What happened to running what you wanted on your own machine?

Original Article ↗ Hacker News Discussion ↗

Linux and “just run your own OS”

  • Many reply “Linux” as the one-word answer: if PCs can still boot ISOs, you can still run what you want.
  • Others counter this misses reality: key software (banks, ID apps, some games) may simply stop supporting Linux or non‑blessed platforms.
  • On phones, mainline Linux is technically possible but runs poorly (drivers, power management, app UX), so “just install Linux” is not a mainstream fix.

Security, convenience, and walled gardens

  • A big faction argues lockdown is a rational response to mass users who “just want it to work” and can’t manage malware risk; they like having at least one very locked‑down device (often their phone).
  • Opponents say “security” is a fig leaf for DRM, anti‑piracy, monetization, and vendor lock‑in, especially given app‑store malware and lack of true vetting.
  • Several suggest proper sandboxing / capability security would let users run arbitrary code safely instead of banning it.

Trusted computing, TPM, and remote attestation

  • Many see TPM, secure boot, and device/web attestation as the real long‑term threat: once major sites and apps require attested hardware, OS choice becomes moot.
  • Examples raised: Android Play Integrity, potential Web Environment Integrity, Windows 11 requirements, and future banking / age‑verification flows tied to specific hardware+OS stacks.
  • Some note attestation is technically robust (keys fused into secure elements), so spoofing is hard; others argue history suggests keys and vendors will still be compromised.

Smartphones, ROMs, and bootloader locking

  • Alternative ROMs (LineageOS, GrapheneOS) face tightening bootloader locks, OEM unlock keys, and disappearing device trees.
  • Even when you can flash, remote attestation lets apps refuse to run on unapproved ROMs; this is already happening with some brand apps.
  • People foresee a two‑phone world: one locked device for “official” apps, another open one for everything else.

Banking, government services, and mandatory “trusted” devices

  • Multiple anecdotes from Europe/Canada: state ID, taxes, healthcare, public transport and banking increasingly require a specific mobile auth app that in turn requires Google/Apple integrity checks.
  • Paper or non‑phone alternatives still exist but are shrinking and inconvenient; concern that phone‑free life is becoming practically impossible.
  • This concentration of essential services on foreign, corporately controlled platforms is seen as a geopolitical risk.

Passkeys, app stores, and future gatekeeping

  • Passkeys are criticized for embedding client identification and attestation, enabling sites to ban non‑blessed authenticators and lock credentials into specific ecosystems.
  • App stores, notarization (macOS), and store‑only distribution on mobile are viewed as further steps toward “panopticon computing” where unsanctioned code and anonymous developers simply can’t participate.

Risk to general‑purpose computing and open source

  • Several fear a slow “death by a thousand cuts” of general‑purpose computing: TPM, DRM, attestation, age‑gating, and regulation (e.g. EU CRA, “Know Your Developer”) cumulatively marginalize hobbyist and open‑source software.
  • Others are cautiously optimistic that PCs with open boot paths and Linux will remain, but concede that without political and regulatory pushback, market forces alone won’t preserve the ability to truly run whatever you want.