I imagine you would use something that errs on the side of safety - e.g. insist on total functional programming and use something like Idris' totality checker.
> use a $200 camera and photograph your keyring from a couple blocks away
I suppose serious defenders will need to get an EVVA MCS, if that's their threat model :-) Just don't let the really serious lockpickers near the lock with a contact microphone.
> That has been the model since day one, since you are using spectrum that, because the end users are not licensed, requires it. Radios in 100% of commercially available phones are locked to prevent user tampering.
Why, then, can users be root on PCs that have wifi cards, SDRs or cellular radios?
Wifi? Because it is part 15. That spectrum is less strict.
SDRs? Because they are not certified transmitters. They are test RF gear, or a component of a transmitter, not an end-user product.
Cellular radios in a PC? You don't get root on those. Same situation as they are in a cell phone: They are licensed-band transmitters, and they are required to be tamper proof to protect the licensee.
> Cellular radios in a PC? You don't get root on those. Same situation as they are in a cell phone: They are licensed-band transmitters, and they are required to be tamper proof to protect the licensee.
The original post said:
> Locking down the bootloader and enforcing TEE signatures does stop malware. But it also kills user agency. We are moving to a model where the user is considered the adversary on their own hardware. The genius of the modders in that XDA thread is undeniable, but they are fighting a war against the fundamental architecture of modern trust and the architecture is winning.
So, as I read it, Fiveplus is saying that we are moving to an architecture where the user is an adversary on the computer (the phone) as a whole. While licenses may require that specific components are out of bounds, the new thing is that the whole platform is denying the user the ability to do what they want with the parts that are not explicitly off-limits.
IIRC, a Blu-Ray drive is required to store data about revoked keys and to stop playing discs if its own key is revoked. Presumably the BR license also states that the user can't be allowed to wipe this revocation list and start playing Blu-Rays again. But BR drives can still be fitted in computers where the user has root access, just like PC cellular radios.
Phones are made to be default-deny instead of default-allow, and I think that makes it different from "enclosed modules you don't have control of".
Of note is that there is apparently one single application licensed to play Blu-Ray disks on PCs, CyberLink PowerDVD. Anyone watching Blu-Rays through alternate means on general-purpose computers today, by using MakeMKV or similar, are likely breaking anti-circumvention laws.
As of November 2023, zero applications are licensed and capable of playing UHD Blu-Ray disks [0], and PC manufacturers are just not including the hardware necessary to do so.
My point in context to the original post was simply that this isn't a new perspective -- the idea that the end users of a phone should have any control over the operation of the device was something that came later in the timeline of cell phones.
Even as a licensed ham it's getting increasingly difficult to even get hardware that allows utilization of frequencies I'm duly licensed to transmit on in the 2.4 GHz band. Short of building and designing your own transmitters it's become impossible to repurpose hardware like it was before. Our club has aging M2 Rockets from Unifi that were modified for this use that are now decaying and dying. It's unfortunate too because once these stop working that's it. A few club members have been championing GLiNET but same problems. They are relying on older models which weren't as locked down and already show signs of suffering the same fate as the Rockets.
If you want to track how many times users revisit the site, you could do that anonymously by setting a visit counter cookie, e.g. VISITS: 1, VISITS: 2, etc. This would track the user over different IPs, but since the cookie only has a counter, it doesn't tell you if two people with "VISITS: 2" set is the same user.
That's the first example I can think of off the top of my head.
I've always wondered how you'd be able to rigorously distinguish breaking out of the simulation from just discovering novel things about your current universe.
Is a black hole a bug or a feature? If you find a way to instantly observe or manipulate things at Alpha Centauri by patterning memory in a computer on Earth a special way, is that an exploit or is it just a new law of nature?
Science is a descriptive endeavor.
I guess that some extreme cases would be obvious - if a god-admin shows up and says "cut that out or we'll shut your universe down", that's a better indication of simulation than the examples I gave. But even so, it could be a power bluff, someone pretending to be a god. Or it could be comparable to aliens visiting Earth rather than gods revealing themselves - i.e. some entity of a larger system visiting another entity of the same system, not someone outside it poking inside.
