[ljackman]

Most laptop OSes, like Windows, macOS, and Linux, are a decade behind mobile OSes in terms of application sandboxing and also still lagging behind on restricting OS tampering and implementing reliable chains of trust from the system software to the hardware level, e.g. features like secure enclaves.

Unfortunately, those restrictions also make mobile OSes less useful for the sort of technical work that people use "real" OSes for. However, those restrictions make such devices much more compelling roots of trust for our digital lives.

An iOS app can't extract my contacts unless I grant permission, yet an application installed on Ubuntu via `apt` can casually start rummaging around my home directory which I won't know about unless I spend considerable time on mandatory access control profiles, isolation through containerisation or virtualisation, or something equally esoteric for the average user.

I suppose a phone does hold more sensitive information though, like location and mobile payments, making it a more lucrative target.

[snovv_crash]

These desktop OSs don't, however, run a baseband known to be littered with bugs that listens for commands over the EM spectrum amd has low level access to the entire system. Even airplane mode just means it doesn't transmit.

[ljackman]

Good point. The lack of visibility into today's blackbox commodity hardware is frightening, such as Intel ME. It's even worse when that hardware is listening to external commands via the EM spectrum and the like, as you point out.

[Wowfunhappy]

> An iOS app can't extract my contacts unless I grant permission, yet an application installed on Ubuntu via `apt` can casually start rummaging around my home directory which I won't know about unless I spend considerable time on mandatory access control profiles, isolation through containerisation or virtualisation, or something equally esoteric for the average user.

Fwiw, this is becoming increasingly less true on macOS. And the newer Macs also have secure enclaves.

I'm generally not a fan of the trend, as it means more hoops for me to jump through, and I'm not convinced I benefit from this level of security. But, it is much closer to iOS.

[ljackman]

Yes, macOS seems to be heading in the right direction (even if it means frustrating legitimate usage patterns at times).

In particular, I like that it kept it simple by either an application being sandboxed with explicit user permissions for certain features, or not being sandboxed at all. Contrast with Linux FlatPaks where even "sandboxed" programs can have a wide range of implicit permissions based on the image configuration, which aren't obvious to end users when running `flatpak install` in the same way that macOS's privacy settings are for each sandboxed macOS app.

I remember some FlatPak applications defaulting to allowing unsandboxed home directory access without prompting me on installation, which seemed to defeat the purpose somewhat. It does block nefarious control flow attacks against programs that declare a strict sandbox, but that doesn't seem to go far enough in my view.

[flukus]

> Most laptop OSes, like Windows, macOS, and Linux, are a decade behind mobile OSes in terms of application sandboxing and also still lagging behind on restricting OS tampering and implementing reliable chains of trust from the system software to the hardware level, e.g. features like secure enclaves.

Desktops/Laptops come with decades worth of software that I do trust. Applying trust at the application level or at a permissions prompt is too late, for the average user it has to be handled by the OS vendor, much like linux distros and apple do. Users mostly just click to allow everything, even most tech savy ones.

The android and possibly iOS sand boxing also does a poor job of protecting against things like user tracking.