I think this post overstates the "loss" of free software. Yes, closed firmware and locked hardware are real gaps...but that doesn't erase the fact that open software has completely reshaped the modern stack. From Linux and K8s to Postgres and Python, it is the infra of the internet. "Winning" doesn't have to mean owning every transistor; it means setting the norms and powering most of what's built.
I tend to see this kind of absolutist, binary tone a lot from people deeply involved in FOSS... and sometimes I think maybe that mindset is necessary to push the movement forward, but it also feels detached from how much open software has already changed reality.
> Things programmers care about directly, like the OS and the kernel, are quite well covered. Whatever we need, there's an open version
What devs can build without much oversight or business pressure usually works well open sourced.
Almost everything else (hardware, non technical "productivity" software, services) doesn't, and that's most of our life. We live in a world that's still massively closed source.
I wouldn't call someone absolutist for wanting printers, coffee machines, laptops, TVs, cars, "smart" lights to be more open than closed.
That's true. Wanting openness in everyday tech isn't "absolutist" in itself. But the article's tone (and a lot of the FOSS movement's rhetoric) frames it as failure rather than frontier.
Of course we'd all prefer open printers and cars, but those domains aren't mainly limited by software ideology; they're limited by regulation, liability, and econ. The fact that programmers can build entire OSs, compilers, and global infra as open projects is already astonishing.
So yes, the world is still full of closed systems... but that doesn't mean FOSS lost. It means it's reached the layer where the obstacles are social, legal, and physical, not technical. IMO that's a harder, slower battle, not evidence that the earlier ones were meaningless.
I think it's fair to put it as a failure, as the overtone window moved so much it now sounds normal that regulation, liability or econ interfere with openness.
The very fact "right to repair" had to be coined, proclaimed and we're fighting for it is a regression from the early days when repairing a radio wouldn't be violating some clause.
Of course, the openness was more accidental or pragmatic than really intended, and we saw companies slowly put up the barriers as they found technical and legal ways to do it (like forbidding plugging third party phones to the network for instance). If it's a frontier, IMHO it would be more akin to the battlefields front lines than anything else.
Put another way, the battle has always been social and legal.
The other famous example which people have mentioned here is that "sideloading" is now used to refer to installing software on a computer, which used to be a normal, routine (and required) thing to do in order to use any computer. So the idea that someone curates what software you're allowed to run, and there's no way to even opt out of that, has become normalized for huge numbers of users and parts of the tech industry.
It's true that malware authors are much better funded and more aggressive than they were a few decades ago, so we have some long threads talking about how there is an element of the paternalism here that's protecting people from some pretty malicious stuff, which could also cause a lot of harm. However, seeing this paternalism as the basic normal way that software is used shows that we've lost a lot.
> Wanting openness in everyday tech isn't "absolutist" in itself. But the article's tone (and a lot of the FOSS movement's rhetoric) frames it as failure rather than frontier.
It is a failure. Things have been moving away from openness. A frontier would move toward it.
Yeah. I'd say open source won in the basic infrastructure of the tech world, but actual political free software is just barely holding on. I want users to be free not some base shared code you can't actually modify running somewhere in the stack of a closed source SASS.
we ought to want that the users themselves should desire this freedom for themselves
right now we want it because we want the side-effect the the tinkerability, the data transfer, the cost-optimizaton (host it where it's cheap, or modify it if it's not cheap enough)
but users want their problem solved, they are extremely happy about an imperfect solution (deeply flawed delegation of the problem and responsibilities), they are willing to pay a lot for it, and their time-value discounting coefficients are atrocious. they want it now, and don't really care about tomorrow. (or next month when the free trial expires, when their credit card gets charged, when the price increases when their blessed business bamboozler becomes bankrupt - or worse a ruthless monopolist)
FOSS is an education problem, quite isomorphic to the problem of democracy (and climate change and other slow burn issues)
...
and of course it's a political problem too
but where's the coalition of friends of FOSS who pledge to spend/buy/support development of the missing components? where's my FOSS printer? where's my movement that encourages me to buy a shittier phone knowing it will help spin up the flywheel of FOSS?
... and where are the faithful pragmatists that don't get sidetracked by their own toenails?
> "Winning" doesn't have to mean owning every transistor
It absolutely does.
Corporations are pushing remote attestation now. They can detect if we "tampered" with our devices now. They discriminate against us for it. Installed your own open source software? All services denied. Can't even log into your own bank account.
We're marginalized. Second class citizens. There is no choice, it's either corporate owned computers or nothing. What good is free software if we can't run it?
Its a lost battle not a lost war. You have to adapt for the circumstances of the time. Today that seems to be using a device that is closed but gapped only to get the essentials done(government services, banking etc.)
For everything else continue to use and improve the open offerings.
In the meantime, keep fighting and supporting organizations to get laws pushed to ensure open devices can access essential services. (Administrations change, whats dire now may be hope tomorrow).
I've come to realize that a lot of closed digital services are just fluff and not needed. So I try to accept that I dont need them. Its a journey.
This may sound silly but I think desktop linux "winning" is of the utmost importance right now. Free software is pretty much shut off from the appliance/mobile computing platforms but if a sizable portion of personal computers remain using free software it will be hard for the big corporations to fully close the web or make platform attestation truly required for everything.
Preserving such mindshare into the future might enable us to show people why they should care about free software and perhaps finally obviate how much malfeasance the perpetrators of closed platforms can do contrasted to the remaining open platforms on pcs (assuming people don't just completely abandon pcs...). This may also help push and convince law makers into legislating in favor of free software and open platforms.
Desktop is still useful, but it doesn’t matter. Everything important to non-techies outside of work life is happening on the smartphone, which has had hardware attestation since forever.
Those are vital points! Mobile is the battleground. No company now or ever working on classical hardware attestation will understand cryptographic engineering at a basic level..
Thus FOSS has plenty of time (decades to centuries) to learn from for-profit tech's mistakes
Mobile is the battleground but you are forgetting how damn easy it is on android (atleast right now before google's attestation) it is to install f-droid and then install open source.
People don't even do that. They don't even search for software on f-droid first and try the UI. Nope they go to play store and search software which is going to advocate for closed software because ads/review buying...
You really have to expect something from the general populus as well imo. Maybe they don't know about f-droid but people say to me its not about knowledge but rather caring, they don't care and I don't know wtf to say to that.
Within the mobile space there are other possible Schwerpunkte and appstoretech is the most obvious one to work on.
It's also one where superior technology could win out over feelings--> why NLNet wants to fund:
>‘decentralized app stores’, a technology that uses the F-Droid app store architecture, for organizations or other entities that wish to distribute their apps to a select user population (e.g. employees), plus an app distribution system that makes it simple and cost-effective for developers to distribute their applications to multiple app stores.
For mixed approaches, I like to think about why Google et al haven't beaten Apple at the appstore game (outside China)
You mention chicken and egg which suggests that there's a 2-sided-market type of problem to try to solve here even if one isn't well-versed in marketing
Basically that people expect a lot from open source yet they want it right now but nobody mentions anything about donating to them or they will donate to it once the software gets a lot of features but the software will only get it if you donate to them in the first place imo otherwise the whole situation would feel entitled.
There is no reason to expect good UI/UX from open source when at scale, the society doesn't fund open source with donations at all. They are severely underfunded but I don't know what people want from them. Nobody cares about it. Oof.
This is a chicken and egg problem that open source can get really good if people donate to the creators but they will only donate (I doubt that actually as well now) once it gets good but ... it will only get good once they donate.
Open source is stuck in this chicken and egg problem. I was thinking about how the creators of deltarune/ undertale if they were open source, I just checked and undertale has made 114 million $ in sales and its price is 10$ which might be worth it...
10$ isn't that bad and people still pirate it, I think this model can be decent for games which is why people don't open source games. Imagine the amount of money that could've lost if lets say undertale was open source. I am pretty damn sure that nobody would've donated 114 million $ to them if it was open source.
Just some thoughts. I have mixed opinion now. Its a chicken and egg problem and actively hurts the devs financially in the process as well and people don't want anything to do with open source aside from us people who already know about it. Like wtf. We are taking a cut for a ideology and uh I am just a bit speechless. Its messed up & my question is: can we change it? I genuinely didn't want to be pessimistic but I don't think that there is much of a way, is there? I want to find some hope to cling upon but I genuinely can't find any hope. Everyone I talk to is so down right pessimist or nihilist or doesn't care about open source for a fix that I feel like I am in the wrong for looking for ways to change and now I genuinely doubt if change is even possible.
Judging by the lack of upvotes and nondisclosure of how much they get, my guess is that 99% of people have for some reason conflicted feelings about funding opensource even from taxes
I just want a organization that I can trust and share about to have maximum benefit to society for open source.
Now there are 2 ideas that I have: One, to raise more awareness about open source and how it has some gems. The best low hanging fruits of privacy for the world might be f-droid, signal (doesn't require any specific hardware as long as they have android) and grapheneos(depends if they have a pixel)
But that being said, I thought that if I share about open source and how it can be good but it requires your funding to fix the chicken and egg problem. People would feel convinced to donate.
I might say them to donate to nlnet. But I don't think many people would.
I don't think open source needs an evanglist or somebody telling somebody else to do something. I am deeply pessimistic about the state of open source in the sense that it's out of my control and my trust of human society is eroding day by day.
Literally nobody I talk to makes me feel like something can be done about this / gives hope and I doubt it so much now. I was so much optimistic about its future but I am genuinely pessimistic now and the only reason I try to be hopeful is that I don't want hopelessness. I don't want to sit down and watch but fucking hell, the world sure damn well wants me to.
The only hope I got was maybe through raylib creator's github post about history of raylib which inspired me and it seems like the best way for open source could be to become a teacher but I have conflicted opinions about it because I like building things that are niche solutions to niche problems I have. That's how I started loving open source more. Some solution which I can always use. which I have starred with me. Not sure if I should even be a teacher or something else or if how that fixing my own problems attitude goes towards teaching. I don't fucking know and I am tired of pretending that I know. idk wtf is wrong with the world that good things can happen but they won't. We are in a fucked up world in which mediocrity is benefited and like I have convinced myself that maybe this is the equilibra of altruism/evilness in the world maybe directly governed by biology/physics/the laws of the universe. But I can't but see how things got better in the past yet it seems that people have just accepted that things can't change now. How were people in the past doing so many massive changes like french revolution. I was asked by my teacher 3 years or more ago to write about it and I made things on the spot because I read one book (everything is fucked a book about hope) and uh I just somehow translated that people wanted hope and french revolution provided it. I always thought that if we can show the world something which can be better which just requires all of us to put in a little effort, then things would get better since we would all logically agree that this is the better thing, just like how I can show them hope and then we can have another thing like french revolution (I mean something's that good like democracy), but now I am wondering if that's how the things work. Maybe I was naive but I need to do more research on french revolution's hope idea, idk.
In the past the material resources of opposing forces were evenly matched: french revolution happened because the state had tenacious control over arms. Today armies do sometimes side "with the people", but mostly to prevent the politicians from going too far.
Real revolutions today have to be quiet. Besides NLnet, which I personally find trustworthy, and to which anybody can try to apply for funding, there's also Linux and FreeBSD. Those are real techno revolutions, but I'm optimistic that they can be taken to the next level. (2% support)
Be the change you want to see in the world, like Gandhi says. It's simple, though not easy. Join NLnet, or contribute to F-droid, or work on reverse engineering advanced proprietary tech. Find and learn and think about how revolutionary tech orgs are run. Most important thing to learn: how they can survive on support from only 1% of humanity. Thinking like that, it's actually easier now than any point in history.
Agreed. It's all about leverage. Without huge numbers of users, we have no leverage. Corporations can afford to just drop us because of our software preferences. That would not be the case if there were more of us.
I still feel a bit sad about the changes that happened ~2012. Linux on the desktop really had a strong momentum going around Ubuntu and Gnome 2, where quite a few non-geeks started switching over as well. But then everything fragmented quite rapidly – Gnome Shell was quite unpopular on launch, Ubuntu went in their own direction with Unity, Mint went in a different direction with MATE and Cinnamon, Elementary forked off Pantheon, etc. Similarly, RedHat pushed for Wayland and Flatpack while Canonical pushed for Mir and Snap, and so on.
I'm not saying that Ubuntu/Gnome was everything Linux had to offer (I myself was on Arch and i3wm at the time), but that period was certainly when the largest percentage of people around me were enthusiastically adopting the Linux desktop.
For me, Ubuntu / Gnome 2 came so close to being something tech-savvy people could recommend to non-technical friends and relatives at a time when people who were happy enough with WinXP and Win7 were being corralled into dealing with the Win8 carcrash. And instead of closing that final gap it went scampering off into the far distance again, never to recover.
That's normal in Linux. It's always about to get really good then everything is made crappy again, then slowly improving to get good but then the cycle repeats. I've lived through several of such cycles, it has slowed down Linux adoption a lot.
This leads to a massive transfer of power from end users to corporations and governments. User-owned computers and the open web limit the ability of such institutions to place demands on users. Is that worth a slight reduction in the rate of bank fraud?
Most of the time, it's the bank that's on the hook for fraud, which is why they're motivated not to trust that the user's device is sufficiently secure.
There’s no world where the bank is on the hook for fraud while also not being allowed to prevent it.
Personally I’m ok with the bank being on the hook and their app checking there isn’t malware loaded on the OS. I have my raspberry pi and steam deck for full modding without intermingling it with extremely sensitive computing.
Is this not a solved problem? I used to have a TAN generator for my bank as a separate device I paid like 5 euros for. If you get provided an authenticator and get forced to use it for transfers essentially even if my device is compromised it doesn't matter unless their device also gets compromised. They are then free to lock it as much as they want.
If it’s just one of those 2FA code generators, that still won’t help if your phone has malware on it. The malware can just modify the transfer as you are making it and have typed in the code.
Users would also lose them far more than they lose their phones.
I have one of those 2FA code generators, and used to have a different one with a business account, too.
In both cases the authorisation challenge/response involves part of the destination account number, so if the details are tampered with by malware the code won't work.
There is such a world, and we live in it. Banks might reduce fraud by repeatedly performing credit checks on customers, for example, but that's usually illegal.
Remote attestation doesn't check that there isn't malware; it checks that the OS is approved by one of a short list of corporations. Passing that check is correlated with a reduced risk of certain types of malware being present, but is not quite the same as checking for malware.
I am not an expert, but I think this could be improved if the smartphone operating systems had better security models.
For example, an application needs "access to your disk storage", because it needs e.g. to save photos. Okay, let's give it access to its own directory. Or maybe to a subdirectory of "my pictures". But it doesn't need the access to the entire disk, right? Yet in Android, it is all or nothing.
Perhaps with better system, we wouldn't have to ban installing game mods, only to make sure that those game mods do not have unreasonable access rights. Or maybe the banking operation could state "I can only be installed when no other app has an access to my private data" or something like that.
Most people do not understand any of the authorizations they give to apps and don't want to have to understand it. They will be interested in it only after they got burned.
They just want a thing that "works and do x, y and z" without having to worry about it.
I think the problem is that big corp got them used to easy security because nobody cared before but now that security is getting harder, big corp has no choice but to gave a sense of security they promised but cannot give anymore.
Open source software lost in this domain fair and absolutely square. Desktop linux has been an extremely accessible and decent option desktops and laptops for, what, three decades; it lost in the open market. I'm typing this comment on arch linux, but even so: It failed to become a force sizable enough to fight back against the tide of corporate-owned attested consumer hardware. Android has been an option for nearly two decades. Its reasonably successful, globally. Google is now toggling the doomsday switch everyone knew they had, to force all applications to go through the Google Mothership. Samsung could fight back; they won't. Motorola could fight back; they won't. The market could revolt; it won't.
Software being open source is not enough to change the tide on what the market wants. Should service providers be forced (e.g. by regulation) to support consumer hardware stacks they prefer not to? By what mechanism do you propose we stop a bank from saying "we'll only support connections from iOS devices", if not the democratic market force of ensuring enough of their customers demand access from devices running free and open source software? You get there by building products people want. Anything else is succumbing to the same authoritarian forces that you're hoping free software will stop, by forcing service providers to behave against their own interests.
If that was unpopular, here's where it gets really unpopular: I don't see a doomsday-level problem with a world where, in addition to whatever awesome FOSS hardware I might have, I also have an iPhone 12 ($130 on swappa) as my "attested device" to do "attested stuff" with, like store my drivers license, banking, whatever. To me, this is... fine. Not ideal; but fine. We should fight like hell to score wins where we can, like in right to repair, parts availability, ensuring old devices are kept up to date for as long as possible (Apple is pretty good at this); but if I have to carry an old iPhone in my backpack to access my bank because they refuse to support my hypothetical GnuPhone 5, the world isn't going to end.
We need nerds who care about this to stop typing on hackernews and go start a phone hardware company. That's it.
> Should service providers be forced (e.g. by regulation) to support consumer hardware stacks they prefer not to?
Yes.
Well, sort of. They don't actually have to do anything. Nobody wants to force them to work for us, that's slavery.
Just don't get in our way when we start writing and using our own software. That's the "support" we want. Just stay out of our way. Leave us alone, without actively discriminating against us for it.
For example, companies wielding DMCA "anti-circumvention" section 1201 [0] to put people in jail.
Or tricks like Nintendo designing their hardware only boot games which show the Nintendo logo on the screen, so that they can shut down any third-party games for trademark infringement.
DMCA anti-circumvention laws have made it attractive to add computers to otherwise simple products in order to reify a business model. Breaking those locks by doing things such as using "pirate" ink cartridge turns legitimate competition into a violation the DMCA. We live in the era of felony contempt of business model:
The trademark security system you mentioned produced such wonderful case law. Not only was it found that this "infringement" was fair use, judges decided that it was the trademark holders themselves who were at fault for creating this stupid system where competitors had to infringe their trademarks in order to create perfectly legal interoperable software.
> Accolade's decompilation of the Sega software constituted fair use.
> the use of the software was non-exploitative, despite being commercial
> the trademark infringement, being required by the TMSS for a Genesis game to run on the system, was inadvertently triggered by a fair use act and the fault of Sega for causing false labeling
That's what the world was like before the DMCA. Corporations would invent all this "clever" nonsense and they'd get destroyed in court. Not anymore.
> Should service providers be forced (e.g. by regulation) to support consumer hardware stacks they prefer not to? By what mechanism do you propose we stop a bank from saying "we'll only support connections from iOS devices", if not the democratic market force of ensuring enough of their customers demand access from devices running free and open source software?
The same mechanism that stops a bank from saying, "sure you can withdraw more than $10,000 from your account and we won't ask any questions about what you plan to do with it" - explicit financial regulation with real penalties attached to it, that banks systematically adhere to. I'm not necessarily a fan of all legal regulations around banks or other financial product providers - this is a huge reason I'm interested in truly decentralized cryptocurrency systems - but given that the regulated fiat financial system does exist and is widely used, we might as well demand that these regulations include provisions that the bank has to let people running free smartphone OSs connect to their systems too.
> We need nerds who care about this to stop typing on hackernews and go start a phone hardware company.
We need nerds who care about this to stop complaining about minor things in existing GNU/Linux phones and other similar devices on the market and go buy them. These hardware companies have been there for years already.
It's hard to build a profitable and sustainable business only basing on the minority that doesn't mind it being "too thick", "too slow", "not high-res enough" or "unable to run modern PC games" (all of these are real things I heard from people here, no kidding). And I assure you that if you really care, you'll easily find a way to live with a (swappable) battery that lasts 20 hours.
I own one of these devices (pinephone) and it is legitimately not good enough for day-to-day use (despite the incredible efforts of the people who are working on it's software). I only use my phone for locally-stored music, text-only web browsing and calls/SMS. The Pinephone cannot perform any of these tasks competently. The thing it does best is playing music, but this drains the battery. It will not reliably place/recieve calls/texts (and 911 doesn't work IIRC). It can barely handle basic web browsing. KDE on this device literally pegs both CPU cores to 100% all of the time. Phosh is better but still dog-slow. This is the case even with the many years of improvements the community has been making to these devices. It used to be significantly worse, and the software is monumentally better than it ever has been. I love this device, and it deeply saddens me that it has such major flaws.
All of the current Linux phones have major showstopper issues, and saying we're complaining about them being "unable to run modern PC games" is a strawman. The simple fact of the matter is there are no decent mobile Linux options available.
The most endemic problem right now is "Linux" phones that use crummy forked vendor kernels and Halium. For all intents and purposes, these devices are trapped in time and can't meaningfully get software updates for major system components. The 2 decent Halium-free options, the Pinephone and the Librem 5, both still use downstream kernels, and the Pinephone's kernel is maintained by 1 person in their spare time. I think it's apparent that this is not sustainable, and one can't reasonably expect megi to maintain this device forever.
As sad as it makes me feel to say this, I don't foresee these problems improving for a long time. As of now, I remain stuck with a Moto E6 from 2019 (Android 9.0) as it seems to be the final device ever produced with a replaceable battery, headphone jack, SD card slot, and screws instead of glue.
I don't understand what you're talking about. SXMo (https://sxmo.org/) is fast on Pinephone. Even Phosh is pretty usable. Firefox with NoScript is more than good enough to browse web sites with pictures.
Also, Librem 5 is much faster than Pinephone, and I've been using it as a daily driver for quite some time already.
Man, I just want to get a rapsberry pi and screw together a touch display screen with some sim attachment as my phone.
Or a device which can just take a X server running on the same port of sorts but I have found that sure you can do something like it, but its gonna be of inferior / subpar than a phone but definitely possible.
If you wait around to be purist on this issue all day, nothing will ever change. Something like e.g FuriLabs is good for growing the ecosystem and getting people actually exposed to something other than iOS/Android.
Halium is a hack around crummy vendors doing sub-par work. It is technically impressive but it doesn't resolve the underlying issue that the crummy vendor kernel will never be updated. Saying that Halium is not a good enough solution in the long-term does not make one a purist, it's a simple fact. Devices that rely on Halium are dead-on-arrival.
Devices that rely on Halium actually work. I’ll take that over your perceived “dead on arrival” status right now - especially since by the time anything in that ecosystem changes I’ll be ready to swap devices again anyway.
Except they don't, not really at least. You can't even run a Wayland compositor unless it's hacked up to support Halium, and that's just the tip of the iceberg. It makes sense when you want to run some better userspace on an existing Android device where having a proper hardware support is absolutely hopeless, but in the end it's not that much better than running your stuff in Termux or WSL and you'll find yourself limited as soon as you actually try to do something unorthodox with it.
I'm typing this on a device that doesn't rely on Halium and which actually actually works, without being confined to what distro maintainers happened to manage to hack up or reimplement, so it's not like there are no alternatives.
And yet I've been using these devices for 17 years now (first Neo Freerunner, then Nokia N900, now Librem 5) and they've been good enough for day-to-day use. With some compromises, sometimes effort, maybe not for everyone, but they sure were usable by a determined person who cares.
I do have a replaceable battery, headphone jack, SD card slot and screws. I do some Web browsing, reliable calls/SMS, playing music for hours. It's starting to get a bit slow and old over the years, but I still see no reason to switch to any less user-respectful device.
What I worry about is whether there will be an upgrade path within the next decade. So far there was the Liberux campaign, and it failed. I already had to use an Android device as a secondary phone for 2-3 years before I got my Librem 5 because the N900 eventually aged too much to be usable for the Web and there was nothing on the market that could properly replace it. I don't want to need to do that again.
PinePhone is a low-end device with no support other than what you get from the community. It was a good option for those who couldn't afford anything else and wanted to invest their time and skills instead of money, but there are no miracles. The community of people who did actually care turned out to be small enough that you can still find some low-hanging fruits to work on today - and that's the thing I wanted to point out. I see lots of people who talk about how much they want Linux phones, but it's a tiny subset that actually acts like it. They won't fall from the sky - not when the sales of existing devices can't finance developing their successors.
Which software stack were you using on the Neo Freerunner that was usable as a phone and had working power management?
I tried to use a Freerunner as a phone for well over 2 years before I gave up and just bought another nokia. As far as I'm aware, it was never really usable as a phone, partly due to the power management never really working properly (there was a point where we finally got power management and a battery life of >4hrs, but the phone often wouldn't wake to ring when somebody called). When using several of the available distros I was frequently mocked by my friends for using the "echophone", due to their own voice being echoed back at them, making it extremely disconcerting to talk to.
I tried a bunch of different distros. And I spent hours and hours and hours trying to tweak settings and test to eliminate the echo. qtmoko was the best distro IIRC, but it had its own issues.
To say that "they sure were usable by a determined person" severely overstates the usability of the freerunner IMO - I'll be extremely curious to hear about the software stack that you characterise as "usable", particularly with regard to the ability to make and receive calls and the ability to have the phone on standby for more than about 4 hours away from a charger.
I used SHR (initially Om2007.2, but switched after a few months as it wasn't maintained anymore). Echo could be eliminated by configuring Calypso modem's DSP and IIRC FSO distros did it by default at some point. Buzz and not waking up to ring (the infamous bug #1024) were hardware issues on early units and could be fixed pretty easily by anyone who knows how to use a soldering iron (I didn't back then, so a friend did it for me). There was a software workaround as well, though at a cost of elevated power usage in suspend. I don't remember exactly how long it lasted on battery, but it sure did last a day at school. A quick search through my e-mail archives shows people on mailing lists talking about 100 hours in suspend with modem deep sleep fixed and about 70 hours with it disabled (though I can see someone complaining in one mail that they couldn't reach more than 50 hours), but of course it could quickly burn through the battery when under active use - especially with Wi-Fi on, as I remember its power saving mode to be quite flaky.
Freerunner was the roughest of these devices, but that was more than 15 years ago. Things have changed meanwhile ;)
I tried SHR too. That original 2007.2 distro that it shipped with was almost usable as a phone before OM released the much worse one.
Interesting to hear, I never managed to get anything like that many hours out of mine - as I say I never managed a full day because it wouldn't wake from sleep to ring. And I spent a LOT of time trying to eliminate the echo but never quite managed it (though I think it might have been gone in qtmoko, it's been a long time so hard to remember exactly).
Still I'm glad to hear that it was usable for someone, I guess.
> Things have changed meanwhile ;)
I wish. But my experience with the pinephone was somehow even worse.
Yeah, Om2008 was a disaster. I liked Om2007.2 as a user, but as a developer I can see why it was abandoned. Eventually it was FSO what made the phone actually solid and with proper foundations. If your device shipped with 2007.2 still, it must have been one of the earliest ones, so you've got the whole set of hardware bugs that were fixed in later batches (but so did I).
Still, Freerunner, while usable, required plenty of patience. My current experiences with Librem 5 are so much better - but whenever I play with a PinePhone it does somewhat remind me of my old Freerunner (which still works, BTW!).
Yeah I was part of a group that was involved with a bulk shipment of one of the very first batches, we got all the warts.
Another thing that's worth mentioning was that at first, openmoko were very much over-selling the capabilities and readiness of the device: The Freerunner was initially supposed to be a "consumer-grade" device, with the neo1973 being the prototype / developer version. When I first contacted openmoko I was told that it would be totally usable as a phone out of the box with all the phone functionality you expect. They walked back on those claims and updated their website/wiki pretty quickly after the device actually came out. But not before a bunch of us had handed over our cash.
I'm glad to hear that the stack did get to a somewhat usable state. And I'm even more glad to hear that the librem is better. The experience I had with the Freerunner put me off foss phones for a long time, and the pinephone....didn't help. Maybe I'll take another look at the librem.
(which still works, BTW!)
Yeah my freerunner still mostly powered up the last time I tried, a year or two ago. I think maybe nand had corrupted and I might have had to re-flash it, or something like that. It wasn't in a healthy state but seemed to be mostly OK with a bit of tinkering.
It does deserve some credit as a cool little portable linux device - once I gave up on using it as a phone, I hacked it into a pretty useful GPS and music player device. I was still using it to record GPS tracks for trips in 2016, and I was running it as a second display attached to my workstation for some time after that. It did last quite well, I do have to give it that... But what I bought was supposed to be a phone.
I have to second this. I've bought two of these devices over the years: first the Neo Freerunner and then a Pinephone Pro.
I spent over two years persisting, trying to get the Freerunner to a state where it was usable as a phone. Openmoko were more interested in rewriting from scratch and making sure it had pretty animations than things that some might consider more important, like working power management and phone calls.
For a long time I called the Freerunner "the worst phone ever made"...
...but then I bought a Pinephone. Which couldn't even play mp3s without stuttering - something even the freerunner could manage over a decade earlier. Don't get me started on the "quirkiness" of trying to use it to make and receive calls. Also the keyboard attachment I bought with it never worked. I tried multiple distros and whatnot, but I didn't get to spend a huge amount of time experimenting, because less than a month after I started to try actually using it, I dropped it, and it was so fragile that the screen was destroyed, despite me having bought a screen protector for it.
I've looked at a lot of these devices over the years and been tempted many times. I was very put off by the freerunner experience. The pinephone experience was actually almost impressive that it managed to be somehow worse.
I've just been scanning the postmarketos wiki looking at how that works with a few different devices. The number of devices that have some feature like calls / gps / camera / etc "partially working" is dismaying, particularly for open devices like the pinephone and librem.
Personally I switched to using lineageos on phones a long time ago. It's not ideal but at least it's usable as a phone.
> By what mechanism do you propose we stop a bank from saying "we'll only support connections from iOS devices", if not the democratic market force of ensuring enough of their customers demand access from devices running free and open source software?
Similar to all the accessibility requirements, of course. Do you think the society / government should force banks to provide services to blind or deaf people? Or should we just let the market decide?
I never stated that its never reasonable or good to force corporations to behave against their interests. What you stated is that the "mechanism" might be to treat a person's chosen software stack as a protected class. I can't agree with this, in any sense, and I think you're just trying to distract the conversation by suggesting it.
In a sense, that is the solution: ensure availability through open standards (like the web platform) through legislation.
My bank has stopped issuing physical TOTP tokens years ago, and I am holding on to one from 2006: when that one dies, I won't be able to use their e-banking web site if I do not have an Android or iOS locked-down phone.
Not, that does not mean making it a protected class. But instead, guaranteeing access through open protocols and open platforms should be sufficient.
I also hope legislation, like CRA/NIS2 in EU and different e-waste regulations combined, will push manufacturers to consider FOSS approach as a get-out-of-jail card too.
I've done research on this, and have considered it but it's capital and time intensive even if I think it's viable.
There are two reasons I think it's viable now:
1. It's possible to wire an agentic system management service into the OS to handle a lot of the routine stuff, so non-technical users will be able to just talk to their computer and it'll be fine tuned to be good at fixing system issues, installing/removing software, managing windows, etc. I developed a scheduling inversion of control executor for enterprise agent control that I've looked into adapting for this use case.
2. The steam deck has proven a new model. Game friendly and a simplified UI is enough to carry Linux. New Arch rices like Omarchy are pushing the envelope of usability. I've been ricing desktops since enlightenment on slackware 96, so I'm pretty familiar with this world.
Regarding form factor, I'm not a huge fan of phones, too many tradeoffs. I think with strong AI voice systems, the optimal setup is buds + tablet. That's a better setup for mobile linux anyhow, and it makes the hardware almost a non-issue.
This is a valid take. I do not agree with it in general: if we look beside the consumer devices, FOSS software us everywhere. and powers almost everything consequential.
But the mobile phones specifically turned from phones into trusted terminal which institutions like banks and governments use to let users control large amounts of money and responsibility. And the first rule of a secure device is to be limited. In particular, the device should limit the ability of its owner to fake its identity, or do unauthorized things with networking, camera, etc.
This junction of a general portable computer and a secure terminal is very unfortunate, because it exerts a very real pressure on the general computing part. Malicious users exist, hence more and more locking, attestation, etc, so that the other side could trust the mobile phone as a secure terminal.
It would be great to have a mobile computer where you can run whatever you please, because it's nobody's business. And additionally there'd be a security attachment that runs software which is limited, vetted, signed, completely locked-up and tamper-proof on the hardware level (also open-source), which sides of the communication would trust. Think about a Yubikey, or a TPM, but larger and more capable. The cellular modem and a SIM card are other examples, even though they may be not as severely hardened. They are still quite severely limited, and this is good.
If I were to offer an open-source phone (and, frankly, any mobile phone), I would consider following this principle. Much like the cellular modem, it would carry a locked up and certified security block, which would not be user-alterable. It would be also quite limited, unable to snoop into the rest of the phone. The rest of the phone would be a general-purpose computer with few limitations. Anything that would want to run on it securely would connect to the unforgeable interface of the security module, and do encryption / decryption / signing / secure storage that other parties, local and remote, would be able to verify and thus trust.
Locked devices are created to supposedly ensure the security of a device user, not because malicious users exist.
SIM card is a good example. Technically, that's trivially solvable with a PKI infrastructure (a malicious user can't trivially and successfully misrepresent as google.com): operator runs their CA, and by signing your certificate, they attest that you are the owner of a particular phone number. No malicious user can mess with that (other than attacking the CA).
What they can do is attack end-user devices through different cheaper means (social engineering, malicious apps, exploits...), and extract individuals' private keys, thus allowing them to misrepresent as that individual. A SIM card protects against this by not making private key accessible in the first place.
This is exactly what locked devices do: they protect customers from not knowing how to properly (including securely) use their devices.
This is what we need to focus on as technologists: if we know how to securely use our devices, how do we opt out of others "protecting" us, and take full responsibility and liability for security lapses?
It's got nothing to do with protecting users. It's got everything to do with protecting the corporation from the users. Especially the corporation's bottom line.
If you have a free computer, you can make it save a copy of the film the corporation is streaming to you. It's your computer, you are in control.
If you have a corporate owned computer, it will not let you do that. They own the computer, they are in control. If you manage to subvert their control, it will be detected and they will not stream the movie to you.
Substitute corporation with government, and streaming with cryptography. Now consider the fact Europe is trying hard to enact laws that force client-side scanning of our end-to-end encrypted messages.
That is the war we are fighting. The fact we are losing hurts me deeply. It is hard to put into words my disillusionment.
I did use "supposedly" in there. While media lobbies are strong, that's not how they are convincing governments to line up: it's about protecting the naive, non-techy user in this tech-heavy world.
To me, that's why we need to rise and say: I need no protection! Media companies can do what they please and still insist on "secure attestation" (like Netflix does with Chrome on Linux, still limiting to lower quality streams), without essential services like government services, banking services, communication services etc. being allowed to do the same if the user decides against that "protection".
Not sure who are "they" and where are they "representing themselves" in your question?
My point was that you can be protected as a user even without the "secure enclave": that's how GPG, SSH and HTTPS PKI works (a user has their own private key, and they are as safe as their key is). Leaking any one of those only impacts that single user, similar to someone stealing your phone and using your logged in accounts or even secure chips if they get your PIN or password (or biometrics) — if you even have it set up, which most people outside the tech bubble don't.
You might be misunderstanding some of the nuances I brought up: what are you talking about?
If they want to manage their hedge fund from their phone, then maybe they should consider using a special device for that. It doesn’t really matter for the rest of the people as status quo shows
"free and open web" isn't even used to be anymore, many are using bots and AI to make things worse and many people especially young people didn't even do "surfing" on the web anymore
like it or not but internet that need verification on personal level is the future, I don't agree with it either but if you see from the progress perspective its always been like that
At this point there are only two things stopping me from using kde or gnome on my work box: Apple and my employer, and I could probably convince my employer. The hardware though is something I’m not willing to compromise on and Apple is in a tier above everyone else currently, so I’m stuck with subpar macOS, not planning upgrading to Tahoe for as long as possible.
Nerd have been at it since the OpenMoko days, the problem is that they don't understand what the general public cares about, thus all those efforts end up failing, as the few nerds that care about being customers all get a phone, and there isn't anyone left to keep the business going, buying new devices.
> We need nerds who care about this to stop typing on hackernews and go start a phone hardware company. That's it.
We need nerds that are more politically conscious than that, and are not naive enough to believe they can solve political problems through creating companies and hardware.
We need to take an organization like EFF and make it 100x more well-funded and 1000x bigger and more aggressive to compete with these corporations in the political arena.
Eh? Samsung still maintains a whole suite of independent alternative apps, providing things ranging from NFC payments to calendaring and contact management, that they stuff onto their phones in addition to the usual Google fare.
Until very recently, most/all of their phones had alternative Samsung-produced chipsets available in various markets (Exynos).
They've got their own app store as a built-in.
And they also maintain their own small-system operating system, with Tizen, in case it all goes to shit.
They've been working very hard on parallel development for quite a long time. They're probably better-prepared to jump ship than any other top-tier manufacturer of Android cell phones is.
Motorola Mobility? That was spun out of the stodgy-big batwing mothership in Chicago a long time ago -- and first purchased by Google, before being sold to Lenovo. Subsequent to Google's influence, whatever remains is ill-prepared to jump ship, but that was certainly a design intent. That behemoth is much more dug-in.
So the outlook is certainly gloomy, but it's not all darkness.
(In terms of things like banks only supporting one OS or another: Gosh. Prior to the entrenchment of the smart phone age, I never installed a company-specific consumer banking application on any computing devices at all. It was OK. I just used Sir Tim Berners-Lee's World Wide Web to do that stuff, sometimes with a side dose of SMS on my dumb-phone for active notifications.
And still today, I don't have banking apps for most of the companies that I do banking-stuff with -- and I get along fine with keeping track of the money I have, the money I owe, and the bills I need to pay.
Maybe the right answer here is to shore up the utility of the platform-independent WWW.)
>Eh? Samsung still maintains a whole suite of independent alternative apps, providing things ranging from NFC payments to calendaring and contact management, that they stuff onto their phones in addition to the usual Google fare.
Which is EVEN WORSE in maintaining device attestation than Android. Read about the Knox warranty bits.
> To me, this is... fine. Not ideal; but fine. We should fight like hell to score wins where we can, like in right to repair, parts availability, ensuring old devices are kept up to date for as long as possible (Apple is pretty good at this); but if I have to carry an old iPhone in my backpack to access my bank because they refuse to support my hypothetical GnuPhone 5, the world isn't going to end.
But even as you say, as you're using Arch as your desktop computer, things may be fine now, but they're only going to get worse.
Should we all have to carry two laptops because anything running a free software core is just utterly unusable due to remote attestation?
> We need nerds who care about this to stop typing on hackernews and go start a phone hardware company. That's it.
Didn't you just spend most of your comment talking about how the market forces don't care anyway? Would good is starting up a phone hardware company that will ultimately go bust due to total apathy of the general consumer?
Agreed. Its only going to get worse and all current trends validate that. It’s clearly trending towards closed source big brother platforms. E.g ios, android, windows and macos.
It does look that way. Though there is one potential silver lining around the madness going on in geopolitics: much of the rest of the world is rethinking it's long-standing strategy of relying on American software. That makes Open solutions look a lot more attractive, even to the average politician, than say a year ago.
As I said other times: we need a Free Hardware Foundation now like we needed the Free Software Foundation for many years. The GSD (GNU software distribution) is basically a standard GNU-Linux distro using GUIX as the package manager seems very interesting, but if you want to run 100% free software on a RYF-certified device you'll have to pay a lot of extra money for 15 years old class hardware.
We need the equivalent of a Linus Torvalds + Richard Stallman but hardware. We were lucky to have had both for software at the same time. We need the same luck again now.
Pointless. Silicon fabs currently cost billions of dollars. They are single points of failure. Even if the market starts trending towards openness, governments can just regulate a backdoor into these fabs. They have every incentive in the world to do it. Democratized access to cryptography is subversive.
We need some kind of 3D printer that can print computer chips. We need the ability to make our own hardware at home, just like we can make our own
software at home. Democratized electronics fabrication. That's the only way we'll be saved.
While I, for the most part, agree to this in principle, at the moment, general compute hardware production is relatively safe (or so it seems).
But when it comes to humongous costs, the fact that even "open source AI models" don't have their training data available (the actual "source") is one thing, but even if it was, it'd be impossible to retrain a model "at home". But if data was available, I am sure any of the existing free software foundations, or a new one, could rally users around sponsoring one DC.
We are back in the "mainframe" days where top-end compute is accessible only to few (with lots of money).
I'm not sure I follow. Corporations are free to impose requirements for access to their platforms. FOSS didn't start by demanding that MS release the source code for Windows and Office. It started with developers writing their own alternatives. What helped was the open and standardized nature of the IBM/PC stack that made it all possible. Without it, FOSS would have died before birth.
> Corporations are free to impose requirements for access to their platforms.
To wit, hardware that I bought is not "their platform", but many corporations sure like to pretend it is.
It's already not illegal to reverse engineer hardware you have bought (for the purpose of maintaining it or compatibility), regardless of how much IP lawyers like to pretend otherwise. (And even if it were illegal, I would contend that reverse engineering is a fundamental right that laws cannot rob you of.)
When BlackRock has stake in 95% of fortune 500 companies, and we are forced to use software and services provided by them because no viable FOSS alternatives exist, it becomes, and already is, a big problem.
You have to own a phone to participate in society these days. I need one to even log onto my laptop for work. Eventually I'm sure some form of digital ID / biometric information will be required for verifying my online identity.
It's a slippery slope, and we're sliding into the abyss.
> Corporations are free to impose requirements for access to their platforms.
Yeah? They shouldn't be. Any attempt to deny us service on the basis of the software we use should be classified as discrimination. It should be a crime of the same caliber as racial discrimination.
Sure, I can get behind that statement for certain things that we consider essential to a person's dignity and safety. Demanding access to Gmail or Facebook doesn't sound like it.
> Demanding access to Gmail or Facebook doesn't sound like it.
I would argue that Gmail (or at least some kind of email service) is actually a necessity for modern life -- and if "access" includes sending emails to @gmail.com without being black-holed into the spam folder then I would argue it is one of the most essential digital rights these days. For most of the public, no access to Gmail would make it impossible to get a job, use most online services, or communicate with most people. Arguably this is a right more people exercise every day than some fundamental human rights (like the right to a fair trial -- most people are never a party to a criminal trial).
Facebook is somewhat less relevant than it was a decade or two ago, but if you include all of the services under the Facebook umbrella (Instagram and WhatsApp) then I think there is an argument it is would also inch close to that line. I remember it being incredibly difficult to attend events and interact socially with classmates without having a Facebook account when I was in university ~10 years ago.
(All of that being said, I don't necessarily think this is the key issue here.)
The ability to run our own software in all contexts is absolutely essential for our dignity and safety.
It is the only thing that allows us the chance to resist their surveillance capitalism. Being surveilled and having algorithms extract value out of us is exploitation which absolutely goes against basic human dignity. It also creates the potential for information leaks which are safety risks.
Think about it. The only thing that separates corporate software from literal malware is a huge terms of service document filled with legal boilerplate that nobody actually reads. Everybody theoretically "agrees" to this stuff.
Consumers don't know anything about what's being done to them. Even on Hacker News I get accused of being a paranoid schizophrenic "tinfoil hat" user when I point out the fact we have trillion dollar corporations building digital fiefdoms with users as the serfs. You think non-technologists can grasp this? You have far more optimism and faith in humanity than me if you truly believe that.
> building digital fiefdoms with users as the serfs
I wouldn't call you names, but this does sound rather extreme. It also sounds rather imprecise. Is this a metaphor, or a hyperbole, or do you actually mean this literally? If so, in what way I, an iOS user, going to be an Apple serf?
That is the definition of idiot. A person who's so alienated they don't participate in these public matters.
> they do care if the situation get worse
By the point normal people start caring, the system will be so thoroughly entrenched that violent revolution will be the only option avaliable to them.
You cannot participate in all public matters, that’s naive and unrealistic. And stop calling people idiots for not doing that, this definition is outdated.
You can run it, I'm just under no obligation to let your machine send signals to my machine that my machine will respond to if you are running software I do not trust.
And that's the complexity of this era of computing. We just got finished convincing people that it made sense that they should have the right to run whatever software they wanted on hardware they owned... And then immediately the technology shifted so that most things no longer get done using exclusively hardware that you own. The RMS four freedoms approach is only chipping away at the larger problem: capitalism (I mean that literally in that the problem is that the machines that do the work, the capital, are owned by a tiny ownership class).
> You can run it, I'm just under no obligation to let your machine send signals to my machine that my machine will respond to if you are running software I do not trust.
If some piece of software I'm running is the only reason for you to refuse the connection, then you should be obligated.
It's slightly similar to how protected class laws work. You can block me for no reason, but not that reason.
This is especially important when I just want to run my own OS and not have people go out of their way to deliberately break things because of that.
The same violence that stops you from running a red light, yeah.
In my view, it's more important to have freedom of software choice than to have the very narrow freedom of association based on what software someone else chooses.
Because again I'm fine with you rejecting me for just about any other reason. But that one? No, I think we should all have to interoperate.
Another way to look at it is that I should be able to keep what software I use private.
Also the important part is applying this rule to companies with 7+ figures of revenue. Not so much to actual people.
I mean, we all have things we'd rather not have people reject us for, that doesn't mean it should be illegal to do so. We already have the (legal) right to keep our software preferences private.
In general I'd caution against trying to use legalisation to solve problems like this because they usually introduce more problems. At the very least I'd expect banks to no longer carry liability for fraud, so perhaps one intended consequence of this is that if you get defrauded the bank no longer protects you. That would suck imo.
Perhaps they could make it so you waive all protections by using unauthorised software. That would probably require changes to existing legislation, and then of course people would complain that the banks have too much power etc...
> At the very least I'd expect banks to no longer carry liability for fraud
Respectfully to you but not to banks, fuck that. You can use your computer under your control to access a bank and it's fine. You don't have to give up fraud protection. Phone apps should be the same way.
In Germany, the banking system had an open API, so you could even access your bank account from KMyMoney and do transactions. And you still had proper fraud protections.
How is it that accessing my bank account with KMyMoney is fine, but banks don't even allow me to access my smartphone's root account without blocking me?
> If some piece of software I'm running is the only reason for you to refuse the connection, then you should be obligated.
In general, the obligation has been soft: "If everything adheres to the protocols, it will interoperate" is how we got the Internet. And the Internet was generally useful and so self-incentivized making software work with it with minimal stumbling blocks; nobody was gating FTP clients on only working with Oracle-branded FTP servers because then you couldn't access all the other FTP servers.
But that's not the only model, and I don't see an obvious argument for why should enters into it here. How does that "should" work? Is there legal compulsion? On what moral or philosophical grounds?
> It's slightly similar to how protected class laws work. You can block me for no reason, but not that reason.
Yes, and instituting those laws was a messy uphill battle over immutable properties of human beings. That is a far philosophical cry from "No thank you; I'd like to use all that Apple cloud tech without buying an Apple computer please." I suppose, unless we break the back of capitalism as a societal structuring model, in which case... Yep. We can make whatever laws we want if we throw out the current system.
Hackers will be fine. If anything, this kind of measure-countermeasure foolishness from corporations gives them a really meaty problem to dig into.
It's just very unclear that the force of law is the right tool for the job to address that problem.
(Also, people on Hacker News can care about a lot of things simultaneously. One of them can be that adding the government's cudgel to the problem may very well make it worse; do we really want the government having to well-define things like "protocol" and "communication" to craft that law?)
> It's just very unclear that the force of law is the right tool for the job to address that problem.
Remote hardware attestation is cryptograhic proof of corporate ownership of the machine.
They're using cryptography against us. Everyone here knows how devastating cryptography is. Cryptography is subversive. It can defeat police, judges, governments, militaries, spies.
I'm actually worried that the force of law might turn out to be not nearly enough.
> do we really want the government having to well-define things like "protocol" and "communication" to craft that law?
Just ban corporations from using remote attestation to discriminate against us. If they try something else, ban it too. Don't even ban the technology, it's useful to us when used with our own keys. Just stop this abuse and discrimination.
If the future hopes for openness in computing rely on ending capitalism, we're already toast. Nobody's going to be building the next generation of chip fabs without gargantuan amounts of funding.
This looks like a loser's move, but if your bank has no other options except for mobile app, you can buy a cheap phone for that app only, and connect it over WiFi (without SIM card) so the bank would only get your IP address from this and nothing more.
This is indeed a way to cope. But why should we have to merely cope? Why do we accept the world getting objectively worse? The necessary technology is cheaper, better and more abundant than ever – so why are we letting a few megacorps and some power-hungry politicians decide how we use it?
In my country, creating a new bank used to require presidential approval. That was the status quo until only a few years ago. Things only started to improve after that requirement went away, and they certainly haven't improved enough.
It's hard to describe just how deeply entrenched institutions like banks are. Normal people see all of this stuff and they do not even react at all. It's all just mindless bureaucracy that they have to put up with. Nothing can be done about it. Can't be helped, so they just accept it.
So it's not wise to treat banks like normal corporations which compete with each other on the open market. They are directly legally and financially incentivized to do everything we are fighting against.
For example, our banks still require us to install "security modules" on our computers in order to log into our accounts. Once upon a time I tried to reverse engineer one of those things to see why they made the computer so unusably slow. I caught it intercepting every single network connection. Told me all I needed to know.
At some point society has to simply determine that it's immoral and make it illegal. It doesn't matter how much money they lose to fraud of whatever, just write it off as a business expense or something.
I’ve lived in Africa, Europe, and the US, but I’ve never experienced a situation where I couldn’t just switch to a different bank if I wanted to. That’s the context for my comment. All I’m saying is that if you’re in a situation where a bank’s services are overly restrictive, and switching to a different bank will solve that, it makes sense to switch. I can’t speak to places where such choices aren’t available.
I take the same position on countries - it’s why I no longer live in Africa, where I grew up. And why I soon won’t be living in the US any more. Life is too short to waste it having other people’s mistakes inflicted on you.
> I take the same position on countries - it’s why I no longer live in Africa, where I grew up. And why I soon won’t be living in the US any more. Life is too short to waste it having other people’s mistakes inflicted on you.
You have my applause. But that certainly looks like you are in for a lot of moving around, going forward. I guess it is not an option for everyone.
Looking at immigration and refugee numbers around the world, more people take it as an option than you might imagine.
For many of those that don't, that's a choice. Keep in mind that emigrating doesn't necessarily mean adhering to all the bureaucratic procedures involved, all the time.
I lived in my home country and then Botswana for nearly 30 years.
I've been in the US for over 30 years. I don't anticipate many more moves.
It takes time for a solidly democratic country to screw itself up quite as badly as the US has done.
Also, the US situation was exacerbated by a number of factors unique to the US: "corporations are people", "money is speech", the two-party, first past the post voting system, the electoral college, and the specifics of the representation system, are all huge disadvantages for achieving good democratic outcomes.
Plus, I think there's a good chance that the more progressive European countries will learn from, and be inoculated by, the US mistakes. I didn't leave Europe for political reasons, I left for business reasons, so I don't have any serious concerns about returning.
4% is huge. That’s one in every 25 people, about 325 million people in total. The United States contains around 4% of the world’s population, for example.
It’s more than the combined population of the top ten megacities (pop. > 20 million) in the world.
In addition to that, immigrants and refugees are having an outsized influence on politics, and on who gets elected, in many countries around the world.
Come on, this kind of defeatism only emboldens entrenched players.
Yes, we're awkwardly cornered - hardware used to be open or easily reverse-engineered. Now it isn't. The solution is to demonstrate the demand for open hardware. No one is going to walk away from money that can be made even if the market is smaller.
This movement was strong enough that the incumbents themselves offered Linux-friendly hardware. We continue to see momentum in the mobile space as well with /e/OS, Fairphone, etc. GrapheneOS is pursuing alternatives to Pixel.
What did it take to port Linux to M1 series Macs (which at least has an unlocked bootloader)?
How do I install GNU/Linux distribution on a latest Galaxy S25 or iPhone or Google Pixel or Apple Watch or... (these are likely top-selling general compute devices in the world)?
Yes, on Windows PCs, Linux usually works better than Windows itself (except for the very newest stuff for a short while). But I think you missed the point of the GP.
> No one is going to walk away from money that can be made even if the market is smaller.
Unfortunately the tech industry has shown us that isn't true. For example, look at the iPhone mini - I forget the exact sales numbers others have cited, but it sold very well. There is clearly a solid market there, even if it is smaller. But Apple isn't willing to chase it, and nor are the various Android OEMs. The same may well prove true for open hardware.
Sold very well for your home business is very different than sold very well for Apple. At the time the first Mini was released, when the previous regulat iPhone (5s) was available for cheap and the new Mini had few compromises not dictated by size, it was may be 1/6 of Apple’s sales in the first year and dropped precipitously after that. It never sold well.
Are you able to source all (or even the majority) of goods and services that YOU use, within the crypto ecosystem? Are you getting paid directly in crypto (or if you offer goods/services, do you only accept crypto)? i.e. direct exchange of crypto for goods and services? If not, you are using an intermediary to convert crypto into fiat and vice-versa. Do you invest in ANY non-crypto assets? If not, you are relying on a financial intermediary. Do you practice true self-custody of your crypto? If not, you are relying on intermediaries.
For all the theory about the being financially independent of intermediaries, in practice it is nigh on impossible for most folks living in the real economy. Meaning that for most of them, even the crypto-knowledgeable, "embracing crypto" means a compromise with the "absurd" as you put it.
This, and especially when the intermediaries attempt to police what you can and can't purchase with your own money when you wish to purchase a fully legal good/service (see: Visa and Mastercard fiasco)
I think it's worth distinguishing between what "winning" should mean and what's still possible in the world we're in. We may not win by owning every transistor, but we sure as hell lose if we stop demanding the right to.
But they did, there's even people in this thread saying the FSF/GNU is too strict with their requirements and is akin to the "old man yelling at cloud".
What else are they supposed to do then? Start Luigi'ing people?
Often times the problem is literally yelling at Cloud.
Cloud doesn't have an automatic philosophical match to the way the Freedoms were justified originally. The Freedoms are based on the notion that you should have the right to do what you will with hardware you own; you don't own someone else's hardware in the Cloud.
> The Freedoms are based on the notion that you should have the right to do what you will with hardware you own
Then why do they keep trying to own our devices? Why do we have all this attestation nonsense designed to subvert our ability to do what we will with the hardware we own?
> you don't own someone else's hardware in the Cloud
Then they should keep their ownership in the cloud where it belongs. My software will talk to their software through the network boundary. All is well.
Dictating what software I can or can't use on my machine to talk to their software is an invasion of my territory. It shouldn't matter whether I use their official app, my own custom client or some curl script to achieve my own ends. If they're going to try and usurp control of my machine, then I'm gonna start relativizing their "freedoms" as well.
The problem is that the philosophy doesn't extend to networking.
You are free to do whatever you want with your hardware. Rip the chip out and install firmware that will boot anyway when the missing chip doesn't POST.
... and when you try to connect to my server, I will send a challenge-response that you needed that chip to answer. When that fails, I'm free to do what I want with my hardware. Which is drop or reject your incoming request because I don't trust you.
So far, this situation has been stable because it's a lot more valuable to me to trust you than not; the benefit I get from having you as a user outweighs the harm that can happen if your machine has been modified and does something that breaks my protocols. In fact, the rule on the Internet has basically been "What happens in your house you have control over; what comes in from the outside is assumed to be pure screaming madness until it's validated" for that reason (among others).
... but validation is expensive and I can see why some companies would want to push the whole validation story onto "We use attestation to confirm that we can trust the software works the way we expect it to on the other side of the machine." I personally think it's a bit of a dumb experiment (I don't trust attestation itself to succeed, not when the end-user fundamentally still owns the device and every hacker on the planet can attack the attestation protocol all day if they want; I haven't seen a system that pretends it controls both sides of the network ultimately succeed yet and I don't expect I will this time either). But if companies want to win stupid prizes I don't think we need to do anything more than "not work with them" to help them along.
It's hard to do otherwise without doing injury to the core concept "You own your own machine" whether 'you' is one person with a smartphone or a corporation with a datacenter.
> It's hard to do otherwise without doing injury to the core concept "You own your own machine" whether 'you' is one person with a smartphone or a corporation with a datacenter.
It's not hard at all. In fact it's easy. Simply recognize the basic fact that corporations are not even human to begin with. Adopt a user maximalist philosophy. Classify the corporations as second class citizens, below us in importance. We absolutely should own our machines. Corporations? Maybe, if they behave. Remember: they are not even human.
If they're abusing their freedom to exert undue influence on us humans, simply take the freedom away. They exist to serve us, not the other way around. And they need to serve us on our terms, not their shareholder value maximizing terms. Their reward for serving us is not just the money they make, it is their continued existence. They are not human lives that inherently deserve to be protected, they exist because people allow it.
Wanna see how easy it can be?
> I will send a challenge-response that you needed that chip to answer
Pass a computer neutrality and interoperability law which states that if you're a company and you have public servers then they must take requests from all clients. It doesn't matter if it's OpenAI or a tamagotchi, all computers must be able to participate in the system.
This allows you as a private person to keep your servers secure with challenge response while restricting the ability of corporations to abuse us with their attestation nonsense.
Then why would I form a corporation instead of just having a private video-hosting BBS called "YouTube" that I don't have to share with you if you're using the wrong phone?
It's always people all the way down.
> Pass a computer neutrality and interoperability law which states that if you're a company and you have public servers then they must take requests from all clients
How do you do that without making it illegal to defend against DDOS?
Where does this resigned opinion that open source can not do attestation come from? Do you really think it's impossible to build the attestation mechanisms inside open source OSs?
Checking what software a user is running can be done with open source software, but actually doing so takes away the user's right to run modified copies of software. The fact that it basically needs hardware-backed DRM also doesn't help.
I see, it makes sense. But I feel like it is a worth while compromise.
Attestation as I understand it is to allow third parties to trust a user's computing device for purposes of handling their sensitive data (both from the user's and the third party's point of view) in a way that doesn't rely strictly on the user's savvy for keeping everything leak proof.
Even if this data belongs to me - as said user - I still think that the existence of open source attested software is a net benefit in the bigger picture because the future looks more and more dependent on secure computation.
Smartphones have cryptographic hardware that can provide proof that a device has not been "tampered with". This is called attestation. The hardware attests to the fact trust has been preserved since boot.
Your device will not attest to this if you install your own operating system, if you root your phone, if you do anything that they don't like, anything at all.
You install your bank's app and try to use it. The bank's servers ask for the attestation. You will not have one. They decide you cannot be trusted and deny you service.
Even if you can program your own keys into your device, nobody is gonna trust those keys. Why would your bank trust your own keys? They'll trust Google's keys, Apple's keys, the government's keys. You? You don't get to participate.
The corporations and governments want to own your computer. They demand cryptographic proof that your device is owned by them and that they have complete control. If you don't provide it, you're banned and ostracized from everything.
These days banking is one of the things for which a phone is required for. It is used as the primary banking device for most people, and for the rest it is required for two factor authentication when logging in on a PC or to verify online transactions.
Maybe some bank would allow you to use some third party two factor authentication device to log in sometimes, but most (if not all) would require you to use their "app".
In my country, banks force us to install "security modules" in order to do this. Once upon a time, back when I used Windows, I got bored and tried to pry one of these things open to see why they made the computer so unusably slow. I caught it intercepting every single network connection and doing god knows what with them. That told me all I needed to know.
It used to be that Linux users like me were exempt but at some point they added Linux support. Now there's a goddamn AUR package for this thing.
I use GnuCash/aqbanking on Linux with a physical TAN generator myself to access my German bank account. The fact that this works is not up for debate.
My point was that you can't do it *without hardware attestation*.
You can choose between 1. a smartphone with hardware attestation, or 2. a physical TAN generator with hardware attestation.
Remote attestation on Android is one of the primary examples. Banking apps and a bunch of other apps that will cut you off if you do something like root your phone.
(This is not directed to you but the wider community writ large, you just happened to be the one to kick the hornets nest)
You know… there was time before this latest generation started calling everyone that complained to a manager a karen… that complaining to manager would resolve issues… and if that failed, publishing your story and refusing to do business with someone was seen as proper conduct.
Banks!!! Lol! Are the most fragile institutions ever! Fdic, exists for a reason… get enough people to withdraw their money all at once and see what happens.
Open source people that want to stick to your grit… don’t work with banks that won’t let you use open source software. Oh is that too hard for ya? If you’re not compiling your own slackware distro than you have no leg to stand on (/s)
But seriously, use a local bank and try solving human problems by dealing with human’s. Quit trying to tech everything… if the open source community would get unified and actualize… thats a fuck ton of people!
Here’s another crazy concept that the oss community could do… they could literally just open their own bank… voila (its not as hard as it seems and takes way less money than you think)
> try solving human problems by dealing with human’s
Welp. I actually tried it. Here's my experience.
I contacted my banks and got in touch with their managers and devs. They do have APIs. I wanted to use those to create my own software with read only access to my account. I didn't even want to transfer money anywhere, just get my transactions for accounting purposes. I was using ledger at the time and was getting tired of manually inputting everything into the journal.
I eventually discovered I would need to incorporate and beg the central bank for permission to touch the financial system.
I left a startup around 6 months ago. We were around 30 employees and we had working software and were starting to get some users. We couldn't get the banks to work with us. We were able to get some access through third-party companies and it sucked.
I went to a meeting a few years ago with a big investment company. They had a team of 30 people trying to figure out how to reliably read financial documents to get people's financial information to serve it back to them. At this startup we spent a ton of time doing similar things, and paying another company to read our user's financial documents so we could get their info.
My point is, even if you incorporated and begged I'm not sure you'd have success.
> But seriously, use a local bank and try solving human problems by dealing with human’s. Quit trying to tech everything… if the open source community would get unified and actualize… thats a fuck ton of people!
Wise, and thus downvoted. Many FOSS enthusiasts are antisocial, sometimes even misanthropic, fragile snowflakes ("I should be able to run any software I like, on any device I like"), so any call for collective political action, that actually could achieve something more, is disregarded.
I think free software has to adapt. I find it very difficult to run QGIS on a modern Mac with an up-to-date OS. It won't run for genuine security reasons, not because some corporation doesn't want me to run free software.
In most places that I have been, free software is basically the way to not pay for software, for most companies free === gratis.
In the 1980's and 1990's, the same kind of places would be pirating software.
In Portugal, we used to have shops with catalogs during those days, hardly anyone at goverment level cared about software sales, nowadays it is controlled by an economic agency and those kind of shops aren't as easy to find as they were up to early 2000's.
Free software allows them to now be in a legal state, yet the authors get the same as before most of the time, nothing.
Which is why in the end many FOSS projects end up pivoting for something commercial, preferbly in ways where even piracy isn't possible, like SaaS.
Google recently changed their security policy regarding Android, where there's now a 3-4 month delay between when OEMs get access to security patches and when they're posted to AOSP (it was previously 1 month). The patches are broadly distributed to OEMs, so there's no significant barrier to attackers and companies like NSO Group and Cellebrite obtaining them. GrapheneOS has access to the patches, but the embargoed nature means they're not able to publish the patch source code or any details about what vulnerabilities are being patched. This means that GrapheneOS users are forced to choose whether to opt into the closed source patches and get recent vulnerabilities patched, but lose out on having an open OS.
> From Linux and K8s to Postgres and Python, it is the infra of the internet.
I may be unable to control the software in the device I am holding in my hands right now, but the important thing is that a few corporations can externalize the costs of maintaining their infrastructure to "the open-source community". And even get free publicity from doing so!
The infrastructure it powers is mostly cloud hosted SaaS which is far and away the most closed model of software. Cloud SaaS is far more closed than closed source software on a personal device. Often it’s not even possible to export your own data.
Very few people use much open source software directly. With a few notable exceptions it’s only used by developers and IT pros.
I suppose the Darwin kernel in Apple OSes and Linux in Android kind of count but people really don’t interact with those directly in a tangible way. They are way deep down under the hood from a user POV.
> I suppose the Darwin kernel in Apple OSes and Linux in Android kind of count but people really don’t interact with those directly in a tangible way. They are way deep down under the hood from a user POV.
The XNU kernel is only partially open-sourced. And it has a very non-open development model - development happens behind closed doors, no process to accept outside contributions, chuck a source code dump over the fence some time after each binary release.
It is better than nothing, but is more “technically open source” than “open source in spirit”. A lot of Darwin code can’t even be compiled outside of Apple because the open source code includes closed source headers.
It wasn’t always like this… in the early days of OS X, you could download an ISO of open source Darwin, install it on your PPC Mac, and it was actually a useable Unix-like OS (missing Apple’s GUI, but it offered X11 as an alternative). Then Apple lost interest-and got scared their (relative) openness was making life easier for jailbreakers and Hackintoshes-and nowadays you aren’t getting a usable open source Darwin without a huge amount of work to reconstruct and substitute the missing bits (which I know some people are working on, but no idea how much success they’ve had)
> it has a very non-open development model - development happens behind closed doors, no process to accept outside contributions, chuck a source code dump over the fence some time after each binary release.
Mostly agree re: your entire post, but, re: OSS above, does not matter, you don't owe an open development model to anyone.
I think there can be a difference between the literal and official meaning of a term, and what it most commonly means in practice - and that’s a descriptive claim about how words get used, not a prescriptive claim that anyone has some moral or legal obligation to do anything in particular
> The infrastructure it powers is mostly cloud hosted SaaS which is far and away the most closed model of software. Cloud SaaS is far more closed than closed source software on a personal device. Often it’s not even possible to export your own data.
That's fair, but I think it misses the distinction between who owns the infra and what the infra is built on. Yes, SaaS is often closed to end users, but the reason those companies could even exist at scale is because the underlying layers (OS, databases, frameworks, orchestration, etc.) are open.
You're right that control shifted from users to cloud vendors, but that's a business model problem, not a failure of open software. If anything, FOSS won so decisively on the supply side that it enabled an entire generation of companies to build closed services faster and cheaper than ever before.
"FOSS won so decisively on the supply side" because it's basically giving away something that would ordinarily cost money. Anyone can "win" by giving away something of value away for free; it's not a victory that's worth anything.
What those adopters are not doing is opening their own source code as FOSS or contributing back to FOSS. That means that there isn't a path to future success.
You are so close. Or maybe you’re there and I misread that.
FOSS killed the profit margin in just making software. That shifted profits to hosting it, and in so doing shifted the industry to a more closed model than it had before.
In other words the net effect over time on the system from FOSS was to close things more. It had the opposite of the intended effect. We incentivized closed.
The result had been horribly dystopian. Before we had PCs that ran closed source but still local software and had our own data. Now we have cloud they runs opaque software we can’t even run ourselves and our data is not ours and is subject to mass surveillance. (By “our” I mean most people. Tech savvy people can opt out with some effort.)
This is super common. It’s hard to predict the actual incentive structure that something will create, and it is incentives not intentions that determine outcomes. Large scale socioeconomic systems are mindless gradient descent machines that chase profits of various kinds the way a plant grows toward sunlight.
>he infrastructure it powers is mostly cloud hosted SaaS which is far and away the most closed model of software.
Free software was conceptualized at the dawn of the personal computing era. As it is defined, it could never prevent isolating users from the software by isolating them from the hardware, because it was assumed that the software would run on the hardware that the user interacted with directly. You could build an SaaS product on entirely copyleft software without breaching any licenses. It's only specific kinds of free software that require giving users the source code. And even then, they don't require the service provider to implement any changes. If Google Docs was free software, Google isn't going to integrate your patch if it doesn't want to.
>Very few people use much open source software directly. With a few notable exceptions it’s only used by developers and IT pros.
>I suppose the Darwin kernel in Apple OSes and Linux in Android kind of count but people really don’t interact with those directly in a tangible way. They are way deep down under the hood from a user POV.
I mean, what does it even mean to "interact directly" with something, at that point? If I'm using Firefox on Android to watch a YouTube video, is that direct enough or not? Firefox, like the kernel, is just a facilitator for a task I'm interested in. Hell, arguably, so is YouTube. Then it follows that almost no one actually "interacts directly" with software; people interact directly with their task, and software is ultimate just a tool that's more or less practical to accomplish it.
> "Winning" doesn't have to mean owning every transistor; it means setting the norms and powering most of what's built.
I remember when winning meant you can modify your computer as you please because you have all the sources. We’re locked down in a world of apps, saas, and whatnot.
Speaking as one of the less-technically inclined HN users all I know is Linux has never been easier to install for even the slightly motivated and while there are lots of gaps, you really can run a lot of key tasks on FOSS without much fuss.
If someone wants to “break free” of Mac/Windows and regain some semblance of privacy and control, it’s never been easier. Not easy, to be clear. But compared to when I was in college (late 2000’s) it’s sooooo much easier.
I work in solar, so we have quite a lot of hardware which doesn't run on free software. We couldn't patch part of our inverter pipeline because the hardware was proprietary and had no open alternatives. We had to pay quite a lot of money to find one of the original engineers and have them flown in to help us unlock it, so that we could replace the firmware with some we had a security clearance holding contractor write for us.
To be fair this is a story about not doing your due diligence and buying the wrong hardware, but I think it can give you some insight into what the article talks about. Because yes, you can install Linux, but can you install something on your blender when "BRAND" decides you need to pay a subscription to run the self-cleaning program?
Do vendors give you schematics for boards they make or RTL for asics? Where do you draw the line as to what is expected? From a hardware vendors perspective, firmware they give you which is locked down is simply an extension of the hardware that enables them to more cheaply iterate on it. Not a feature for customers to use to arbitrarily modify and add complexity to the test matrix and technical support for the vendor. Vendors who give away full configurability tend to see their costs rise rather than fall.
Oh I definitely don’t have a choice at work unfortunately so I’m all too aware of this. I’m mostly just talking about personal computing. But point taking!
On installing Linux, I think it always has been relatively easy to do on previous generation hardware.
20 years ago if you didn't care about decent laptops, you'd easily find a mid-level desktop tower and it would mostly work. You'd be in pain if you wanted the best GPU or best hardware, but mid-tier stuff would work fine.
Nowadays you can get Linux very easily on ThinkPads or a mid-tier business laptop for instance. Or Framework. But it will be PITA on a Surface Pro, or the best Asus laptop.
I'm with you in that the market has matured so much mid-tier is now viable enough for most office or everyday life, trying to get top hardware isn't really needed. But there's still definitely a gap if your use case spills out in a more demanding area (games, VR, CAD etc.)
Yeah to be clear I’d never say it’s “easy” and ready for mass adoption. But I also had 0 issues getting bazzite going on my PC I built with an AMD 9800x3d/9070 working out the gate. I played expedition 33 the day I finished building! Kind of remarkable given the GPU was only a month or two old. What’s striking was that I never had to open a terminal window or install a single driver. Some of the distros are near-turnkey at this point.
> "Winning" doesn't have to mean owning every transistor; it means setting the norms and powering most of what's built.
It doesn't matter if software published under free licenses sets the norms and powers most of what is built if critical transistors that are necessary to use important hardware at all are powered by unfree software. That is precisely what this article is decrying. If you don't own every transistor, whoever does own those transistors can use their control over them to prevent you from using your hardware as you wish, or attempting to get money out of you for the privilege; and preventing this state of affairs is actually more important in many ways than being able to use free software to create novel internet applications.
> that doesn't erase the fact that open software has completely reshaped the modern stack
What stack?
You give a bunch of web stack examples, great. The vast majority of people will never run a server nor benefit from the licenses of the code running on the server. They overwhelming give their money to the companies benefiting from those licenses and get typical crummy consumer EULAs in return.
Meanwhile phones tablets iot tvs appliances cars tractors pacemakers videogame consoles security cameras coffee makers printers juicers friggin Christmas lights routers, all that stuff, is overwhelmingly closed source.
Free software may have won on the infrastructure side, but it is people's computing that deserves freedom first and foremost. The good news is that Linux is gaining ground on the desktop, and we may eventually see the "year of the Linux desktop."
The issue is that most people's computing has now shifted to mobile devices, and these are quickly becoming fully locked down. Apple has been a lost cause for a long time, but Google is now aggressively attempting to kill Android as a FOSS platform. Projects like Lineage and Graphene are more important than ever for this reason.
Google is not aggressively attempting to kill Android as a FOSS platform. It has always been 99% developed by Google and a handful of close partners like Samsung. It is simply aligning workflows to make this arrangement less costly to maintain. The fact that Graphene is hurt by the change was simply not part of the consideration. I'm sure they can alter their arrangement to get similar access to other partners and continue on as before.
Winning does has many different outcomes, only some which is similar enough that the historical records will see it as such. A comparison I would make is the war on encryption that was won. It is no longer illegal to sell encryption. The question becomes how much of a victory that is if then government impose laws that dictate backdoor, like say chat control.
What did that NSA official said. They lost the battle over control of encryption, but won the war against privacy?
I don't think the article was absolutist, binary, at all.
The issue is that for a lot of things, there is exactly zero foss options. The problem is not, and the article doesn't imply, that there should be a 100% foss, so that foss finally "wins".
Hopefully this lawsuit will be won by SFC, if it is, then anyone can sue their TV maker for the Linux kernel sources for their device and access to install modified versions of it, then replace their TV OS with AOSP/etc, or KDE Plasma Bigscreen or similar on a standard Linux distro.
But there is a simple alternative here: don't connect your TV to the Internet, use it as a dumb monitor for a FOSS streaming box (Linux PC or Lineage Android TV among others).
You're focusing on the benefits of open source in booming the technological sector, but his emphasis is that openness ends at the developer's, not consumer's stage and this is particularly bad when more and more of your life is technology dependant and de facto you cannot control nor modify it.
But it doesn’t set the norms. Enshittification is setting the norms. The positive effects of free software being tangible for the users is very much the exception.
ooh nice. I'll have to check this out. I tried yabai and it just wasn't stable enough to use. Messed around with a few others and eventually gave up on the idea of a TWM on Mac altogether
I feel the same way. I've put a lot of time into getting fast and efficient with Vim, so the benefits of another editor would have to be substantial to justify switching. As nice as Helix looks, I'm not sure it offers enough to make that leap.
This is great. I really appreciate visual explanations and the way you build up the motivation. I'm using a few resources to learn linear algebra right now, including "The No Bullshit Guide to Linear Algebra", which has been pretty decent so far. Does anyone have other recommendations? I've found a lot of books to be too dense or academic for what I need. My goal is to develop a practical, working understanding I can apply directly.
Ok, boy, I'm also reviewing LinAlg textbooks as we speak. Coming in with a similar interest for ML / AI.
I've done math on KA academy up to linear algebra, with other resources / textbooks / et al. depending on the topic.
People will recommend 3B1B, Strang (MIT OCW Lin Alg lessons). For me the 3B1B is too "intuitionist" for a first serious pass, and Strang can be wonderful but then go off on a tangent during a lecture that I can't follow, it's a staple resource that I use alongside others.
LADR4e is also nice but I can't follow the proofs there sadly (yet).
There is also 'Linear Algebra done wrong', as well as the Hefferon book, which all end up being proof-y quite quickly. They seem like they'll be good for a second / third pass at a linear algebra.
Side note - for a second or a third pass in LA it seems there is such a thing as 'abstract linear algebra' as a subject and the texbooks there don't seem that much harder to follow than the "basic" linear algebra ones designated for a second pass.
I've gotten off to the most of a start with ROB101 textbook (https://github.com/michiganrobotics/rob101/blob/main/Fall%20...), up until linear dependence / independence, along the MIT Strang lectures. ROB101 is nice as it deals with the coding aspect of it all, and I can follow in my head as I am used to the coding aspect of ML / AI.
I also have a couple obscure eastern european math texbook(s) for practice assignments.
Thank you very much I'll check out these resources. ROB101 looks really great.
I love the 3B1B videos, but I've noticed my attention tends to drift when watching videos. I've learned that I absorb information best through text. For me, videos work well as a supplement, but not as the main way to learn.
https://www.math.ucdavis.edu/~linear/ (authors David Cherney, Tom Denton, Rohit Thomas and Andrew Waldron) - reminds me of category theory articles, so good.
The OP's article though simple, still does not really explain things intuitively. The key is to understand the concept of a Vector from multiple perspectives/coordinate systems and map the operations on vectors to movements/calculations in the coordinate space (i.e. 2D/3D/n-space). Only then will Vector Spaces/Matrices/etc. become intelligible and we can begin to look at Physical problems naturally in terms of vectors/vector calculus.
The following are helpful here;
1) About Vectors by Banesh Hoffmann.
2) A History of Vector Analysis: The Evolution of the Idea of a Vectorial System by Michael Crowe.
>My goal is to develop a practical, working understanding I can apply directly.
Apply directly... to what? IMO it is weird to learn theory (like linear algebra) expressly for practical reasons: surely one could just pick up a book on those practical applications and learn the theory along the way? And if in this process, you end up really needing the theory then certainly there is no substitute for learning the theory no matter how dense it is.
For example, linear algebra is very important to learning quantum mechanics. But if someone wanted to learn linear algebra for this reason they should read quantum mechanics textbooks, not linear algebra textbooks.
You're totally right. I left out the important context. I'm learning linear algebra mainly for applied use in ML/AI. I don't want to skip the theory entirely, but I've found that approaching it from the perspective of how it's actually used in models (embeddings, transformations, optimization, etc.) helps me with motivation and retaining.
So I'm looking for resources that bridge the gap, not purely computational "cookbook" type resources but also not proof-heavy textbooks. Ideally something that builds intuition for the structures and operations that show up all over ML.
Although if your goal is to learn ML you should probably focus on that first and foremost, then after a while you will see which concepts from linear algebra keep appearing (for example, singular value decomposition, positive definite matrices, etc) and work your way back from there
Thanks. I have a copy of Strang and have been going through it intermittently. I am primarily focused on ML itself and that's been where I'm spending most of my time. I'm hoping to simultaneously improve my mathematical maturity.
I hadn't known about Learning from Data. Thank you for the link!
Since you're associating ML with singular value decomposition, do you know if it is possible to factor the matrices of neural networks for fast inverse jacobian products? If this is possible, then optimizing through a neural network becomes roughly as cheap as doing half a dozen forward passes.
The idea is that you already have a trained model of the dynamics of a physical process and want to include it inside your quadratic programming based optimizer. The standard method is to linearize the problem by materializing the Jacobian. Then the Jacobian is inserted into the QP.
QPs are solved by finding the roots (aka zeroes) of the KKT conditions, basically finding points where the derivative is zero. This is done by solving a linear system of equations Ax=b. Warm starting QP solvers try to factorize the matrices in the QP formulation through LU decomposition or any other method. This works well if you have a linear model, but it doesn't if the model changes, because your factorization becomes obsolete.
Genuinely curious because I don't know: when you group Swift with Rust here, do you mean in terms of memory safety guarantees or in the sense of being used for systems-level projects? I've always thought of Swift as having runtime safety (via ARC), not the same compile-time model as Rust, and mostly confined to Apple platforms.
I'm surprised to see them mentioned alongside each other, but I may very well be missing something basic.
- If the most important thing is control of the Ruby gems, reach out to RubyGems.org support
- for your projects, if you have are past collaborators on those repos, they can sometimes open GH tickets referencing the project and vouch for you. Doesn't guarantee success, but adds weight
- GH (being part of MSFT) does have some channels for escalated identity verification. Lawyers or notarized ID may be needed...possibly expensive, but sometimes the only way
GH support is extremely strict on account recovery once 2FA/backup codes are gone. I wish you luck!
I was able to recover my Rubygems account :); unfortunately my projects were all private and solo :(; I am currently looking into lawyers—if anyone has any recommendations here my inbox is open.
I have no experience with any of this but thinking thru the other side, if I'm an IT helpdesk person getting an account reset/unlock request, I have no means to validate any identity paperwork anyone sends in. My response would be a curt email accd to policy and move on to the next IT ticket.
I think the legal path is your best bet unless you know someone higher up. A legal path could bypass all the offshore IT helpdesk staff (making assumptions, MSFT is a giant mega-corp).
I haven't used Rubygems before but doesn't it allow publishing from a new repo? pypi allows updating publishing configs.
A repo fork (and maybe more so the GitHub identify fork) is definitely not ideal but if your users can get updates to their packages, maybe it's best to move forward as well as possible.
Same here. I've been using GCF1 with opencode and getting good results. I also started using [Serena](https://github.com/oraios/serena), which has been really helpful in a large codebase. It gives you better search than plain grep, so you can quickly find what you need instead of dumping huge chunks of code into Claude or Grok and wasting tokens.
> Perfect! I've created your Slack GIF! > [Files hidden in shared chats]