undefined | Better HN

0 pointslogfromblammo11y ago0 comments

I have to pick just one? Windows, Android, Linux, iOS, Wii, Xbox 360, etcetera.

I don't consider Microsoft, Google, Debian, Apple, Nintendo et al to be complete strangers. I don't trust them unconditionally (hence all the rooted, modded, and jailbroken devices in my home), but I do trust that if I do discover malfeasance, that I have some well-established path to seek redress, and that they have the bank accounts, insurance policies, and reputations necessary to make me whole again.

I'm not nearly as trustless as RMS, but I am at least aware enough of the problem to be skeptical even of the software I have actually paid for, and downright paranoid towards everything else. Even the stuff I write myself could be subverted by a compromised compiler or OS. But like the two friends fleeing from the tiger, you don't have to run faster than the tiger to escape; you just have to run faster than your friend.

If someone is likely to be more damaged by breaching public trust and getting caught at it than you are likely to be damaged by trusting them when you should not, you're probably safe to trust them. But then again, even Sony can install a rootkit. You can trust, but remember to verify.

0 comments

sp33211y ago

Would you run JS in a sandbox, like Chrome's? Would you run JS from a "trusted" source, like Google's web font loader? Would you run code from a "stranger" that had been vouched for by Google, like angular.js served from Google's mirror?

j / k navigate · click thread line to collapse

0 pointslogfromblammo11y ago0 comments

I have to pick just one? Windows, Android, Linux, iOS, Wii, Xbox 360, etcetera.