[api]

The general public doesn't understand the difference, but what they do understand is that an unmanaged open computer gets malware while a locked-down machine is much less likely to. This translates to: locked-down machines are more reliable and thus better.

We have to make general purpose computers secure or they die out except for servers and hobbyists.

[floatingatoll]

Every time we try, communities such as HN share around ways to disable the security features for their own simple convenience or preference. Thus, a correction:

We have to make GP computer users accept the inconvenience of security, or GP computers will die out.

I don’t think that’s a viable plan.

I’ve seen countless HN and HN-alike folks talk about how they hold the root ssh keys to their kingdoms on a Mac that they’ve disabled SIP on, simply because it inconvenienced them one time (and not for genuine technological necessity).

If you can think of a way to change our collective minds, you have my support, but I’ve tried everything I know and essentially given up talking about such things on HN anymore. Everyone who understands is already doing the right things; everyone that isn’t talks as loudly as possible about their way of doing it, and swarm to shut down any suggestion that they should burden themselves with security.

Good luck.