Wasn't there a startup that basically did this, but instead of for privacy purposes, it was for creating fake influencer profiles you could use for marketing campaigns? This project feels like a great way to get your accounts banned from various platforms, because this is basically doing that, and platforms have at least a vague interest in banning such things. It tries to hide itself, but doesn't do a good job at it. MockLocationProvider can be easily detected, and so can UA/canvas spoofing. All of this basically screams "I'm running a bot farm", so expect it to be first in line when sites want to do a bot crackdown.
>This is ignoring the fact that the main reason retired phones are e-waste is proprietary firmware blobs and locked-down systems preventing users from maintaining their phone with security updates, and very limited support length from OEM's leads to VERY insecure devices after they drop out of support.
Approximately nobody is throwing away phones because the OEM stopped providing security patches. They're doing it for more practical reasons, like the phone getting slow, the battery wearing out, or wanting a better camera.
Moreover being able to replace firmware blobs/kernels/whatever doesn't mean such updates will actually materialize. For lineageos, many phones are stuck on 22.2 (android 15) because android 16 requires linux 5.4 and above, which means phones with earlier kernels are out of luck. Prior to this, there were phones from as early as 2016 (eg. the original Pixel) that could be upgraded to the latest Android. This isn't a "firmware blobs" or "locked down systems" problem. The kernel sources are available, and the kernel can be replaced, but nobody is going to bother upgrading the kernel for a 10 year old phone.
>You should not be connecting these old devices to an internet accessible network.
This depends on the use case. If you're using this as some sort of NAS or compute cluster running trusted workloads, you should be fine as long as there isn't some sort of RCE in the kernel.
> Approximately nobody is throwing away phones because the OEM stopped providing security patches.
This becomes a practical reason more quickly than you think. If a company only provides 4 years of security updates and they only provide 2 android MV releases, you quickly become out of date. I had a BlackBerry Key2 that I bought in 2018, I had to replace it in 2024 and I was really holding onto it despite a lot of practical problems - Slack dropped support for the version of Android a year earlier, it was only when I tried to install Google Wallet and could not that I finally decided despite the hardware and software functioning fine it really wasn't practical to use a device that was stuck on such an old version of Android. (I would've tried to figure out the kernel myself if the bootloader wasn't locked.)
But that's feature updates, not security updates? If the manufacturer kept providing security patches for your old Android version, it wouldn't have helped you install Slack and Wallet.
Phones don't actually get slower, or, they shouldn't, if they are reasonably well maintained. A battery swap might be necessary to preserve battery life under load. A NAND might start going bad.
Apple just shipped iOS 27, which has support for 2019's iPhone 11. So we are around 7 years there. It's probably fine for many people's use!
For a task like openclaw or hermes, or even something more aggressively graphical & GUI, it's not hard to imagine an 8 year old phone doing fine.
I think you're right, if you're referring to the hardware.
But there are also ever rising hardware requires for the built in apps and the rest of the operating system.
An iPad which we bought around 5 years ago, which was still on sale just over 2 years ago, is now painfully slow compared to when purchased (thanks to iOS 26) when using the the Settings app, the App Store, Safari, etc.
This is very important for devices with only one choice for operating system, like Apple iPads and iPhones.
It's true that the device only feels slower because the apps are have had feature updates, but there isn't a way to only choose security updates (except sometimes briefly after Apple release a really bloated new iOS version).
A similar situation applies for Android devices. While you can usually install something like LineageOS or GrapheneOS , if you also switch to a newer Android version to keep receiving security patches, the phone will feel considerably slower. If you stay on an older version, the OS will stop receiving updates sooner.*
*I haven't kept up with this lately, so I'd be happy to find out this isn't the case. If, for example, you could stay on a version of LineageOS or GrapheneOS based on Android 13, and still receive security updates.
If you are trying to run lots of Pi or Hermes or whatever corporate whatever agent junk you have, to make a bunch of always on efficient agentic systems available to people, en masse, with low start-up costs, and high efficiency, there's a host of reasons that doesn't matter.
The big obvious central smoking gun that you'll get to in computer science 200 level classes is Amdahl's Law, which states:
> the overall performance improvement gained by optimizing a single part of a system is limited by the fraction of time that the improved part is actually used
You queue up some work for an agent. The LLM is going to do a bunch of work over time, and spend 20 minutes crunching on a task. Let's generously say it takes your PC 2 minute of it's CPU time for it to do the tool calls, to run the build, to run tests. If we expand this to 10 minutes to run it on a phone, that's indeed starting to be a big enough difference to notice. But in 99.9999% of cases, I don't think the harness consumes that much CPU and I don't think the growth factor is 5x to move to phone, and even if it did, it's still only an increase from 22 to 30 minutes: it's an async job either way, and the time budget is not dominated by the phone or PC running the harness.
Ideally yes, there's some intelligence to see: oh, we are about do to a build. Send the build to the build server, that's a 384 core 1U with terabytes of memory bandwidth and let it do that. But most work is not like running builds and tests. The harness doesn't need that. We need some small local computers cheap that we can have lots of running.
Model performance might radically improve in time, and that might change the Amdahl's Law calculations here. If you're paying for Turbo or Plaid or whatever, yeah, you maybe have the money to spend on a better harness too. I'd say that ideally these workloads become live migrate-able, that we can CRIU checkpoint/restore them across systems, ideally, anytime, so that we can give performance people performance when it actually counts, like the build concern above, when the agent is fast. LLM's built for speed like LFM2.5-8B-A1B (DiffuseGemini feels unlikely as it's fast, but low concurrency, but perhaps?), double the speed of many models, so that 20 minutes could become significantly less. But right now it feels like we need a lot of cheap not-performance critical harnesses that can sit around running, and that performance for them is not critical.
https://www.liquid.ai/blog/lfm2-5-8b-a1b
> Approximately nobody is throwing away phones because the OEM stopped providing security patches.
I thought that, but a surprising number of people think that no support means that their device becomes vulnerable on the very next day. Not all of them act upon it but that seems to be the understanding of people who know what a security update is (not my grandma, but my mom for example) but aren't real techies or just not in this area. And it's not like these people are installing non-OEM patches! Nice as that would be...
Some time before and during covid, I feel like security update awareness became a lot more mainstream. Maybe because there's not much else to talk about in smartphones anymore anyway, so you shift from "ooh this fancy new one has a fingerprint reader in the power button and its notification LED on the back!" to "I don't want a new one; which one can I use for the most amount of years to avoid this hassle"
Probably also a culture thing. I guess most people in low- and middle-income countries have other worries; I'm speaking from a northwestern european viewpoint
> Approximately nobody is throwing away phones because the OEM stopped providing security patches. They're doing it for more practical reasons, like the phone getting slow, the battery wearing out, or wanting a better camera.
I did this just last year because my Pixel 4a stopped getting security updates and some app I needed to use for work (I think Duo?) refused to install or run because of it. The phone was otherwise running perfectly fine and I had no reason to change it. I'm on a Pixel 8 now which is supposed to have 7 years of security updates, and I don't see myself replacing it until then.
Phones don't get "slow" on their own. It's usually due to bloatware from upgrades. Many phone cameras are already quite good. The only remaining reason to upgrade is possible security vulnerabilities, but even that doesn't require heavy software. Supporting larger apps is the main reason the system requirements continue to increase, since Niklaus Wirth wrote, "A Plea For Lean Software" in 1995.
But even if people could trade in their phones for a small deposit, how many actually do (and not because they would use it- typically storing it in their drawer is safer than and less time consuming than figuring out how to run a factory reset before giving it to a datacenter.
I've thought about a program where people could drop it off in their mailbox and have a delivery service pick it up (possibly the USPS, but I think they wouldn't want to be burdened with handling lots of lithium batteries).
20 years from now phones will be powerful enough that they can run on capacitors, thinner than a credit card, and deconverged from the multimedia omnibus systems that they are today. Sure it is convenient, but I think the feature adds will plateau.
Of course, you and I know that. But most people just listen to the marketing material.
My mother's most used feature on her phone is the camera.
She asked me about getting a new phone when she has a perfectly working Samsung flagship phone from 3 years ago. The marketing says "The S26 camera is _SOOOO_ much better". But, really, it's exactly the same sensors as the S23.
Besides the questionable use of "illegal" (what are they going to do, send you to jail?), that's not even accurate. You can still install apps after a 24 hour wait, or no wait at all if you use adb.
If they use anything that can be classified as a "digital lock" to enforce the policy, section 1201 of the DMCA comes into play. That includes potential criminal liability, resulting in fines and/or jail time as described by section 1204.
>Furthermore, their pricing plan is insanely cheap, they even upped usage limit for their cheapest plan, lite plan, which is at 5$ / month.
Unless something changed their plans aren't really worth getting. They're not that much cheaper than the per-token rates, and because it's a plan, you have to contend with weird usage restrictions. You're better off paying per-token unless you have some use case that demands a very steady stream of tokens.
Indeed. I did the math and arrived at the same conclusion. They don’t really subsidize their token plans. Maybe because their api pricing is already dirt cheap
Excluding SE is to make sure people do not spam customer support and launch annoying phishing campaigns. None of that is applicable for local software running on your own computer.
No, excluding SE is to make sure the bounty program is incentivizing things that inform the product security team. Social engineering is a corpsec function; they're not even the same teams.
>The people in power in the US at the moment do not care about the civil and political rights of Cubans. They care about acquiring Cuba and its natural reaources for themselves and their clients.
I thought the motivation was ideological, chiefly from the cuban exiles voter base, of which Rubio is a part of? Aside from maybe tobacco, cuba doesn't have much natural resources. That's why it's so poor.
The main reason Cuba was valuable to U.S. interests before the Revolution was as a playground for American vacationers. Las Vegas was basically spun up as a replacement Havana after the Revolution took it away from U.S. interests and jet air travel made Nevada a reasonable destination for well-heeled East Coasters.
I think something similar could be true today, and it doesn't require any natural resources beyond cheap labor, Caribbean weather, and an obedient government.
Hot Springs, Arkansas was an alternative during that era.
The nations first national park anchored the attraction, complete with eponymous hot natural water baths. All the big celebrities of the day vacationed there ( alongside all the biggest gangsters, Al Capone included ) and professional baseball teams held spring training there.
Today, Hot Springs is still a pleasant place to visit, but it’s no longer a national draw.
Hot Sprints was pretty sad the last time I visited (more than 10 years ago now), but you could clearly see that it was once a ritzy place. One thing Havana had on Hot Springs was obviously that they could be open about liquor consumption during U.S. Prohibition (not that there was no booze available in a place like Hot Springs), and of course also the ability to bootleg liquor back to the U.S.
At the time of the Revolution, Cuba was effectively run by American East Coast mobsters and U.S. sugar, fruit, and tobacco interests. Security services like the relatively-new CIA got much more interested after it "fell" to communism, but were also part of the pre-Revolution power structure too -- as were the well-heeled Cuban oligarchs/capitalists/landowners who were dispossessed during the Revolution and decided to flee to Miami (and eventually produce our current Secretary of State)
reply