Same with Android - from 2008 to ~2018 I was rooting and putting custom ROMs on my phone before I'd even got it home. These days I rarely bother because the functionality that I required is finally provided out-of-the-box.
It's no longer my phone If I can't decide what gets installed and what shouldn't
It is possible to reject the update. Just disable automatic updates of the Google App in the Play Store. You could even return to Google Assistant by reverting Google App to an older version.
What is really needed is being able to choose what updates to install, and more generally, being able to get rid of all the crapware that uploads everything you do on your device to your corporate overlords. Not just particular "apps", but the operating system itself.
The fact that most people in 2025 simply accept carrying around 24/7 a device with GPS, microphone, camera and wireless network connection, which they cannot control or even know what it does at all, is dystopian.
Imagine if this was the norm with PCs back in the 1990s. Linux would never have existed, since there would have been no way to replace the pre-installed Microsoft OS with something else.
However there have been some efforts last year or two to break the security. I remember reading about some exploit some time ago that would work from the original Xbox One to the current Series X devices though it relied on some program on the store that it was removed. However (supposedly, i do not own an Xbox One) the files were archived and one is still able to modify and compile the program (so it wont be caught by whatever automation MS has), use dev mode to put it on the store or device, then use that to apply the exploit.
I expect the Xbox One (and later) to be cracked open pretty much as soon as Microsoft abandons the whole thing as recently their interest in Xbox seems to be waning.
Imagine that. The computer you bought and own can run the code you want. Wild.
Now what's Apple's excuse?
> removed a large incentive for trying
I'm not entirely buying this, there's a big difference between running any code you want and the Xbox dev mode. If I look at jailbroken consoles of the past, people do way more stuff on them than what you can do on an Xbox with dev mode, like implementing various ways of self hosting and playing a huge library of pirated/backup games off local network storage, which Xbox dev mode can't do.
So I don't think incentive is gone, just that the barrier is too high for your common hackers in their homelabs. I'm sure private companies with six figure side channel analysis equipment and unlimited hours can crack them no problem but there's nothing to gain from that.
"Hey, leave my favorite 3 trillion dollar company alone! They can't possibly figure out how to make secure computers that run your own code with that kind of budget. The only way is if we let them have a monopolized anti-consumer anti-developer walled garden."
- HN logic
For a moment I thought I was on Facebook. Good job you made it clear.
(The Intel/AMD difference on IP rollover is also funny but given the number of other ways to circumvent things...)
I actually use this as a teaching example - it's a great way to talk about how CPUs actually work and interact with other hardware, and a good understanding of this gives a lot of insight into low level platform design
Never read about this before, but the explanation in the wiki seems made up to me. The way it's described makes it sound like yet another legacy "feature" that's been there forever, but older x86 CPUs did not (generally) behave like this.
The 8086 (and 186) did wrap around of course, because they had no memory protection and only 20 address lines. But I know for a fact that the 286 would fault and invoke interrupt 0Dh [1][2]. I'm fairly certain the 386 did so as well. Segment limits are enforced even in real mode, and at reset they are initialized to 64K. Or is the CPU already in protected mode, and segment limit set to 4G? In that case Intel and AMD might differ. (The 286 was 16-bit, so 64K was the maximum there. Arguably, the "correct" behavior for 386+ would be to do the same thing when the limit is 4G)
What it says about opcode FFFFh however is even more likely to be wrong. That opcode has always been undefined, only the original 8086/8088 ("1970s stuff") would execute it, but as PUSH DI instead of NOP. It's not impossible that Intel made the decision to interpret it as NOP in some later generation, without ever documenting it. But I just tried this on my modern-ish Intel machine, and it aborted with "Illegal instruction".
[1] third post in https://forum.vcfed.org/index.php?threads/286-cpu-experiment...
[2] also note it isn't a double fault (interrupt 8). And shutdown occurs on a "triple fault", i.e. when the CPU fails to invoke the double fault handler.
17 Mistakes Microsoft Made in the Xbox Security System - https://news.ycombinator.com/item?id=781036 - Aug 2009 (1 comment)
> If the reader finds the mistakes in the design, this proves that Microsoft has weak developers.
(The article even goes on later to say basically "don't attribute all of these to stupid engineers", and the explicit 17 mistakes are almost entirely not related to the technical content of the security breakages, so there's a sleight of hand being performed here already between "mistakes in the design" and "mistakes in organisational software engineering practice"!)
While I have no love of Microsoft software, and clearly the Xbox was woefully insecure, the statement ignores the fact that knowing there is something to find is often enough to find it. I am failing to find the definitive article about this, but there's something about this by Michael Nielsen or Andy Matuschak or similar. One of its examples is a quote by Kasparov or Magnus Carlsen or similar, to the effect that the single word "now" at the right time would be enough to win a game, because it would announce that there was a discovery to be found. This article is entitled "17 Mistakes…", and it also presents the relevant details of the design rather than all the details of the design, so the problem of finding the mistakes given the description is much, much easier than the problem of reviewing a complete design spec.
munchler•7h ago
dang•4h ago