[d0]

I'm not sure Apple and Microsoft fit that bill yet. They divide their empires into three separate concerns: walled garden consumer devices (phones, tablets), open enterprise/desktop and media. it's pretty easy to get into the internals of OSX and Windows still. In fact it's been made easier over the years.

I can still push apps to our customers on Windows and Mac desktops like I could in 1993.

Google on the other hand are pushing for everything being behind a web portal under strict control. All devices they promote ship apps which integrate with that ecosystem as lightweight app front ends and nothing else. Doing stuff whilst not connected to google is becoming increasingly difficult. The rate of change is also pretty extreme meaning that you have to work damn hard to keep up with things.

Linux (and FreeBSD possibly!) will never hit the desktop hard but we're not short of learning solutions whilst I can type csc at any windows command prompt and python at any OSX terminal and get somewhere. ChromeOS - not such a good picture.

[microtonal]

I can still push apps to our customers on Windows and Mac desktops like I could in 1993.

Well, on OS X, you'd better have a $99/year developer program account or you cannot sign software. For most users it's a hasse to either disable Gatekeeper or to discover Ctrl/right-click to circumvent it.

Of course, signing software is good. But I'd rather like to accept/verify a key on a vendor-basis and have that used to validate updates. E.g. APT with GPG signing does this pretty well and makes installing signed software via e.g. Ubuntu's PPAs pretty nice.

Linux (and FreeBSD possibly!) will never hit the desktop hard

I agree. And this is why it is important that organisations such as Mozilla and CyanogenMod exist and are well-funded. As long as they keep up with their counterparts, people and vendors will have a choice.

[d0]

The signing missing isn't a major effort. You can turn it off easily with spctl via ssh or allow an app for example. Same with windows domains if you have configured a root CA for your organisation. Even metro apps can be side loaded/self signed on Windows enterprise edition.

Agree with your second point entirely.

[bad_user]

> I can still push apps to our customers on Windows and Mac desktops like I could in 1993.

That's true for now, but the trend is clear - OS X doesn't want to open apps downloaded from the Internet without the binary being signed by a registered developer. You can work around that, but I had to Google it (and I was trying to install YourKit Profiler - an otherwise very legit app from a well known and respected company). Microsoft only allows apps installed from their store on Windows RT. We are not talking about Windows Phone btw - Windows RT is Windows for ARM devices. Windows 8 has the same policy as OS X, both moved to the app store model, both now give warnings when installing from third-party sources.

BTW, Android is allowing app installs from third party sources. It always did. Not sure how long will that last, but iOS and Windows Phone 7 are completely locked down in that regard.

It's about time we stop thinking of these companies as being our friends. They aren't. They are partners at most and the free market doesn't work well if customers aren't prepared to vote with their wallet.

[d0]

That's just logical. Windows uses loose code signing. SmartScreen is the same sort of thing but you have to buy a more expensive code signing cert from VeriSign etc. You can self sign or run a CA on windows domains, even for metro apps on enterprise edition (and RT).

OSX is easy enough to control via spctl as well. You can use this or pay $99. Several things I downloaded, including Logic Pro from Apple didn't come with a certificate. It's not a big deal.

Most of what you say is paranoia. Signing is overall a damn good thing.

Android is. If you flick a switch. Same with OSX and Windows. WP even allows you to install unsigned apps if register it as a dev handset. Same with iOS.

This is mainly about protecting both the end user from malware and protecting the app sellers' revenue stream.

[octopus]

ChromeOS is a browser based OS, so I would guess you could use JavaScript to do a lot of things you would do in C# or Pyhton on your old PCs.

Also, ChromeOS has a developer mode and you can always install a chroot Linux along side ChromeOS. In essence you can do pretty much everything if you are a programmer and you spend a few minutes searching online.

For the average user (read non programmer), less options is always better.

[d0]

A browser is not a universal programming environment.

Neither is a chroot on a ChromeOS device. How do you install openoffice on that chroot and start hacking on it?

[blueskin_]

Well, most chromebooks are hackable to the point of installing a full Linux system on them to replace Chrome OS, at which point they just become a cheap laptop with a convoluted initial OS install process.

[d0]

But that's then not a ChromeOS machine.