All security is built on trust. If your threat model is trust nothing, then the solution is do nothing. What I’m talking about is called anchoring, where you force a critical flow through a single anchor by design, and thus reduce the places that you have to audit. It’s the same reason they say that all security should be baked in the keys (strength, mgmt, exchange, etc…).
Do I trust Apple and Microsoft? I think sort of.
I don’t trust them to be perfect, but if your prior is to say that you don’t trust them at all, then it means you basically can’t use them at all bc no amount of security will get around an untrustworthy OS.
They control what gets displayed on screen, they control how memory is laid out and accessed for a program. There are already so many more important things we entrust to them. So, yeah, I prefer OS’s (all vendors) to provide APIs, and for app stores to enforce their use. I especially would trust this more than EU laws, and I certainly would trust that more than everyone doing their own thing, regardless if it’s open source.
If for no other better reason I trust the OS more, since all of these open solutions will still run on those supposedly untrustworthy os vendors.
You basically have to trust your OS, Don’t you think? Otherwise, the answer is you do nothing.
Do I trust Apple and Microsoft? I think sort of.
I don’t trust them to be perfect, but if your prior is to say that you don’t trust them at all, then it means you basically can’t use them at all bc no amount of security will get around an untrustworthy OS.
They control what gets displayed on screen, they control how memory is laid out and accessed for a program. There are already so many more important things we entrust to them. So, yeah, I prefer OS’s (all vendors) to provide APIs, and for app stores to enforce their use. I especially would trust this more than EU laws, and I certainly would trust that more than everyone doing their own thing, regardless if it’s open source.
If for no other better reason I trust the OS more, since all of these open solutions will still run on those supposedly untrustworthy os vendors.
You basically have to trust your OS, Don’t you think? Otherwise, the answer is you do nothing.