| The point about changes requiring time to implement is well taken and I can even imagine people relying on notifications to catch bad behavior because I see some people doing that now. Malware isn't impossible on mobile. Android install security is in a fashion crap and androids are 90% of the market worldwide. OEMs base their installs on old kernel versions that support their custom never to be upstreamed modules needed to boot their board then after 0 through a few updates stop providing updates for their phones. This is so because their is no stable interface for kernel modules. My own phone is running 3.18 while my laptop is running 5.6. Ultimately a lot of people are running around with devices that are actually vulnerable to things we already know are broken in addition to the known vulnerabilities upcoming that will be known to attackers long before its known to OEMS. You can posit a better more secure future but the honest truth is that our present work is crap and we have no particular reason to believe the future isn't also largely composed of crap. It's trivial to imagine that in a situation where you can derive an increasing payout for breaking security that the attackers wont keep pace with those trying to secure the future. This pessimism has been the correct answer from the moment computers were networked to one another through today. Given that we have been bad at securing networked computers for 5 decades it behooves the optimistic to prove it. Maybe in 5 years we will all be running devices running Sel4 with only substantially audited code but I would bet on more steaming piles of insecurity instead. Thanks for the interesting discussion though. |