HackerTrans
TopNewTrendsCommentsPastAskShowJobs

ingohelpinger

no profile record

comments

ingohelpinger
·2 माह पहले·discuss
are you a fed? lol.
ingohelpinger
·2 माह पहले·discuss
i am just reading "its not allowed" "rules are being broken" "not premitted" lol. how should you invoate and break free from the current ISP model, if everythig is not premitted?
ingohelpinger
·3 माह पहले·discuss
The davos oracle https://youtube.com/shorts/Pqig_vIR4zI?si=G_JpJP90xqO0AQAd
ingohelpinger
·4 माह पहले·discuss
Ubuntu isn’t too big to target, if anything, its dominance makes it the obvious target. When you look at the trajectory over the years and some of Canonical’s decisions, it’s hard not to raise an eyebrow. Major distros like Ubuntu and Fedora didn’t scale globally without taking big tech money and money rarely comes with no strings attached. At some point, players like Microsoft are going to expect a return on that investment.
ingohelpinger
·4 माह पहले·discuss
just go out, what you are seeking is real life which happens outside, not in front of a display.
ingohelpinger
·4 माह पहले·discuss
make Califonia computerless. stupid politcians passing stupid laws. imagine this guy becoming president.
ingohelpinger
·5 माह पहले·discuss
and they keep protecting the pedos from prosecution. lol.
ingohelpinger
·5 माह पहले·discuss
Nostr is a decentralized social protocol where people can send btc tips, called zaps, directly to creators.
ingohelpinger
·5 माह पहले·discuss
Nostr and Zaps, problem solved.
ingohelpinger
·5 माह पहले·discuss
Well, look at this: https://news.ycombinator.com/item?id=46784572
ingohelpinger
·5 माह पहले·discuss
bingo.
ingohelpinger
·5 माह पहले·discuss
Give it a few more years and Linux will complete its inevitable evolution into Microsoft, same consolidation, same gatekeeping, just with better slogans and a smug sense of moral superiority.
ingohelpinger
·5 माह पहले·discuss
Calling this a "giveaway" is kind of hilarious. LLMs use bulleted lists because humans have always used bulleted lists—in RFCs, design docs, and literally every tech write-up ever. Structure didn't suddenly become artificial in 2023. lol.
ingohelpinger
·5 माह पहले·discuss
nope. why?
ingohelpinger
·5 माह पहले·discuss
Thanks for the clarification and to be clear, I don't doubt your personal intent or FOSS background. The concern isn't bad actors at the start, it's how projects evolve once they matter.

History is pretty consistent here:

WhatsApp: privacy-first, founders with principles, both left once monetization and policy pressure kicked in.

Google: 'Don’t be evil' didn’t disappear by accident — it became incompatible with scale, revenue, and government relationships.

Facebook/Meta: years of apologies and "we'll do better," yet incentives never changed.

Mobile OS attestation (iOS / Android): sold as security, later became enforcement and gatekeeping.

Ruby on Rails ecosystem: strong opinions, benevolent control, then repeated governance, security, and dependency chaos once it became critical infrastructure. Good intentions didn't prevent fragility, lock-in, or downstream breakage.

Common failure modes:

Enterprise customers demand guarantees - policy creeps in.

Governments demand compliance - exceptions appear.

Liability enters the picture - defaults shift to "safe for the company."

Revenue depends on trust decisions - neutrality erodes.

Core maintainers lose leverage - architecture hardens around control.

Even if keys are user-controlled today, the key question is architectural: Can this system resist those pressures long-term, or does it merely promise to?

Most systems that can become centralized eventually do, not because engineers change, but because incentives do. That’s why skepticism here isn't personal — it's based on pattern recognition.

I genuinely hope this breaks the cycle. History just suggests it's much harder than it looks.
ingohelpinger
·5 माह पहले·discuss
Appreciate the clarification, but this actually raises more questions than it answers.

A "robust path to revenue" plus a Linux-based OS and a strong emphasis on EU / German positioning immediately triggers some concern. We've seen this pattern before: wrap a commercially motivated control layer in the language of sovereignty, security, or European tech independence, and hope that policymakers, enterprises, and users don't look too closely at the tradeoffs.

Europe absolutely needs stronger participation in foundational tech, but that shouldn't mean recreating the same centralized trust and control models that already failed elsewhere, just with an EU flag on top. 'European sovereignty' is not inherently better if it still results in third-party gatekeepers deciding what hardware, kernels, or systems are "trusted."

Given Europe's history with regulation-heavy, vendor-driven solutions, it's fair to ask:

Who ultimately controls the trust roots?

Who decides policy when commercial or political pressure appears?

What happens when user interests diverge from business or state interests?

Linux succeeded precisely because it avoided these dynamics. Attestation mechanisms that are tightly coupled to revenue models and geopolitical branding risk undermining that success, regardless of whether the company is based in Silicon Valley or Berlin.

Hopefully this is genuinely about user-verifiable security and not another marketing-driven attempt to position control as sovereignty. Healthy skepticism seems warranted until the governance and trust model are made very explicit.
ingohelpinger
·5 माह पहले·discuss
lol
ingohelpinger
·5 माह पहले·discuss
I’m skeptical about the push toward third-party hardware attestation for Linux kernels. Handing kernel trust to external companies feels like repeating mistakes we’ve already seen with iOS and Android, where security mechanisms slowly turned into control mechanisms.

Centralized trust Hardware attestation run by third parties creates a single point of trust (and failure). If one vendor controls what’s “trusted,” Linux loses one of its core properties: decentralization. This is a fundamental shift in the threat model.

Misaligned incentives These companies don’t just care about security. They have financial, legal, and political incentives. Over time, that usually means monetization, compliance pressure, and policy enforcement creeping into what started as a “security feature.”

Black boxes Most attestation systems are opaque. Users can’t easily audit what’s being measured, what data is emitted, or how decisions are made. This runs counter to the open, inspectable nature of Linux security today.

Expanded attack surface Adding external hardware, firmware, and vendor services increases complexity and creates new supply-chain and implementation risks. If the attestation authority is compromised, the blast radius is massive.

Loss of user control Once attestation becomes required (or “strongly encouraged”), users lose the ability to fully control their own systems. Custom kernels, experimental builds, or unconventional setups risk being treated as “untrusted” by default.

Vendor lock-in Proprietary attestation stacks make switching vendors difficult. If a company disappears, changes terms, or decides your setup is unsupported, you’re stuck. Fragmentation across vendors also becomes likely.

Privacy and tracking Remote attestation often involves sending unique or semi-unique device signals to external services. Even if not intended for tracking, the capability is there—and history shows it eventually gets used.

Potential for abuse Attestation enables blacklisting. Whether for business, legal, or political reasons, third parties gain the power to decide what software or hardware is acceptable. That’s a dangerous lever to hand over.

Harder incident response If something goes wrong inside a proprietary attestation system, users and distro maintainers may have little visibility or ability to respond independently.
ingohelpinger
·पिछला वर्ष·discuss
they want to track your ass, whatever it costs.