It's not asymmetric cryptography itself. It's the fact that it takes enormous resources to manufacture modern SoCs, such that the economy only makes sense if you're churning them out by millions at least. It's also the fact that they can't be modified after they've been manufactured.
It's basically those people who can manufacture chips having technological supremacy over the rest of the humanity.
Our civilization desperately needs a method to modify modern microelectronics after manufacturing that can be used at least in a well-equipped repair shop, and it needs it yesterday.
Alternatively, just make it illegal to ship any kind of initial bootloader as part of a CPU's/SoC's mask ROM in any computing device that is marketed as a general-purpose one. I.e. the first instruction that the CPU executes after reset must come from a storage device that is physically external to the CPU package.
Those laws should die, but that's besides the point.
Modern cryptography allows for making DRM incredibly hard to break. And the disadvantage of "hardware attestation" DRM is that you have to break it not once, on a single device, the way you do to dump a "protected" movie, but on every single device that you want to use.
Yes, these are the most clearly corrupt laws that exist. It is like outlawing hammers because you may hit someone with it. It is just giving up freedom for the benefit of a few fortune 500 companies.
That'll also work somewhat, but the problem would remain that even if it's legal to break the DRM, you can't exactly break it when it's assisted by hardware and there are no vulnerabilities in the "trusted" code.
> Alternatively, just make it illegal to ship any kind of initial bootloader as part of a CPU's/SoC's mask ROM in any computing device that is marketed as a general-purpose one.
Funny, I have a related proposal: make it illegal to sell hardware and distribute software. Or at least, if you distribute software, we don’t buy your hardware. The idea is to force hardware companies to release the complete user manual for their hardware, and incentivise them to simplify and standardise their hardware interfaces.
What I did forget was forbidding them to arbitrarily restrict what kind of software can run with their hardware, which they could if the hardware hashes the software & verifies a signature before running it. But it would seem your separation between CPU and storage takes care of that.
That's probably not going to happen for a very long time. Relatively simple SoCs already do tons of work before the architectural reset vector in undocumented boot ROMs in order to assist the reset process.
There's also tons of value in a boot ROM that can't be accidentally erased to add low level DFU routines.
This won’t help; the SOC silicon can be revised to record each executed instruction from power-on until secure-boot handoff opcode, with various supporting opcodes to query status-of / overflow-of / signature-for so that the OS reports pre-boot tampering implicitly as part of developing its own attestations.
Then also make it illegal for the SoC to contain any cryptographic key material.
My intention with this is to make sure that if someone were to desolder the flash chip and reprogram it, they could completely own the device without the device or SoC manufacturer having a say in it or a way to prevent or detect it.
Simpler to just make discrimination by hardware or software illegal than to legislate the silicon contents. That’s what everyone is upset about, after all: websites are gaining the ability to discriminate based on hardware-software with specific fidelity they never had before. If that was made unlawful, then you’d benefit billions of existing devices as well as future ones. The hard part is making the case that this sort of discrimination is worth fighting, but the John Deere lawsuits are (indirectly) further ahead on that point than the rest of tech is, weirdly enough.
Example: I’m perfectly fine with my Touch ID sensor having a crypto-paired link to my SOC so that someone can’t swap in a malware-sensor at a border checkpoint; I also don’t want my device (or websites) to be able to discriminate against me installing my own homemade sensor. What that looks like in practice is close to what we have now, but not quite there yet — and is definitely not ‘no crypto-pairing at all’, as a ban on key material would enforce.
It's the only news I've heard about new-phone-tech that's gotten me remotely excited in a long time. I'm too poor to be buying new devices though so I'll have to let others do the beta testing for a couple years.
The requirements are not particularly stringent. It is more an embarrassing show from the rest of the Android OEMs that they don't meet basic standards like timely security updates and a decent support period.
Alternatively, just make it illegal to ship any kind of initial bootloader as part of a CPU's/SoC's mask ROM in any computing device that is marketed as a general-purpose one.
No, you just need to make it illegal to have the bootloader contain hardcoded key material and use it for verifying the code it loads.
Most of those are less "hardcoded" and more "fused into internal non-eraseable memory at manufacturing time".
Not that it changes much. It really should be illegal to enforce "secure boot" with no way for the device owner to opt out of it or enroll his own keys.
> Our civilization desperately needs a method to modify modern microelectronics
Micro is now nano, not amendable to modification, and even if it was theoretically possible, hardware is a super-easy target for legislation.
> Alternatively, just make it illegal to ship any kind of initial bootloader as part of a CPU's/SoC's mask ROM
If you had the political means to enact such legislation, you could legislate much cleaner and easier ways to deal with the problem.
I find myself saying this a lot but I still can't quite figure our why people keep seeking technical solutions to political problems.
I mean, these things aren't comparable, in some limited cases the naive approach might help but insisting on it while neglecting political action is worse than doing nothing.
And what code will verify the signature of the initial bootloader? As far as I know, in every modern implementation of secure boot that is done by that very bootloader, which is burned into the CPU/SoC. I can imagine someone implementing some sort of fixed-function block to do that, but see my sibling reply about that.
Also, governments are supposed to act in the interest of people.
There's not much information about transfluxors available, although a patent for them goes into quite a lot of technical detail, and is referenced in the Wikipedia article.[0] If anyone knows more about this, the Wikipedia article is definitely in need of expansion:
VK has been digging its own grave for quite some time now. Hardly anyone uses it any more. It's speedrunning enshittification with that registration thing but also with the very unpopular post redesign, the removal of custom news feeds, and most recently with shutting off most of the API access for third-party apps, including popular client apps like Kate Mobile.
A simple captcha with distorted characters + some hidden form fields would stop every single "opportunistic" bot.
There's hardly anything you can do to stop someone determined enough to spend money to spam your specific website. These kinds of captchas do raise the bar somewhat, but every single one of them is ultimately bypassed by paying people to solve them for you.
I rotate structures every request I made it explicitely hard to automate and I just raise the PoW during attacks. It's always about reducing volume rather than preventing it and a million registrations later it's still holding strong.
bots get pruned after an hour since 100% of the bots fall into the same trap, giving it a delay makes A/B testing really difficult and breaks most AI strategies.
On the one hand, this sort of thing feels inexcusable to me. In my mind, the subway is the most reliable mode of city transportation.
On the other, the NYC subway is one of the few 24/7 subway systems in the world, which makes me envious somewhat. Ours closes at midnight and opens around 5 AM.
IMO the subway reliability issues are overblown these days. In the 2010s it was in a really dark spot but it's doing a lot better these days.
> In my mind, the subway is the most reliable mode of city transportation.
Even with its problems the NYC subway still is. Traffic is a nightmare. I have friends who insist on taking a cab to the airport because it's more reliable then end up complaining because they're still on the Belt Parkway or whatever.
I spent a week in NYC in 2014. Used the subway a lot, but mostly within Manhattan. Don't remember having any issues except a few stations smelling of shit and the card readers on the turnstiles being very picky about the speed of your swipe.
In the 2010s it was so bad that I gave up on the subway and either walked, Ubered or took the bus everywhere.
When the MTA bus is better than the subway, things in NY are grim -- it was like the 80s & early 90s again.
The reliability has improved a bit, but the subway crime is also way, way up. So yeah, still a hard pass.
In the mid 2010s i had a reverse commute from Manhattan to Brooklyn and there was a few months where 3 days a week my full commute would take 2hr+ (midtown to sunset park) because the train just sat multiple times not moving. Especially on the bridge where it could be up to an hour just stopped.
The absolute worst time that I ever remember though was maybe in '89 or '90. The Lex-53rd st E/F station had a ton of ongoing construction and on weekends it was being used as a transfer station only that summer. All the staircases were closed and you could only get in/out via train -- this idea seems insane to me but that's NYC sometimes and especially in that era.
Anyway, my family and I were on a train passing through that station one Saturday or Sunday morning on the way to Queens and they made us exit the train inside the station as it was going out of service. Apparently a pipe had burst (I think?) and no trains were in service. The AC in the station was not working and it was maybe 90+ degrees underground. Plus water was leaking from everywhere. And there were hundreds of us trapped on a crowded, wet, dirty platform for like 4-6 hours while no trains were running and there was no way to get out.
Aside: that Belt Parkway story is why people from NY who live/work in Manhattan try to never fly out of JFK. That's the real solution. So much easier to get to EWR/LGA.
> The reliability has improved a bit, but the subway crime is also way, way up.
Eh, it’s all relative, I think you’re in less danger of experiencing issues on the subway than you are getting hit on the road. I take the subway all the time and have never had any problems.
Subway assaults went up 3x between 2009 and 2025 and violent crime in general in the subway has had nearly a 20% spike just in the first two months of this year alone. Assaults by repeat offenders are up 2x from 2019 to 2025.
I'll take a minor fender bender every now and again over someone hitting me in the head with a brick ever.
I can't believe the suggestion is that property damage and/or low-speed collisions would be preferable to being assaulted. And I've been tapped by cars and walked away from it several times. Plus the "well it never happened to me" is just survivorship bias. Over enough decades and enough rides something fucked up on the subway _will_ happen to you eventually.
> I'll take a minor fender bender every now and again over someone hitting me in the head with a brick ever
You're more than 7x more likely to die in a car in New York than on the subway. If you're the kind of idiot that voluntarily trespasses onto the tracks, you're 2x more likely.
In 2023, 112 motor-vehicle occupants died in New York [1] "97 people were fatally struck by subway trains" [2], nearly half (49%) of which are suicides and 33% of which are accidents, almost all of which involve voluntarily trespassing onto the tracks [3]. Five people were killed by assault [4].
In 2023 exactly two Uber passengers died in NYC. One from jumping out of their moving vehicle onto the LIE and the other from being rear-ended by a drag racer on the Whitestone Expressway.
The alternative to taking the subway for the vast majority of NYC residents is not driving to work.
And as an Uber passenger living in NYC I overwhelmingly spent my time on roads that were not highways.
I can't find exact taxi passenger deaths but between 2019 & 2023 there were 23 passenger fatalities across all rideshare services and taxis. At least one of those was a fatal drug overdose (2022).
> between 2019 & 2023 there were 23 passenger fatalities across all rideshare services and taxis
Which is way more than the total number of homicides on the subway system. All of this is before adjusting for trip frequency. (Uber and Lyft do about a fifth of the trips as the subway.)
I lived in New York for 10 years and go back frequently. I take Ubers and cabs (and Blade) all the time. It's convenient. And sometimes, yes, I just want a quiet space in which to relax. But pretending it's safer is simply untrue.
Wait we went from simple assault to comparing it just to homicides now? I just don't want to get attacked or slashed by somebody.
Okay you lived in NY for 10 years, I lived there for over 40. The subway is shit compared to where it was only a handful of years ago. In the last years that I was there, Uber was way safer.
Also I said "fatalities", which isn't just murder and isn't even necessarily a crime. There were 39 homicides in the subway[1] during that same period. So it's not less. But also those are murders whereas the 23 were mostly from accidents.
2009 was a historic low point for subway crimes. Only looking at relative numbers from then is misleading.
There were 573 assaults on the subway in 2024, up from something like 150 in 2009. There were something like 1.9 billion journeys taken that year. Avoiding the subway because of the 1 in 2,000,000 danger of assault is not rational.
Exaggerated paranoid thinking is indeed the thing that leads a lot of people to unnecessarily leave NYC.
573 _felony_ assaults. Misdemeanor assault is still a thing. That includes people fighting you with their fists or groping you.
Also anyone in NY with a functioning brain knows just how underreported subway crime is. You can either get where you're going and go about your day or end it by trying to find a cop and then trying to get them motivated to even take your report.
2009 being a low point for crime should just be normal. I lived through all the bad decades in NY and you're not there yet but certainly trending towards it.
I like how multiple years of "hey why does all of this fucked up shit keep happening to me?" is "exaggerated paranoid thinking". Truly stunning and brave. Being repeatedly victimized by random crime is just a mindset, bruh.
> you’re in less danger of experiencing issues on the subway than you are getting hit on the road
For what it's worth, I lived in New York for ten years and was in one car accident (cabbie, distracted by whatever phone all they're all constantly dialled into, blew through a stop sign) and zero even closer calls on the subway.
There's nowhere to run, unfortunately. Windows and Linux are orders of magnitude worse than even macOS 26. To say that the whole software industry is a dumpster fire would be an understatement.
If you're into electromechanical machines, he also has a working telephone exchange and a bunch of videos where he restores its various components and explains how it works (I still don't quite understand how it works though). That's the original reason I subscribed to his channel, but his wild musical contraptions are also cool.
As someone who's been working on social networking and adjacent services for over 15 years, hard disagree.
An ideal social network should not have any agency of its own, period. If your feed is too crowded because you follow too many people, then so be it. It's your problem, you did this to yourself. Only you know how to fix it for yourself, if you do even want it fixed in the first place.
real world social networks have agency if you define ephemerality as agency. It's an accident of digital platforms that nothing is ever forgotten, not a feature inherent to normal human relations. In the real world you drop phone numbers, you forget events, unused relationships atrophy. And that's not a bug, forgetting is a feature. For anyone who isn't convinced of this, Black Mirror did an admirable job in its first season putting the pathologies of social technologies on display that record everything.
It can be argued that humans actually hate forgetting things. That's why we invented writing. Spoken language lets us share arbitrarily abstract thoughts with others. But human memory is imperfect, so spreading knowledge or memories through word-of-mouth is unreliable. Writing lets us preserve that information as intended by the original author, potentially indefinitely. That's also why we always wanted to be able to record and play back what we hear and see, and our civilization only fairly recently, in terms of history, got advanced enough to have technologies to do that.
>It can be argued that humans actually hate forgetting things
I agree with you, I don't even think that needs to be argued, we without a doubt hate forgetting things, but we also hate eating our vegetables. We do hate a lot of things we probably shouldn't. We are perpetual hoarders, as a species we have the bad habit that we're not very grateful for the problems we don't have as a consequence of things we don't keep. We're not very good thinking in terms of absence.
That's why Marie Kondo sold a ton of books and got a great Netflix deal simply by teaching people how to throw stuff into the garbage. Civilization is great at record keeping but not doing too well on the social bonding front, or in the words of George Carlin: https://youtu.be/MvgN5gCuLac
Russia has a similar law and yes computers with FreeDOS are also a thing. Alternatively, you're entitled to get a refund for the Windows license by having your hard drive wiped and license sticker removed.
It's basically those people who can manufacture chips having technological supremacy over the rest of the humanity.
reply