[sfink]

OSes do not need to allow the safe execution of arbitrary code downloaded from an ever-changing external server. OSes don't need to support dynamically downloadable code, updates, and plugins. OSes don't need to provide any level of accessibility to applications that don't bother to provide their own. OSes can get away with not providing any distribution or discovery mechanisms, let alone open ones.

As a result, OSes are able to offer a lot of features and simplicity that would be impossible or painfully difficult otherwise.

You can see that as the fault of OS vendors, and in many ways I agree, but it's also their strength and the source of their advantages.

If OSes were to provide all of that, they'd end up looking a lot like web browsers. So I think it's mostly a matter of allowing web browsers to be web browsers and operating systems to be operating systems, even if that means that web browsers become a type of operating system themselves—a type with many added constraints.

The OS vendors are at least working on it from their side. Sandboxing, UI toolkits, and accessibility are improving. I'm just guessing that the optimal endpoint is going to be some distance from the optimal endpoint of web browsers, because the underlying constraints are different.

And some of extra layers are being removed: consider WASI, for instance.

You're not wrong!