The war on general purpose computing is, as they say, real and spectacular. But this essay doesn't really get to the heart of the matter, which is that customer expectations are changing as computing finds its way into more applications and broader audiences.
General purpose computing happened in the first place by sheer accident -- there wasn't a practical way for the OS vendor to control what was installed on a system. To create such a mechanism would require an enormous investment in trusted boot, code signing, and app sandboxing. Yet the security needs of operating systems, driven by customer expectations, are creating all the elements so that vendor controls becomes as easy as flipping a switch.
That's how we got here, not by some vendor plot. Before, it wasn't possible. Now, it's possible, due merely to OS vendors responding to customer pressure for sandboxing infrastructure.
And customers are really pushing and driving putting this infrastructure in place.
People are complaining that the OS is not able to securely identify between two applications in the same user context. So they filed a bogus CVE, where the content of the CVE is basically "Linux is not an iPhone". It is a OS app sandboxing feature request, masquerading as a bug report to the keyring team.
Read the belated reply from the gnome keyring folks, pleading with people to understand what the linux security model is, and that linux doesn't have the sandboxing capabilities that have been rolled out to other (paid) operating systems:
Yet people don't want to hear it. They are demanding that everything be turned into an iphone (in terms of app sandboxes) but they are also demanding that once the OS vendor has the power to install a chokepoint around all the apps, that they wont set up a little toll booth there as well.
But IMO asking vendors to not exploit that for commercial gain is only going to be safeguarded by regulation, and that regulation will hand over to the government the power to decide what is and is not allowed to run. The moment the technical genie was let out of the bottle and OS vendors had the power to control who was running what, that spells the end of general purpose computing, at least from a "freedom" point of view.
General purpose computing happened in the first place by sheer accident -- there wasn't a practical way for the OS vendor to control what was installed on a system. To create such a mechanism would require an enormous investment in trusted boot, code signing, and app sandboxing. Yet the security needs of operating systems, driven by customer expectations, are creating all the elements so that vendor controls becomes as easy as flipping a switch.
That's how we got here, not by some vendor plot. Before, it wasn't possible. Now, it's possible, due merely to OS vendors responding to customer pressure for sandboxing infrastructure.
And customers are really pushing and driving putting this infrastructure in place.
Look at this security warning: https://github.com/javakeyring/java-keyring
People are complaining that the OS is not able to securely identify between two applications in the same user context. So they filed a bogus CVE, where the content of the CVE is basically "Linux is not an iPhone". It is a OS app sandboxing feature request, masquerading as a bug report to the keyring team.
Read the belated reply from the gnome keyring folks, pleading with people to understand what the linux security model is, and that linux doesn't have the sandboxing capabilities that have been rolled out to other (paid) operating systems:
https://wiki.gnome.org/Projects/GnomeKeyring/SecurityPhiloso...
Yet people don't want to hear it. They are demanding that everything be turned into an iphone (in terms of app sandboxes) but they are also demanding that once the OS vendor has the power to install a chokepoint around all the apps, that they wont set up a little toll booth there as well.
But IMO asking vendors to not exploit that for commercial gain is only going to be safeguarded by regulation, and that regulation will hand over to the government the power to decide what is and is not allowed to run. The moment the technical genie was let out of the bottle and OS vendors had the power to control who was running what, that spells the end of general purpose computing, at least from a "freedom" point of view.