What happened to running what you wanted on your own machine?

Posted by marbartolome 1 day ago

What happened to running what you wanted on your own machine?(hackaday.com)

396 points | 272 commentspage 2

fghorow 1 day ago|

The one word answer to this?

Linux.

dehrmann 1 day ago||

It got this way because 99% of people are happy running what's in the app store, and the security protections are more valuable than being able to run arbitrary code.

Linux as an answer doesn't address the needs of 99% of people, so 98% will never adopt it. It's better to meet people where they're at and push for sideloading and alternative app stores.

stronglikedan 1 day ago|||

Sure, until the software that you need to participate in modern society no longer supports Linux.

jwrallie 1 day ago|||

As long as common PCs can boot an iso we should be good to go.

dns_snek 1 day ago||

Only as long as Google doesn't force Web Environment Integrity through. Running a custom OS won't help if important websites refuse to load unless they're running in an approved browser with a set of approved extensions, on an approved OS, on top of approved hardware.

Seattle3503 1 day ago||

I've been beating the drum that we need mobile drivers licenses and pairwise pseudonyms. It is a path to beating spam and bots in a way that doesn't hand control over to private entities.

Some folks don't like digital identity controlled by government, but it seems like the alternative is digital identity controlled by oligopoly.

lou1306 1 day ago|||

The article is largely about phones, where the barrier to install a truly open Linux system are high and getting higher.

jeroenhd 1 day ago|||

There are plenty of smartphone companies locking down their bootloaders, but there are others that will let you unlock your bootloader by just running the basic command.

A much bigger problem for running Linux on phones is that standard Linux runs like crap on phones. It doesn't have the mainline driver support amd64 computers have, and the battery life optimizations that make Android usable need to be reimplemented on top of Linux to get a day's worth of use out of your phone. Unfortunately, most Linux applications are written for desktops where they expect the CPU to be running all the time, the WiFi to be accessible whenever they want, and for sleep/suspend to be extremely incidental rather than every two minutes.

netdevphoenix 1 day ago||

Have an optimised web browser for the OS and you don't really have to worry about 3rd party software performance any more or not that much

fsflover 1 day ago|||

I do run GNU/Linux on my smartphone. No Android or iOS.

donmcronald 1 day ago|||

The three word rebuttal?

Banking on GrapheneOS

velocity3230 17 hours ago||

Works just fine for me. Perhaps consider moving to a bank that's more aware of alternates than just the existing duopoly.

welferkj 1 day ago||

systemd devs: "lol. lmao."

linuxhansl 1 day ago||

Please complain here: https://developer.android.com/developer-verification/guides/... (there's a link at the end).

Probably won't help, but it is something.

trentnix 1 day ago||

The rot is so much deeper than just running what you want on your own machine. And how we got here is easy to explain. There was once money it letting you run what you want on your machine. Now there's money in not letting you run what you want on your machine. And so, that's what we get.

There exists no path where a publicly traded company doesn't eventually view its customers as subjects. Every business school on the planet is teaching their students strategies and tactics that squeeze their customers in pursuit of maximizing revenue. And those strategies and tactics are often at the expense of creativity, ethics, and community. Just last week people's bed didn't work because the company that makes them architected things such that they have absolute control.

Only a reasonably altruistic private company might buck the trend. But the publicly traded companies are allowed, by the government(s), to use their largesse in a predatory fashion to prevent competition. They bundle and bleed and leverage every step of the way. They not only contribute to the politicians that do their bidding, they are frequently asked to write the laws and regulations they're expected to follow. Magically, it has the effect of increasing the costs of their competition to enter the markets they dominate. And so, the odds of an altruistic private company emerging from that muck is low.

Worse still, many of the elected officials (and bureaucrats) actively own stock in the very companies they are responsible for regulating. Widespread corruption and perversion of the market is the inevitable result.

I'm trying to do a better job and redirect my money to the places that better reflect my values. It's not even a drop in the bucket, but it's a lever where I feel like I have a measure of control.

M95D 14 hours ago||

It all happens because of people's greed.

The companies that make stuff could easily be beaten in the market by a non-profit competitor. With no worries about stock market prices and dividends, a non-profit could direct all it's money into making better products.

But the problems are that 1) nobody wants to work for a non-profit and 2) greed redirects the money away from better products into the founder's (or top management's) pockets. Firefox is an example.

Rury 21 hours ago||

> people's bed didn't work because the company that makes them architected things such that they have absolute control.

Curious, but what bed/company do you speak of?

fragmede 21 hours ago||

https://www.eightsleep.com/

fsf4alltemp 1 day ago||

This idea that protecting users is worth the cost of giving up your ownership rights is fallacious.

Protecting 1 million grannies is an entirely different risk class than the security implications of stopping everyone from using their devices as they see fit.

Protecting 1 million grannies means everyone loses ability to install apps that:

  -allow encrypted chat
  -allow use of privacy respecting software
  -download art/games/entertainment that is deemed inappropriate to unelected parties
  -use software to organize protests and track agents of hostile governments
  -download software that opposes monopolistic holds of controlling parties

Using Linux is also not a real choice. To access my bank and health services in my country, I require a mobile device that is remote attested by either Apple or Google which are American countries. Hell, it's becoming closer to reality that playing online video games requires remote attestation either to "prevent" cheating or for age verification.

Thus the risk widens to the sovereign control a nation has over its own services. A US president could attempt to force Google and Apple to shutoff citizen access of banks and health services of an entire nation. Merely the threat could give them leverage in any sort of negotiations they might be in. For some nations in the future, the controlling nation may be China I imagine.

I think the real regulatory solution here is to break up monopoly practices. While the EU's DMA is all well and good in some ways, the EU is also pushing Chat Control... In a more fragmented market it becomes impossible for a bank or health service to mandate specific devices for access (they lose potential customers) so you could theoretically move to a device that doesn't do draconian style remote attestation that breaks if you go off the ranch. We need more surgically precise regulatory tools than sweeping legislation that would keep using alternatives like Linux or FreeBSD or whatever actually viable. It also makes it much harder for that same legislative body to enforce insane ideas like Chat Control.

The answer is not protect users from themselves. The answer is more freedom, with a legal framework that helps all users have more choices while helping victims acquire restitution.

lejalv 1 day ago||

> A US president could attempt to force Google and Apple to shutoff citizen access of banks and health services of an entire nation. Merely the threat could give them leverage in any sort of negotiations they might be in

This. We can’t anymore say to ourselves “but surely a US president would never do that”?

Reference: recent tirades at Canada, Spain, Colombia, Ukraine, ...

vetrom 1 day ago||

We already have the UK intimating they can exercise parliamentary supremacy over American citizens, so we already have this today. (Reference: https://prestonbyrne.com/2025/10/16/the-ofcom-files/)

Without limitations on authority and control, I worry more that the world will devolve into a multilateral legal hellscape, even moreso than exists today. Given how much is dependent on software, you are going to have the governments of pretty much any country with multinational exposure trying this in the next 10 years if recent UK and EU developments are any indicator.

leothecool 1 day ago|||

When they say users need to be protected they don't mean the people. They mean the database record.

fsf4alltemp 1 day ago||

Haha, it's a bit sad when the record's get compromised it's still the people's problem. :p https://www.youtube.com/watch?v=CS9ptA3Ya9E

jolmg 1 day ago||

> To access [...] health services in my country, I require a mobile device that is remote attested by either Apple or Google

I knew of banks, but how is it that health services need remote attested mobile devices? Do clinics not support setting appointments through calls anymore, or what?

fsf4alltemp 1 day ago|||

In my country, the same verification service is used to access banks, health services (private and public), taxes, and even verify online retail purchases. This verification app on Android requires Play Integrity on first time activation so fresh installs of something like GrapheneOS will not let you use the app. It's still currently possible to use a hardware token alternative to the app. It is only getting less convenient and possible to opt out of the digital verification systems even if there's technically still workarounds. In the past, even when such verification systems existed, they were less user constricting (no requirements on remote attestation for example).

I believe if we look at the past compared to now, and then extrapolate towards the future, without proper action, we will keep slipping down the slope.

ryandrake 1 day ago||

I see all of these "in my country, we need a phone to do X" posts, and while I believe them, I feel like they always leave out key information. I'd also like to know: What actually happens when the customer does not have a phone? Do you just never get healthcare? Do you just never bank? Surely there are (perhaps inconvenient) alternatives that people without phones can use. The national government doesn't just let its citizens slide into some healthcare-less, unbanked purgatory simply for not having a phone. What is the real, full picture?

As someone in the USA, I could toss my phone in the dumpster forever and still live my life pretty much as I live it today. I might have to make a few minor sacrifices, but I'm grateful we still have that choice here.

gvurrdon 1 day ago|||

Recently, I was referred by my family physician to a healthcare provider. That provider required a mobile phone number for registration. I emailed them to complain about this and their reply was that if I did not have a mobile I should contact the referring medical practice to find an alternative means of treatment. I did, and their response was that I should take it up with the provider. But this is, of course, just one anecdote. I would also be interested in seeing more information.

jolmg 1 day ago||||

> The national government doesn't just let its citizens slide into some healthcare-less, unbanked purgatory simply for not having a phone.

Unfortunately, I think that depends on whether the portion of citizens without a phone is significant. People need to care for businesses/government to care.

See also countries where they struggle to use cash. What happens when a customer does not have a bank account?

lbschenkel 10 hours ago||||

So what actually happens in Sweden: there are two officially sanctioned authentication apps: BankID (originally developed by banks) and Freja. Both only run on a mobile phone.

For government services, both will work. But you must use some of them, otherwise no government for you. You can still do some things by paper, but those are getting rarer and rarer nowadays. The general assumption is that everything is done online. Some government services can't be done by paper or physical visit, not without involving this authentication at some point.

For most of everything else, only BankID (the oldest of the two and the most deployed by far). Especially for banking, only this works. Even if you call the bank and try to sort out via phone, they will refuse service until you can prove that you are you by authenticating via BankID.

But Sweden is mostly cashless nowadays (even some bank branches are refusing to deal with cash). For example, you can't take a bus or train and pay with cash. You have to use a vending machine that only exists on train stations, or depending on which kind of transport and the region you live you might be able to do a contactless payment, or you must use the app (the default choice that 99% use). If you use the app, to pay you need to use a "card not present" flow, or Swish (Sweden's mobile payment system), and to complete either you must use BankID. You can't use your card or do any payment without BankID (if the card is not present).

Even if you do use your card, if it gets denied for any reason, for you to sort out the issue you'll need the mobile phone and BankID.

If you go out with friends to a restaurant, most restaurants don't accept cash. If the restaurant doesn't accept charging each one individually then someone needs to pay for the group, and they will expect you to pay them via Swish which requires BankID. People won't take cash either.

As you can see, it's not actually trivial here to live as part of society without a working mobile phone. If you're outside, you better have 100% faith on your card, and/or be prepared that you might need to walk back home as you can't do much now, might not even be able to buy transportation.

Some smaller shops/kiosks only take Swish: no cash, no card. That requires a phone plus BankID.

If (or better said: when) BankID starts requiring the device to pass Play Integrity, then not only you must be carrying the device at all times, but it must be a blessed device from Google or Apple.

In Denmark the situation is very similar, and in their case their app (which is called MitID) already mandates that the device has to pass Play Integrity.

ryandrake 6 hours ago||

Wow, thanks for the actual response. Absolutely wild. I'm pretty speechless to be honest. How does a hellscape like this become normalized?

nemomarx 1 day ago|||

it's usually to see the results of your lab work, message doctors about refills, etc. You'd probably be able to get some of that mailed instead at the cost of time certainly.

throw7 1 day ago||

People are perfectly happy with a walled garden. The question one should always be asking is what is the difference between that and a panopticon? What happens to me if I start seeing faded flowers and no-entry signs? Can I escape? With my stuff or friends or family?

cbdevidal 1 day ago||

Will LineageOS and other similar ROMs have this limitation as well, or will it be baked into the hardware?

josephcsible 1 day ago||

No, but when remote attestation reveals that you're running an OS that's not blessed by Google, the megacorps will make their apps all refuse to run on your phone. A few already do so today, e.g., the McDonald's app. In practice, I expect a situation where we have two phones: one to run Big Tech's apps, and one to run indie apps.

netdevphoenix 1 day ago||

> a situation where we have two phones: one to run Big Tech's apps, and one to run indie apps.

This in combination with using webapps where possible

netdevphoenix 1 day ago|||

Roms face a different problem: bootloader locking. But the more Android changes drastically, the harder it is to integrate the AOSP changes into the different open projects

Semaphor 1 day ago||

> Roms face a different problem: bootloader locking.

Is that a problem these days? It was over a decade ago that I last needed to jailbreak a phone, nowadays it’s just "I’d like to unlock" "Ok".

klardotsh 1 day ago|||

That’s possible on very few phones these days. Only a handful of OEMs still ship phones that can be bootloader unlocked at all (at least in the US), and even several of THOSE require phoning home to the OEM to get an IMEI-dependent unlock key to pass to fastboot.

Source: 7 years of running deGoogled Android phones and 11 years of running ROM’d Android phones before recently moving to iOS and giving up.

sifar 1 day ago|||

Curious, have run GrapheneOS on pixels ? They don't have this issue, though it might change now.

netdevphoenix 1 day ago|||

Given that Google itself is the manufacturer of Pixel devices, I wouldn't hold my breath on them allowing you to keep this ability forever

klardotsh 1 day ago|||

Two of my deGoogled Android phones were Pixels (4a and 7a) and one was a Nexus (6p). I know them well, though I never ran Graphene on them.

Pretty sure I read Google was no longer going to publish device tree sources for Pixel phones, which will make ROM development for them significantly harder, whether or not the bootloader is open.

Semaphor 1 day ago|||

Not in the US, so might be one of those pesky regulations we have over here.

netdevphoenix 1 day ago|||

It is actually getting worse over time imo. In the days of Froyo, you could run Cyanogen easy without needing keys from anyone. Now you got to go to your manufacturer's website to get the key needed to unlock it. Even after you bought the device, you are reliant on the goodwill of the manufacturer to get the unlocking key.

immibis 1 day ago||

They will not, but the hardware will (as it already does) do its best to stop you from installing LineageOS and other similar ROMs.

mnmalst 1 day ago||

In my opinion, the biggest problem that comes with this, is the fact that google play independent apps will become A LOT less popular. To a point where alternative roms are even less interesting to people which in return makes developing apps for them even less interesting.

immibis 1 day ago||

Some people even sideload on iOS, which doesn't allow sideloading. They do this by getting an apple developer account, installing Xcode, compiling the apps themselves and refreshing them on their phones every week. And this seems about as popular as Android sideloading where you just download an app and install it...

neilv 1 day ago||

Something to keep in mind, when sharing code you've written... to promote the Mac or Windows platform you use, and putting it on GitHub to endorse that, and starting a Discord for community around it.

butlike 1 day ago||

Disk space is becoming more akin to real estate, with the OS manufacturers similar to HOAs (Home owner associations) determining how you need to maintain the landscape.

Gigachad 1 day ago||

What happened was people ended up putting a lot of money and sensitive data on their computers and desired a system which wouldn’t expose that just because they ran the wrong software.

Dilettante_ 1 day ago||

"Wash me but don't get me wet." (Is this a saying in english?)

baxtr 1 day ago|||

I guess you are trying to say: "You can’t have your cake and eat it too." ?!

lupire 1 day ago||

Also, "want the milk without buying the cow", but I like "don't get me wet" because it highlights not wanting the result without the unpleasant step of the process. Then again, we have "dry cleaning" and ozempic.... https://english.stackexchange.com/questions/429316/wash-me-b...

bitwize 1 day ago|||

I'm reminded of a meme involving a dog with a ball: "Please throw? No take. Only throw."

Workaccount2 1 day ago|||

This is the real answer that is rather banal and boring compared to conspiracies of nefarious money harvesting.

95% of people don't know what "Run your own software" means, because to them, the app store lets them chose what apps to install. And they don't get viruses and malware like their 2008 laptop did.

That being said, there absolutely needs to be a mechanism for "lowering the gates" if the user wants full control of the device they own.

api 1 day ago|||

The better answer is to build better OSes with better security models.

I should be able to run a crypto wallet I downloaded from a Kim Jong Un fan site while high and it shouldn’t be able to do anything I don’t give it permission to do.

It’s totally possible. Tabs in a web browser are basically this.

I can do it with VMs but that’s lots of extra steps.

colonial 23 hours ago|||

macOS kinda gets there. I've (grudgingly) come to admit that it has by far the best security story of any desktop operating system. Apps require explicit user consent to access the filesystem, peripherals, and other sensitive data (e.x. Discord requests "Input Monitoring" access to determine if you're "actively online" even when unfocused.)

The only place it seems to fall flat is network I/O - LAN access requires permission, but dialing out to the wider Internet does not.

Compare Windows, which has jack (except for bloated anti-malware hooks in NTFS.)

Linux is _trying_ to replicate macOS with Flatpak/XDG portals, but those still need more time in the oven.

Source: I use both a MacBook and a Linux desktop daily.

netdevphoenix 1 day ago||||

Web pages have a lot of restrictions even if you consider the gradual adoption of the project Fugu APIs

fuzzehchat 1 day ago|||

Isn't that what Qubes is all about?

api 1 day ago||

Yes but IMHO that approach is a hack. “Fix our 1970s OS by putting it in a box in our 1970s OS.”

immibis 1 day ago|||

And by "people" we mean Hollywood. A great deal of this was created to enable DRM, then exploited for other purposes. For instance, it's illegal (by contract) to let a device without Secure Boot play a 4K stream from any mainstream studio. This is why Windows requires Secure Boot.

ranger_danger 1 day ago||

> This is why Windows requires Secure Boot.

No it isn't, and no it doesn't.

matheusmoreira 1 day ago||

Ah yes, the good old freedom for security tradeoff. Of course, in this case it's the security of trillion dollar corporations at the cost of our freedoms...

buyucu 1 day ago|

Answer: companies realized that they can milk you for more money by restricting your options and alternatives.

amelius 1 day ago|

Yes, this is the main idea behind iOS and the App Store. I don't get why smart people are falling for this.

ryandrake 1 day ago|||

Let me try to strawman a little: I personally accept this on my phone because I honestly don't consider my phone to be a computer, and I don't really care about "computing" on it. My phone is not really that important to me. It is a toy/appliance that I goof around with. What it's running and how "free" and "open" it is, is about as important to me as how free the firmware in my car is, or the software on my gaming console.

I care about the free-ness and open-ness of my computer, because that's where I do all my work, my E-mail, my finances, and all my "serious computing." I feel that a different standard applies on a Real Computer because they are totally different devices, used for totally different purposes. So what I accept on phones, cars, and gaming consoles, I don't accept on my computer.

lejalv 1 day ago|||

While this is fine for you, I worry about a sociocultural divide.

I believe the likelihood of a smartphone being the only form of computing (and access to the internet in particular) grows with diminishing income / cultural means.

This is based on anecdotal observation, does anybody here know of relevant survey data?

realityfactchex 1 day ago||

> relevant survey data

Based on a cursory look, keywords can include "smartphone-only internet users" and "large-screen computer ownership".

The American Community Survey asks questions related to that (income, computing devices). Comparing states, the poorer the residents of a state, the smaller the percent of households with regular computers ("large-screen computer ownership"), per "Computer Ownership and the Digital Divide" (Mihaylova and Whitacre, 2025) [0, 1, 2].

Also, Pew runs surveys on income and device usage ("smartphone-only"). Again, the lower the income, the higher the proportion that is smartphone-only [3, 4].

[0] Chart: https://files.catbox.moe/emdada.png

[1] Paper, "Census Data with Brian Whitacre.pdf": https://files.catbox.moe/1ttgee.pdf

[2] Web: https://www.benton.org/blog/computer-ownership-and-digital-d...

[3] Pew chart: https://files.catbox.moe/fs62tf.png

[4] Pew web: https://www.pewresearch.org/internet/fact-sheet/mobile/

EvanAnderson 1 day ago||

It sounds like lower income people aren't Real People and don't need Real Computers.

The idea that smartphones aren't computers and their users aren't deserving of software freedom is frustratingly entitled.

amelius 1 day ago||||

I suppose the reason for this is that this is how it has always been with mobile computing. People don't even bother to think about their smartphone as a computer anymore.

buyucu 19 hours ago|||

You have nothing to fear, if you have nothing to hide. Right?

wetpaws 1 day ago|||

[dead]

More comments...