This is a really great way to put it, and it applies broadly to so many fundamental disagreements in the tech world.
I firmly believe it’s better to trust the individual—so I think users should be able to sideload iOS apps (only if they want to) and install their own root certificates. Others think individuals can’t be trusted, and so we should let tech companies dictate what is safe for everyone else.
I also agree with Apple's implicit claim that if iOS users could sideload apps, millions of idiot iOS users would get their devices owned after they followed some "follow these seven steps to get free $POPULAR_MOBILE_GAME tokens!" guide they found on the web, making the platform less trustworthy overall.
Apple makes a good argument that buying an iPhone is also buying, in a sense, a remote managed security service for the device at the same time. The net effect of this is that millions of people now have devices mostly free of the most egregious malware (and it's limited to just spyware, delivered via the App Store). For most users, this is a better state of affairs (at least in peacetime, or outside of China/Vietnam/Russia/etc).
"Apple makes a good argument" Their argument doesn't give near enough excuses for their mafia level racket to shake down businesses of protection money. "Pay us or Joey will break your kneecaps. Its for your own protection."
Millions of Android devices have malware problems, yes. I might even agree with a claim that it is ZOMG millions.
Estimates claim that as far back as 2016, a million new Android devices were being infected with malware per month. The current figures are estimated by AV vendors at 4-7 million infections per month.
You don't have to install updates.
However, if you install an update to try it out, or because you didn't realize that it would e.g. break 32bit support, you can never downgrade again (unless you happen to be within a two-week-ish period.)
My claim is that for most users of iPhones, the situation of Apple being in control of their device, rather than themselves, results in a better outcome for that user (and is oftentimes explicitly preferred by that user as a result, and is reflected in their purchase of an iPhone).
In fact, Apple delegates control of an iPhone's userspace execution environment to any iPhone owner who wants it: they will give you a signing cert for use in xcode to run any app you want on your own device (no developer subscription necessary). This is how AltStore works, and allows AltStore users to run emulator apps on the iPhones they own.
Okay, but that comes out to the same thing, since I can't buy an iPhone which isn't Apple managed. If Apple offered a choice, that would be one thing—but they don't.
> In fact, Apple delegates control of an iPhone's execution environment to any iPhone owner who wants it: they will give you a signing cert for use in xcode to run any app you want on your own device.
What they give you is the ability to sign up to three apps at a time, all of which expire after seven days. It's not useful for anything but testing.
Plus, you're stuck in the App Store sandbox. You can't downgrade to an earlier operating system, you can't inspect the HTTPS traffic being sent out of your phone, and you can't even run anything that uses a JIT.
Medical devices I think should need a someone well versed to work on it.
With cars, the current model most states in the US have is a good middle ground. You can do whatever you want to your car, but it needs to pass a safety inspection every 2 years to drive it legally.
The inspections in my state are fairly comprehensive. Airbags, seat belts, headlight brightness, and structural stability of the frame to name a few.
It also helps the US has a strong car culture with tons of experienced DIY-ers, which I imagine helps.
Modify a dishwasher and now it fills your kitchen with soap bubbles? Modify a CPAP machine and get killed by it? Not the manufacturer's fault.
The US is too litigation happy as it is...
Without clear quality and regulatory control there must be an objective method to discern between personal repairs and non-personal ones.
Disclaimer: didn't read the actual right to repair being passed in detail. Not sure if it does discern already.
To really fix it we need a non-profit group to be in charge of the certification, preferably one who can be held accountable for failure due to their certification. My removing the incentive for profit we make it so the Medical industry won't try to control it, the insurance industry to mitigate their requirements, and government from trying to have political agendas pushed.
I have more that I would love to put in here but my employer has opinions that might differ from mine, and can be directly involved with some things that the law can impact.
That's not nearly nuanced enough. Manufacturers should still be responsible unless they can prove you caused the failure. We currently require this standard for something as simple warranty coverage, we ought to require it for something as severe as death.
Only 4 US states have biannual safety inspections. Another 11 have annual inspections. The other 35 states + DC do not have safety inspections.
https://en.wikipedia.org/wiki/Vehicle_inspection_in_the_Unit...
Car SW that can control the vehicle motion goes through very rigorous ISO processes, it's not something you just casually tinker with as an individual. Given its hard to visually inspect, one needs a way to understand if a car has been modified or not. This article also on the front page here yesterday explains the complexity and cost of integration verification https://spectrum.ieee.org/cars-that-think/transportation/adv...
Enabling serious third party aftermarket companies that have gone through same level of certification, nothing against that, but individuals, not so sure.
But if little Johnny wants to drive his Tesla around a private racetrack with homespun Autopilot software, by all means! It's hardly the weirdest hobby, and who knows—maybe he'll grow up and form a startup that uses modified Tesla's to transport products in large warehouses. That's how innovation happens.
I see where you are coming from but right now, if autopilot kills someone, then Tesla are on the hook for it (ok, there may be grey areas but ultimately, they made it so that has to point back to them in a big way when it comes to court cases). However, if I jailbreak my autopilot and kill someone, it's me that has to face the music!
I don't see the harm in scaling the jailbreak hoops you need to jump through.
For example, if I wanted to safely jailbreak my iPhone, there is nothing stopping Apple having an official app that you need to get a special key from Apple for. Maybe a phone call or something, or an email to support. It would come with a caveat that says your jailbroken phone forfeits any warranty claims. Fair enough.
When you are talking about jailbreaking a Tesla, there could be other layers. Like, for example, you have to go to a Tesla dealer where they explain the legal and support ramifications and whatnot. Then you sign a bit of paper with witnesses. Then they send you out a usb dongle in the post after a few days etc. Maybe, though with the Tesla, there would be limits. Like, you can't get the source code, or you are only able to to X things with it.
You get the idea... there could potentially be a scale for stuff like this.
I'm just chucking stuff out there, this isn't a realistic example so please put your pitch forks away :)
In the US, I think, some companies sell weapons and nobody seems to care if people can hurt themselves with them.
