[ouid]

The objective of computer security seems to have shifted from preventing someone else from running unauthoirzed software on your computer to preventing you from running unauthorized software on your computer. I would not describe this as security.

[zoul]

I would guess you have never worked as a technical suppport for your family’s computers? Because even if I very much understand your point, not being able to run untrusted code absolutely is a security advancement in certain situations. It is SO refreshing and liberating to be able to say: Do whatever you want with it, it’s very hard to damage on the software side.

[grumbel]

That has nothing to do with untrusted code, but with how well programs are isolated from each other. You don't have to restrict the user for that.

Take the Web, we all run untrusted programs 24/7 there, every single snipped of Javascript is an untrusted program. Yet it neither does damage to our systems nor does it prevent the user from opening up the developer tools, hacking away on existing websites or making their own.

The Web isn't perfect either, but it's worlds better than Android and Co.

[jgerrish]

Ahh, the fix the "technical support" gambit. Good PR, connects with a sizable subset of the target.

Susceptible to damage by inkjet cartridge DMCA attack.

Replace by "email support", nobody likes spam, much harder to defend. They've been softening up people with the anti-social media work, so it's palatable.

Good catch! I really am sorry if that's damaging or condescending, it's meant as a golden rule thing.

[ouid]

what kind of person who comments on hackernews doesnt do unpaid tech support for family members?

yes, i do, and the thing that i mostly find is people paying for "legitimate products" that their computers can do for free with essentially no additional hassle. Apple and google arent in the business of protecting your naive family members, they are in the business of monopolizing the exploitation of your naive family members.

Just yesterday i discovered that jpeg compression is broken in preview, and has been for years. The top result for what to do about it on the macos subreddit is to pay for image editing software.

i suspect you of arguing in bad faith.

[fartcannon]

Instead of ruining computing forever, you could just say no to your imaginary family of people incapable of learning. Boundaries!

[alexvoda]

Or you could just not give them admin rights and create limiter users for them. You do not have to surrender super-admin right to corporate overlords to solve this problem.

[corrral]

You can really tell who lived through the era of 20 stacked, all-unwanted browser "toolbars" and Bonzi Buddy and such, and who didn't.

That didn't go away because people learned. And it never would have.

[fartcannon]

You want to limit what current and future generations of people can do with their computers because of something a computer illiterate grandma may have done in the 90s?

No. Those people get newspapers and landlines.

[corrral]

You badly overestimate both the ability and interest of average people in learning to administrate their computers. They just want to get shit done and go do something else. Computers are a tool at best, and more often a super-annoying thing they have to deal with but hate every second of it.

If they actually like any of the computers around them, it's probably the most locked-down ones: their phones and video game consoles.

[EDIT] That is, you're way off in thinking it's only a bunch of soon-to-be-dead grandmas who have trouble operating computers that don't prevent them from fucking things up too badly. The "digital native" generations are barely better.

[fartcannon]

You can have a locked down mode. You can even sell it turned on by default. But to exclusively prevent everyone from using their computers as they see fit because you think some people are too stupid to handle it? I don't believe you actually want that. I believe that's an excuse to ensure Apple gets a cut of everything that happens on their soon to be landfill machines.

If yes, man that's really dangerous thinking.

[ece]

Consoles play games and media, off course people like them. Did the PS3 having the Other OS feature mean people enjoyed gaming on it less? I don't think so. Piracy as the given reason to take the feature away is a poor one, they could've better isolated the gaming partition. Apple designs their products to be more user friendly than most, it shouldn't stop users from doing what they want. They don't on the Mac, but they do on the iPhone.

[Iolaum]

Agreed. However should Operating Systems for consumers only really cater to that use case? Because that is the problem IMO.

[fartcannon]

Yes, because the PR requires there be no ground given on this talking point.

[pessimizer]

> Do whatever you want with it,

That's the opposite of what is being said.

[dekhn]

That's why I got my dad a chromebook. ChromeOS is a really well-engineered system- good enough that I never ever worried about security.

[goodpoint]

This is not what ouid wrote.

[skybrian]

We’ve learned that most software that we run on our computers shouldn’t be completely trusted and most users can be tricked into running malicious software. Pretending that supply chain attacks don’t exist isn’t security either.

The ability to sandbox software (with a lot of effort) means that you can run software you don’t trust. The web is built on this.

[fartcannon]

I think the fact that Apple is a multi trillion dollar company from using basically that move plus aggressive marketing itself as high value means I'd expect more to try it. Luckily Linux exists to prevent the complete Appleization of computing (even if we did already lose cell phones to greed).

[goodpoint]

Just like DRM, TC and many more, it's about keeping vendors in power.

The ones being sandboxed is the user.

[salawat]

It absolutely is security. Job security. Enforced vendor dependence is all the rage.

Try getting investor dosh without it. Not happening.

[pjmlp]

It was always been like that in properly configured enterprise systems, that is why we used to connect to UNIX development servers, instead of having a worstation on each desk.

And later moved into having workstation VMs accessed on the network as soon as PC virtualization catched with what mainframes have been doing for decades.

[staticassertion]

How do you draw this conclusion from the article at all? In what way was this hacker 'restricted' ?

[eklavya]

The computer doesn’t know whether it’s you or somebody pretending to be you. Unauthorised execution should be possible but should be off by default, that’s 100% better for consumers.

Sorry if I got your point wrong :)

[bregma]

We will do what we're told.