"But if you're not home, your phone sends the command to a server in China,..."
Do any "smart" devices not try to connect to remote servers, automatically, without asking the user for permission?
Do users care that "smartphones" they carry or other devices they put in their home automatically connect to remote servers so various companies can collect data, ..., turn sockets on/off, etc.?
If we do not like this practice and we want to see change for the better, then maybe we should put our comments in Amazon reviews instead on HN, security blogs, etc.
> Do any "smart" devices not try to connect to remote servers, automatically, without asking the user for permission?
I believe this is the point of Apple Homekit. And probably whatever Google has in the works will follow the same path.
Your IoT devices only talk to your Apple TV, and the Apple TV talks to Apple which provides the cloud-connected app on your phone.
That way the million IoT vendors shouldn't have to worry about security as much, becuase their devices are behind your NAT and communicated with through Apple's security.
Could it be that the ability to more fully control a computer, e.g., a router, makes the computer more valuable?
What use are greater feature specifications if the user does not have anything close to full control over the computer?
How about a computer that where the seller makes it deliberately difficult to open, or impossible to add RAM, or threatens repair shops with litigation?
When the user powers on, the computer immediately starts phoning home to various endpoints controlled by the seller and the user cannot turn this off. Are users presumed to be inept?
Does it matter if this computer has a sexier form factor and better specifications, not to mention a higher price tag, than another one without the restrictions on tinkering?
"Who can..."
ICANN. Yes it can be whenever they want. No one ever stops them. They added several in 2001. Now they've opened the floodgates.
"At no real cost..."
True. Except the cost of running one of the 13 server addresses. And IMO it could be a dog and no one would notice. I think the A server (198.41.0.4) is really all anyone needs. The cost of a new TLD to ICANN is the cost of editing a text file.
"By what authority..."
None.
", why are they allowed..."
A question I have been asking for over 20 years.
Answer: Because we let them?
You can say no to ICANN. Run your own root on 127.x.x.x. You can edit the root.zone to be just as you want it. Want to delete a silly TLD (e.g., .loans)? Edit a text file. Want to add your own new TLD? Edit a text file. The cost? Editing a text file.
I recall a former Board member of ICANN admitting he himself ran his own root for many years.
ICANN's ability to make millions in profit from TLD's relies on an interesting prerequisite. All DNS admins have to use a root.hints file that points to the (13) addresses serving ICANN's root.zone. Often they have no idea this root.hints file even exists, let alone have the guts to edit it. The root server addresses to use are chosen by the authors of the DNS software, e.g., the software automatically downloads root.hints from ICANN to bootstrap itself.
If admins or users choose to use a different list of root server addresses (e.g., 127.x.x.x, 10.x.x.x., etc.), all bets are off.
So how do you stop ICANN from making millions posing as a pseudo licensing authority for registries? One way is to stop using ICANN's root.hints and use a different root.zone that you control. If enough people do this then one day ICANN has no relevance.
Right. Not gonna happen. I'm probably one of only a small number of users who will ever run their own root.
The problem is that DNS-as-a-global-naming-service is only useful because more-or-less everyone agrees that for a given domain, it'll resolve to the same place. Therefore, to change away from ICANN's authority, you have to get every user of DNS to agree to do so.
Now that they opened the floodgates I kind of think this is the end of it, though? The number of decent candidates for a new site has skyrocketed (to the point of there being too many even to guard against from domain squatters for many companies), and thus value of new TLD's plummeting?
That is because it still relies on paying for the domain.
The Tor network can "register" and address ( call it a pointer, because it's basically a hash ) for .onion. That means if you run the the tor service, you have a pointer, and this is probably a good solution.
So if we'd all had a distributed global "dns"-like network, where each and every system gets a unique id this would partially be solved, for free, but the requirement for master nodes (like tracker servers for torrents ) would probably still be present.
The problem with this approach is that obviously you can't make a choice for xyz.mydomain, because there will be at least someone else who wants xyz.mydomain, and in this case, who and how would decide which of you can have it? Right now this decision maker is money, which of course is an issue, but at least a solution.
So: does anyone have a distributed, fair solution, that is able to solve disputes and act as a replacement for dns? So far I'm not aware of any.
I like to compile and install my own OS images on the hardware I purchase. Of course the smartphone industry does not make that easy, if at all possible.
Hence I am forced to choose other form factors.
It would be nice to flash my own choice of BIOS. As far as I can tell this is still not too common. That is a project to which I am willing to devote large amounts of time should the information needed ever become public.
It seems the newer the hardware the more complicated and difficult this becomes. By my estimation, there is certain value in older hardware because it is not as complicated and can be easier to control.
Here is an idea that stays with me year after year: another open source OS project that chooses a single item of hardware and supports only that item.
Silly fantasy: Perhaps a deal is struck with one or more factories that can produce it. Perhaps the terms could be public. Maybe user-developers become faithful and loyal buyers of the hardware, because they like the control. Perhaps they directly pay the costs of production through donations. I have no idea what would happen. That's the point of trying it.
Building this sort of symbiotic relationship between open source user-developers and a single hardware manufacturer based on a single item, one could reason it is in the best interest of the manufacturer to open the specs to the developers, if not the public.
I leave it to you to list all the many reasons this is not worth doing. Then sit back and enjoy the status quo.
But for those of you who are avid users of an open source OS, I ask you to consider:
Do you ever get tired of watching the project trying to keep pace with new hardware? How do you feel about when the manufacturers will not disclose the specs? Are you OK with binary blobs in your "open" system? How about not knowing whether your OS of choice is going to work with your new hardware? What if there was one item of hardware that you could be absolutely sure was always going to work with your preferred open source OS, and to its maximum capacity?
OK, you may now return to chasing the new (locked-down) hardware. Thank you for your time.
Stallman has a post about his Thinkpad X60, one of the very few laptops where you can install a totally open BIOS.
The Librem laptop was another attempt at this, but it failed pretty badly. They couldn't get around a lot of the "binary blob" issues with modern hardware. They're attempt may in fact show that truly open firmware on modern x86_64/amd64 machines may be impossible.
There's Novena, but I believe that's ARM based (which is possibly the best bet for truly open hardware today)
Out of curiosity, what form factors do you choose for (smart)phones? And in general, what open hardware do you know of that can be used with the knowledge that it doesn't have binary blobs/whatever else that could be spying on the user of the hardware? I've recently become more interested in this topic, and am personally considering moving more in the direction of open software and hardware after finding out about the awful stuff Lenovo does.
I'll bet a lot of folks would keep paying those prices even if all they did was use email. I'll bet further that is still the main reason many people have a home internet connection. That and internet banking, etc.
Things subsidized by ads like YouTube and myriad other distractions are a bonus. If they were to disappear no one would be dropping their internet connection. Trust me, with bandwdth as it is, free video is not going to disappear.
All things considered I think non-commercial websites like Wikipedia or Internet Archive are actually the most valuable ones. And even without ads they will not disappear because passionate dedicated people create them for non-commercial reasons. And the cost for the individual to store data and publish online keeps decreasing.
The internet has heaps of inherent value that has nothing to do with advertising. Especially with today's computing power and bandwidth. It's like long distance calling anywhere in the world for a set monthly fee. And anyone can write software to send and receive over the network. Sign me up. For life.
Anyone who used the internet in the late 80's early 90's before commercial activity was permitted, when bandwidth was limited and expensive, knows this.
By all means argue for ads if it's your cash cow - try you best to save your golden goose, but spare us the absurd arguments that ads are what give the internet value.
The Internet Archive would be nothing without actual content to archive. There are of course hundreds of thousands of valuable blogs (millions? tens of millions?), along with forums where people gather, discuss and share, such as this one. Such things won't disappear, because the act of publishing, talking to people, sharing has value even when done for free.
That said I do worry about the future of the Internet.
I think for example the game industry has been ruined by in-app payments, because of the "free to play, pay to win" model. It's only natural that this evolved of course, as the attraction towards "free" stuff is irresistible. We are so irrational in our decision making process, that we'd rather try out something free that will frustrate us endlessly until we pay. I also think the music industry is ruined by streaming services. Yeah, we had radio stations before these, but those were valuable for discovering music, after which you ended up buying vinyl records, magnetic tapes, cassettes, CDs, etc. And people owned those after buying them. The concept of collecting music is fading away. Even once respectable software is moving in that direction. My favorite subject being 1Password, which is moving to a subscription based model, managing to be both rentware and expensive.
It's just evolution on one hand, but right now the pendulum is not swinging towards freedom. The main problem is that people will pirate if given the opportunity. This says something about how unfair the copyright law is of course, but the response of the industry isn't to make stuff free as in freedom, but to rob people of the opportunity to pirate, punishing and locking-in honest customers in the process. And how are they doing that? Well, they cheat and they lobby and they play mind tricks and they push hostile software and devices on us, etc. And we gladly accept all of that, with a smile on our faces, in the name of grandmas everywhere that need handholding.
And going back to ads, you might hate ads, you might not think they provide value, but alternative business models are coming and I believe they'll be far worse. And that's because, judging by recent industry trends, there's no reason to suspect otherwise.
There's a couple of comments showing hostname followed by IP address. Are commenters really putting entries in this format into their HOSTS file? And it works? The correct format, at least on BSD UNIX and Windows, is IP address followed by hostname.
It is a known fact that Apple tries the same ideas more than once, sometimes years apart. If at first they fail, they will try again.
I recall an idea from the past where they wanted users to disclose to them all the user's non-itunes music in return for some perceived benefit. At the time I thought of this as a way for someone at some company to assess out how much CD-ripped, Napster-shared, or other indepedently-sourced music was still out there. Needless to day it didn't fly.
I have never in my life used itunes. I can tolerate most of today's "walled-gardens" but not one that seeks to place a surcharge on friends sharing music, which has always been the essence of how my music collection was built (pre-digital). I would give up music before I would sign on to letting Apple control my music collection.
If there were a robust, tiny command-line version of "itunes" that would run on any computer, I might reconsider. But that's not happening either. That's the true reason I have never used itunes. Strong distaste for the proprietary Apple-only graphical software.
> friends sharing music, which has always been the essence of how my music collection was built (pre-digital)
I remember how excited I used to be when friends and I would drive to an out-of-town show and stay with other friends who had big record collections. You always brought a box of fresh blank tapes; and that's the same thing they'd do when they came over your house.
Do any "smart" devices not try to connect to remote servers, automatically, without asking the user for permission?
Do users care that "smartphones" they carry or other devices they put in their home automatically connect to remote servers so various companies can collect data, ..., turn sockets on/off, etc.?
If we do not like this practice and we want to see change for the better, then maybe we should put our comments in Amazon reviews instead on HN, security blogs, etc.