> From a system design perspective, I believe User-Selected / User-Approved feature is one of the most powerful functions on Mac
Most people using computers and phones do not want to deal with ACLs or permissions or anything like that, instead they either want it to magically work (which is a bad idea since there is no implementation of that idea that is also secure), or they accept a system that will ask them based on their intent.
If we can figure out if something was intended (The 'User-Selected / User-Approved' part), we're going to have a much better time creating systems that make security acceptable and applicable for mass market users. It still won't be perfect, and you'll still have things like social engineering or simply ticking users into believing they want to do something, but at least the primary reasoning will exclude processes sneaking in all sorts of activity that is supposed to be based on what the user wants (mostly... different people want different things and you'll find incompatible needs on the outer edges of the spectrum).
Asking someone 10 times to approve full disk access for some random binary name that doesn't ring a bell isn't useful (as it doesn't really resonate with a normal user's intent). But asking if "Chat App" should be allowed to "Manage your payment cards" is something people can get pretty decent opinion on.
Oh, so there's people that don't know how to use containers, so they're bad? What kind of patronising, nanny state kind of argument is that?
Listen, I understand not liking containers. That's fine. But just say so, or try to give more concrete arguments to the table than "I saw a guy in a video creating an insecure container. Thus Docker creates ignorance."
As if configuring servers by hand isn't prone to misconfiguration or bad security practices. Perhaps we have namespaces today because people have been creating insecure, unmaintainable pet systems since the stone age, yet it doesn't save you from hurting yourself if you don't know what you're doing.
> From a system design perspective, I believe User-Selected / User-Approved feature is one of the most powerful functions on Mac
Most people using computers and phones do not want to deal with ACLs or permissions or anything like that, instead they either want it to magically work (which is a bad idea since there is no implementation of that idea that is also secure), or they accept a system that will ask them based on their intent.
If we can figure out if something was intended (The 'User-Selected / User-Approved' part), we're going to have a much better time creating systems that make security acceptable and applicable for mass market users. It still won't be perfect, and you'll still have things like social engineering or simply ticking users into believing they want to do something, but at least the primary reasoning will exclude processes sneaking in all sorts of activity that is supposed to be based on what the user wants (mostly... different people want different things and you'll find incompatible needs on the outer edges of the spectrum).
Asking someone 10 times to approve full disk access for some random binary name that doesn't ring a bell isn't useful (as it doesn't really resonate with a normal user's intent). But asking if "Chat App" should be allowed to "Manage your payment cards" is something people can get pretty decent opinion on.