>In symmetric encryption, we don’t need to do anything, thankfully

This is valuable because it does offer a non-scalable but very important extra layer that a lot of us will be able to implement in a few important places today, or could have for awhile even. A lot of people and organizations here may have some critical systems where they can make a meat-space-man-power vs security trade by virtue of pre-shared keys and symmetric encryption instead of the more convenient and scalable normal pki. For me personally the big one is WireGuard, where as of a few years ago I've been able to switch the vast majority of key site-to-site VPNs to using PSKs. This of course requires out of band, ie, huffing it on over to every single site, and manually sharing every single profile via direct link in person vs conveniently deployable profiles. But for certain administrative capability where the magic circle in our case isn't very large this has been doable, and it gives some leeway there as any traffic being collected now or in the future will be worthless without actual direct hardware compromise.

That doesn't diminish the importance of PQE and industry action in the slightest and it can't scale to everything, but you may have software you're using capable of adding a symmetric layer today without any other updates. Might be worth considering as part of low hanging immediate fruit for critical stuff. And maybe in general depending on organization and threat posture might be worth imagining a worst-case scenario world where symmetric and OTP is all we have that's reliable over long time periods and how we'd deal with that. In principle sneakernetting around gigabytes or even terabytes of entropy securely and a hardware and software stack that automatically takes care of the rough edges should be doable but I don't know of any projects that have even started around that idea.

PQE is obviously the best outcome, we ""just"" switch albeit with a lot of increase compute and changed assumptions in protocols pain, but we're necessarily going to be leaning on a lot of new math and systems that won't have had the tires kicked nearly as long as all conventional ones have. I guess it's all feeling real now.

That has a lot of collateral damage that may or may not be desirable though. Simultaneously it might have quite a different long term effect right? If all the actual computers are unharmed they can be powered in other ways in an emergency, even if at much higher cost. Or powered back up later, the time lost might be militarily very significant but they're not gone.

But how many people and companies actually have full functional decentralized clones of all programs and data? How many people and companies have devices that are locked to remote hosts they expect to check in on at least once in awhile even if they're not "cloud dependent"? What if all that was literally gone, a few thousand missiles or drones and data centers are all just completely erased including tape backups, everything, suddenly we're in a world where all that compute and data is poof. And without hurting anything else, no traditional war crimes either, no power or direct food or transport disruptions. Everyone is fine and healthy, except with this huge societal exocortex gone.

I guess it makes me think about what a soft underbelly this could be for a lot of modern society. There's always been consideration of threats to refineries and power stations and industrial production and all those big metal deals. But like, forget any sort of nuclear exchange, any sort of crazy super Starfish style big EMP, just purely a few thousand drones nailing data centers. Nobody even directly dies, just a lot of wrecked computers. What would be the cost of losing all the clouds and colo stuff? How long to replace, at what cost? How much depends on it?

----

0: https://www.datacentermap.com/c/amazon-aws/

I'm confused, what does ownership have to do with this particular failure mode? The issue here is a (for many) unforeseen new tradeoff involved in centralization. Colocating at a central place has the exact same tradeoff in this case: bandwidth is vastly more available and cheaper towards the core, and there are significant amortization gains to be had with a lot of basic shared infra. But it's also one big structure holding a lot of computers and infra everyone is depending on, that's the whole point of it! We're all sharing network backbone and power filtering/redundancy and so on and so forth, vs paying for that separately. That means a missile or drone or bomb hit to the building still hits all of us whether we own the servers there or we're running workloads on someone else's servers.

The only responses are either central counter measures or decentralization. Both have significant costs and complexity, that's why it wasn't just done proactively right?

One thing of somewhat interesting note: as far as I can find they didn't release any standalone signed IPSW file for most devices like they universally have in general, only for a few old ones. Perhaps because if there is an actively signed IPSW they don't have infra in place to prevent people from downgrading back to iOS 18 from 26? So update has to be done from on the device not via Finder or iMazing or the like.

Comments URL: https://news.ycombinator.com/item?id=47632615

Points: 3

# Comments: 1

Still an awesome project to learn about and I hope it's successful.

----

0: https://sylve.io/docs/

I'm honestly kinda curious how you came to this thinking after watching the launches, like the last Flight 11 [0]? They have the velocity listed at all times right there in the bottom corner. It's peaking over 7.4 km/s, seems pretty clear they were stopping just barely short and maintaining a ballistic path on purpose exactly as they said they would in the flight plan they filed ahead of time with the FAA for deorbit safety purposes, not because they couldn't have technically squeezed out another few hundred m/s and different trajectory if that was the goal. It's a hardware rich program, and their testing sequence has been reasonably careful about controlling the space of out of bounds scenarios (on the scale of rocketry). What has lead you to believe that they can do 7.4+ km/s with Raptor 2 and Block 2 but v3 won't be able to do ~7.8 (or that they couldn't have done it with v2 for that matter)?

----

0: https://www.youtube.com/watch?v=9tvK7flZ72c

I suspect that of "continuous presence in low orbit", "longer term new capabilities", "in budget", and "commercially successful" NASA is going to be forced to pick one or two and that's what they're resisting. Rushing things along almost always costs a lot of money and features. If you want to hit a budget and features then you have to be willing to wait for the various bits to line up and preferably spend some time experimenting and exploring new capabilities and strategies before big hardware commitments. There's a lot of moving parts here to think through. This would all be true even if that was NASA's only concern, vs going to the Moon and all the normal and importance science and so on they're getting pushed on.

As I said in a sibling comment, quickie comments on HN should be taken more as mental stimulation and kickoff points for further discussion as opposed to "final bill that has been revised in committee and is going to the floor for a full vote". The details of implementation are certainly critical, and not trivial either! I'm fully in support of thinking through various use cases. But part of why I'm interested in alternate approaches is that they might give us finer grained tools.

>Could this approach undermine the protections afforded by open-source licenses? (IANAL.)

I have actually considered that as well but didn't add it into a quickie comment. If we take the second path of approaches I listed there, then thinking about it all open source software would fall under a special even more permissive class of the tier 3, in that it already has "fair, reasonable and non-discriminatory" licensing for all right? Except that it's also free. The motivation here is the "advancement of the useful arts & sciences" and the public good, so having it be explicit that "if you're releasing under an open source license and thus giving up your standard first, second, and part of your third period of IP rights and monopoly, you're excluded from needing to pay a license fee because you've already enable the public to make derivative works for free for decades when they wouldn't otherwise anyway."

All that said, I'll also ask fwiw if it'd even be that big a deal given the pace of development? I do think it'd be both ideal and justified if OSS had a longer period for free, that's still a square deal to the public IMO. But like, even if an OSS work went out protection (and keep in mind that a motivated community that could raise even a few thousand dollars would be able to just pay for an extra decade no problem, the cost doesn't really ramp up for awhile [which might itself be considered a flaw?]) after 10 years, how much is it worth it that 2016 era OSS (and no changes since remember, it's a constantly rolling window) now could have proprietary works be worth it against 10 year old proprietary software all getting pushed into the public domain far faster? That's worth some contemplation. Maybe requiring that source/assets be provided to the Library of Congress or something and is released at the same time the work loses copyright would be a good balance, having all that available for down the road would be a huge win vs what we've seen up until now.

Anyway, all food for thought is all.

Your tax idea could certainly be another useful tool. My main immediate thought/caution would be:

>IE: if you make profit off of it, then it cranks up. There's plenty of music artists who's song blow up a decade or more later.

As we have endless examples of, "profit" and even "revenue" can be subject to a lot of manipulation/fudging given the right incentives. I also think that part of the cost I describe is objective: whether it takes off right away or takes off after a decade, as long as it's under full copyright it's imposing a cost on society the whole time. Also other stuff like risk of it getting lost/destroyed. So I do think there needs to be some counter to that in the system, sitting on something, even if it makes no money, shouldn't be free.

But the graduated approach might help with this too, and again they could be mixed and matched. It could be 1001.3^n to keep full copyright, but only 501.2^n to maintain "licenseright", 25*1.15^n for "FRANDright", and free for the remaining period of "creditright". Or whatever, play around with numbers and consider different outcomes. But feels like there's room for improvement over the present state of affairs.

Another alternative/additional approach would be to split up the nature of copyright, vs an all or nothing total monopoly. Let there be 7-10 years of total copyright, then another 7-14 years where no exclusivity of where it's sold or DRM is allowed, then 7/14/21 years where royalties can still be had but licensing is mandatory at FRAND rates, then finally some period of "creditright" where the creator has no control or licensing, but if they wish can still require any derivative works to give them a spot in the credits.

I think there is a lot of unexplored territory for IP, and wish the conversations were less binary.

Uh, where are you getting that from? From what I can tell at sources like [0] "most" Europeans overall (though with very significant country variance) do live in detached or semi-detached housing. Most also own it. Further, even for those in flats the higher voltage EU's grid runs at still means easier higher kilowatts at parking lot or garage chargers, so it's still an advantage anyway?

----

0: https://ec.europa.eu/eurostat/web/products-eurostat-news/-/d...

Oh come on. This is HN, we know how development works, how modular an OS, how the patch process works and what that entails for testing in an incredibly restricted and limited hardware base. We know they have no issue doing retroactive updates for quite awhile on the same code base for Macs, which have enormously more hardware variance then iDevices. These are extremely high profit margin premium products. You really don't need to carry water for the multi-trillion dollar megacorp with absolute wide eyed credulity.

And on other systems, even if it wasn't supported, it'd be perfectly possible for hardware owners to patch various components or implement workarounds. It's only on iOS that Apple is utilizing technical controls to stop that dead.

>That isn’t not allowing something that can be done.

Yes, it is. They are 100% using their technical controls built into the underlying hardware and then on up for not allow something that can be done. They could trivially allow hardware owners, even if only as a buy-time option, to have the ability to add their own certificates to the iOS root of trust, and in turn install and modify any software they wished on their own to the extent of their abilities. Apple wouldn't have to do anything except not exert maximal artificial control.

They don't do that. They have the power. It's their responsibility in turn. It's pretty irritating anyone who has been around the block as much as you have would try to white wash that. FFS.

It is very firmly "you are not allowed". In fact you're not even allowed to switch back to iOS 18 at all. Only actively signed iOS IPSWs can be installed (barring historical cases where someone had saved signing tickets). You can see the current status at sites like https://ipsw.me and if you're on any iOS 26 supported iDevice currently only 26.3.1 is signed. The last iOS 18 version was 18.6.2 from August of last year. If you go back to the iPhone XS/XR, you'll see they're still updating iOS 18, with 18.7.6 released two weeks ago (March 4), but they've chosen to force anyone who wants security updates to move to iOS 26 instead.

They have patched existing releases of iOS 18... but then they artificially restricted those patches only to a couple of phone models that don't support iOS 26. So if you're on a vaguely modern iDevice and are still on 18 because you don't want the new UI and other fuckups you are not allowed to install the patched 18. It'd be one thing if you had a phone that simply never supported iOS 18 at all, or if Apple wasn't patching iOS 18 at all for anyone, but that they've gone to the effort to fix it but then also used it as another lever for force upgrades is really sucky.

Well, so is satellite launch right? Cost, efficiency, and scaling are hard to do. That's SpaceX's entire raison d'etre. Doing a general public usable all weather maintenance free well designed phased array terminal they can sell for $250 and pump out by the millions is as worthy an achievement as near anything else in the Starlink project. And I'd love if it was more available too even terrestrially, for PtP/PtMP links alignment even motionless is a certain amount of work at long distances. And long range high bandwidth stuff isn't cheap. It'd be pretty cool if you could have units for $250 that you just needed to aim vaguely in the right direction and then it all just worked.

But in turn the composition of present satellites and the nature of their use/lifespan/safety systems has itself been driven heavily by economics. We don't make satellites out of steel or other safer materials not because they don't work, but because of the cost the extra weight imposes. We haven't put satellites in VLEO not because being lower is bad for communications or imaging (it's the opposite, lower is better) because it'd need more satellites, more fuel per sat, and higher cadence, all increasing cost beyond the historic ROI. But Starship or other future fully reusable methalox designs will give us vastly more mass budget and cadence for the same cost. Some of that could result in more trouble with existing designs made for a low cadence/high $/kg environment, because some externalities that were previously acceptable due to lack of scale stop being so at scale. But the same increased budget also means increased budget to ameliorate that. We can trade some of the gains for materials that burn up harmlessly in the atmosphere, designs for lowering apparent magnitude to the ground, for better self-destruct and end of life systems, more fail-safety, more redundancy in general, etc etc. And if that requires more regularly replacement that too is made easier but order of magnitude or more lower cost.

Some of this may happen naturally just due to self-interest, but other parts like pollution may require thoughtful regulation. But such regulation will be a much easier lift when it's affordable, so it's worth it to try to maintain an appropriately thoughtful mindset on the benefits vs tradeoffs and how to keep the former while reducing the latter.