On 06/08/2012 12:28 PM, Ben Finney wrote:
Dennis K<dennisk@netspace.net.au> writes:
I think it is a given that companies which sell products, are going to place profits above the data security of their users. Therefore, what matters is not whether secure boot works, but whether it can be perceived as working by customers. It only becomes critical for the company whether it works or not, when the successful implementation of the technology enables them to secure and hold captive their market (ie, Apple).
That's a succinct way of showing how the incentives operate differently to produce different behaviour from corporations. Shoddy security from the ones who only need it as a customer-facing checklist item; effective security from the ones who are protecting their own interests.
People are talking about the death of the PC, maybe secure boot will hasten the demise?
It hastens the demise of general-purpose computing; or, at least, it is a significant front in the ongoing war being waged against it <URL:http://www.techdirt.com/articles/20111231/01431617249/ongoing-war-computing-legacy-players-trying-to-control-uncontrollable.shtml>.
I think its a losing war. The worst case scenario is that we have to endure a decade or so of shoddy products and watch parts of the industry crash, whither and die and wait for something better to replace the gaps. Remember "Win Modems"? They were awful software-driven devices, which required Windows specific drivers to work. That was the trend, away form hardware based modem to software driven ones, but that nightmarish scenario disappeared almost overnight. Now we use modem/routers that you can use with any OS, and with some of them, load your own OS onto them. We endured years of crappy modems for nothing, because in the end, we now use hardware based/OS agnostic modems anyway which offer greater freedom. DVD players had region codes to 'lock' markets, then we discovered that cheap DVD players from China didn't bother with those codes because, well, why should the Chinese manufacturers care about Brad Pitt's paycheck? Now the region codes are meaningless and a historical curiosity. Even Apple dropped DRM and I can freely play any MP3 on an iPod.
It certainly seems to me that the American corporate model is hell bent on self destruction. Wait till China or India or another nation which doesn't so much care about this provide better freer alternatives. Not hard to do given the shoddy treatment that users are given from current IT providers.
What makes you think China or India will actually produce organisations (corporations?) that have better incentives to support customer freedom?
I think there is a different culture there. I was speaking with a regulator who was auditing a pharmaceutical plant in China, and he picked up that they were missing a separate change room which had its own isolated air system. The next morning when he turned up, the room had been built and qualified and was in use. When they need a city, they just build it. There simply isn't much tolerance or perceived need for obstacles which prevent things from getting done. What is secure-boot, other than an obstacle to its users? What is DRM other than an obstacle to its users? Sure, some people want it, but it costs money, requires serious efforts and hamstrings the product. Thats not to say that it will last, or that even they might be able to compete, but there is a possibility, an opportunity there.
Yes, the US's corporate model has failed to do this. But I don't see how merely being a different country would necessarily make it produce better organisations; there are reasons to think they would be even worse in the field of people's freedom.
It's not so much that its a different country, but that its a new economy which hasn't gotten to the "fat, lazy" stage yet. I'm sure, given time, any company will become lazy and undynamic. Locking customers in and using laws to keep them captive isn't innovative at all, yet that's what passes for innovation now. It's the symptom of a degenerate industry, and one that won't survive against true innovation. It's no wonder that Western economies are in such bad shape, when this nonsense like secure-boot is considered innovation.
Then the US computer hardware industry will become what their car industry has become, an expensive, anachronistic, uncompetitive drain.
With that I agree.