[liberationtech] Chromebooks for Risky Situations?

Thu Feb 7 23:34:01 PST 2013

On Wed, Feb 6, 2013 at 2:16 PM, Jacob Appelbaum <jacob at appelbaum.net> wrote:

> Brian Conley:
> > Micah,
> >
> > Perhaps you can tell us the secret to convince all family members and
> > colleagues to become Linux hackers able to be completely self-sufficient
> > managing their own upgrades and modifications indefinitely?
>
> Stop supporting the use of non-free software? We're all part of the
> problem when we help people to be less free and to use proprietary
> software or proprietary services. This is both an education and a
> problem with enabling. We all suffer from it, I think.
>

What's funny about this, is that you appear to think I disagree with you on
this.

My point is, if *YOU* (any you out there of the many yous on this here
libtech list) want to advise someone  who is at risk to use free software,
YOU should take responsibility for stewarding them through the process and
making sure they know enough not to get themselves into trouble.

>
> When we encourage people to say, buy a Macbook or a Chromebook because
> we're happy to support it over say, Windows, we're making things worse.
> Largely because the choice is actually between Free Software and
> proprietary software or free software on devices where we're not
> actually able to exercise all of our freedoms.
>

I don't know a great deal about Linux. I know enough to know that smart
people I know seem to think it is better for a variety of reasons from a
security standpoint. Unfortunately where it is *not* better is for people
engaged in multimedia. It would be great if someone would support the
development of better linux-based multimedia tools. I'm not that person.

Oh, except for the last year I've been working with the good folks at the
Guardian Project and others on a secure-by-design multimedia reporting app
based in Android, and a large portion of our relatively meager funding has
been directed at UI/UX design and graphics and content in the training
portion.

>
> Thus, when we aren't helping people to get off of the non-free platforms
> or to reduce our dependency on non-free software, we're basically not
> doing a great job at educating people that we care about and otherwise
> wish to support. When we pass the buck, we're enabling them with
> harmful, sometimes seriously so, solutions.
>

See above. I am certainly doing a lot more than I used to be doing in this
realm. I hope you're not trying to suggest that I am passing the buck.

My point is that if knowledgeable individuals are not willing to spend the
time to assist less knowledgeable people to get the first leg up in the
much-less-than-obvious world of FOSS/FLOSS/Whatever, then they are just as
responsible for security risks and endangerment as people who ignorantly
recommend windows, mac, etc because as you put it "When we encourage people
to say, buy a Macbook or a Chromebook because we're happy to support it
over say, Windows, we're making things worse."

Again, just as I still haven't heard a strong argument why google hangout
is "as bad" or "worse" than Skype, I don't yet see good arguments why
Chromebook is such a bad option for "many" use cases. In fact, I don't see
why a lot of mobile devices that are wifi only might be such bad options.
However, don't worry, I won't be advocating for you to use a windows mobile
or apple tablet anytime soon.

>
> >
> > Otherwise what is your point?
> >
>
> This essay seems like a longer version of what Micah has expressed:
>
>   http://www.gnu.org/philosophy/free-sw.html
>   http://www.gnu.org/philosophy/right-to-read.html
>
> I also suggest reading these two essays by RMS:
>
>   http://www.gnu.org/philosophy/shouldbefree.html
>
>
>
> http://www.gnu.org/philosophy/when_free_software_isnt_practically_better.html

I will definitely read up, though by pointing me in this direction, you
open yourself up to replying to relevant and serious clarification
questions as follow up. (the Gunner clause ;) )

>
>
>
> He is also talking about how the threats to a user might include Google
> itself (eg: my legal cases!) or perhaps even the network you're using
> (hint: ChromeOS has no way to protect you against such an attacker, so
> no, it isn't safe to use everywhere or perhaps anywhere depending on
> your trust of the local network).
>

Again, depending on your threat model. Who said "everywhere" or "anywhere
for everyone?"

>
> > It seems like you are being needlessly confrontational or outright
> ignoring
> > the quite reasonable counter arguments to various linux
> OSes,Ubuntu/gentoo/
> > etc etc being made here.
>
> Most of arguments I've heard here boil down to privileged wealthy people
> complaining that learning and mutual aid or solidarity is simply too
> hard. The worst is when people who train people in risky situations make
> those kinds of statements.
>

LOL. I'm, frankly, quite offended if you are indeed suggesting that I am
making those statements.

Also, remember that I'm currently involved in developing what is probably
the first FOSS(FLOSS?) tool for mobile multimedia reporting that is built
on secure-by-design principles.

Why? because traveling to various risky places and training people in
person will never ever scale, and is in fact potentially dangerous for the
trainees. Instead we're developing a tool to help them learn on their own
and at a distance, and that will give them relevant pointers on-the-job,
oh, and publishes to the YouTube API with resumable upload over Tor. So
yeah, we are thinking about this stuff from a user-first perspective and
not a "privileged wealthy people" perspective.

What even counts as wealthy? should we get into class and privilege debates
here? That seems like something no one ever ever wins.

>
> It's frankly, really and seriously embarrassing.
>

Yep, it would be seriously embarassing if it was accurate or relevant,
luckily for us all, its not!

cheers

Brian

>
> All the best,
> Jake
>
> > On Feb 6, 2013 7:09 PM, "micah anderson" <micah at riseup.net> wrote:
> >
> >> Andy Isaacson <adi at hexapodia.org> writes:
> >>
> >>> On Wed, Feb 06, 2013 at 10:52:23AM -0500, micah anderson wrote:
> >>>>> - ChromeOS's update mechanism is automatic, transparent, and
> basically
> >>>>> foolproof.  Having bricked Ubuntu and Gentoo systems, the same is not
> >>>>> true of Linux.
> >>>>
> >>>> I would be surprised if you actually 'bricked' these systems, since
> >>>> neither operating system you mention involves a procedure that has the
> >>>> risk of bricking a device. I suspect this is hyperbole?
> >>>
> >>> I've had dist-upgrade (or the GUI equivalent) make an Ubuntu system
> >>> unbootable and unrecoverable without recourse to a rescue-image and
> deep
> >>> magic grub hacking, etc.  That counts as "bricked" when the easiest
> >>> course of action is to simply reinstall the OS from scratch.  It's not
> >>> "bricked" in the sense that an Android install gone awry can require
> >>> specialized hardware (JTAG dongle etc) and crypto keys to fix, but it's
> >>> equivalent from a user's point of view.
> >>
> >> I understand where you are going with this, but when it comes to
> >> terminology, I think it serves to confuse the issue to misuse the term
> >> 'brick'. You cannot, as you say, "simply reinstall the OS from scratch"
> >> on a device that has been bricked.
> >>
> >> I can't wait for the day when Google accidentally pushes an update out
> >> that actually bricks their devices, because when that happens, there is
> >> no way to "simply reinstall the OS from scratch".
> >> --
> >> Unsubscribe, change to digest, or change password at:
> >> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> >>
> >
> >
> >
> > --
> > Unsubscribe, change to digest, or change password at:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> >
>
> --
> Unsubscribe, change to digest, or change password at:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>

-- 

Brian Conley

Director, Small World News

http://smallworldnews.tv

m: 646.285.2046

Skype: brianjoelconley
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130207/119269c2/attachment.html>