No, it really isn't. For decades I owned computers with operating systems which didn't have that capability. Once installed and configured, the OS was consistent and (reasonably) stable. Someone would literally have to break into my house or office to modify my settings or install software against my wishes.
Even after I started connecting my devices to the internet the OS itself had no ability to do these things and couldn't gain that ability unless I explicitly chose to install updates that enabled that behavior. That's entirely different from the situation today where MS forces updates and restarts, installs unwanted software on our computers, and has files and folders that we (even using administrator accounts) don't have access to.
Linux too is very different. Linux is transparent about what it does, adds, or changes. You have the power to choose which updates to apply or not. You have the power to modify any part of your OS so that it does what you want. I can't speak to all distros out there, but I've never seen a linux system force a restart in the middle of the day, or reinstall applications users removed without notice. Can't say the same for Windows. Unlike Windows, linux typically respects its users and their wishes.
You really don't have to write your own software in order to have software that respects you and leaves you in control of your own devices. It's kind of crazy that you'd think there could be no other way.
> My point is that there isn’t a technical reason that prevents Linus distros, or any other OS, from restarting your computer whenever it feels like it.
Go install MS-DOS 6.22 on a computer. You can leave that system up and wait your whole life and you'll never see it suddenly restart your computer without asking. The technical reason why it can't is because there is no code in that OS designed to check for and accept an order from someone at Microsoft to restart your machine without asking. It doesn't exist. You could choose to find or write and then install new software that gives that OS the capability to do it, but that capability just isn't there otherwise.
There's no rule that an OS has to include code to violate the rights and will of the people who install it on their devices. That's a choice that MS made. Far too many people have accepted that behavior from them so they keep pushing and pushing with new and increasingly user-hostile code and behavior but none of that is inevitable or unavoidable. That is what's a very recent development. For a very very long time no operating system would have dared to violate their users that way. None of them did.
Yes, at a certain level you have to be able to place some level your trust in your OS. Especially one with internet access. MS has shown themselves to be entirely untrustworthy, but they could still change all of that. They could strip out every line of code that allows them to remotely access your system without your explicit permission. They could be 100% transparent about what their updates will do to your computer if they are installed and they could give you the ability to not install any update you didn't like and revert to any previous state. They could give you full access to every file and directory and process and give you the ability to control every aspect of their OS. They could vow to never modify a setting after you've changed it. They just choose not to do those things, because they don't care about you or your privacy or your wishes, or your rights. As long as people continue to use windows, Microsoft stands to make a lot of money by ignoring those things.
Right. There is no technical reason why the OS vendor couldn’t attack you in the past, but software industry norms have changed over the years. What has changed is trust.
Today, you have to consider commercial OS vendors (and third party application developers) to be remote attackers in your threat model. More and more, they write their software to serve themselves rather than their users, and to make computers do what they want them to do, not what the users want them to do. This was not the case decades ago, even if the technical ability was there all along.
> More and more, they write their software to serve themselves rather than their users
Well said! I really miss when our products served us but I can't think of a recent purchase of anything internet capable that wasn't designed to work for someone else (and against me no less). I don't see "never own an internet capable product again" as a viable option here, and I'm not sure what else we can do to protest this besides push for government intervention. In the meantime, I try to firewall off whatever I can.
> My point is that there isn’t a technical reason that prevents Linus distros, or any other OS, from restarting your computer whenever it feels like it.
Wrong, the point of the operating system is to manage local state, hardware, etc.
The point of viruses, malware, and spyware is to exfiltrate data and control from a set of systems. This is getting to the point where Windows itself is a worse virus than just downloading the random shady program from the internet, with all anti-virus turned off...
And the technical distinction? You can turn off everything in linux, you can make it so the computer cannot update itself. The Operating System is unable to change itself in this configuration, the only way around this is for you to choose to update it.
This cannot be done with Windows, not without resorting to technical tricks that look at lot like what malware and viruses have to do. This a is pretty, and important technical distinction:
Operating Systems don't have built-in backdoors that you cannot turn off by design.
Malware and botnets, have built-in backdoors that you cannot turn off by design.
> Wrong, the point of the operating system is to manage local state, hardware, etc.
Yes, and to manage local state and hardware it needs to be able to control the hardware and other software.
You can build an OS that doesn’t take advantage of those capabilities but you can’t build an OS that doesn’t have them. Hence why the key is trusting your OS vendor.
> And the technical distinction? You can turn off everything in linux, you can make it so the computer cannot update itself. The Operating System is unable to change itself in this configuration, the only way around this is for you to choose to update it.
Sure you can do all that but what you can’t do is make it so your Linux based OS can’t control your hardware and software. At the end of the day, the key is still trust, either in your vendor or in your own audit.
You have presented a great many reasons why Linux is more trustworthy than Windows to many people but you cannot get around the problem of having to trust someone.
> but you cannot get around the problem of having to trust someone.
You still don't get it...
At the end of the day, I don't have to trust anyone with an OS that I fully control, with hardware that I fully control, because I can verify every bit of hardware, every bit of software, even stop the kernel from doing things if I want to (yes its possible, technically).
Sure, I can place some temporary trust in some components, but it doesn't matter really, because I can always swap/disable/remove audit/reaudit any component. You can choose to trust, as much or as little as you want. I don't have to use the kernel at all if I don't want to, I could swap in another one and still be good to go (more or less).
This is different from the case here, where by default, not of my choosing, actively and persistently nearly every aspect of a Windows computer is obfuscated, un-auditable, actively and without consent doing things that are not operating system things but spyware, bloatware, crapware, or just straight up malware. You can wave your hands around as much as you like waffling about "trusting someone" but there is a big big difference between someone acting reasonably, and choosing to allow them into your home, and "trusting" someone with a knife to your back not to shiv you.
One is reasonable, a choice, and low risk, the other is clearly none of those things. You don't have to "trust" low risk situations, they are just low risk, no trust involved.
No, it really isn't. For decades I owned computers with operating systems which didn't have that capability. Once installed and configured, the OS was consistent and (reasonably) stable. Someone would literally have to break into my house or office to modify my settings or install software against my wishes.
Even after I started connecting my devices to the internet the OS itself had no ability to do these things and couldn't gain that ability unless I explicitly chose to install updates that enabled that behavior. That's entirely different from the situation today where MS forces updates and restarts, installs unwanted software on our computers, and has files and folders that we (even using administrator accounts) don't have access to.
Linux too is very different. Linux is transparent about what it does, adds, or changes. You have the power to choose which updates to apply or not. You have the power to modify any part of your OS so that it does what you want. I can't speak to all distros out there, but I've never seen a linux system force a restart in the middle of the day, or reinstall applications users removed without notice. Can't say the same for Windows. Unlike Windows, linux typically respects its users and their wishes.
You really don't have to write your own software in order to have software that respects you and leaves you in control of your own devices. It's kind of crazy that you'd think there could be no other way.