(no title)
lukifer | 11 months ago
It's just another principal-agent problem, and I agree that a fully self-sovereign life, with no dependence on trust or agents, is an unrealizable ideal; and, that a decent solution (while not perfect) is reputation stake and aligned incentives, check and check in Apple's case. I too think Cook is sincere, and I trust them as far as I can throw their products, which is to say, a little. (The Apple Tax is so they don't have to rely on a sketchy big-data business model.)
That said, computing and InfoSec have some unique contours, in a way that trusting a mechanic or a lawyer does not. Those can have catastrophic failure modes as well (crashing from a shoddy repair, getting sued based on bad legal advice), but they aren't systemic to society, and have lower switching costs.
And I ultimately think it's a false choice. When it comes to meatspace security, it's possible to have trusted and accountable public institutions, and allow citizens to have some means for self-sovereignty (2A, locked doors). It would be foolish to rely only on one or the other, either as a society or an individual.
So I'm deeply grateful for the Stallman types, pushing forward the capacity for self-sovereignty. Even if it doesn't currently meet my needs from a risk/benefit tradeoff, I still benefit from the ecosystem, and its BATNA, and I look forward to the day I sever my dependence on Apple's ecosystem, whether or not they betray my trust.
alwayslikethis|11 months ago
I agree with this part, but relying Apple is quite far from self-sovereignty compared to many other practical alternatives: not relying on external clouds, GrapheneOS, Linux. By relying on Apple, you not only pay a tax to essentially bribe them to not attack you (perhaps a viable strategy, not too different from taxes to governments), but more importantly you give up the ability to resist without serious compromises (can't have E2EE backups on your own cloud if they said so). This is akin to trying to be paying taxes to the government to get better police coverage, and they decide to ban locks, security cameras, and leaving the walled garden.
The problem with the current computing security paradigm is that it puts too much trust in entities that do not deserve it, because the entities are simply too powerful and do not suffer consequences when they break that trust.
lukifer|11 months ago
There are a couple meaningful points of divergence in the ecosystem: Mac vs iOS (the former has some self-sovereignty, even if there are risks of backdoors/etc); and, cloud vs not (I mostly avoid cloud usage, iCloud or otherwise, and when I do use it, I treat all content as public).
I agree about the trust problem. Varoufakis might make some valid points re: "Technofeudalism", but then Bruce Schneier was making a similar analogy over a decade ago. I've heard cogent arguments, that early feudalism evolved from rational self-interest, that serfs were willing to trade some degree of autonomy for safety, and it does feel that many "normie" users (especially with iOS) are making a similar rational trade, even if it sets up an asymmetric power dynamic, and risk (inevitability?) of future betrayal.
I'm curious if you have any examples in mind for Apple, re: "do not suffer consequences when they break that trust". IMO, they've done okay at putting actions and costly signaling behind their privacy rhetoric, and I think they'd take some kind of market hit if they were to blatantly break that trust. But I'm curious if you think there are past instances in which that already happened, which maybe I've forgotten or am neglecting, or if it's a threat model of the future.
brookst|11 months ago