An admin password prompt is hardly a deterrence to people doing stupid things. A young physics PhD friend of mine fell victim to a tech support scam, happily installing whatever spyware “Apple Support” told her to install over phone. That was a few years ago. The average person is too easily social engineered into allowing anything.
Sure, I don't think either this[1] commenter or Ken Thompson were trying to say that the product category shouldn't exist. A computer is vastly overpowered for what the average user is capable of or interested in doing[2], which is why toy devices like iPads are so popular.
I interpreted both of their comments as claiming that the direction MacOS is taking is a poor fit for those who still get value from powerful, general-purpose computers (myself very much included! I occasionally have the misfortune of using Macs, but am much much happier on systems where I can dig as deep into its layers as I need to solve my problems or scratch my itches)
[2] Though I do think it's a minor tragedy that the increasing amount of guardrails has narrowed the opportunity for an inquisitive youngster to explore his computer's internals
> The average person is too easily social engineered into allowing anything.
How many "average" users you know who use sudo? At some point, the software needs to acknowledge users who are saying "I know what I'm doing and the risks, just let me do it" i.e. sudo.
An admin check tells the OS that you are an admin, not that you know what the software does and that you are ok with CoolWallpapers logging all inputs.
So what should happen when the threat model changes? Just abandon all software, ossify it in a poor state, or something else?
You always to be advocating for ossification to avoid breaking apps which are no longer ok under an evolved threat model.
Finally, you didn’t actually answer the question I asked. It’s all very well and good to say how things should be, but people have to face the world as it actually is instead.
If applications can edit arbitrary files on the system it's already game over. I have no idea why people focus so much on “keylogging” as the supposed super important and dangerous thing.
If one run any malware with the full file edit permissions of one's user account at that point in theory the only solution is erase not only the hard drive, but also every other drive on any other system one's user account has access to or at least in sofar those do not have some logging for connexions in some way to see who connected that cannot be edited by the permissions one has on that system. Of course if one has root on one's own system nothing on that system can be trusted any more from that point. The malware could in theory have edited the firmware at that point to hide any checks one could do with a recovery system on a portable drive, but that's all quite theoretical of course, but it's possible in theory.
Keylogging is such a strange thing to focus on in the face of being able to edit arbitrary files owned by the user.
It doesn't matter and it's still a theatre. Those malicious applications can do what they want regardless by editing arbitrary files and obtain the same end.
The supposed threads of malicious applications keylogging and stealing your website passwords to worry about is rather strange when such an application can edit the files on your system such that you're starting a modified version of a web browser they injected with whatever code they want to do the same. In fact, this is probably easier to do than try to write some kind of a.i. that filters what it thinks are “password keypresses” opposed to altering the code of the web browser such that it simply sends whatever is being put into a field marked as “password” on a website.
It's a moral panic boogeyman that has no actual implications for actual real life security. Like quite a bit of “security” talk these days. Much of it comes down to the “door in your room” analogy where “security experts” talk about putting a big door in the middle of one's living room with an impenetrable lock on the idea of kindly asking criminals to only go through that door to steal things. In reality they'll just walk around it, and now one has an inconvenient door in the middle of one's living room.