[nottorp]

Responsability would mean no services open to the internet by default and not running arbitrary code from any random web site though.

What you're describing is more like security theater.

Does the TPM protect grandma from malicious javascript? :)

[kbolino]

"Services open to the Internet" is more of a 2000s problem than a modern problem. Operating systems default to being a lot less trusting of local networks today, and nearly every place you'd connect to WiFi already has a router with a "drop all unsolicited packets" policy. MITM is the big risk here, and the best way to address it is by using secure protocols (HTTPS, SSH, etc.) everywhere.

Mandatory code signing for web sites would go a long way to addressing some of the most common types of exploits we see today, and that doesn't require a TPM. I'd love to see it, but it is going to require some infrastructure and enforcement to work, and it too could become user-hostile (e.g., you can't block ads, because that would change the code).

[nottorp]

Are we philosophising?

> "Services open to the Internet" is more of a 2000s problem than a modern problem.

Then why does Windows need a firewall that's on by default, if it has no open services?

> Mandatory code signing for web sites would go a long way to addressing some of the most common types of exploits we see today

All the spam I'm filtering today has their DKIM and domain whatever and and and ... in order. I'm sure it would be the same for $random_phishing_site. They do have legit looking SSL certs don't they?

> it too could become user-hostile (e.g., you can't block ads, because that would change the code)

Or even worse, you'd need to submit your site to a review from some authority, App Store style. Pay for the signature. Pay for the review process.

Can you spell barrier to entry and speech that's restricted via financial means?

[kbolino]

Yes, the software firewall is one of the defense mechanisms of modern versions of Windows. I don't know what point you're driving at. "Regular users" don't care about any of these power-user arguments. The question is, do Secure Boot and other end-to-end trust mechanisms allow the software and hardware vendors to better ensure that people who don't know what they're doing are protected? This is the model that has been adopted or is being adopted in nearly every other consumer-facing Internet-connected device already.

The question of what's good for people who do know what they're doing is an important one but it is a bit beside the point. These security measures have a purpose and it's not just to take control away from the end user. There are some other paths that could be taken, of course, but many of them seem to be starting from the point of willful naivete about the reality of computer security today.