Comment by wvenable
10 years ago
This is a good comment. Operating systems were originally designed to protected people from each other. My process can't interfere with your home directory. My process can't mess up the entire OS (unless I'm admin). There was a time when most programs were not actively hostile to the user running them.
These days just about every application is user-hostile in some way. Even open source Windows applications, depending on where you download them from, might come with a hostile installer. Programs install background tasks. Programs track you.
Mobile operating systems have been a step in the right direction. But a good operating system should allow us to run whatever binaries we find anywhere on the Internet and not be able to do anything harmful to us.
Exactly. Better to improve the OS level sandboxing rather than duct-taping it all together with another layer of indirection via hypervisors. But it'll take a lot of work.