If you must trust the software not to do rogue updates then I have to swing back into the camp of blaming the operating system. Is Linux better at this?
I've noticed phones have better permissions controls than Windows, seemingly. You can control things like hardware access and file access at the operating system level, it's very visible to the user, and the default is to deny permissions.
But I've also noticed that phone apps can update outside of the official channel, if they choose. Is there any good way to police this without compromising the capabilities of all apps?
Microsoft has tried pushing app deployment and management platforms that would make this kind of thing really possible, but it constantly receives massive pushback. This was the concept of stuff like Windows S, where pretty much all apps have to be the new modern store app package and older "just run the install.exe as admin and double click the shortcut to run" was massively deprecated or impossible.
I've noticed phones have better permissions controls than Windows, seemingly. You can control things like hardware access and file access at the operating system level, it's very visible to the user, and the default is to deny permissions.
But I've also noticed that phone apps can update outside of the official channel, if they choose. Is there any good way to police this without compromising the capabilities of all apps?