This is a really good thread on why this technology is becoming a problem for "open" anything. The argument "we can create our own separate web" is fine until all of your services are behind the web that locks you into owning a Google approved or Apple approved mobile device.
I like to ride my bicycle with my friends in rides organized by the (Pacific Northwest) Cascade Bicycle Club. They require that I solve a Google reCAPTCHA in order to register for a ride. Google is already completely locking me out from being able to do that. When I try to click on the squares to select whatever items it's asking, it indefinitely loops. When I try using the audio version, it completely blocks me from using it saying that there has been suspicious activity.
That means that I ride alone these days. I did not renew my membership this year.
The last time I experienced something like this was when Facebook starting being the only way to participate in certain events. Back when that happened, I simply counted myself as excluded and did other things with my time and money.
I also had a similar issue with Cascade Bicycle Club - they chose to organize things via WhatsApp, and since I am (inexplicably) banned from opening a Meta account I was completely left out of the group and missed out on many rides/details that were only shared via WhatsApp.
When I tell people that this is even possible I get wide-eyed stares — as if they never contemplated that Meta could exercise their right to ban someone from the platform.
It's a huge problem and I have no idea how to fix it except talk about it and spread awareness. And I am not remotely interested in trying to work around the ban.
You bring up a good point. There is a general lack of awareness of how much power we're giving these monopolists. As a kid, in school I was thought to be weary of drugs, STDs, pimps and other threats. This should be added to the list. Yhis is a clear cut case where governments should start educating the people about this.
I hope you contacted them to explain why. People usually think I’m a nut when I do it, or are too stupid to understand and think it’s a tech support issue, but it’s worth at least trying to make it clear that you are choosing not to use/do/pay something because of their choice to use recaptcha
+1 to this. I had a long conversation with a local shop that went to only ordering online or through an enslaved ipad on a pedestal at the entrance. I explained to them that I wasn't going to use their app or web page online and the iPad at the door has people trying to figure it out so orders take longer, and the combination means I just won't eat there any more.
I also stop going to these places, and also not out of any deep principle, it just isn't something I want to waste my life doing, I'll go somewhere i can just ask for what i want to order.
The old, open web is too easy to attack and that is part of what has led sites to adopt technologies like this. I hope there are better solutions than everyone-is-their-GoogleID, but how realistic is it that people just trying to run a bakery, a bicycle ride, &c, will find them? They have other things to do.
And it didn't even take attestation to cause this absurd situation where many businesses or social groups were only reachable behind Facebook or Whatsapp or whatever.
To me this is such a bizarre cyberpunk dystopia. Like if we could only send letters and packages to people subscribed to the same private postal service, or drive on roads that had cross-licensing with our brand of car.
IMO, it would be better if they removed the claim “It doesn't provide a useful security feature” because, even if it does, the collateral damage of making non-Google, non-Apple OSes second class citizens remains, and that is the main problem.
> it would be better if they removed the claim “It doesn't provide a useful security feature” because, even if it does,
What evidence is there that it does?
Attestation purports to prove the code is running on an "approved" device. There are multiple reasons that has no real security value.
The first is that "approved" not only has no relationship to "secure", they're actually anti-correlated. As the article points out, GrapheneOS has better security than normal Android. Moreover, as a general rule the stock firmware that can pass attestation is more likely to be outdated and have security vulnerabilities than a custom ROM, and also as a general rule devices (like PCs) with more open hardware have the ability to be updated. A four year old attestation-passing Android phone may already be out of support and unable to be updated while still passing attestation; a 20+ year old PC can run the latest supported release of e.g. Debian.
The second is that "secure" and "runs code the service doesn't want" are likewise unrelated. Suppose there is an Android device which is still receiving updates. A local privilege escalation vulnerability comes out and that device will get the patch, but hasn't yet. So now any attacker with any of those devices can get root on it until they apply the patch. Which means they can get root after the main filesystem is unlocked, modify the filesystem so they continue to have root by changing something that isn't part of the attestation hash but still causes code or scripts to run as root later, and then update to the latest kernel and continue to have root on a device that passes attestation. The device is secure -- fully patched -- but it's the attacker's own device and they can run arbitrary privileged code on it. Requiring every device to be "secure" against the person who has ownership and permanent physical possession of it is a ridiculous thing to take as a security assumption.
And the third is that attestation doesn't actually do what you want it to anyway. Banks want to make sure the user isn't entering their credentials into a compromised phone, but having the official bank app refuse to run on that phone doesn't actually prevent that, because the fake bank app which is stealing the user's credentials on a compromised device won't require attestation to pass regardless of whether the real one does.
> Attestation purports to prove the code is running on an "approved" device. There are multiple reasons that has no real security value.
BART (San Francisco Bay Area Rapid Transit), as a real world example, recently installed "evasion-proof" fare gates, and observed a 90% drop in vandalism-related maintenance expense. An overwhelming majority of fare evaders are not vandals, but apparently nearly all vandals were fare evaders. Bayes' theorem in action.
I don't have any data to back this up, but my sense is that attestation is an analogous situation.
In other words, banks and governments and other such institutions have noticed (and they probably do have data to back this up) that very few of their customers use "unapproved" devices and a very large majority of fraud comes from "unapproved" devices. They view banning unapproved devices as a high-ROI means to reduce fraud.
So, any argument predicated on "attestation is not security" is doomed to fail, just like saying "most fare-evaders aren't vandals". Yes, most people running GrapheneOS aren't trying to commit bank fraud, but the banks don't care about that if nearly 100% of fraudsters are using unapproved devices.
> In other words, banks and governments and other such institutions have noticed (and they probably do have data to back this up) that very few of their customers use "unapproved" devices and a very large majority of fraud comes from "unapproved" devices.
What would cause you to think that to be the case?
There are two primary ways that bank fraud happens. The first is that the attacker steals the user's credentials, at which point they can sign into the user's account and transfer funds, and can use any device the bank requires because they already have the credentials. The second is that the attacker convinces the user to transfer the money and then once again the user is using an approved device if that is required, and requiring it in no way prevents the attack.
Moreover, even if there was a statistical correlation -- which there is no reason to expect in this case -- that doesn't help you when the attackers could just use their stolen credentials on an approved device anyway, regardless of what they were doing before.
Vandalism can be reduced by excluding fare evaders because that's a class of people rather than a class of devices. Requiring the attackers to use an approved device when the approved device still allows them to commit the fraud accomplishes nothing.
> Vandalism can be reduced by excluding fare evaders because that's a class of people rather than a class of devices.
Just observing: People who don't own an iPhone or modern android are also, generally, of a class -- and probably one banks would prefer to not do business with for profitability reasons.
People who don't have spyware/lockinware for principled reasons are currently rare enough to not matter in this analysis-- though sure, they're probably customers the bank wants.
> Just observing: People who don't own an iPhone or modern android are also, generally, of a class -- and probably one banks would prefer to not do business with for profitability reasons.
I don't know about that. There are plenty of retirees who want nothing to do with this "modern technology" while still having large amounts of retirement savings that the bank very much wants at their institution.
Small (and for that matter large) business owners also have a tendency to have complicated financial situations and correspondingly want to deal with them using a computer screen rather than a phone, and that's another class of customers banks are certainly not interested in driving away.
Meanwhile I take it you're implying that the people who don't have a smartphone to do banking on are undesirable poors, but those are the people who do use a phone for banking, because bargain bin Android phones are available for ~$15 and that's the extent of what they can afford for an internet device.
Whereas the people using the likes of GrapheneOS might well be a small percentage of the customer base but they're still generally the class of customers the banks like, i.e. tech people with upper middle class financial situations.
I feel like the complaint about this not adding to security could be read in a really wrong way. Instead of "this is some hypocritical BS", could be interpreted as "lol let's lock EOL devices from even lower integrity tiers". Doubt this is possible because so, so many people use EOL phones, but still.
I would attribute EOL phone use to largely to being frugal or poor. I'm sure at least one person considers the ecological factor but I'd expect that to be a small cohort.
Eh, not really. Using EOL devices is genuinely a bad idea, it's just that with phones you have no choice due to the updates usually being only like 2-3 years and alternative OSes not being as accessible as Linux. And most people don't even care or know anyway.
That's one of the two main claims made by in favor of hardware attestation; so it makes sense to argue against it. Of course, the other claim (that categories of people must be kept "safe" from categories of content) is more insidious, so it does deserve more attention.
Wouldn't the argument be that you'd build separate copies of those services as well?
Granted, for banking or government-interactions that isn't feasible, but wouldn't it for many other things? It would likely be more expensive given that the work to build something still needs to be done and the cost is distributed among fewer shoulders and the lower complexity since you don't need to build ad-tech doesn't make up for that, but I suppose that's a bit like quality food.
> Wouldn't the argument be that you'd build separate copies of those services as well?
you can't if the service requires the network effect to function well, if at all. Look at blusky and all that alternatives, look at the pitiful attempts at making a youtube alternative, etc.
Ideally, we just run our own lives, collaboratively. That's the anarchist default position that we all start in.
What we really need is to meaningfully participate outside of the hierarchical monopolistic systems that demand our participation. That doesn't just mean that we create and hang out in distributed networks: it also means that we make and do interesting shit there, too.
The biggest hurdle I see is that we only really use uncensored spaces to do the shit that would otherwise be censored. We don't use distributed networks to plan a party with grandma, or bitch about the next series of layoffs. We don't use distributed networks to share scientific discovery or art.
I think part of the solution is to make software that is better at facilitating those kind of interactions, and the other part of the solution is actually fucking using it. How many of us are only waiting for the first part?
but what if the alternatives are fundamentally worse? Turns out centralization has a lot of advantages.
I think it's an error to demand the alternatives be as good-- that might not even always be possible. But even if they're less good they're usually still better than anything we could have imagined decades ago-- they're good enough to use.
And that should be enough because we shouldn't consider handing control of ourselves to third parties to be an acceptable choice at all.
Let's dig into what makes them worse, and see what we can do about it.
I think the main struggle is moderation. Moderation requires a hierarchy, which is much more compatible with a centralized model. I'm thinking that curation would be a good alternative. Rather than authoritatively silencing unwanted content, just categorize it well enough for users to filter what they want.
I agree with you, but many people have yet to understand that content they disagree with will continue to exist, no matter what, and central gatekeepers are not helpful in eliminating that content.
The fucking “nazi bar” analogy has ruined an entire generation. You would think after centuries of trying to stamp out competing ideas, humans would finally come to terms with the fact that it cannot be done.
Small curated groups are the only way to enforce ideological orthodoxy. You cannot force it on the public, nor can you punish the public for holding bad ideas without creating blowback and resistance.
I don't think we have to argue against the "nazi bar" analogy, though. In that analogy, nazis are allowed to exist in the world, just not in the bar. The difference is how we implement the concept of "in". The same analogy works if you are out on the street: everyone is allowed to be there, but that doesn't give nazis the right to your attention.
Until we have a real way to meaningfully process natural language (I have a serious idea for that, but that's another conversation), we won't be able to automate content filtration. The next best thing is ironically similar to what we came here to complain about: attestations in a web of trust. If everything we bother to read is tied to a user identity (which can be anonymous), we can filter out content from any user identity that is generally agreed to be unwelcome. The traditional work of moderation can be replaced by collaborative categorization of both content and publishers. Any identity whose published content is too burdensome to categorize can simply be filtered out completely. The core difference is that there are no "special" users: anyone can make, edit, and publish a filter list. Authority itself is replaced by every participant's choice of filter. Moderated spaces are replaced by the most popular intersection of lists. Identity is verified by the attestation of other identities, based on their experience participating with you.
I think we agree, the problem is people defining global platforms as “the bar”. We overemphasize the importance of global reach; it is important, but not everything needs to be global, least of all personal communication between small groups of friends. I don’t really want everyone herded into these public platforms where central authorities can determine who is blessed with the ability to speak to other people. I also don’t want people with political grievances to be cut off from places where they can air those grievances publicly, as this leads to bad outcomes. We need both kinds of spaces.
The web of trust idea is good, I have thought about it before as well, and I think there’s a couple of people who tried building a platform around it (I don’t think they got very far into the process though). I should be able to filter based on trusted people with similar taste. I shouldn’t have to accept a central authority’s notion of what is acceptable, excepting content that violates US law. That’s all I care about in terms of moderation.
When one group says “we don’t want surveillance” and the other group says “we will use surveillance to destroy you” the equilibrium is clear. This is why liberalism will not survive in the 21st century.
The problem with that argument is that there really is no such thing as public opinion at scale. You can poll people/the general public on just about any issue and the answers are going to differ massively depending on framing effects. In the end, it's hardly better than just flipping a coin.
Even if public opinion is unified, if they want something to happen, they are just going to ignore the public and do it anyway. Like the recent cases of data enter projects where they just ignore the public voting against them. Democracy’s weakness it it requires people to follow the rules, but if nobody voluntarily follows the rules, then we don’t really have one.
As usual, the story is much more nuanced and complicated than the simplistic and convenient narrative of "ignoring the public." And reading diluted blogspam like Tom's Hardware doesn't help.
> The commission rejected the plan to rezone the farmland [that would allow the data center to be built]. The township board followed suit, voting 4–1 to deny it. But locals quickly discovered that amid the frenzied AI infrastructure gold rush, “no” does not always mean no.
> Two days later, on Sept. 12, Saline Township was sued by Related Digital and the site’s landowners. Their lawsuit alleged “exclusionary zoning”—that the community had unreasonably barred a legitimate land use under Michigan law, and it hinged on the fact that Saline Township had no land zoned for industrial use, and that a data center qualified as a “necessary” use that could not be excluded altogether.
> The lawsuit underscored the township’s limited leverage. Even if officials had fought it, their lawyers advised them, the project could likely have moved forward via other avenues, such as partnering with an institution like the nearby University of Michigan, which can build projects that are not subject to local zoning in the same way as private developments. Meanwhile, a prolonged legal battle against well-resourced developers risked significant costs for the township, without securing concessions.
> Lucas, the town’s attorney, says the township board had little choice and did its best to be transparent. It was “between a rock and a hard place,” he said. “I’m not sure there were any good solutions.” Within weeks, the township had settled: It signed a court-approved agreement allowing the project to proceed, and construction began soon after.
> In exchange, the township secured roughly $14 million in community benefits—a relatively small sum in the context of a multibillion-dollar project, but more than 10 times its roughly $1 million annual budget. It includes funding for farmland preservation, local projects, and fire departments; along with a series of environmental and operational limits: restrictions on water use, noise caps, preserved agricultural land, and limits on expansion.
> David Landry, the attorney who represented Saline Township in the Related Digital lawsuit, told Fortune that he stands by his recommendation that the board settle with the developer. “The zoning power of any municipality—a township, a city, a village—is not absolute,” he explained. “In this case, exclusionary zoning was substantive—the municipality has to have a reason to say no. They just can’t say, ‘We don’t want it.’”
> Sarah Mills, a professor at the University of Michigan who studies land use planning, agreed that the town had few good options once the lawsuit was filed. “States determine how much authority local governments have in zoning, and those systems vary widely,” she said. “What local governments can do through zoning is highly controlled and regulated by the state.” Local governments are also often strapped for cash, making it difficult to defend against zoning challenges, she added.
> Marion, the township clerk and sole board member who voted in favor of the proposal, said this reality was on her mind when she voted yes. It wasn’t because she favored a data center, she said, but because she did not believe the town could win in a showdown with Related Digital. “They were doing studies,” she said. “They were pulling permits.” Township attorneys and consultants had warned that a denial could trigger a lawsuit—an outcome Marion said felt intimidating. “Everything was drafted and filed with the county within two days of the meeting,” she said of the lawsuit. “They had this all prepared.”
> If the township had continued to fight and lost the lawsuit, Marion said, homeowners could have been on the hook for tens of thousands of dollars in tax assessments to pay for the legal battle. “The insurance company was only going to pay for an attorney to defend us up to so much money if we decided to fight it,” she said.
So a vote happened, and when it didn’t go their way, huge company threatened a huge lawsuit that the township and citizens couldn’t afford, to get their way anyway. Standard corporate bullying tactic in America.
The story perfectly exemplifies how little democratic control the public has over what corporations do in and do to their community.
The reason the would-be purchaser sued the state is that they had a plausible argument that the township's denial was illegal under Michigan state law. There are quotes in the article from the Governor's office that they support the construction of data centers. This isn't democracy not working; it's that the efforts need to go up to the state level in the hierarchy.
And when you find that your state senator's votes don't actually matter, will we start engaging in federal politics? I suspect, if it makes the right person a buck, that even once the federal legislature votes against it, you'll find a treaty or free trade agreement or something requires those votes to be overridden. And by the way, the data center was built and began operating 10 years ago.
State law is yet another tool commonly used by corporations to overrule the will of the people. The Law is a product that corporations and the rich purchase.
Even accepting your premise your options are still either:
1) Don't participate (and accept the consequences)
2) Participate (and accept potential disappointment/failure, with the benefit of having tried)
If you view 2) as fruitless unless your desired outcome is likely, you miss the potential value in the pursuit itself: working with like-minded people, building community, developing new skills, taking agency in your own life, and whatever else might come up along the way.
I don't begrudge anyone for choosing 1) (as long as they own their decision and don't force it on others), but 2) still seems like the aspirational choice I'd want to make if I could.
Stop sitting at home projecting apathy and ennui in between WOW raids and rounds of LoL.
Mountains of evidence from history shows public has to stand up for itself, not lick boot.
Refuse to give the politicians and owner class assurances they too refuse to provide.
Most of them are old af and have no survival skills. They're reliant on the latest social memes, stock valuations not religious allegory, that are not immutable constants of physics.
Boomers looted the pension system of the prior generation to fund Wall Street. Take their money. It's American tradition.
Remind them physics is ageist and neither physics and American society afford no assurances anyone has food and healthcare.
I'm convinced that in the billions of people living on Earth, there are a couple million that could agree on things that currently divide countries, like this. Sadly they're unlikely to ever be able to gather together in a single state.
The status quo is nation-states in roughly their post-WW2 borders, and it's fiercely protected. The upside is stability and fewer wars, the downside is that the only way to try anything new is to co-opt an existing country. Adding to that, most countries are ethnostates that would prefer to have only a small percentage of their population be migrants. It's an easy way toward social cohesion, you just stay roughly where you're born, with people who were also born there and share the same cultural background. As we can see, it's not ideal - two lifelong neighbours can easily hold completely opposite moral values.
The problem with "us" is that it's not enough to agree on one small question ("is hardware attestation good or bad") to happily live together in our own country. "We" have a wide variety of opinions about pretty much everything.
In other words, "we" exist only to fight against this one thing we disagree with. And even there, we probably don't all agree on how to fight it or what to do instead.
Where would you do that? Realistically, the question is one that cannot even be asked safely: are there enough of us to overthrow the existing systems and replace them with something better?
The answer to either question, really, is no. The powers that be have systematically implemented policies that keep us divided to prevent that eventual outcome.
In terms of headcount, and especially those who are working on this hostile stuff, Big Tech is not even that big compared to the rest of the population.
Who is the "us" in your question? Theoretically in democracies we should be able to decide this, if we aren't being distracted from real political questions with the culture war stuff that divides the public's attention and divides neighbors from each other.
Any new country will have these same issues, eventually, and probably a lot more that don't seem obvious on the surface.
Fighting against these sorts of monopolies seems far more likely if we can figure out what forces inside the EU and the US are driving these changes and find a way to educated the public, interest groups, and politicians about what's going on.
The question is rather: can political parties develop a vision beyond libertarian views or full state control on the other side.
I feel that we need a better political consensus on a free society that puts the monopoly of force in the hand of democratic legitimate forces. I currently feel that all digital violence lies in the hands of a few corporations. And at the same time there is politician that like this because they can through this proxy can indirectly execute control without any political legitimacy. Sorry, I do not believe in markets as guarantees for freedom. I have read too much dystopian sci-fi for that.
Yes, it requires you to have an approved device for certain tasks.
But you can own multiple devices. You can use an approved device specifically for banking or Netflix and whatever device you like for all your other tasks. Maybe you could use an approved device (a Yubikey?) to authenticate your other devices?
Also, governments should be leaning on them to approve more devices.
Having worked at IBM, I would guess that using the tab key in this way was part of a patent they were pursuing and Microsoft's use would show this to be 'obvious' and thus not patentable. But that is just a guess.
In the 80's IBM had a whole class of high level technical people called "Systems Engineers" whose entire job description was to opine on the merits of any given system. Not write systems, not debug them, and certainly not to explain them, it was simply to opine "you're doing it wrong."
Microsoft is suffering from the lack of such a group today; they're definitely doing it wrong, where "it" is pretty much everything... except pissing off users.
For trademark safety, this is the correct approach. You can say "Blah for XXX" and that's fine but if you say "XXX blah" then you can get into trouble.
It's not a rule, it's just convention. Trademark law is about whether there is confusion about who made the product but not specific wording. Using "Blah For XXX" wording just makes it clearer.
"Tool for Windows" vs "Windows Tool"
The latter sounds much more like it could come from Microsoft. People repeat this because it avoids this confusion but it is not mandatory. A few projects on Github have had to be renamed because they've been challenged and the accepted solution from the trademark holder has has been to switch it around and become "for XXX".
In the present context, I'm reminded of IBM's "OS/2 for Windows", which, while actually a reduced-price version of OS/2 2.1 that used a customer's existing copy of Windows 3.1 to avoid the cost of licensing the Windows 3.1 components IBM shipped with OS/2 to support Windows compatibility, was also a marketing ploy to reposition OS/2 as a Windows enhancement rather than a replacement OS (which, to be fair, is not as misleading as it may sound, since OS/2 2.1, unlike Windows 3.1, is capable of memory protection and preemptive multitasking between Windows applications).
What if you just apply for a free sublicense and you get approved and your massive cadre of attorneys aren't fighting each other over 5 letters?
Apparently some HN people think that MS is so sleazy that they will just go "GPL yoink" and start running/advertising/supporting Linux without notice or consent the benevolent dictator. That's projection.
For a recursive acronym, I prefer LiNT, officially LiNT is NT, and unofficially, either Linux in NT or Linux is Not There, with the official and second unofficial definitions reflecting the WSL 1 architecture where WSL, like Win32, is a subsystem layered on top of the NT kernel, and doesn't rely on any Linux kernel code.
It's not a part of Linux, so it can't be a Linux subsystem. It is a part of Windows, so it is indeed a Windows subsystem. Also it started/replaced a part of the NT kernel called a Subsystem, so it is called a Windows Subsystem.
I don't know where that strong objection to this particular name comes from. MS does do weird things with names, like with Live, .Net or CoPilot, but this isn't one of those, but in fact named quite sensible. Would you also object to the 'Linux kernel module for Android'?
Use of the English language can often lead to ambiguity.
In the case of "Windows subsystem for Linux", it can be reasonably read that "for Linux" means that the functionality applies to Linux, i.e., to provide it with a subsystem that gives it Windows functionality.
Similarly, in the case of "Linux subsystem for Windows", it can be reasonably read that "for Windows" means that the functionality applies to Windows, i.e., to provide it with a subsystem that gives it Linux functionality.
> I would guess that using the tab key in this way was part of a patent they were pursuing and Microsoft's use would show this to be 'obvious' and thus not patentable.
Something that's bothered me about user-facing patents:
Let's assume that the idea of using a keyboard key to move between input fields in a software form is not obvious, and in fact is a brilliant stroke of genius the likes of which the world is not likely to see again. If that one guy hadn't been born, we would have gone thousands of years with no method, keyboard-based, mouse-based, or otherwise, of moving from one input field to another input field. Every piece of software would use nonconfigurable timers, and you'd just have to hope you could type fast enough.
I don't see what the hypothetical benefit of extending patent protection to this brilliant idea is supposed to be.
Say you're the company who comes up with the idea. You can benefit by including it in your product, where all your users can see it. In other words, the benefit you get from coming up with this idea is that you can publish it for the world to see, and that's the only way you can benefit from it. A usability feature that your users cannot use or know about doesn't increase usability.
Even though the idea isn't obvious, the implementation is. If you disclose your brilliant idea, everyone will copy it and your advantage in the marketplace will be transitory.
So... what is the purpose of giving you a patent? That cripples the marketplace, but it fails to realize the benefit of patents, publication. Publication necessarily had to happen anyway.
Err... wasn't your post a perfect example of why patents exist?
The concept probably has a real name, I call it first mover disadvantage. It is much easier to copy a mechanism than to invent it. So why even try? Every thing you have to spend real effort to invent is trivially copied the instant you try to sell it. And them copying it don't have to bear the nearly the R&D expenses you did. so it is trivial for them to sell this mechanism for less meaning you don't even get a fair slice of the pie.
So to try and limit this imbalance we invent a legal fiction, ownership, not of a physical thing, but the way it works. Not forever, but for 20 years you get ownership over those works.
Patents do have their problems, But I think the core idea is sound, create a registry of mechinisms, use this to provide economic protection to the inventor.
I worked on a software project make years ago. We spent a lot of money over months doing users studies to figure out the best UI for a narrow demographic.
The final UI was simple and intuitive, but it took a lot of money figuring it out.
I don't think the money would have been spent if our competition could immediately copy what we figured out.
Customers did benefit then, and now, 20 years later, anyone can do it, and humanity is little better off than if no research was done.
I don't know whether I'm missing something obvious, but with a patent, only the patenting company would use their patented idea. In your post you say:
> If you disclose your brilliant idea, everyone will copy it and your advantage in the marketplace will be transitory.
but that is the very point that patents are supposed to prevent. So why do you say that?
The post you're replying to says:
> I don't think the money would have been spent if our competition could immediately copy what we figured out. Customers did benefit then, and now, 20 years later, anyone can do it
so clearly the patent worked for them: they were able to use their simple and intuitive UI, while the competition could not copy it till 20 years later. So what is the question?
> “a brilliant stroke of genius the likes of which the world is not likely to see again. If that one guy hadn't been born, we would have gone thousands of years with no method”
But that’s not the criteria for granting a patent. It doesn’t have to be a stroke of genius. It can be something that many people could invent at the particular moment of the filing (as evidenced by many cases of near-simultaneous patent filings, like Daimler and Benz competing for the ICE in the 1880s). It just needs to be demonstrably novel.
I’m not saying tabbing back and forth through dialog fields qualifies, but then again it’s hard to place oneself in 1980.
The arrow keys, and enter, are the obvious ones to use, but you have to move off of home row to hit them. That's the "non-obvious" bit of using the tab key to navigate fields. Back when that level of usability was important.
> A usability feature that your users cannot use or know about doesn't increase usability.
Cannot is maybe doing a lot there. There's plenty of usability features that aren't really obvious or apparent unless you look very closely. Ex: pinball machines have timed shots, but there's almost always a grace period so if you contact the ball with your flipper around when the timer hits zero and it makes the shot, chances are you'll get credit for it even though the timer expired. That's a usability feature most users won't ever notice. At WhatsApp, I would never send an S40 user a verification code where the 4th digit was 8, because if you got a text message with 123-890, s40 would turn -8 into an 8th note emoji; until today, probably 3 people knew that ... but it dramatically improved usability.
> Even though the idea isn't obvious, the implementation is. If you disclose your brilliant idea, everyone will copy it and your advantage in the marketplace will be transitory.
> So... what is the purpose of giving you a patent? That cripples the marketplace, but it fails to realize the benefit of patents, publication. Publication necessarily had to happen anyway.
If I had gotten a patent on the 'avoid -8 in verification codes', then the technique would have been public for everyone to see. So publication for exclusivity / forced licensing is an exchange of value between society and the inventor. Of course, avoid -8 is pretty obvious, when someone testing the s40 client complains about getting an 8th note in their verification code message, you make a quick tweak to code selection to avoid sending those.
For an invention that must be disclosed to be used, society isn't really getting anything in return for exclusivity. Maybe promotion of progress, theoretically, I guess, in that whoever thinks of it first gets paid; leading more people to think about things?
You're missing the historical context. Prior to patents, inventions would commercialized as magic tricks and the mechanisms hidden. Then the inventor died and the secrets were lost.
For example, Cornelis Drebbel air conditioned Westminster Abbey in 1620. King James I (of the Bible) thought it was a cool party trick. But there was little ecosystem to commercialize and Drebbel moved on with his life, trying to sell other products with temperature controlled feedback loops + a submarine. Then he died.
The only commercialized invention of his was creating a dye that was redder than others. His son-in-law kept that a family secret and focused on selling this improved dye throughout Europe, since that didn't require revealing the secret.
The rational move was to give up on a multitrillion dollar HVAC industry to sell redder dye, since the second could be a trade secret.
And after reading the Wikipedia article on Drebbel, how have I never heard of this guy?
I'm particularly curious how the Royal Navy failed to realize the value of the submarine.
Reading over the article on the history of the torpedo, it sounds like early attempts to weaponize, by Drebbel and others, were unsuccessful.
Even so — bearing in mind that this a undoubtably a reflection of my own bias as a child of the Cold War raised in the shadow of the largest military-industrial complex the world has ever known — I can't help but marvel at the fact that no spare-no-expenses crash development programs arose to operationalize effective submarine-based warfare by the naval powers of the time.
> the benefit you get from coming up with this idea is that you can publish it for the world to see, and that's the only way you can benefit from it
That’s your opinion, but it’s not the spirit of the law. I’m personally fully against Intellectual Property, including for movies and music, for reasons that are obvious (public money is being spent aimlessly trying to prevent two private individuals from copying things that are copied by their very nature of being published - or trying to prevent people from using ideas that are contagious - what next, put a copyright on political ideas? on dance moves? on beautiful colors?) but that’s not the law.
> we would have gone thousands of years with no method
There are other methods: The 4 arrows. The tab method is much more efficient and easy to implement, but we would have gone with the 4-arrows-to-navigate-fields method.
IBMs earliest block mode terminals with field entry, including the 3270, predate the microprocessor. They were fully implemented with fixed hardware control.
> I would guess that using the tab key in this way was part of a patent they were pursuing and Microsoft's use would show this to be 'obvious' and thus not patentable.
IBM insisting it not to be tab wouldn’t make sense. Microsoft was working for them and the programs should adhere to the CUA (Common User Access) standard.
OS/2 1.0 and the first edition of the CUA were both released in December 1987 according to Wikipedia; Raymond's story isn't dated but could've happened before this. (If I had to make a wild guess, I could imagine this request was a side effect of some internal IBM battle about what the CUA should dictate).
Do you remember what the official definition was? I admit I was working at an internship in FEIS (Field Engineering Information Services) in Colorado and people with that title would occasionally yo-yo in to a meeting make some comment that didn't apply and then yo-yo out again. None of the engineers in the organization had anything but disdain for them. If you were late 80's, I was interning in the late 70's so its entirely possible that they restructured the job responsibilities somewhat. But again I'd really love to see what was the official job description from the time.
This is a wild story about creating a business that buys and sells not using electricity. I jokingly suggested you could build an 'energy consumption facility' which was just a big resistor connected to ground (which is all an unprofitable bitcoin mining rig is) and then get paid for not using it.
“His specialty was alfalfa, and he made a good thing out of not growing any. The government paid him well for every bushel of alfalfa he did not grow. The more alfalfa he did not grow, the more money the government gave him, and he spent every penny he didn't earn on new land to increase the amount of alfalfa he did not produce. Major Major's father worked without rest at not growing alfalfa. On long winter evenings he remained indoors and did not mend harness, and he sprang out of bed at the crack of noon every day just to make certain that the chores would not be done. He invested in land wisely and soon was not growing more alfalfa than any other man in the county. Neighbours sought him out for advice on all subjects, for he had made much money and was therefore wise. “As ye sow, so shall ye reap,” he counselled one and all, and everyone said “Amen.”
I guess this is popular because of the 'oh-so-stupid-government' vibes. Yet (almost) everybody buys the cheap meat (which the non-alfalfa farmer is also selling in reality) subsidized by not growing alfalfa. And when the subsidiaries eventually are withdrawn and the local farmer cannot compete with some other guy at the other end of the world who externalizes cost, then everybody buys from the other end of the world and complains that the local economy is going down. There would be more to this story, but currently it ends with (almost) everyone buying cheap meat and complaining about taxes.
edit: maybe my story is the same as the alfalfa one
> ...the local farmer cannot compete with some other guy at the other end of the world who externalizes cost, then everybody buys from the other end of the world and complains that the local economy is going down.
This is exactly why I do my grocery shopping at my local Demoulas Market Basket instead of a European grocery conglomorate named Aldi's.
The easy one first: The Matt Levine piece quotes the story linked here, so he's definitely not the original source...
And then, yes: If you can make more money by not using your big resistor than actually using it, then economically you would be better off not using it. If you can make money by not using it, then someone is willing to pay you because they get value out of it or they can avert some damage. If you threatened to use your capacitor without obvious use other than destabilizing the grid, that might just look a little too much like blackmail...
If you believe in markets, then someone coming up with the means to improve grid stability (here: by overall less consumption) should somehow be able to turn it into a profit. The issue here seems to be, that American Efficient didn't actually give any guarantees that they could reduce consumption. So it rather looks like whoever admitted them to the auction didn't do their due diligence. The whole market thing breaks down when there is actual fraud or when the identical thing gets sold more than once (actually, energy savings could probably be sold once for grid stability and once for reduced emissions - I'd say they're disjoint to first order, but might be connected indirectly).
That being said, there should be limits to markets.The whole market thing breaks down when there is actual fraud, when a party/faction has a disproportionate amount of power or when there are externalized costs that are not accounted for in the pricing.
I think you could actually build a small resistor (an energy efficient appliance if you will) and then get paid for not building a giant resistor (the hypothetical crummy appliance you didn't buy). I suppose one fix at least is to tie any ability to auction your load-reduction-services to the capability to actually reduce load on command. If you reduce load around the clock or at uncontrolled times (like an energy-efficient lightbulb) then your reward ought to be just the average price of power since you're not really helping to smooth out the peaks in any way. In general though these counter-factual pricing schemes are pretty prone to distortion I think and ought be be avoided. Ideally your reward for not using power during a peak is just you don't pay an inflated peak power cost.
This is possible, but the interconnect queues and costs are enormous. You'd be better off using a big battery instead of a resistor, then you can sell it both ways, and not rely on the portion of the day in the right portion of the year that there are widespread negative prices in California.
It's worth signing up for Levine's free newsletter and listening to the podcast (though there is substantial overlap in the content, it's still fun to hear what you've already read).
His take on this, crypto, all things Elon Musk, and the current 'predictions market' are funny and insightful.
I wish he interviewed more for his podcast. The Cliff Asness episode was great (and he knows it because they keep on rereleasing it ever month or two) as was Boaz Weinstein
May I suggest you read, "Scarcity: Why having too little means so much"
(https://www.amazon.com/Scarcity-Having-Little-Means-Much-ebo...) it is a really interesting book which explores maladaptive frugality. We often talk about money and how people don't have enough, but these principles apply to any resource, in my own case I found cases where 'never having enough time' would push me to make bad choices about how I spent time. The author is talking about spending money but consider the adage "If its worth doing over then its worth doing right the first time."
Its a much bigger problem on things like Amazon. My expectation is that Amazon would come under the provisions of this law if the buyer was in Maryland. One the most annoying things about Amazon is looking at different prices using a browser with no history and a VPN putting you in a different zip code, than the same product on your browser where they can see where you are coming from and know who you are.
So glad to see someone doing this. I like to believe that the Ukrainians will also be able to export their "dumb" tractors once the war is resolved. I had lunch with a friend of mine who retired from the VC business and he asked me what kind of company I would start if I could start one right now. I told him probably a "dumb printer" / "dumb TV" company with a fully open designs. If the rejection of the "trade your privacy for cheap products" push back is actually widespread (instead of anecdotal) then such a company would do well I believe.
I know several people who have met online like this. I'd concur with the authors that working together to achieve an objective is kind of table stakes for an actual relationship. I've always felt that meeting someone in class and working together on homework and what not was something like that. But the key for me is that when you work with someone on a project you get a better understanding of how they approach things and how their values stack up.
Value stacks are something I heard about in a "Marriage and Family" class in college where the professor discussed that if you value say "economy" more than "time", you spend a lot of time to save a few cents, but if you reverse that stack order your spend extra cents to avoid spending the time. If the person you're dating has a very different stack than you do, it will be a source of problems going forward and doesn't suggest you'll have a successful marriage.
Playing video games together should certainly be a way to get a handle on how someone's values stack up relative to yours.
>if you value say "economy" more than "time", you spend a lot of time to save a few cents, but if you reverse that stack order your spend extra cents to avoid spending the time. If the person you're dating has a very different stack than you do, it will be a source of problems going forward and doesn't suggest you'll have a successful marriage.
This exact difference exists between my wife and I. For example, when her car needed a replacement part, she enlisted her dad in an effort to find the cheapest part on eBay, attempt to replace it themselves, and then shop around for the cheapest mechanic to install the part they bought. When my car needed a part replaced, I took it to the dealership where I bought it. I figured they'd have the part on hand and know how to do it right. They would overcharge, but not a criminal amount.
We've come to an understanding: I like to use money to reduce stress. She likes to save money because it gives her a feeling of accomplishment. Not very different from hobbies.
> Value stacks are something I heard about in a "Marriage and Family" class in college where the professor discussed that if you value say "economy" more than "time", you spend a lot of time to save a few cents, but if you reverse that stack order your spend extra cents to avoid spending the time. If the person you're dating has a very different stack than you do, it will be a source of problems going forward and doesn't suggest you'll have a successful marriage.
Adding onto this, I feel like the child/children from a marriage like this also get mixed signals from their parents on what they should value in things like this. So firstly it confuses them and secondly, if they pick a side of any of their parent then they would feel like the other parent doesn't get them which might make them feel bad.
For a good marriage/parentalhood imo, there should be a common layer of value stack ie. bedrock of shared values and trust in a relationship. Disagreements can occur but with the idea of we are more similar than different. Maybe Video games help in either checking that or measuring that. I am not sure if competitive games better reflect it than relaxed games but honestly I feel like if you are already into a relationship and say video games don't work, then you also adapt to the other person values.
reply