> They don't know or care what is "gambling with all their data" and what is "just installing the app and enabling it or whatever".
If your sandbox override requires you to type in "I want to void my warranty, IT support contract, and want to let criminals open credit cards in my name" into a clipboard-disabled chatbox 10 times - I'm willing to bet it's going to at least have a small impact on the behavior of even the average user.
They might still not care - okay, fine, that's their decision as long as it's not on my network or hardware. But there's at least a little marginal value to be had there, maybe.
> So we're back where we started. Super locked-down walled gardens, or general-purpose computing. I want the latter to continue to be a practical option, for me, my children, and the world.
I'm greedy and want both options. I once dreamed this could be done on a single device with:
1) Thorough adoption of sane languages (e.g. not my day job of C++)
2) Proper sandboxing (e.g. the iOS model on steroids.)
2 hasn't happened to my satisfaction even on mobile, progress on 1 is even more glacial despite good options, and the likes of meltdown, spectre, rowhammer attacks, etc. have moved my goalposts to include a third requirement: secure hardware. To me this isn't "back to where we started" - it's reverse progress.
You - quite reasonably, I think - lament walled gardens eroding the ability to do general-purpose computing. There's a reason I don't have an iOS device!
I - reasonably as well, I hope - lament the insecure garbage that get shipped daily eroding the will to do general-purpose computing. I'm coming to the conclusion I need at least 3 devices - one for play, one heavily restricted and firewalled for e-commerce, and finally an airgapped and epoxied machine running a toy microkernel in a safe language without so much as a display driver in need of auditing for financials - on a self-assembled monster 6502. Even if I were still willing to wear cargo pants, I still wouldn't have the pockets to handle that! I don't even have the desk space to handle that to my satisfaction!
And even all that wouldn't be to make me "unpwnable" - it still wouldn't, not even close - so much as it'd be just for the slightest evidence and reassurance that someone, somewhere, was trying to do the right thing security-wise when yet another company (or government agency) leaks my information, again. I could switch to carrier pigeons and still not solve the problem! It'd just get scanned by some "paperless office", printed out in triplicate for dumpster divers by the same, uploaded to five clouds, copied to a passwordless network share, and left in plain view of at least one botnet smart toaster alongside a sheet of passwords to all of the above (because we're dealing with the weakest link type of stuff here.)
If your sandbox override requires you to type in "I want to void my warranty, IT support contract, and want to let criminals open credit cards in my name" into a clipboard-disabled chatbox 10 times - I'm willing to bet it's going to at least have a small impact on the behavior of even the average user.
They might still not care - okay, fine, that's their decision as long as it's not on my network or hardware. But there's at least a little marginal value to be had there, maybe.
> So we're back where we started. Super locked-down walled gardens, or general-purpose computing. I want the latter to continue to be a practical option, for me, my children, and the world.
I'm greedy and want both options. I once dreamed this could be done on a single device with:
1) Thorough adoption of sane languages (e.g. not my day job of C++) 2) Proper sandboxing (e.g. the iOS model on steroids.)
2 hasn't happened to my satisfaction even on mobile, progress on 1 is even more glacial despite good options, and the likes of meltdown, spectre, rowhammer attacks, etc. have moved my goalposts to include a third requirement: secure hardware. To me this isn't "back to where we started" - it's reverse progress.
You - quite reasonably, I think - lament walled gardens eroding the ability to do general-purpose computing. There's a reason I don't have an iOS device!
I - reasonably as well, I hope - lament the insecure garbage that get shipped daily eroding the will to do general-purpose computing. I'm coming to the conclusion I need at least 3 devices - one for play, one heavily restricted and firewalled for e-commerce, and finally an airgapped and epoxied machine running a toy microkernel in a safe language without so much as a display driver in need of auditing for financials - on a self-assembled monster 6502. Even if I were still willing to wear cargo pants, I still wouldn't have the pockets to handle that! I don't even have the desk space to handle that to my satisfaction!
And even all that wouldn't be to make me "unpwnable" - it still wouldn't, not even close - so much as it'd be just for the slightest evidence and reassurance that someone, somewhere, was trying to do the right thing security-wise when yet another company (or government agency) leaks my information, again. I could switch to carrier pigeons and still not solve the problem! It'd just get scanned by some "paperless office", printed out in triplicate for dumpster divers by the same, uploaded to five clouds, copied to a passwordless network share, and left in plain view of at least one botnet smart toaster alongside a sheet of passwords to all of the above (because we're dealing with the weakest link type of stuff here.)