The purpose of a locked boot system is privacy. A MacBook is a less secure device, and one that’s been rooted and had linux installed is basically open season for any attacker. An iPad trades off the ability to put some other OS, for fairly close to total security. State-level enemies can torture you or run expensive intrusion software… and Apple improves the defenses against the latter every time. Now it reboots if it hasn’t been used in a while, say sitting in an evidence locker.
Boot loader aside, you can write code on an iPad.
There are plenty of code editors, interpreters, and several of them have compilers. The premiere one is Pythonista, but I’m also fond of LispPad (R7RS Scheme). There are a few “linux in a box” things like ish, which give a full shell in a sandbox where it’s safe.
I wasn’t able to find any pico or nano apps, but there are several Vims and emacsen.
No. Once you strip away all the rhetoric, the purpose of a locked boot system is control (over who or what can boot the system).
Current secure boot implementations are like a door lock installed by someone else, which you are not allowed to replace and that may or may not allow you to cut your own duplicate keys for it. You have no control whatsoever over who the people who installed the lock may have given keys to, and if it turns out that the lock has a fundamental design flaw that means it can’t do its job properly, well, sucks to be you. You can’t even guarantee that the lock won’t morph into a new shape randomly or under the control of the installer, invalidating your existing keys in the process.
Rooting a device is a tradeoff. An unreliable door lock that you don’t entirely control may be better than none, but if you know you’re leaving the door unlocked, you also know you need to take other precautions to safeguard what’s inside (or simply not leave anything of value there in the first place).
The ideal would be a locked boot system that is installed by the user and is fully under their control, but I have yet to encounter one.
This opinion is so backwards, it’s actually impressive.
The purpose of a locked boot system is to control what the device does as much as possible, which intentionally, or incidentally (it makes no difference) means the manufacturer and only the manufacturer gets to decide how much privacy they get to invade.
This is simply incorrect. Implementing a lock on a bootloader is not dissimilar to a lock on your house. A person breaking in doesn’t care that they are breaking the law, they just need to find the how of breaking in. If I as a consumer want to enter my house or give a copy of my key to someone else as a backup I should be able to do so. If I want to leave my door unlocked I should have that right however foolhardy it is. And when it comes to locking the bootloader of a computer most people won’t notice it in general use but that isn’t the point. It is about the edge cases, the end of life for the device, the lack of security updates.
The purpose of a locked boot system is privacy. A MacBook is a less secure device, and one that’s been rooted and had linux installed is basically open season for any attacker. An iPad trades off the ability to put some other OS, for fairly close to total security. State-level enemies can torture you or run expensive intrusion software… and Apple improves the defenses against the latter every time. Now it reboots if it hasn’t been used in a while, say sitting in an evidence locker.
Boot loader aside, you can write code on an iPad.
There are plenty of code editors, interpreters, and several of them have compilers. The premiere one is Pythonista, but I’m also fond of LispPad (R7RS Scheme). There are a few “linux in a box” things like ish, which give a full shell in a sandbox where it’s safe.
I wasn’t able to find any pico or nano apps, but there are several Vims and emacsen.
No. Once you strip away all the rhetoric, the purpose of a locked boot system is control (over who or what can boot the system).
Current secure boot implementations are like a door lock installed by someone else, which you are not allowed to replace and that may or may not allow you to cut your own duplicate keys for it. You have no control whatsoever over who the people who installed the lock may have given keys to, and if it turns out that the lock has a fundamental design flaw that means it can’t do its job properly, well, sucks to be you. You can’t even guarantee that the lock won’t morph into a new shape randomly or under the control of the installer, invalidating your existing keys in the process.
Rooting a device is a tradeoff. An unreliable door lock that you don’t entirely control may be better than none, but if you know you’re leaving the door unlocked, you also know you need to take other precautions to safeguard what’s inside (or simply not leave anything of value there in the first place).
The ideal would be a locked boot system that is installed by the user and is fully under their control, but I have yet to encounter one.
This opinion is so backwards, it’s actually impressive.
The purpose of a locked boot system is to control what the device does as much as possible, which intentionally, or incidentally (it makes no difference) means the manufacturer and only the manufacturer gets to decide how much privacy they get to invade.
Get real.
This is simply incorrect. Implementing a lock on a bootloader is not dissimilar to a lock on your house. A person breaking in doesn’t care that they are breaking the law, they just need to find the how of breaking in. If I as a consumer want to enter my house or give a copy of my key to someone else as a backup I should be able to do so. If I want to leave my door unlocked I should have that right however foolhardy it is. And when it comes to locking the bootloader of a computer most people won’t notice it in general use but that isn’t the point. It is about the edge cases, the end of life for the device, the lack of security updates.
To expand on this analogy: Your (mobile) computer is your property, you shouldn’t be treated as if it was only a flat for rent.
How is it privacy if it locks you into using an OS that reports on you?