undefined

points

[-]

That's because this particular sort of cyber security is merely theatrics with the goal of reducing user agency and increasing paranoia and vendor lock-in. The user facing friction is the goal. There will always be scams and viruses; the only practical outcome will be that you have less control over your computer, and Apple/MS/Google have more. See: Sideloading, Wayland, UWPs, iOS JIT, Windows XP and 7 still being used for accessibility

by nerdjon7 hours ago|

parent|

[-]

I strongly disagree.

I often have apps on my Mac or iPhone that ask for permission to see my camera, microphone, contacts, etc etc that I don't want it to see. But I do want other apps to be able to access those things.

Being able to stop those apps from accessing before they do instead of trying to fix it after is incredibly valuable.

Sure some users just accept everything, but that is not an argument against them existing in the first place.

by alpaca1285 hours ago|

parent|

[-]

Those examples are very reasonable. However I also had Mac OS suddenly treat all m4a files on the system as potential malware and it blocked any attempt at opening them. Why did it do that? Because I checked the "set as default app" option, one minute after I had already opened the same file using the same application. The only way to open the files was by entering the password in the settings app each time - but re-setting the same app as default in the file's Get Info dialog got rid of that "protection" system-wide without any password prompts or extra permissions. I don't see how that was supposed to help with security.

by ryandrake6 hours ago|

parent|

prev|

[-]

We are moving away from the old world where you can trust the applications you are running on your computer, to today's world where you can't. The unix permission model is based on apps running as your user having access to every device and file you, the user, have access to. The threat was "other system users trying to access your files and devices" but now the threat is "applications you run trying to access your files and devices." OS vendors have been slow to adapt to this new threat model.

Even today, any rando application I download and run can read and/or write to any file on my system that I own and have permission to read and/or write, unless I go out of my way to run it in a chroot, a container, a jail or whatever. That's just poor security in a world where nearly every commercially developed application is an attacker.

by dcrazy1 hours ago|

parent|

[-]

macOS now implicitly sandboxes your Documents, Downloads, and Desktop folders. Random apps can’t read from those locations without triggering a security prompt.

by AlienRobot2 hours ago|

parent|

prev|

[-]

To be fair, this is partly because of the internet.

If you install random apps and it destroys your PC, you can fix that by having backups. By contrast on work computers with important data, everything is supposed to be locked down and you can't install random apps. But then we started to increasingly connect devices to the internet.

Now gaining access over a smartphone essentially means being able to send payments via the banking apps. People are sending money with crypto so they are susceptible to simple clipboard swap attacks that are almost impossible for the user to detect until it happens. Then there is all the personal data that can be stolen that can be used for other attacks in the future.

Essentially the amount of damage you can take by losing access has increased much faster than the security devices meant to prevent.

To make matters worse, the security devices that are marketed to the average user tend to be exploitative rather than trustworthy (e.g. OneDrive).

It feels like instead of protecting users developers seem more interested in creating something that only does half of the job and then blaming the user for not knowing how to do the other half, so a comprehensive solution for the problem is never created.

by ryandrake1 hours ago|

parent|

[-]

I think there are a lot of things that users can be protected from:

1. Protect users from attackers external to the computer

2. Protect users from attackers who are other users on the computer

3. Protect users from applications run by other users on the computer

4. Protect users from applications they themselves run on the computer

5. Protect unprivileged (non-root) users from their own actions

6. Protect privileged (sudo/root) users from their own actions

OSes have been historically OK at 1-3. Not great or even good. There have been a lot of remote code vulnerabilities and local vulnerabilities over the years.

OSes have pretty much ignored 4 until maybe a decade ago, and are making token progress toward it, but I don't think many of them take it very seriously.

OSes have instead started to crack down on 5-6, which I'd argue isn't even the job of an OS.

by anthk6 hours ago|

parent|

prev|

[-]

Namespaces in 9front (actual ones, not second hand ones like under Linux) makes isolating software trivial.

by perching_aix3 hours ago|

parent|

prev|

[-]

> this particular sort of cyber security is merely theatrics with the goal of reducing user agency

Literally all security features carry the hazard of being used for oppression and being ineffective or counter-effective. That's how constraints work.

You need two things for a security feature:

- a segmentation under which a behavior is considered unsafe / unsecure (arbitrary, subjective)

- a technical solution that constrains the behavior of <thing> in <usage context> so that the aforementioned is mitigated

So something being "a tool of oppression" or "a tool of safety" is a matter of your alignment with that segmentation. And it being a theater or not is a matter of functional soundness given a threat model. So is its tendency to become counter-effective.

Constraints are just constraints. Whether they're effective and whether you're disadvantaged by them are both separate, independent matters. Empirical too.

by Zak5 hours ago|

parent|

prev|

[-]

I think we're on the same side in principle. The ability for people to interact with the wider world using general purpose computers that they fully control should be sacrosanct, and attempts to interfere with that such as remote attestation, app store exclusivity, and developer verification are evil.

Sandboxing apps by default is not that. The principle of least privilege is good security. If I vibecode some quick and dirty hobby app and share it with the world, it's better if the robot's mistake can't `rm -rf ~/` or give some creep access to your webcam.

The user should be able to override that in any way they see fit of course.

by lpcvoid6 hours ago|

parent|

prev|

[-]

>Wayland

I can see the rest, but why did you mix in Wayland, a open source display protocol?

by grufkork5 hours ago|

parent|

[-]

I think there's some controversy regarding that programs are limited in what extent they can access each other. You need sudo to do global hotkeys/keylogging, probably accessing pixel contents of other apps, etc. I suppose they mean it only prevents some specific threats while leaving open goals in other, even more easily exploited places

by Kaliboy7 hours ago|

parent|

prev|

[-]

Maybe I don't understand your point, but why is Waylabd in your list?

by 404mm7 hours ago|

prev|

[-]

It’s like they went backwards on this. The utility that handles .pkg files used to have a command line uninstall option.

Anyway, I kinda like PearCleaner for removing the cruft. It’s not perfect but it’s open source and one of the better options imo.

by SilverElfin6 hours ago|

prev|

[-]

You often cannot even tell what the permission prompts are for. Sometimes they have generic names like a programming language is requesting something. Not sure what that’s about.

by milkshakes6 hours ago|

parent|

[-]

those are interpreters, the language is interpreted by a binary called `ruby` or `python`, for example, so that happens to be the process that's requesting the permission