Superposition of Eigenellies
ME[learning about fuchsia for the first time]: oh god I hope that's not horrible
ME [hearing about fuchsia again a few months later]: it's gonna be horrible isn't it
ME [hearing more about fuchsia about a year later]: fucking bury it in the desert, holy shit
Nov 25, 2018 at 4:19amWeb
Show threadSuperposition of EigenelliesNov 25, 2018
How I would be looking ahead if I were Google:
- The biggest flaw in Android is that it's hackable and contains privacy features that make it possible to cripple the spyware in it
- The "look but don't touch" open-source model works great, let's clamp down even harder on it
- Why don't we try packaging most of the system in nice modular binary blobs, so that things like OEM drivers, platform-specific UIs, and apps are easy to install but impossible to modify
- Also how about it tracks all of its activity at the kernel level and reports it directly to us, and you can't disable that without refusing network access to the kernel altogether
- Sure, folks will try to fork it, but that won't go well for them if the OEM driver blobs are illegal to distribute and will only work with official signed kernels
Show threadSuperposition of EigenelliesNov 25, 2018
And better yet, they don't even need to hire any copyright police to make sure you don't accidentally try to hack the driver blobs into working on an unapproved kernel - the current Android communities will handle that for them, for free.
Show threadSuperposition of EigenelliesNov 25, 2018
Presumably there will be a few "community firmware blobs" available for purchase for $25-$50 to allow you to use a hacked phone, meaning that
A) no one will bother buying those, meaning that Google will be happy
B) anyone producing free versions of those will be labeled as an evil pirate and summarily exiled
Show threadSuperposition of EigenelliesNov 25, 2018
seriously though, we're absolutely fucked regarding OEM drivers and Fuchsia.
- Zircon is MIT licensed, meaning nobody has to open-source their modifications (e.g. kernel drivers!) like they do for Linux
- Vendors love to keep their firmware and drivers as locked down as possible because semiconductor IP is fuck fuck fuck fuck fuck
- Zircon is being marketed as a "microkernel" meaning that it will probably contain few or no generic drivers of its own
- We'll still have a little luck with RE, but RE is much harder than just working with published source
Basically I kinda feel like we have until whenever Fuchsia takes over the market to get FOSS hardware going, because we're really going to need it after that
Show threadAceNovo  Nov 25, 2018
@diodelass
Frack! I was hoping that was dead
Show threadLucie / minuteNov 25, 2018
@diodelass i do agree :/
Show threadBob Mottram 🔧 ☕ ✅Nov 25, 2018
@diodelass I havn't looked very far into what's going on with fuchsia, but this indeed sounds bad.

Google's biggest problem with Android has always been the Linux kernel. Despite being in the Linux Foundation they don't fully control it and the GPL license makes it hackable and redistributable as you describe. Try to upstream the kernel level spying in Linux and, Coc or no CoC, Linus will go off on a mailing list rant.
Show threadAdonay Felipe NogueiraNov 27, 2018
@bob @diodelass All in all, strong auto-upgradable #copyleft is very important. The current license used by #Linux kernel, despite not auto-upgradable, is still good, but must improve. #Fuchsia means, according to Eben Moglen, the loss of opportunity to foster best-practices for providers to respect society across generations. @sflc @conservancy @fsf
Show threadcharlagNov 25, 2018
@diodelass thread: 
Show threadAntanicusNov 25, 2018
@diodelass
The Librem 5 cannot happen too soon
Show threadBrian SwetlandNov 25, 2018

@diodelass For your consideration:
1. Presently all Zircon/Fuchsia drivers are open source except for the guts of the Mali GPU driver. The Intel GPU driver is open source, for example.
2. This is no different than many Android situations where the vendor GPU userspace library is a closed component.
3. Nobody has to release source != nobody will. Google certainly is and others are strongly encouraged to do so.
4. Linux's death seems unlikely to me.

(SW Engineer, not GOOG PR)

Show threadSuperposition of EigenelliesNov 25, 2018
@swetland
1. Encouraging, but I'm still waiting to see if it stays that way as Fuchsia develops and hits the market.
2. Yeah, and Android devices are already hellish to develop for.
3. Again, true, but I'm still expecting there to be some serious roadblock to having Fuchsia be hackable on the majority of devices. IIRC we thought Android would be hackable too, and nowadays almost everything has a locked bootloader and isn't rootable.
I appreciate your input. I'd really like it if this didn't turn out to be a nightmare, so I hope you're right.
Show threadBrian SwetlandNov 25, 2018

@diodelass I deeply appreciate the wariness about Google.

All I can say is there is a team of people who are very committed to open source and open platforms working on Fuchsia and I believe the engineering team would push back hard against the dystopian future of locked down horrible vendor blob drivers.

There's a lot of inspiration from the Chrome and CrOS folks here too, who are a very committed to open-source bunch.

I sincerely hope we prove your worries unfounded.

Show threadOndřej PokornýNov 25, 2018
@swetland @diodelass I was just going to respond that Chrome OS, not Android, should be setting the bar here.
Show threadBikey BoiDec 1, 2018

@swetland The team your interacting with might be very committed to open source, but without the teeth the GPL provides we're stuck with driverless, tivoized hardware, leaving end users with no ability to modify their OS or the bundled shovelware atop it.

Chipset manufacturers do not often release their code willingly, and making it easier to have black box drivers will only feed this issue. Google has not supported open driver projects other than leveraging their work AFAICT.

Show threadBrian SwetlandNov 25, 2018

@diodelass I know there are all kinds of theories about MIT/BSD and evil closed source, but, truly, I believe that's a distraction.

The team working on Zircon/Fuchsia, committed to open source, that has been developing the bulk of the system (minus product-centric apps & UI) fully in the open, for the past year and a half. Code-reviews and code. Live on fuchsia-review.googlesource.com / fuchsia.googlesource.com.

Compare vs Android "throw it all over the wall when it's done"

Show threadBrian SwetlandNov 25, 2018

@diodelass Speaking only for myself, as I do not (and do not wish to) speak for my Corporate Overlords:

I didn't come *back* to Google to work on an operating system that I felt would be *less* open source than Android.

I spent the first year of Android fighting for Linux-on-the-metal, instead of Linux-virtualized-under-L4 or other insanity vendors proposed.

I spent my tenure on the Android systems team ensuring that every Linux driver we shipped was open source.

Show threadSuperposition of EigenelliesNov 25, 2018
The most frustrating part of all this is that they're going to swing all of their anti-hacking/anti-modification measures as "security" features just like they already do. All the big tech news sites and current Android developer communities will snap that tripe right up and shame anyone who questions or circumvents those measures for being reckless and stupid.
Show threadwictoryNov 25, 2018
@diodelass gotta possess that capital. (Software and IP is a part of 'Other domestic capital)

http://piketty.pse.ens.fr/files/capital21c/en/pdf/F3.1.pdf
http://piketty.pse.ens.fr/files/capital21c/en/pdf/F3.2.pdf
Show threadrugk OLD ACCOUNTNov 25, 2018

@diodelass I could not jave it described better…

That's it! That's totally it!

We really, really need a real FLOSS mobile OS. What #Purism does e.g. looks great. Only that you still need an Android emulator for mainstream adopting so Android apps work well…
https://anbox.io/ does things here, but it is only in it's early phases.

Show threadSuperposition of EigenelliesNov 25, 2018
@rugk @rugk Purism's software is interesting, but their hardware is much too expensive. I'm much more intrigued by the PinePhone stuff.
Because of the stuff I described upthread, I'm pretty sure post-market OSes for mainstream consumer devices are a lost cause and will soon be as good as impossible to install. We really need accessible and available open hardware now.
And frankly, I don't think we need to pay any mind to compatibility with Android apps. 99% of the ecosystem is pure shit, and the rest is either expensive, resource-hungry, or both. There isn't much room for it in an open hardware world.
Show threadMaritriniNov 25, 2018
@diodelass same feeling, though I dont know as much as you