I see. Makes sense to me. I'm glad there are people who love to tinker, test, and modify. FWIW, no steps were taken to prevent installation of DD-WRT or any flavor of Linux. There are no carriers to de-certify the device, just the FCC. There is a developer mode. More details to come. You can install whatever you want, just like with an Android or CrOS device.
They also emit a constant, loud fan whine because they're meant to live in a rack. They also take multiple minutes to reboot. Automatic updates are delivered by trained humans via archaic incantations of "tftp get".
It's about being realistic, you are the product for most of Google's services. This will no doubt be any different.
If you see Google as your "friend", then your minimal and non-contributing comment could be considered of value. I see that you just made this HN account, and appear to be astroturfing for this new device. Mind explaining to HN why that's the case?
1. In most cases, Google services are free to the user and leverage ads to cover the R&D and operational expenses of the service, and of course for profit. The difference between that model and a device you purchase for what certainly appears to be a non-subsidised price seems pretty stark to me. As a result, I balk at your blanket, unsupported statement such as "This will no doubt be any different". Are documents such as https://support.google.com/onhub/answer/6246642?hl=en outright lies? If so, please provide some citation or reason.
2. HN is not an entity to whom I need to explain. The accounts are throw-away by design. It exists because HN requires I have an identity in order to operate in its context. Requirement set. Requirement met. Here we are. Freedom.
3. I am sad to hear you found my comment "minimal and non-contributing". This concept has resurfaced in many conversations I've had in regard to this and similar topics. Allow me to expand and hopefully add value.
I think of opposition to Google (or other corporate entities) as having two distinct brands: people who consider them as adversaries and people who disagree with or dislike their business models. The difference in my mind is that an adversary is an entity that is expected to be malicious and should only be trusted if bound by strong technical controls. If you believe that Google is an adversary in this sense, then your position makes sense to me. Deliberately avoiding Google's products/services/devices is one of the very few technical controls available to you as a private citizen. I disagree with your assessment, but the course of action you're advocating is consistent with your world view. You can can hardly be blamed for discarding the policy I referred above as patently false. That's the long winded version of what I said. Fair?
There is an alternative: you disagree with Google's business model, and don't trust Google to act with your best intentions in mind. It is not evil, but its actions may have effects you do not condone or expect. Yet, from time to time it releases products/services/devices that solve some problem you have. In that case, I'd argue that you can afford to operate in "mixed mode", where you make decisions product by product based on some analysis. This analysis could be something like auditing Google's products where feasible (e.g. AOSP, CrOS, Chromium, etc.). Hurrah for open source. The demands this option places on you are quite high. The return is comparatively low. I claim the return is low because meaningful analysis requires a lot of time and less than common skills, and in return you may get a tool to solve some primitive problem (e.g. browse the web, make a call, send an email, etc). I expect that the the vast majority of people will not go down this path. Certainly nearly no one will review all post-facto software updates for adherence to initial audit criteria/standards. Another flavor of "analysis" is to delegate the decision to trusted parties. For example follow EFF's recommendations to minimize risk. (e.g. HTTPS everywhere, Privacy Badger, and their "Who Has Your Back" reports, etc). This approach scales quite well. It allows the user to do some basic inspection (e.g. reading reviews, articles, maybe skim the source, etc) and make up their mind. They feel informed, but are in fact removed from underlying details and reasoning.
The questions I have for you are as follows. Which camp do you belong to? If it's the first, I'd be curious to understand why. Is Google your sole adversary or is Cisco/Juniper, Asus/Netgear, etc in the same boat? They all play a role in mangling, mirroring, and forwarding your packets. The vast majority of network devices are upgraded, patched, reconfigured without your input or knowledge. Is that not a concern? If not, why not?
If you're a mixed mode sort, then why advocate a response tied to the more extreme position? Also, unless you've done first hand analysis or can cite some, I don't grasp how you could have arrived at your conclusions already. OnHub code will be open sourced at some stage. It can be audited. You can even wait for someone to audit it and defer to them. Why jump the gun and call to abandon ship?
