Interesting that despite the huge effort both sides put in to to fixing/exploiting vulnerabilities the biggest risk factor seems to be directly downloading random dodgy stuff.
I suspect that this is always going to be the case. There are a lot of people literate enough to operate a computer, but not literate enough to understand the risks they're taking by running something they download off of scammers.ru. Exploiting these people will always be easier than actively circumventing OS-level security.
I was going to say "Desktop apps need permissions like Android apps" that ask your permission to access resources and then was immediately reminded of the "I'm a Mac" commercials mocking Windows for doing exactly that... /Le sigh/...
I used to use this software called Clean Slate that would watch all the changes you made to your computer and undo them when you restarted. Maybe it's time for Grandma to get her own Docker instance.... :-)
Is Steam a big vector? Gamers download hundreds of apps, all get installed as admin. You have to trust every dev of the game and the devs of every library they use. Not just trust that the devs weren't actively trying to be evil but also that their is no bugs in their networking code (https://momo5502.com/blog/?p=34) nor any bugs in their deserialization code for mods
I've never heard of something like that happening, and I've been using Steam since day 1.
Trying to find something on Google about that only turns up the usual "Hijacked accounts spreading malware to friends" scheme [0] and vulnerabilities in the client itself [1], but nothing about Steam distributing malware hidden in games.
Which is kinda unexpected, I probably just didn't dig deep enough?
I mean, there's a reason why Microsoft wanted to lock the typical user behind PKI-verified Windows Store apps with extremely limited access to the raw resources of a computer.
The problem is that Apple, Google, and Microsoft want to conflate "tight chains of custody for software distribution" with "we want to be a gatekeeper charging 30 percent on every sale." TBH, the number of dodgy (absurd subscriptions, me-too clones, toxic ads) apps on mobile platforms suggests they aren't even really capable of delivering that promise. If you really want to push your platform as "the place you can trust", especially for nontechnical people, you've got to go beyond signing to actual curation for content and quality.
Conversely, putting a huge financial and certification burden on developers hurts power users and enthusiasts-- how do you bootstrap a new programmer if he has to spend a week generating (and paying for) certificates and learning signing tools before he can emit his first "Hello World?"
Only for a certain group of users, while another group of users is degraded to guests on their own systems while "the cloud" ends up having the actual control.