[randallsquared]

I did mention those benefits in passing: "for excellent reasons involving security and malware". I don't disagree that this can provide those benefits; I just don't feel that they're worth the cost to me, personally. Also, I don't have any notion of how they could provide what I and other technically savvy people want and what the main base of computer users need at the same time.

[rbarooah]

The only thing you seem to be saying you want is to be free from the fear of unintended negative consequences of code signing.

It's tautological that nobody can both provide something and freedom from the fear of the unintended consequences of that same thing simultaneously.

On the other hand, since the only way to judge the trustworthiness of code is to know its provenance, I don't see how we can avoid some kind of signing becoming ubiquitous.

To me that means that free software must eventually develop a decentralized code signing scheme.

[kaolinite]

Correct me if I'm wrong, but the package managers of all popular Linux distros (except for Arch Linux, who are moving to bring it in soon) have had code signing for years now. It's not decentralised however the package management system isn't either.

[Natsu]

I think his problem is with those people who would take away the user's freedom to choose who to trust.

[randallsquared]

I don't really expect them to take it away completely. So, a simpler version is that I expect the capability to silently disable applications on user machines will be misused (through third-party insistence if nothing else; see the _1984_ debacle at Amazon). A similar system which could only throw up scary warnings when starting an unsigned application wouldn't bother me much, since it wouldn't be such attractive lawsuit bait. But I agree that I'm only speculating that Apple will carry this through to its natural end of being iOS-like. I can't imagine any reason for them not to do it, and I think that for the majority of their users, it will actually improve the experience.

[rbarooah]

Slippery slope fallacies notwithstanding, Apple isn't proposing to take anything away.

My point is that the alternatives don't provide the user with the option to choose who to trust to begin with.

The ability to trust code is something that has to be created with engineering and design.

[randallsquared]

The only thing you seem to be saying you want is to be free from the fear of unintended negative consequences of code signing.

Yeah, I dislike negative consequences. :)

To me that means that free software must eventually develop a decentralized code signing scheme.

I wholeheartedly agree!