[rishflab]

> The web is fascinating: we started with a seemingly insane proposition that we could let anyone run complex programs on your machine without causing profound security issues.

Isnt this what an OS is supposed to do? Mobile operating systems have done a pretty good job of this compared to the desktop OS.

[lich_king]

Mobile OSes don't allow random people to run code on your device. They allow you to install software you want and sort-of trust, which is conceptually close to the desktop model. There are some safeguards on top of that, but the primary line of defense is that cheap-pillz.virus-basket.ru can't actually execute anything on your device.

[pjmlp]

Desktop model at least on Apple, Google and Microsoft platforms is slowly adopting similar security models, boiling water and frogs kind of approach.

[jitl]

mobile operating systems review all the code that gets installed on every device

[rishflab]

Security does not depend on code review. They have stronger sandboxing and have granular permissions that the user must allow. My point is running untrusted code securely should be the operating systems job. It is possible to do this at the operating system level, a browser is not required. The problem is the security model for desktop operating systems is ancient and has not kept up with today's requirements.