Re: Inquiring minds
Yes there is: rights clash.
Suppose something is illegal in the US while its OPPOSITE is illegal in the EU? Puts you in a real bind, doesn't it?
16605 publicly visible posts • joined 10 Jun 2009
That country I mentioned earlier? It was the Philippines (the other two MNOs are Smart and Sun). Globe's move is obviously meant to challenge Smart (Globe is #2 challenging #1 Smart).
But again I ask, why does it have to be built-in? Why can't we have field-reprogrammable SIMs so that you can pick your providers AND be able to put them in any phone you wish (including OLD phones without the capability)?
"The MNOs would need to cartelise in your scenario to end up with MVNO having no options."
CAN, WILL, and HAS happened. I've been there, firsthand. Don't think Europe. Think Asia. One place I go has three MNO providers in the entire country, each owned by a media giant. If there are any MVNOs out there, they're just labels belonging to the aforementioned.
"You don't need an internet connection to provision the SIM - it does not depend on wifi."
Oh, great, so someone can COPY the damn thing and steal my account, maybe even without my knowledge. And this ain't conjecture. I've seen it happen with my own two eyes in parts of Asia.
It is if the phone is your ONLY access to the Internet. Unless you can transfer an eSIM without any Internet or store access in the middle of nowhere outside business hours, without being accused of stealing an account and so on, then like SD cards, I'll stick to my physical SIM which I can move to nigh any phone I wish (even *gasp* OLD and DUMB phones). There's just something to be said about being able to transplant my access to whatever phone I damn well please without having to go through anybody in the process.
PS. We'll just have to agree to disagree, as my own, personal, firsthand experience tells me not to take anything built-in unless you're willing to live without or lose the feature for an extended length of time. I've had to replace components (including batteries) too many times in my life to trust anything like that to the manufacturer. If it comes to the point it's take a sealed device or leave, I'm leaving.
PSS. Someone gave a thought. WHY must it be built-in? Why not just create a separate, physical eSIM (a user-reprogrammable SIM) so that you can shop around as you please before you get somewhere, downloading credentials onto the SIM, YET you can still plug the damn thing into whatever phone you damn well please and switch phones in a blink if you gotta. Best of both worlds, if you ask me.
"And why's that a problem?"
You've never had your phone BREAK on the road, haven't you? I keep a backup phone for just such an occasion, and it worked brilliantly when my Note 4 died while out of the country. A quick switch and I was back in business while I worked on a replacement for when I got back.
"customers demand eSIM support, carriers that want their business will supply it."
Since when? First, if it really is a standard, where are all the other supporting phones. Second, what happens when an eSIM phone breaks? It's not like I can pull an eSIM, slip it in a backup phone, and be back in business, eh?
"So unless there are consumer protection laws that exclude eSIMs speifically, the disadvantages apply to physical sims just the same - hacking, carrier locking, and so on. A SW update blocking an eSIM can block a physical SIM too."
How can a software update block the PHYSICAL act of changing the SIM? And since it's hardware-based, blocking can risk a pitfall if the same carrier issues a new series. Software will always carry a risk of it being subverted since, being SOFTware, it can be altered.
To reply:
1. If the TLA's have access to vastly better hardware than you, or a secret waterboard, then if they REALLY want your data, then as they say, "We have ways of making you talk."
2. Encryption MUST be decrypted at SOME point because our brains can't directly grok encrypted data (sometimes makes me beg for the sci-fi of stuff like Ghost in the Shell which DID provide for that capability). That's why "Outside the Envelope" attacks can always work. For performance reasons, you're going to need hardware, especially if the CPU is going to be busy doing something else.
But then you're gonna need a good backup scheme FOR your backup scheme since you never know when Murphy will strike and take out your backup just when you need it. And then you'll need a backup for that, too, and so on. Turtles All The Way Down.
At some point, you're gonna just have to shrug and say, "That's as far as I can go."
"That is exactly the correct thing to do. it is so hard to get this stuff right, unless you have *tens* of years experience, it is dereliction of duty to roll your own."
Isn't it ALSO a dereliction of duty to pass the job off to someone to whom you can't really trust? And that apples to just about everyone around you since everyone has something to hide?
So what do you do? You can't trust yourself, and yet you can't trust anyone else.
"Nuclear rockets are all well and good, but what actually matters is exhaust velocity."
Last I checked, due to the Laws of Motion, what REALLY matters is FORCE, which the equation states depends on mass. The catch with ion engines is that while they emit mass at high velocities, that mass is minuscule; thus, its ultimate thrust force is on the order of millinewtons. Thus it's only practical for use once you're already in orbit. OTOH, nuclear rockets are being tested with the idea of replacing chemical rockets (which means forces on the order of meganewtons).
How do you know how to contact sneakydomain.com for your DNS request if you need a DNS request to find out what IP address sneakydomain.com resolves to in the first place? Thus why DNS lists are always numbers. I've already mentioned Microsoft defeats DNS-based firewalling with an hardcoded IP list for its telemetry stuff (and IIRC the IPs also match those for the update system meaning blocking telemetry also blocks security updates--submit or be pwned). Plus, as someone already mentioned, it's possible for a rogue state-level router to perform IP-based rogue routing (making 8.8.8.8, for example, go where they want it to go instead of Google).
Basically, if you're that paranoid, then the Internet is already screwed for you. In fact, ANY form of technology is probably already screwed for you if you live in that kind of world. After all, what's to stop them enforcing their regime at both local manufacturers AND at customs?
"Blocking DNS except via trusted (blacklisting) servers does that for me, has done that for me, and I hope will keep doing that for me."
This presents a dual-use problem. If you can control your kids' Internet, then Big Brother can control YOUR Internet. The only way around that means your kids can get around your controls and pwn your LAN.
Leaving you three choices: submit to Big Brother's Stateful Internet, accept the anarchy of an Anonymous Internet, or throw up your hands and go, "Stop the Internet! I wanna get off!"?
Creates a part-and-parcel problem, though. If DoH and HTTPS both use the same port, suppose say Cloudflare simply piggybacks DoH on ALL its HTTPS addresses (which includes IPv6 ranges, meaning you can be talking quite a bit of Internet real estate). Then the only practical solution to blocking Cloudflare's DoH is to block Cloudflare, full stop. Only an inward-looking oppressive power (who would be against the likes of Cloudfare in any event) would dare to do that because anyone else risks collateral damage from blocking a provider as big as Cloudflare.
"What stops them if you query 8.8.8.8 via DoH to route, once decrypted, all requests to the local Miniluv?"
Because it can't be decrypted until it's IN the actual 8.8.8.8, meaning it shouldn't be going anywhere once there. The only way around that is to either take over 8.8.8.8 itself (can't--out of the country) or obtain the top-secret decryption keys (a state-level espionage operation). At which point, it would be easier to just insert spy chips into all the local machines (enforceable at customs and local manufacturers) and perform outside-the-envelope attacks.
"You won't like it when the mob turns on itself or on you, as it always does eventually."
But if the mob is already out, as it seems judged by recent events, all you can do is redirect them from time to time. The reckoning seems inevitable at this point; it's just a a matter of how long it can be postponed.
"And thus the bar gets lower over time, and things that were unthinkable 20 years ago become commonplace, and our government gets further and further away from the ideals of the founding fathers."
Which is the takeaway of the Great American Experiment. Nothing, and I emphasize NOTHING made by man can truly withstand the test of time, and there's nothing we can do about because the rot is inherent to the human condition. In most given choices, there are winners and losers, and in humans, losers hold grudges if not engage in immediate revenge. Plus, if they feel they're threatened (and it's easy to trigger that in us), humans are instinctively inclined to cheat (and the cheating is meta, meaning cheating can be cheated, meaning there's no real way to curb it).
TL;DR: We're just screwed as a species. Unless we evolve better (and we're not well-equipped to get to that point), we probably need a deus ex machina to come save us.
"The copyright is not what was being discussed. It was that Apple wants to control what users can do with their computers after they have bought it. Such as not allowing some programs to run, not allowing apps to be installed unless it comes from their app store (phones and tablets) unless the hardware has been jail broken, etc."
And you're confusing the issue. If a computer user wants to do what they want with their machine, they simply need to install a freer-rein operating system like a Linux distro and go from there. Anything you're working through another piece of software (like Apple's MacOS), you're essentially at their mercy. No ifs, ands, or buts, it's part of their Copyright and laid out in their Terms of Use. If you don't like it, don't use MacOS, end of.
If you want real, REAL control over your machine, perhaps it's time to go back to the build-your-own computer kits of the 1970s where you learned what really made the machine tick: since you see all the bits and bobs for yourself...and only had a KB or so of RAM to work with.
PS. Last I checked, I cannot run a Linux program in Windows, so I CANNOT just run anything I want. Switching to Linux mans sacrificing access to Windows-only software, especially games, and keeping Windows means losing some control over the inner working of the computer to a proprietary OS. And since I lack the technical expertise to roll my own, I'm kind of stuck.
"No, they can't. But there is nothing stopping them from breaking into the safe (if they can) to find evidence."
But what if they learn the safe is booby-trapped and will self-destruct if anyone other than the suspect opens it? NOW can they compel the suspect to open it under threat of Destruction of Evidence?
Guess how this can apply to an iPhone with a failsafe?
"This is a governance issue, but I have yet to meet a developer or DevOps person that doesn't eschew any form of governance. Governance is a roadblock, slows down innovation, blah blah blah blah...."
Cave Johnson felt that way, too, IIRC (Yes, someone makes the signs IRL).
"Also the ones who can see that 'the light at the end of the tunnel' means 'get off the tracks'."
But usually, by the time you DO see the light, you're hemmed in by the tunnel walls and have no way to "get off the tracks" (not even up, due to the ceiling). And turning around, you discover ANOTHER light at the OTHER end of the tunnel. Stuck like that, "get off the tracks" isn't an option. At that point, all you can do is pray.
"But with hindsight, given the beast weighed over a ton, couldn't they have gone for an 8-gallon tank instead?"
When it comes to launching things into space (and believe me, there's just no easy way around beating the Earth's inertia), weight is a very sensitive matter. We're talking ounce-precise calculations and so on due to the cascading problem that it takes fuel to get things into space...but fuel is weight that must be lifted up as well, which takes more fuel, and so on, and so on...