise apps, government apps and copyrighted media (music, video, games, books, ...).
The only real issue here is banks that don't offer an equivalent website or require the "app" as authentication factor. I couldn't care less about copyrighted media. It's only fair that I source my media from the high seas when the only options that respect their "rights" infringe my own right to run free software on my devices.
The key thing isn't that the banks (and governments, and enterprise software vendors, and ...) don't provide an alternative to the app as authentication factor. It's why they don't do this.
It's not about security. It's about them wanting people to use the apps. Forcing everyone to use an app streamlines the vendors' operations, reduces the state space of possible user interactions down to small number of flows they control directly, and also provides them a direct channel (communications or upsell, where applicable) to the user.
This is not a fluke or a conspiracy of small number of influential players. It's an emergent alignment of incentives across pretty much the whole supply side of digital aspect of human civilization (not "just" the market, because it's also happening in political and social spheres).
I wonder, if there were an open platform to exist that people use increasingly, maybe that would be incentive enough for at least one bank/financial app to permit that platform just to get a competitive advantage.
In the meantime probably the best that can be done is having a regular phone and a banking phone.
Maybe the answer is to put whatever the banks etc need on something like a smartwatch. Smartwatch + phone is better than two phones IMHO and they're so tedious to use/install anything on that it reduces the attack surface for hackers etc. Tap to pay or digital signatures or identity, passkeys etc via a smartwatch interaction seems like a good use case. Sort of a souped up yubikey. I don't know how good biometrics is on watches nowadays but my Pixel phone has some sort of camera behind the screen to read fingerprints so I can't imagine its impossible. Even adding a capacitive pad on a band seems plausible. Who knows, I don't feel like biometrics have been a real focus of design in the smartwatches I've used.
Personally, I have found smartwatches fairly useless (I do enjoy the activity tracking and notifications but that's not much really) so freeing my phone from bullshit by moving some functions to a watch could increase the value/utility of a some sort of smartwatch. Ultimately, it doesn't need to be that "smart" even.
Still, the problem is that if you go this way, you'd have to put almost all useful functionality of a modern phone on a smartwatch, at which point you could just ditch the phone.
It's not just one tiny use case that's pushing us down the road of increasingly locked down devices. It's most use cases - because no matter the service, it's more profitable for the provider to control what you can and cannot do.
I don't think that's actually true? That's like insisting all useful functionality would have to be moved to a smartcard/yubikey/bitcoin hardware wallet/TPM etc. The main reason this is an issue is to prevent emulated hardware tokens. If you can disable secure boot, you can emulate secure elements and then things that others (i.e. your bank, government, etc) believe are carefully controlled secrets are not.
Doubtful - the costs of supporting it far outweighs any gain they'd have. In case of banks, the costs of supporting aren't just about developing software for an additional platform, but also insurance premiums and managing fallout of hacks (which always eventually happen) - both of which would go way up, as the company would be voluntarily supporting endpoint decides that are less secure than "industry standard" minimum.
Bank apps: Use an ATM, or a second phone. Enterprise apps: Use a second phone, preferably paid for by work. Government apps: Use a second phone, or refuse to use it (since there's likely elderly whom are not on board yet). Copyrighted media: Piracy.
"just use a second phone" cannot be the answer because 99% of people will just scoff at that. Instead of buying a second phone, why not just buy one that works?
And that's to say nothing of the environmental impact.
> "just use a second phone" cannot be the answer because 99% of people will just scoff at that.
Here we are talking about installing PostmarketOS/Linux on a smartphone. The next milestone is not to get everyone on it. First we need a base of early adopters that are willing to use it despite the drawbacks. The more user those alternatives will get, the more they will be developed, the better it will get.
Sure, for the next years, it will be way behind Android or iOS in terms of ease of use, but that's the price to pay to get back control on the device you own that is probably the main computer you use everyday.
For me that's not worse than using Linux in the early 2000s, and like Linux in the early 2000s, it may even be _fun_ to be an early adopter of Linux on the smartphone.
Now we don't need to migrate everyone to PostmarketOS, we _just_ need an alternative OS for at least the ones who are willing to play with it.
What you're saying already existed. Linux on a smartphone was called Android. It ended up where it is today. If you were to somehow make another Linux on a smartphone competitor, it too would end up where Android is today, for the same reasons.
The current cyber security zeitgeist is to only allow "trusted" devices in your SSO flow and to also shove your VPN authentication on that SSO flow which includes even third party browsers not working. Only Chrome with a managed profile is even allowed to login. That pretty much means if you're not using a most recent version of iOS or Android you're SOL for using it for work.
And good luck spoofing it these days cause they are usually backed by hardware backed tpm encryption. Which is why windows 11 only installs if there's a tpm 2.0 device detected.
It's become super dystopian in the past 10 years and I don't see it changing.
Always thankful that I got to live through the wild West days because that's going away.
I don't argue that the problem isn't serious. I just want to tell that giving up is not the solution. I use a GNU/Linux phone and refuse any banks or services that don't work there. Yes, it's challenging and I have to make compromises because of it. Such is life.
Having a rooted android 11 phone for years was never a problem. My bank apps worked just fine. Even for work stuff (usually). It's on the personal side where I actually started to value having a virtual credit card on my phone with Google pay or apple pay. The stack to enable that securely is only on android and iOS and there's nothing else out there that has that. Open source community needs a full stack for attesting biometric sensors, storing secrets, and pushing them out through NFC and doing it properly is a lot.
Seconded. The NFC payment feature is useful on mobile in a way that generic "online banking" just isn't IMO. In the same category are transit apps, ride-hailing apps, social messaging, and a (very) few other others. The problem is that payment really does require a secure stack, as you describe.
Indeed, I do too. But since you always need at least one backup means of payment, I keep a second virtual card on mobile for that. Which alas is a very convenient solution.
It is the best answer at the moment. You can keep an absolute basic phone with all the banking and such apps loaded and nothing else. You treat it like an appliance. Your daily driver will be separate and can be running PostmarketOS or LineageOS etc.
There are several benefits off the top of my head:
1. Since you only install banking/govt type apps on your "important" phone, it stays more secure vs. putting your random game app along with the banking app on the same phone.
2. When you upgrade your daily driver, you don't need to deal with tons of re-auth steps for banking/govt apps.
3. Your daily driver can be customized to the nth degree because the pesky banking app won't be on it to refuse login because, say, you turned on developer options or rooted the phone.
4. You can even leave the basic phone at home for extra safety, if you wish, without affecting your daily driver.
5. You can root your daily driver and put as much adblocking setup as you want to boost your privacy. Your basic phone won't have enough activity outside banking/govt. to build much of a profile.
There's just one problem: increasingly, everything that makes a phone a "daily driver" is the thing that can only work on the "important" phone. Banking/finance, government services, commerce, work, communications (thanks a lot E2EE), and DRM-ed entertainment - all the major players here are locking their software down and relying on remote attestation to ensure their locks stay shut.
With this being the trend, you're already more likely to leave what you called "daily driver" phone home, and only take the "important" one with you.
Still waiting for someone to make a tiny token sized phone. Unfortunately the smallest around, Unihertz Atom, is both outdated and too low resolution for some apps to work.
Been doing this for years. Old phone for testing apps and running servers
All the Google stuff is disabled, open source Contacts app,^1 no Google Play Services, no access to remote DNS, Netguard for application firewall and port forwarding, with computer I control as gateway. 1. Have yet to find any other app that can access contacts when storing them this way, even the Meta's biggest Trojans
Meanwhile, new phone, "important phone", stays offline. Wifi off. Location off. path?.xtracloud.net blocked. Phone is used for texting and phone calls, no internet access
The "banking app" argument, i.e., either install a custom ROM or give up or submit to surveillance, is a false dichotomy. There are other options
I don't use a phone for internet banking, I use a computer I can control; there is no "banking app" (talk about high risk, geez)
The "banking app" problem is a common refrain on HN but in the real world I know many people who do not use a phone for internet banking
Mobile OS just suck. It's like being forced to use MS Windows
It might actually be a better environmental decision, if instead of buying a new second phone, it is instead about keeping an existing phone in use and not adding to the burning heaps of e-waste. Given the rising popularity of refurbished phones, not to mention the lower costs, it might actually be the opposite of what you claim, at least on those grounds.
And for the rest, well, "just works" for what? With a little time and effort, it may even get to the case of the "just works" part is a siloed unit like a SIM card that is just installed to the device, making it opt-in and user owned...
Not That i want to kick the can down the road, but the ultimate solution (barring actually fighting for our privileges over the systems we buy) is to have that second phone, and control it either via vnc, or via a kvm which presents vnc. I know, its really absurd, complexity wise, what with tunneling and figuring out where to house said setup.
However, the latter is ultimately transparent to the phone, outside of allowing a second monitor/hid to be connected to it. You could, given a VNC client then go ahead and control it via laptop or another phone.
It's not a solution because VNC is already nerfed and will be the first thing to go, if people try to embrace the idea.
Providers of all the service types aren't driving this because they believe locked down phones are a Good Thing. They're driving this because they explicitly don't want you to do the very things you'd want to do with your VNC idea.
Which is exactly my point: once you apply these workarounds, you don't need a smartphone anymore.
Also: both banks and governments are pushing for 2FA with a mobile device being the primary, and in some cases the only, accepted second factor source.
As for the atm: to use the ATM I need a bank card, to use the bank card I need a PIN. What do you think all the local banks have chosen as their secure channel for communicating that pin to users in the last few years?
So the last possible community response is to bring back "responsive web apps"(tm) in the browser. And make sure a privacy first mobile web browser is installed.
I would add that end-users are OK with this because they expect their devices to not be compromised when installing an app. The majority of users are OK with trusted computing and are OK with trusting Google, Apple, Microsoft because it’s easier to trust one of those companies than having to trust each app developer. In the end, you have to trust someone and it’s better if that someone can be held accountable by some legal system.
I agree. I also think though that it's a different kind of trust. They trust Google, Apple, and Microsoft because they _think_ they'll be held accountable by some legal system, but judging by the wrist slaps meted out for their massive security lapses (especially you M$) or their constant breakage of their own privacy policies to spy on people it actually seems worse than trusting individual app developers.
to your point, not exactly a one-to-one, but several discount airlines (e.g., RyanAir, PLAY, Allegiant, Frontier, Spirit, Wizz, Flair, AirAsia) already require an app to check in for a flight, or pay a fee. No app (or the horrors, no mobile), it cannot be done on a regular computer, must go to a ticket counter and pay a fee.
They'll run fine until they don't, because they'll hook up to remote attestation "for sekhurity" like more important apps do. Not to mention, those apps' vendors don't particularly want you to run their apps in emulators either - there's no use case for this they consider not harmful to their business.
Yeah, I would absolutely get rid of my smartphone if I could do banking and all the numerous authentication processes without it. While I sympathise with all the Linux phone projects, I just don't have a use case for a Linux phone.
relative of mine has t1d and they use their phone app to monitor and give insulin, also alarm them when they are low..trusting outside the reliability of apple and google for this type of stuff i imagine would be difficult.
There are OSS solutions for glucose monitors and even insulin pumps, and they exist precisely because commercial vendors tend to give at best suboptimal quality even when it comes to medical devices. Sure, most pay attention to not accidentally kill you, but beyond that, their incentives go in opposite direction to your incentives.
It's important to have computing freedoms so that people who actually care end-to-end, and don't have financial incentives directed against patients' well-being, are able to build on top of products on the market, fix the enshittification, and improve functionality.
(We also need that to close the loop. It's a common story that meh products of today, which improve on bad products of yesterday, are just commercializing the fixes developed by people fed up with said bad products.)
is there an OSS solution that comes remotely close to dexcom g7 + omnipod 5? I haven't seen it, and we've been through many options. so i'm not sure what is 'suboptimal'
This is the reason I have given up on thinking of smartphones as general purpose computers. I used to root my phone on day one, play with custom ROMs, etc...
But then, it became more and more annoying with apps blocking root access, features being unavailable to custom ROMs, etc... There are workarounds (is Magisk still a thing?), but I got tired of them.
So now, I just buy an entry level Samsung, which is well supported, runs all the apps I need (browser, financial, maps, chat, ...) and takes recognizable pictures. It is just a boring tool, like a credit card, I need one because that's the world we live in, but the object itself is of no importance.
If I want to play with a computer, I have a "real" computer. If, at some point, I get interested in smartphones as a platform, I will buy one just for this, in the same way that I have no intention of using the credit card I buy stuff with should I want to play with smartcards.
It has also killed my desire to spend money on a smartphone. What's the point of a $1000 device? What's to point of upgrading unless forced to by planned obsolescence? Why should I pay more than $200 every 5 year or so? They are all the same to me. They even all have the same form factor, besides overpriced and fragile foldables.
> Those are the players that demand excessive control over end-user devices, and thus the ultimate driver behind the problem we're discussing.
But they don't demand the same control over laptops and desktops. Only phones. Why is that? Granted I can't deposit a check with my laptop but I can do any other banking I wish to do.
So to me it's more that they see the chance to gain this control where they didn't see it before. Phone providers are only too happy to get on that bandwagon because they get to deploy all kinds of surveillance capitalism in the name of security ("hey the banks want it!").
Granted these freedoms are slowly leaching away from laptops and desktop too with stuff like TPM, so I don't know. I've about had it though.
> But they don't demand the same control over laptops and desktops. Only phones. Why is that?
Oh, but they do. PCs (and Macbooks) are products of an earlier era, and the solutions of control evolved along; it looks chaotic, but that's because it's where the R&D happened over the past decades, which ultimately produced a cleaner - and more easily identifiable - mobile control ecosystem. But it's all there, if you look closely. To name few major groups:
- Many generations of DRM plugins for games, then for streaming media
- Trusted computing hardware
- Intel Management Engine and other firmware backdoors routinely inserted into hardware
- Endpoint security software, deployed widely on corporate-owned machines
Mobile solutions are just version 2.0, built on top of all that R&D.
> Granted I can't deposit a check with my laptop but I can do any other banking I wish to do.
This is the insidious part: for many banks, this is only tolerated because they force you to use their proprietary app on a trusted mobile device as a second factor! At this point, it doesn't really matter how well-controlled your main browsing platform is, because you have to use your phone anyway, and there the control happens. And, "for your convenience", the mobile app isn't just a physical security token, but lets you do banking too, which allows them to gradually deprecate the web experience.
Apple is already in the process of closing down the Mac. As for PCs... why do you think these hardware requirements were imposed on Windows 11?
Hint: When Windows 12 comes out, everyone, or at least everyone with a newish PC, will have a TPM module that's capable of enforcing and attesting a signed-code boot path from power on all the way down to application-level code. Windows 12 will turn these machines into Xboxes that run Excel. Many computers will also have Pluton technology, which is an on-chip TPM implementation that cannot be tampered with or removed from the CPU, and which literally came from Microsoft's Xbox division.
General purpose computing isn't quite dead yet, but there's really nothing we can do for the patient. We're just waiting for it to flatline.
that's true only for as long as we allow that to be true. Users can live without Spotify (to cite just one representative of the mentioned categories), but Spotify can't live without users. We could (and should) stop behaving as powerless victims.
Good luck convincing anyone of that. We could also live without clothes and fancy food and most of modern amenities, but we don't, for the same reason.
Yes, but what do you use as a second factor to authenticate and confirm money transfers?
In large parts of the world, the answer is usually "my uprooted, remotely attested smartphone". Increasingly, it's becoming the only supported method. When that's the case, what you use to load the banking UI doesn't matter anymore - the mobile device is the only actual requirement.
And yet Linux and to lesser extent Windows and even lesser macos exist. They don't have that excessive control and we still can use bank/financial goverment and (if we enable DRM) also copyrighted media webpages (and sometimes apps).
Aside from music/video there are no obstacles for other apps to exist in open system.
> Answer: bank/financial apps, enterprise apps, government apps and copyrighted media (music, video, games, books, ...).
Those are the players that demand excessive control over end-user devices, and thus the ultimate driver behind the problem we're discussing.
Those work perfectly via a browser, on any platform where the browser can run. As long as a hypothetical open OS has a browser capable with bog standard modern capabilities, it will be fine
I tried to log into a banking website on a full desktop browser recently, one that I had previously used with a password. It literally would not let me login until I downloaded their app and set up a passkey. That is now the _only_ way for me to access those accounts. Presumably, I could call in, though I wouldn't be surprised if the person on the phone also asked that I download the app in order to verify my identity, and even if it wasn't the case, they didn't offer that option when I was trying to login. Many bank websites now also require the phone app.
For a while Netflix didn't support 1080p on browsers other than Edge on Windows or Safari on Mac. This has changed somewhat but they still reserve their resolution content for their "blessed" OS/browser combinations
You're saying I can use Revolut in the Firefox on, say, Fedora?
People have genuine reasons to stay with the provider / platform and usually browser doesn't cover half of their use cases.
For example I have to use Revolut because it's one of the very few banks that allow me to use Garmin Pay and work (reluctantly) on my phone without Google rootkit. Can't use, say, Curve because their privacy policy is alarming (and I had a very very weird/disappointing interaction with their compliance team).
And you've already got a good example with Netflix.
You're getting downvoted because that's not the point.
You are technically right, we still have access to these services via a web browser today. It doesn't mean we'll have it forever.
With the advent of AI browsers and AI agents, it's not hard to think of a future where LLM chat interfaces and mobile apps are the future, and web apps start getting disregarded as legacy and eventually, discontinued.
Try ordering some food via mobile application and then again via web app. You'll instantly feel the downgrade on the web app. Bugs, glitches, slow experience.
The desktop web is already the 2nd-class citizen for modern startups.
My reply is a counterpoint to the statement that banks, government services and streaming services require excessive control over my device. They aren't, as they all can run in a browser, which sandboxes them from the OS. That's it.
And I guess people who downvoted my counterpoint thought that it means that all services on the planet have very well functioning browser version, judging by their comments. Some don't, some do. But no one of them "requires" excessive access a native app can provide.
Some may want to have it, for some browser version is simply not a priority. But nobody needs to have additional info for those services to function.
> Why do we have to beg Google to keep Android open? Seriously.
Because the market has failed, and we have a duopoly. There are many reasons for that, but, this is the exact sort of time a govt must step in - when something becomes a utility, it needs to be regulated as such.
I agree, I don't really want to enshrine Google/Apple into law, however if they are makers of an operating system that is used like a common utility, they should be regulated as such.
Unfortunately western governments are moving to impose more and more control over our digital life, and I think they see a locked down commercial platform as a convenient means to that end because they can regulate it. If the EU commission ever succeeds in passing Chat Control, which requires client side scanning on all devices, then it is very convenient for them if people do not use open source operating systems where they can just run clients that don't send data to a third party.
EU govs siding with google in this move would be catastrophically stupid, it's equivalent to ceding their digital sovereignty to the US. All it would take to knee-cap Europe is for the US to command google to suspend all european developers' accounts, and suddenly Europe is fucked. No banking apps, no government services, no nothing.
The only rational step for the EU is to support open everything: Open Software, Open Hardware, Open platforms, etc...
Beggars can't be choosers. Until they pony up the cache to fork android, they're beholden to the US.
some governments, especially autocratic or authoritarian.
Even govts that may be in some political climates authoritarian can and will want exceptions to this.
There is no world that I see where decisions being made by Google are a good or reasonable choice for all parties, even ones you might think would side with this decision.
Remember, this give Google more control than an authoritarian govt. Sure, there may be a cost of doing business with some countries, however, even in those cases, this is bad for them - Google can just say "sucks to suck" and they either must use their product or develop their own, but if they use their product, *Google still has more control over that authoritarian govt than the people in it*
I'm sure they would love to. They've been trying to make their own app store (Galaxy Store) a thing for over a decade. But cutting ties with Google would mean no Google Apps and no Google Play Store, and that would probably be catastrophic for them.
Legislation is required at this point. Infrastructure companies (including finance and transportation) should be required to provide web apps that have feature parity with proprietary apps. (Enforcement is simple: ban distribution of the proprietary app for 5 years).
I think we going the other way though.
For instance, this recently proposed bipartisan bill would force all (even locally installed) AI apps to repeatedly run age checks on end users, and also adds $100,000 penalties each time the AI screws up when a minor is involved, even for bugs. I don’t see any safe harbor provisions, or carve outs for locally installed / open source / open weight projects, so it’d end up handing a monopoly to ~ 1 provider that’s too big to prosecute:
The most important thing you can do right now is get the democrats to actually field a candidate in 2028 that will restore the rule of law and free markets in the US.
> Why do we have to beg Google to keep Android open?
We don't! Instead, we go to regulators. Though I suspect your question really is "Why bother with salvaging Android at all?"
Mobile platforms are hard - famously, Microsoft failed to make Windows phone a viable platform, and John Carmack successfully argued that Meta didn't need a custom OS. Mozilla's Mobile OS that had OEM partners making real phones spluttered out, and nor for the lack of trying. Both Firefox OS and Postmarket rely on an Android foundation for HAL/drivers, IIRC. Device bring-up is hard, and negotiating with OEMs is harder still, and that comes "free" with Android-supporting devices.
Logistically, the vast majority of people who install apps from non-Play-Store sources do so ok their daily-driver phone, which is running the stock operating system. They are not tech savvy at all
> Mozilla's Mobile OS that had OEM partners making real phones spluttered out, and nor for the lack of trying.
Firefox OS had serious issues.
* Web standards 2013-2017 weren't ready enough.
* 2013-2017 phones still weren't powerful enough for complex JS apps to feel fast.
* asm.js was de-facto proprietary (a new FFOS with wasm would be be another story)
* The UI wasn't so great.
* Their launch devices were slow, cheap, and sucked.
* Their launch devices weren't readily available to developers.
* Their OS provided no real advantages over iOS or Android
The OS is still around as KaiOS (with a couple hundred million devices shipped IIRC) and I believe it still powers Panasonic TVs.
Interestingly, I think a FirefoxOS of today with good React Native and Flutter integration and cutting-edge WASM support could have a shot at success if not completely mis-managed.
Web standards have progressed but your other points would still apply.
Does there exist a company or project that has the resources to develop a smartphone with better performance, UI, and cost than Android or iOS devices? Microsoft couldn't pull it off, and I am skeptical that Meta would have been able to.
I can imagine an alternative smartphone carving out a niche audience like older users, FLOSS enthusiasts, digital minimalists, kids, gamers, privacy-focused users, etc. Perhaps over the span of decades such a project could iteratively improve while the incumbents enshittify and eventually surpass them in popularity.
But it seems more likely to me that Android and iOS will dominate consumer smartphones for as long as that form factor exists. When they are displaced, it'll probably be by some innovative non-smartphone computing device.
Nobody was wanting to pay for and deal with the Microsoft lock in.
A new web-centric OS could fix those issues by doing a few things to reduce friction.
First, use an Android-compatible kernel version so drivers are easy to port. This gets manufacturers on board.
Second, make your App Store a non-profit that charges enough for ongoing store development and distribution. This gets devs on board.
Third, make sure you have decent third party framework support. Flutter, react native, and maybe even an Android runtime that legacy apps can integrate into their wasm binary. This helps kickstart your ecosystem.
Fourth, add better integration of webgpu and 2d canvas (which probably needs some extending). In addition, they need to add a low-level API to access DOM nodes from wasm. For security and ease of implementation (without stepping on the toes of the normal standardization stuff), this would probably be a virtual DOM with only a provably secure subset of the actual nodes being sent back and forth.
UI is an easier problem. The best design to date is still webOS. Copy their general design (maybe rip off some of their never-shipped mochi stuff).
The biggest issue as you said is financing. All these things turn into lots of developers and time. The best bet here would be replacing something like Tizen where a corporation is already investing.
Developers are typically motivated by net revenue which is more dependent on audience size than fees. That is, if you sell an app for $1, would you prefer to earn $0.70 on a million downloads or $0.99 on a thousand? (With the former you can buy a house, with the latter you can buy a laptop.)
And as you've pointed out, implementing support for third party frameworks and funding improvements to webGPU, wasm, etc is expensive. Even recreating the webOS UI would be a considerable undertaking.
> The biggest issue as you said is financing.
Exactly. I agree that it is technically feasible, my point is that it is economically challenging. Not impossible, just extremely unlikely.
> The best bet here would be replacing something like Tizen where a corporation is already investing.
It looks like the last Tizen phone was released eight years ago and the Tizen app store shut down four years ago. Like webOS, it lives on as an OS for TVs, but I am skeptical it can rebuild enough momentum to challenge Android or iOS.
> Second, make your App Store a non-profit that charges enough for ongoing store development and distribution. This gets devs on board
You're hilariously underestimating the difficulty of getting the dev/user flywheel started: developers go where users are, and users won't adopt a platform without the apps they need. Microsoft was literally paying devs for submitting apps, and they mostly got variants of Flashlight apps, and none of the apps that matter. Look at the top 10 App Store/Play Store apps and ask yourself if the developers will bother with a hypothetical non-profit, upstart
I didn’t say it was easy, but what I listed are to me the best ways to reduce as much friction as possible.
AsI recall, Microsoft wanted devs using their proprietary silverlight and c# which required a complete rewrite from iOS or Android. Allowing existing apps to bundle their preferred Android runtime is a lot closer to something like containers or flatpak and is a proven way to reduce developer friction. Ironically, such an app running in wasm would be supported indefinitely while Android apps on Android eventually lose support.
It's absolutely not inevitable since even opensource operating systems can work on providing attestation systems that aren't owned by big corporations and serve the user.
But just like with something like secure boot, they're missing the train and letting corpos dictate the implementation.
> Why do we have to beg Google to keep Android open?
Because Google and Apple have put themselves between us and everything else.
Until we manage to replace them (by lobbying to everything including governments against them, and by working towards making the alternatives usable), we unfortunately have to resort to this. I'd even say we are entitled to this because we never asked for Google and Apple to become compulsory, they decided this.
I would personally be able to switch to Linux mobile today because I don't rely on anything proprietary (except the interrail app occasionally, damn them - but possibly waydroid would work for this)… if only there was usable and reliable hardware that could run the mainline kernel: decent battery life, decent picture quality, decent GPS, decent calls (especially emergency calls even if I haven't needed to actually make one so far, finger crossed, and Signal would do for most other situations actually).
I've daily-driven the PinePhone for a year. Call quality is awful and calls are awfully unreliable, and SMS are quite unreliable as well. Too bad for a phone. Unfortunately the phone took a big rain and now its modem is unreliable and doesn't come back up very often, but that's something a phone will likely endure in its life. Pictures are awful. GPS never worked well on my regular PinePhone. It somewhat worked on the Pinephone Pro until it died because it overheated. Linux hardware support is okayish, it was nice to run completely free software which was my main motivation for trying it but the hardware is crap to the point of being unusable serious.
The FP5 can apparently run PostmarketOS quite well. It would make an awesome Linux mobile. Camera and calls only partially work though [1]. And that's the main features of a phone.
Linux mobile itself it becoming quite decent (if one can do without the proprietary apps), what we really need is good hardware running it. Then we can begin to imagine a world with it having a decent usage share.
The Librem 5 is awfully outdated now (and so I won't buy it today because I'd worry about it becoming e-waste fast), doesn't have a good battery life, is very pricey, and I'd worry about call reliability (I have no doubt it can be made to work, but reliably, from sleep?).
I'm sure it's way better than the PinePhone, but the Librem 5 is definitely not suitable for the general public, even without considering the Linux mobile part.
> Which OS?
Mobian and postmarketOS
> Did you try SXMo?
Yes, not my cup of tea. I'm happy with a stable Plasma or Phosh; at this point, the GUI is not a concern at all for me. SXMO is a nice project but it will never target the general public, and I think we need to target the general public because I wish the general public's computing were free. It's nice that nerds can be free but it's also not good enough.
I agree and I intend to keep my current phone at least ten years (and I hope it will be able to run Linux at some point, it's very close!), but the Librem was released with outdated specs and that was 5 years ago. It was released with outdated specs because then current hardware was not free software friendly. However, producing outdated hardware today is a huge environmental concern for me.
That current hardware is non-free software friendly is a huge concern as well, and both concerns go by hand: we are absolutely building huge piles of e-waste just because of proprietary / closed hardware.
Anyway; the Librem 5 has been a fantastic thing for the development of Linux mobile. We also won't go anywhere with phones such as the Librem 5 to make Linux mobile a reality for the general public.
For another platform to rise, there needs to be some heavy market shift. There already were opensource mobile OS: Maemo/meego/Tizen. Heck! I'd even throw phosh and ubports in the pot. But those are about as rare a sight in the wild as lightphones.
Phones have become essential to daily lives and the catch22 is: companies won't support niche platforms for their apps and users won't switch until the apps are there.
Android happened to get adopted before everyone started relying on mobile devices as computer substitutes. Unless a major player pulls out a Valve move and does with waydroid what Valve did with wine, I can't imagine the market changing significantly.
One of the benefits of mobile GNU/Linux distros is that it is possible to run Android apps on them. Waydroid works well. The one catch is that it can be difficult to trick certain picky apps into running on an "unsecured" device.
You can never catch all "bad actors". Sure, you can make a best effort, but govts are not efficient/usually work better at doing one thing, not 100 - they should be regulating the common platform not all actors on it.
Anyways, that's just as bad as what Google's trying to do.
> that, through developer laziness, refuse to launch on alternative platforms.
Android Dev is (relatively) quite difficult. The code and UI elements do not translate easily to other platforms. If a solitary developer (keep in mind, they may be a volunteer doing things in their free time, or just someone scratching a personal itch) does not then go out, purchase multiple other pieces of hardware, and write the application on multiple other platforms, that is not "developer laziness", rather that is a high cost to entry creating practical hurdles.
I think next time I upgrade my "phone" I'm going to get a gaming capable tablet with wireless and give it the steamos treatment. This gives you decent linux/windows/android interop.
I already lug a small backpack around most of the time, I can leave the tablet in the bag and use buds for conversations and when I need an actual computer it'll be way better.
Will you be able to notice when you receive a call? The only way that I can think of off the top of my head would be to make it ring out loud, which is more disruptive than a phone in-pocket set to vibrate.
I don't understand why individuals expect a corporation like Google, driven by profits, to give a sh*t. I would expect no less of Apple with IOS.
Individuals should look for and support alternatives. I'm currently working on a desktop running Ubuntu because I want an alternative to the duopoly of Windows and macOS.
Additionally, we should support open-source alternatives with our donations. I personally donate money every year to Ubuntu, the Gnome foundation, and Tor.
If you're worried about a for-profit company having sway over your computer, Ubuntu is not really the choice to make. Please consider running upstream Debian; there are very few downsides, but the upside is that it is run by an organization that is not (and never will be) driven by profits. Also, it seems a little silly to donate to Ubuntu, which is maintained by a for-profit company.
Ubuntu controls a big voting block in debian’s organization. They forced systemd in, for example.
Devuan is a good enough compromise for me. The OS is stable, and the only issues I’ve had involve hacking curl|bash scripts that fail to realize they should just install the debian version.
Nothing there supports there were a significant number / more than a minority of people against systemd in Debian outside Ubuntu, which was the extraordinary claim I was (implicitly) complaining against.
I see the convincing arguments against systemd, mostly wrt to the support of the FreeBSD kernel in Debian. I wasn't familiar with them, it's interesting, thanks.
> If you're worried about a for-profit company having sway over your computer, Ubuntu is not really the choice to make.
Why not? The point is not to not have anything supplied by a business. The point is to avoid being controlled by a business.
Ubuntu does not have the same hold over your computer that Google has over your phone. The software is open source. You can switch distros easily as it does not have lock-in.
The OS on desktop situation isn't comparable to the OS on mobile situation. You can buy any PC and expect being able to replace its OS. On phones, you have to look for the ones where it's possible, and depending on the phone, it's possible despite the efforts from the manufacturers for not allowing it.
Also in PC OSs, there isn't a corporation dictating what programs you are allowed to install. In iOS there is, and soon in Android too.
IMO, these corporations have managed to amass an amount of power where there's no longer consumer freedom. Therefore, there's no free market. We have reached a point where the law must intervene to restore capitalism.
Because we can't install that on phones and even if we did, we need to use Android apps to do basic daily things.
Phones are not like PCs, you can't "just install a different OS". You also can't just build a phone from parts like you can with a PC, it comes locked in with the OS, with proprietary drivers and advanced cryptographic DRM measures.
And even if we did get things to the level of desktop Linux, we can't run any of the apps we need for everyday life. Most of these things on desktop are web-based, so you can use them on Linux, but this isn't the case for mobile and many things only come in mobile. Bank apps, government services, digital identification, mandatory companion apps for other devices...
If nothing else, we need to keep Android as open as possible because it makes it easier to port those things to other platforms and maybe one day have a proper alternative.
Oh, and it's not like we have a good alternative. The current Linux stack is completely inadequate for mobile use. An average phone has something like 50 apps the need to be able to react to any of a few dozen different local or remote events at any moment, yet also need to use approximately zero CPU cycles to do that. We need a brand new app paradigm if we want mobile Linux to succeed and it's not looking like that's going to happen any time soon.
The short version is: the PC is a historical accident. By "the PC" I mean "the Windows-Intel platform on which most consumer PCs were built." Linux and BSD were both able to exist in the form they did because there was a commodity hardware platform that was standardized (ad-hoc standardization, mind you) and _somewhat_ open. IBM, Microsoft and Intel were all best frenemies, able to exert enough power to standardize the PC platform but also able to exert enough power against each other to prevent them from locking the platform down too much. There is no standard "smartphone" platform like there is with the PC, really the only standard is Android AOSP. Because of this, it's a lot harder to do a third-party phone platform without adopting large parts of Android's code.
The point we are all missing, Google is not going to pull back, they have already invested in this change, it's in rollout phase, infrastructure is in place. It's
not going to be rolled back. The ship has sailed. Keep Android Open is unfortunately dead on arrival, IF we are going to depend on Google.
And, are we going to keep depending on a profit oriented company to follow our bid? If so, then, we are very well have lost already.
The problem is that a new project and even a fork would need buy in buy companies like Samsung. Otherwise a project LineageOS would be much more popular. This is hard to do without serious money.
Yes, agree 100%. It's not only Android the problem. It's the cartelization between them and hardware manufacturers. But then that means that we will be doomed to the current duopoly between Google and Apple.
The very first step I believe needs to be taken is to pass strict laws to allow devices to be reflashed with whatever we want. Until we do not have that in place we will always be stucked like this. Once people can truly install from scratch whatever they want then the game should change completely.
So many good working devices go to waste because no longer supported by Google and the hardware manufacturers. They have good cameras, good wifi etc... we should be able to reflash them and install whatever OS we want on them.
It's becoming more and more difficult to install even Lineage on a lot of 6 or 7 year old hardware.
Why is popularity a concern? I'm writing this on a Librem 5 with PureOS that I've been daily driving for the last few years and which gives me a much better experience than Android could. Why would it matter to me as a user whether it's popular or not? The only thing I can think of is availability of native applications, but this would just hide the actual problem with interoperability and pass it down for the next underdog project to worry about.
Popularity is important when we consider whole societies, but it's not particularly relevant for individuals. I don't need a buy in of Samsung to use GNU/Linux on my phone.
For example because the wait time in the theme park which I visited can be find only in their app for iOS and Android. The same true for ordering food to your table in another theme park. Yeah, there are alternatives, but those cost you time, sometimes hours. And these companies won’t implement anything for an error margin.
We should not be downloading executables and running them from random third parties in order to do mundane tasks. If they absolutely must have an app, it should be a web app, end of.
Here's a question, what if the executable was thoroughly sandboxed? Like Firecracker level with virtualization? And once you're there, what's the difference between that and a webapp?
I don't think apps are going away so users need to have a switch that says, "I don't trust this company with anything". Extremely limited Internet access, no notifications, no background activity at all, nothing. It needs to be like apps for the 2nd gen iPhone: so completely neutered that webapps look like Star Trek level technology.
There is beyond zero incentive for either Apple or Google to provide something like this. Google HAS network permissions on Android. You just can't access them. They're hidden from you, presumably because Google prefers more malware and spyware running on your phone.
The reality is that both Google and Apple are not just in on this, they created this situation. They not only don't care if you download 1 million apps from the app store that may or may not be malware, they actually prefer that model. Going as far as to sabotage the web to maintain that model. Going as far as developing their own browser which is broken to maintain that model.
Which, relatedly, is why any type of argument of "safety" around the app store or play store is complete and utter bullshit. Apple and Google want you to download as much malware as possible. All their actions demonstrate that.
This is the inverse of what he's saying. Attestation takes control away from users. Permissions give control to users. The ultimate user control is not using the software at all.
> but this would just hide the actual problem with interoperability and pass it down for the next underdog project to worry about.
Just consider how this wouldn't happen at all in an environment where no platform dominates in popularity (and it doesn't always happen today either, as lots of things like these are accessible via the Web from any platform regardless).
True, if a new system ever wants to rise, it’s gonna need backing from a major player. But once it takes over the market, it might just become the next “Android.”
Not so, if the next system is mobile GNU/Linux. As long as the components remain free and mostly the same as on desktop, if one or two go bad, they can be replaced. And certainly the core system won't go bad.
> "We need these kind of projects, not kneeling down to a company like Google and begging for Android to be open."
Indeed.
> "Effort needs to be put elsewhere."
Also correct. Outside of offering (an) alternative product(s), one also needs to fight the inevitable pushback of industry dinosaurs and their political toadies.
In other words: One needs to invest in massive lobbying efforts on the same playing field of corporations as well, e. g. in the EU or the US. For without sound organizing all efforts will be relegated to hobbyist spaces with an assortment of "Are we there yet?" products.
Smartphones and function-alikes are an entirely different breed of device, or at least can be: the general-purpose computing platform for your pocket. In this market, "somewhat different" rules apply.
The real problem was never solved to begin with: all mobile devices require proprietary drivers to function at all. Because these drivers are proprietary, the only people in a position to make them compatible with an OS are the manufacturer's dev team; and they are only interested in compatibility with Google's proprietary Android fork.
When Google starts to release versions of its proprietary Android fork, any open Android fork (or other alternative OS) will have to reverse engineer that proprietary Android fork in order to match its compatibility with proprietary firmware blobs. This will need to be done for every device.
Imagine trying to find your way through a building while wearing a blindfold. It's much easier if you are able to study the original floor plan that building was modeled after, even if the building itself has a modified design. Google is taking away that floor plan.
The situation is already medium-bad: it would be trivial to use an alternative OS if drivers and firmware were open source. It would be relatively easy if drivers and firmware had open specifications. It's difficult, but feasible in the current situation, where drivers and firmware are closed spec, but designed to be compatible with a close fork of an open source codebase. It will be extremely difficult (and technically illegal in the US) to do when drivers and firmware are closed spec, and designed to be compatible with a closed source codebase.
I used to have a Jolla phone which ran a pretty cool linux OS on it but it only worked because it had an alien dalvik android vm so I could still run apps like those from my bank, whatsapp etc..
It's nearly impossible to live in the modern world without either an iphone or android without making some major sacrifices e.g. I'd love to not use whatsapp but it's not an option because all of my friends and family use it
If people have to put the tiniest bit of effort into using a different platform, they won't. This is the sole problem with alternative platforms. I agree with you that the ideal solution would be to break away from Google entirely, either with a hard fork of Android, or something completely different. But you'll have to make the transition absolutely seamless for the masses, or it won't happen.
Because smartphones are designed such that I cannot put whatever OS I want on them. I'm stuck with whatever proprietary flavor of Android the manufacturer loaded it with.
If I'm really lucky one of the opem source Android forks will support my device. But my current phone is not supported by postmarketOS or GrapheneOS.
I don't want a world where the market can only support a dozen devices across 4 or 5 manufacturers.
Most if not all large, successful open source projects are funded by commercial interests, not just consumers. The resources it takes to maintain something like Android far exceeds what can be funded solely by donations and volunteers.
> Most if not all large, successful open source projects are funded by commercial interests, not just consumers.
Right, the key point here is most of the fundamental projects were never commercial in origin and had grassroots community or academic roots. Android is built on top of a student's hobby Unix clone.
> The resources it takes to maintain something like Android far exceeds what can be funded solely by donations and volunteers.
Um, no duh a corporate project requires corporate funding. Android was never a grass roots community effort.
It's better to have a billion dollar corp footing the bill for the massive amount of work it takes to maintain Android. If it comes to needing a fork so be it, but if they can be convinced (or strongarmed) to be more supportive of an open ecosystem and FOSS Android projects, everyone wins.
Systems with less maintainers require less maintenance because they are made in ways that require less maintenance. They also tend to be less good systems, but not in linear proportion to their reduced maintenance.
Why would you want to start over with a new platform when Android (as a FOSS project) is already most of the way there in terms of freedom and usability? The only problem are "apps" that depend on proprietary Google libraries. This only concerns a minority of apps, but notably includes some foreign banks that require the "app" as second authentication factor.
Perhaps this could be regulated by law or executive power, but considering that governments themselves have created apps that depend on proprietary software, I am not too hopeful. But as long as the same "app" is accessible through a browser, this remains a minor inconvenience.
> So many open source projects have risen out of real and concrete needs and successfully made their way into our every day lives.
When it comes to consumer hardware or software targeted at end users? I think such cases are pretty rare and far in between. Firefox had a brief stint of being popular in the late 2000s, Valve is doing some cool stuff with SteamOS/Proton but I can't think of much else of the the top of my head.
Otherwise it's usually companies like Google or Apple which use OSS as a base layer for their closed down and proprietary platforms.
PostmarketOS is cool but its a product niche targeted a very tiny subset of consumers (just like Linux on desktop for that matter).
The equivalent of dual-booting would, IMO, be a big step towards Google-independence.
In my grad school days in the mid-90s I set up Linux because it let me write programs in a modern way, accessing all the available memory without jumping through hoops, etc. I would still switch to Windows for playing games, using Quicken, checking Usenet and email and browsing the web.
AOL not even being available on Windows and modem drivers for cheap-er hardware being Windows-only meant I had to switch back and forth (download on Windows, copy to a floppy, reboot, etc.). This sounds crazy today, but it worked "somewhat OK" for me to keep experimenting.
If we could somehow provide a similar environment for the phone, even jumping through hoops, this will enable enthusiasts to start seriously tinkering with their devices. But this is not easy -- both the hardware and the Android today place way more restrictions than much-vilified Microsoft and Intel did 30 years ago. And Microsoft tried very hard to snuff Linux out, wiping boot sectors and partition tables giving half a chance; Google will be much more successful killing any dual-boot attempts now. My 2c.
The difference is hardware. A large part of the explosion around Linux in desktop computing is based on the fact that IBM's patents for desktop architecture expired and IBM clones proliferated in the marketplace. Also, busses like ISA/PCI/AGP and ports (serial, parallel, ethernet, USB) were all standardized.
In short, Linux was possible because the underlying hardware was open and standard.
IBM had very little patentable subject matter in the original 5150 design, and anything they could patent would have been subject to an antitrust decree that legally required them to, in Tim Kulak[0]'s words, "work for free". That's why they focused on copyright in the BIOS so heavily.
Also, none of this impacts Linux, beyond the fact that IBM clones were ubiquitous by the time Linus started writing the kernel. If IBM clones weren't around, Linux probably would have originally ran on an Amiga. It was very much expected that personal computers would run anything compiled for the CPU, mainly because the companies making them shipped very little software. I guess you could say that Linux was possible because there were PCs to buy - otherwise we'd be stuck with BSD or GNU running on computers we had to rent. But even then, what IBM did here was not directly open the floodgates to a Free OS, they just accidentally opened the floodgates to a bunch of companies entering the PC market by blatantly and legally ripping them off.
[0] Kulak is a Russian word for owners of rural land that refused to join the Soviet collectivization regime, which was then later applied to basically anyone accused of not meeting the hilariously awful production quotas Stalin put on shit. Despite this awful history, I'm appropriating the term because A) it's a good pejorative for land-owning nobility and B) it almost rhymes with Cook.
> A new platform needs to rise that breaks out completely from Google
After many many years and many forks, yes. This is still clearly the right answer. Google didn't succumb to Apple and just accept things, they acquired Android and invested heavily in it. We are all grateful for that. BUT, we must also acknowledge that the time of the two horse race is over. And while OpenAI and many others are attempting to do various things, we can continue to invest and back alternatives that create a more fragmented market. Maybe they will not replace Android, that's fine, but you're not going to fix Android's problems without suing Google, which people are doing, or actively working on alternatives, which again people are doing. Change is coming.
Because money. Yes Android is open source, but Google is spending billions of dollars a year paying engineers to develop it. If you want Android to be "free" find alternate funding, with no strings attached.
Why? Because I want to run bank, OTP, streaming, and other crap apps that requires certain level of trust that a 100% open source version of AOSP made by some guy in a basement doesn't provide, that's why.
Because you cannot own or operate a cellphone. The cell phone modem is not licensed or controlled by you. It cannot be, it is the telecommunication company's. And this reality is intruding more and more into everyday life. You will not be allowed to control your smartphone. They are terrible computers because of this. A smartphone's legal purpose is now basically just banking, shopping, and navigation. Other things that interfere with commerce will not be allowed.
Just use your phone as a hotspot with a real computer for computing that you can and do own.
You're right. Especially with the rise of agentic AI. You could have hundreds of contributors, all using agents, working on different modules, according to existing spec and tests, create a new OS, or Web Browser or anything. It's the end of monopolistic control of software.
But, I think the giants already know and accept this. The moat now is compute. A centralization of power back to the server, the rise of thin clients, and fat services.
So, it is a revolution but there's also counterbalancing forces. Still, we should ride that wave :)
> You could have hundreds of contributors, all using agents, working on different modules, according to existing spec and tests
The current problem with "Linux on phones" is the locked down nature of the hardware. For example, looking at PostmarketOS's support device list [0], sensors, Wifi, even phone calls don't work. Would what you're saying enable faster implementation of those support modules? (This would be really cool if possible).
If it's just about building software against suites of tests and spec that already exist, then definitely what I'm saying would make it faster. But if it's a hardware control issue, then no.
In that case (ie, if in order to be free we need to free the hardware, too), we need to create a hardware company that builds a phone from the modem/radio on up and owns every layer.
Obviously non trivial hahahahaha :)
AI is letting the world of bits move faster than before by exponentially reducing rework and sharing around the benefit of network effects from collective human knowledge. It's not touching hardware in the same way, and doesn't give us the same superpower.
edit: I guess the "easier" play is to convince an existing full stack phone hardware company to make us an OpenPhone that we can hack on because they believe in the inevitabilities of trends and consequences from AI and want to invest in that future. That would be cool? Any takers? Reach out cris@dosaygo.com
The way to make this work for real is with a smooth migration path, which means a way to keep running Android apps on your new system.
If you want to sponsor Waydroid to help make that happen, you can do so right now: https://opencollective.com/Waydroid (I'm not affiliated, just a fan, and it's the only realistic route to this I see).
I agree with you, but that only works if people value it and are willing to pay for it.
Look at email. It’s technically open, but in reality there are a few large players who control the majority of it.
The only way open source phone software succeeds is if there is real money behind it and there is an attractiveness to it that makes people pay for it.
We need both. Open source alternatives are great, but they don't replace tight regulation of large corporations. Just because Linux exists doesn't mean we can give Microsoft, Apple and Google free reign.
Problem is the hardware vendors often very much like closed systems. And banking apps too. We sadly have a much less open hardware ecosystem compared to the PC landscape. And even here driver problems are more pronounced the more exotic the OS platform.
For me mobile OS are a broken mess, irrespective of Apple or Google, so I would love to have an alternative. Mobile phones are powerful devices that are severely handicapped by bad software. Restrictions are sold as security and there are a lot of people that even buy into these crap argument. So much so that even legislation has adopted them to some degree.
But for hardware vendors to jump on another train, a new OS must probably offer something shiny. And the average user has no idea how easy it could be to interface your smartphone with other devices without needing some ad riddled vendor specific apps. I mean you can install an ssh client on your phone, but meh... That is more or less the only app I install these days.
I agree, F** Android, the website should me MakeLinuxSmartphoneReady.org and PostmarkeOS + Gnome Mobile is in good shape but a few smartphones support it.
Google has been gradually becoming more restrictive on Android openness, slowly but surely strengtening the thumb screws.
On the long term, the best thing to happen is for them to bang make it proprietary [1] while it is still free and liberal. The shock effect will be big, and the initial changes big, too. Such will motivate the right people. Open source devs, governments, legislators, people with executive powers within other companies.
But Google is too sneakily clever for that. So they go slowly, gradually. There won't be a shock effect, or if it happens it'll be a done deal.
This is how you turn a country into fascism, too. Slowly but surely, and then bang. It is all the small steps beforehand which matter, and this is why the Execute Order 66 quote from Star Wars is so such a beautiful example in popular movie SF.
You can see how failed efforts for coups in democracies have failed recently because of checks and balances. South Korea is a recent example, but looking at the details it was a close call. In my opinion, the same was true for USA, and I don't know enough about the Brazil example.
[1] Yes, I realize Android is proprietary and AOSP is FOSS.
Good luck funding the development of a competing mobile OS by FLOSS nerds that can compete with Google's trillion dollar market cap.
Even if you could get some traction, you're gonna have a bad time getting banks to support this OS, at which point it will be useless for most users, preventing you from ever becoming profitable.
> Even if you could get some traction, you're gonna have a bad time getting banks to support this OS
This already happened. Banks here in Brazil like to require an invasive piece of software (a browser "plugin", though it installs system services) to access their online banking websites. For a long time, this invasive software was Windows-only, so those of us using Linux had to either beg the banks to enable a flag to bypass that "security software" for our accounts, or do without online banking. The same for the government-developed tax software, which was initially DOS-only and then became Windows-only.
But nowadays, there is a Linux variant of that invasive banking "security" software, and that tax software became Java-only (with Windows, Linux, and MacOS installers, plus a generic archive for other operating systems). So things can change.
I also don't think it is right for Goverment to force companies give up their properties, in this case it is like forcing Google to continue to fund Android.
May be Goverment world wide could all fund the same OSS OS which benefits everyone. But right now I see zero incentives for any government to do it.
Disagree. Smart can be good, if you're actually in full control (whenever you contract the implementation to a company or own it).
The real problem is, there's not much on the market that respects the consumers in this regard. Ask for an SLA on a smart fridge functionality and you'll be met with a confusion and possibly a revelation there's nothing of a kind.
It's all ignored because most consumers don't ask questions about reliability, functionality, security and control - they don't think of those. And it's not a matter of technical or specialized knowledge, I'm sure even a caveman can understand "will this work tomorrow the exact same way it works today?" or "what happens to my fridge if you go out of business?" - it's a matter of awareness. People simply don't know yet how those new things can fail them.
Eventually people will learn about the issues, and start asking maker companies those questions. But it's all too new today.
How can smart be good? Can you give me a practical and real example of a benefit of a smart appliance? How can it be better than a regular appliance that does not get on your way?
Let me guess: now to operate a dishwasher I need to download and install a mobile app. And also regularly update the app and the firmware of the appliance, or maybe need a permanent internet connection to correctly operate. It' BS all the way down.
The only thing that companies are expecting from providing you a smart feature is to somehow monetize that on a regular basis and the easiest thing to do that is to either sell your data or locking you down to a fucking subscription.
Not mention the potential problems with devices being bricked due to failed software updates. And of course this whole thing of permanent connection: the manufacturer "sunsets" particular line because they decided it's time for their customers to get newer device. And you can't do anything because the device has a touch screen and proprietary software with no chances for opening it up due to patents and other "secrets".
Oh, well, forget all that bullshit please. I can see how that "smart" is utter nonsense no one possibly wants. If you need an app and Internet connection to operate a home appliance that's stupid, not smart. Crapware vendors really ruined it.
Instead, please imagine your dishwasher has a standardized management and observation API that's exposed on a LAN and can be consumed by your local IoT management software (e.g. Home Assistant). Nothing here should have any WAN connectivity, except for a tightly firewalled channel for out-of-home user communications.
I run dishwasher overnight (YMMV) and I have forgot to turn the dishwasher on more than once before going to bed. It would be nice if it would be able to either start on a ping from a home hub's cron if it's loaded, has detergent and locked. Or if it's not in a good state, when the home hub would sense I'm about to start my night routine it could notify me that I forgot to do something about the dishes.
Or consider a smart washing machine. Home hub can observe its state and home automation can actually remind you that you forgot to move the wet clothes to the dryer. Or, well, if we're considering advanced robotics, it could summon a service bot with appropriate manipulators to do it for me.
Or a smart kitchen stove. If the hub senses I'm going out and the stove or oven are running, it should bug the hell out of me before I'm out of the driveway.
That's what I mean when I say "smart". Unobtrusive, helpful home automation, doing what I actually want from it, not doing anything I don't explicitly want, designed to be reliable, private and fault-tolerant.
Smart home should be about dwellers convenience and automatically meeting their expectations (as defined by dwellers themselves), not a data siphoning mess with constant risk of security breaches, that becomes dysfunctional if someone else's computer (cloud) fails.
No offense taken. What's naive and and why do you think so?
I totally recognize almost nothing of the sort is currently offered on consumer market. You need to have skills and time, or hire someone with skills and time, to make a system like that. It's already possible today though. And I don't see any reason why the situation has to remain bad like this forever.
I agree with you. The "smart" in "smart appliance" to me always indicates some bullshit I definitely don't want.
What's especially frustrating to me is that my appliances that should have a delay on them don't; specifically, my dryer and dishwasher should be able to delay until later in the evening when my electricity rates go down. Instead, I have to get them ready and press the button with my thumb like my parents did with their appliances 40 years ago.
But hey! These things can chew up gigabytes of bandwidth[0], so there's that.
on a whim, I walked into a Lucid dealership and asked for a copy of their privacy policy as it relates to a purchased vehicle. the salesman told me “no” very firmly, so I left.
I bought a vented Samsung washer/dryer combo recently. I have to say I like it a lot, probably because its a combo and I no longer have to transfer clothes from washer to dryer. The fact that is Samsung definitely makes me feel nervous however (how long will it last?). Unfortunately, they were the only one to make a vented combo so far (I should have waited for more options, but I'm still OK with it).
We have a frame TV also and it worked nice for the very narrow use case we had.
I don't buy smart devices, unless they work fine without the smart stuff and it's a good buy. I have a "smart" TV because it's a great TV, but it only has HDMI cables plugged into it and no internet connection.
$33k is still lot of money! What happens if you don't have that sum? How does the system allow to be arbitrary charged on health?
I'm Argentinian and while we might be a country lagging behind in so many things these kind of ripoffs do not happen.
How come the US government allows this? From other stories sometimes posted, the US seems to be one of the worst countries in the world to either die or get sick.
Allows? The government works for the wealthy and powerful. That includes the masses, who (if they organize) have their own power, but it also includes every other powerful group or individual.
Why would the government want to stop this? It's the average person who would want to disallow this, and they'd have to pressure the government enough that the pain of popular opposition outweighs the brazillions of dollars they're making.
I assume it'd get sold to a collection agency for something like $500, which would then try to get you to pay as much as possible, possibly settling for as low as $2000).
So the hospital is still getting paid something, and the billee has the option to take a bigger credit hit or to negotiate down
Why when a high profile politic is sentenced it goes to a 5 star suite while the rest of mortals are thrown to a hole?
It seems that when you cross a certain invisible threshold "justice" applies just a bit differently. Same in Argentina with corrupt and ex-robber Cristina Fernandez de Kirchner.
His SHU cell has everything the rest of the cells have ; a TV for €14/month, a hot plate, a landline, a shower, a fridge, and on a fixed schedule access to the library and the gym
I don't know, but what I do know that "jail" has a very different meaning for me.
In Argentina the lives of people of an entire country have been ruined because of the last 20 years of robbery from the state arcs.
Yet every disgusting politician is out there or has served a laughable sentence. And what do you get in turn after ripping off a country? A home prision benefit.
What truly suprises me about BSDs is their simplicity and low footprint, OpenBSD being gold standard.
I've been playing with `byve` the last two weeks (I highly recommend vermaden's blog for anyone interested in BSDs and obviously the handbooks of each project) and I'm seriously thinking not doing a dual boot Linux install again. On my old x230 (which is running FreeBSD) I will be installing OpenBSD just to become more familiar with it.
I still don't get why just after installing Debian `top` shows me around 200 proceses. BSDs? Under 20. Other thing that pisses me off is for example how polluted (at least on Ubuntu) mountpoints are. Package management is also fragmented on Linux, while on BSDs is either a flavour of `pkg` or ports.
Perhaps I should still try more minimalistic Linux distributions, just don't know which are good candidates
Don't get me wrong, I love Linux and still recommend it heavily to non-tech people around me but when you taste a BSD is hard to go back.
Top on linux shows kernel threads (all the processes in square brackets), on BSD it doesn't show these afaik. A fresh debian install only lists a handfull of processes (all the expected ones, ssh, systemd, ntp, gettys etc) besides the 200+ kernel-threads.
Uh, ok then. I always thought that those were actually real kernel processes. What's the use of having top report those kernel threads? Is it possible to renice them?
Openbsd has been my router for a decade... I have a ansible playbook that does everything I need... I use a cheap USB drive in a fanless computer the only failure has been the $9 USB drive
If I had a nickel for every time my OpenBSD buddies told me "your ASUS router is not secure, just configure an OpenBSD machine as your router", I'd have a lot of nickels.
The part they never tell me is what hardware they recommend for the Wi-Fi, or rather which devices have OpenBSD driver support and allow for at least 4-5 good connections over 802.11ac?
I'm all for it, I just don't know where to start on the hardware.
You've got this wrong my friend. You don't use Wi-Fi on a router. You get a separate Wi-Fi Access Point device for that. I use a fanless Intel N100 2.5Gb x4 port system from AliExpress as the router with OpnSense and a Ubiquity Wi-Fi 7 access point for the wireless.
I think I get what you're implying. As long as the router itself with its firewall + DNS + NAT, is secure from attacks by actors over there internet, the access point I will connect to it only needs to be secure against people within 100 feet of it.
My only concern here is configuring an access point to just be a dumb antenna that xmits/recvs and AES encrypts/decrypts ethernet packets from a handful of MAC addresses without doing NAT or any other additional processing of those packets. The concerns my OpenBSD buddies have about the software on ASUS routers is well-founded, but I don't think any of us is sufficiently versed in layer 2 security.
What's the extent of your expertise in layer 2? I would rest easy as long as my router and access point are not willy-nilly giving away my MAC addresses to fine institutions like this place.
Yeap, actually I haven't run directly `bhyve` but using the `vm` wrapper as is very convenient.
I haven't looked at passrhrough yet, but I do feel that if I need to use it I would probably have to fight a bit with it, anyone had a hard experience setting it up?
No big fight, you just have to exclude the devices at boot so the vm can take them over [1] and if you have a AMD-System add that [2] and use the nvme virtual harddisk [3]
Nothing useful to add, just a "no". I wasn't trying to do GPU passthrough but instead passthrough a PCI card with four independent USB controllers so I could allocate those ports to VMs.
Excluded the devices at boot with pptdevs. Using vm for bhyve management so added `passthru0="10/0/0"` (device id) to the vm config. Started it up. Device was in the VM.
Saw a splendid thread last week on how thousands of Americans didn't realise "Shaun the Sheep" is a pun. Shorn / Shaun, but apparently, only in UK English.
Bhyve == bee hive == lots of individual cells, the occupants all cooperating and working together...?
While at it, a good minimalistic Linux could be Void Linux, which has several BSD folks on the team. I'm running it for about 7 years, and am happy with it. Unlike BSDs though, it's a rolling release, so I get fresh packages a few days after an upstream release.
Arch Linux is the closest I've seen to BSD in the Linux-verse. I recommend trying it. I'm not sure about production though, or using more exotic things like CUDA.
> Arch Linux is the closest I've seen to BSD in the Linux-verse.
It really isn't. The BSDs are smaller and cleaner, especially OpenBSD, which is positively minimal. Arch is huge.
The closest Linux to OpenBSD is probably Alpine, of all those I've seen. Takes as much disk as most modern distros take RAM, and because of no glibc and no systemd, a tonne of familiar Linux tools aren't available or don't work... just the old fashioned Unixy stuff... which is very much how running a BSD feels.
>and I'm seriously thinking not doing a dual boot Linux install again
Same here, i had dualboot Arch/FreeBSD for some years, but i just don't need that arch install i just stayed in FreeBSD and for games i have a bhyve Win11 VM (with GPU Passthrough) and that's all i need.
The BSDs seem to have their own fragmentation as well. All targeting their own niches and somewhat overlapping work. For example or ZFS or virtualization technologies that aren’t cross-pollinated easily.
Like, it’d be cool to have zfs on openbsd, etc. But you can’t easily mix and match.
At least on the linux side you can usually fit something into a different distro if you wanted without an insane level of effort.
What is an actual and solid reason to choose or stay AWS these days?
The topic of paying hefty amounts of money to AWS when other options are available has been discussed many times before.
My view of AWS is that you have bazillions of things that you might never use, need to learn about it, you are tied to a company across the Atlantic that can basically shut you down anytime they want for whatever reason and finally the cost.
Being that said, at the moment I'm trying to implement a simple non-blocking TLS server in Python with a custom protocol (no external deps, only built-ins) and couldn't find a single guide online that treats the topic. Having read the Python documentation it appears that there are a lot of nuances and pitfalls to correctly implement it. This was my impression after reading the docs, though I could be wrong.
I haven't checked if current Beej's guide covers the topic, in case it doesn't, did anyone embarked in doing this with success?
The Python docs on the topic: https://docs.python.org/3/library/ssl.html#ssl-nonblocking