Why do you need to own devices? I'm perfectly happy with Apple being my phone's sysadmin, the way my company's IT department is the sysadmin of my workstation (or, more relevantly, the way Google is the sysadmin for ChromeOS devices.)
Modern devices are basically converging toward being enhanced VT100 terminals connected to some multitenant mainframe somewhere (a.k.a. a "cloud.") Whether that's Apple's cloud, Google's cloud, Microsoft's cloud, Canonical's cloud, etc. You could get the same effect (if a little slower) by just having the device be a dumb framebuffer connected to a VM running in said cloud.
The comparison with ChromeOS is flawed because you can go into Dev mode[1] on ChromeOS and do whatever the heck you want in a linux userland. There's even a project called Crouton[2] that allows you to install traditional Linux apps side-by-side on your Chromebook. You can also build ChromiumOS[3] the open-source version of ChromeOS and make it do whatever the heck you want.
I don't know about you but I want my sysadmin to work for me so that when I tell it to shut up and get out of my way, it does exactly that.
> I don't know about you but I want my sysadmin to work for me so that when I tell it to shut up and get out of my way, it does exactly that.
I do actually disagree there! And this is perhaps the fundamental disagreement we have. I want my sysadmin to be a capital-E Engineer and choose their ethics over my desires. Don't let me (the capitalist) tweak the bridge I'm paying for into one that falls down; and similarly, don't let me tweak the computer I'm paying for into one that gets malware, joins a botnet and DDoSes people.
You pay your Engineers, basically, to provide you the service of "knowing what's best for you"; to be your domain-specific nanny, making sure you don't do something you'll regret out of ignorance.
>You pay your Engineers, basically, to provide you the service of "knowing what's best for you"; to be your domain-specific nanny, making sure you don't do something you'll regret out of ignorance.
And what if it's THEIR ignorance (e.g. of market opportunities) that prevents them from doing what you asked them to?
It's not like all sysadmin issues can be judged by pure technical reasons, without business needs taken into account.
You want engineers/sysadmins you discuss with you, warn you when you propose something they think is bad, but ultimately work FOR you, and do what you tell them to. They should never override you to make you "you don't do something you'll regret out of ignorance". It's your company after all.
I'm ~100ms away from most cloud services on a good day, and I've seen ~4000ms in country areas via 3G. Far too many companies are assuming large bandwidth/low latency connections. I'd like my SD card back, Google.
If I've paid the full retail price for a device (often more, I'm in Australia), I expect to own, not rent a device.
Hell, my municipal (bargain-basement) phone provider here in Canada gives me ~4000ms latency at the best of times. On the other hand, my city is saturated in "free for users of my ISP" wi-fi hotspots that my phone can automatically jump onto.
It seems like the latter are going to be the true solution to low-latency mobile connectivity for most of the more "spread out" countries that can't afford to saturate the country in cell towers.
Does your motherboard's BIOS allow flashing custom firmware? How about the firmware for the flash controller on a USB stick? If that's your standard, virtually nobody has owned a device in the past 15 years.
I was more talking about kernels and userland binaries - if I couldn't disable UEFI SecureBoot or load my own keys I wouldn't use it.
But yes, if you want to completely trust your hardware you're probably going to be using an old Thinkpad X200 with coreboot - shame about that Intel Microcode though, eh?
If you don't have root, you don't really own the device.