← Back to context

Comment by jwells89

2 years ago

Most people would not have an easy time completely eliminating proprietary software from day to day usage. Reducing the amount of it is certainly possible (though may come with caveats WRT ease of use/UX; F-droid for example is not fun to try to comb through to find the good bits), but some amount is going to linger even if it’s just games the user plays to blow off some steam at the end of the day.

Even if full-FOSS were practical, I’d still want robust sandboxing and permissions to help limit the blast radius if some malicious executable manages to find its way in and to feel confident that nothing is poking around where it shouldn’t be. There’s not really a good reason for everything to have access to everything except for convenience.

1 comment

jwells89

Reply
pxc  2 years ago

I agree with all of this. :)

But if you're looking for a way out from Apple's paternalism without giving up too much practical security, getting your software from free software distributions as much as possible and treating F/OSS as your 'home base' is a doable first step for readers of this site that will go some distance. For example, on macOS, disabling Gatekeeper for software that you install via a package manager whose repositories have a code review process and which cryptographically verifies what it downloads is not a big deal. (Homebrew does such verification, but not for all packages. You can tell it to refuse to install what it can't verify in this way, though. So all my Homebrew apps get installed only if the package has a checksum in the repos, and when installed they get --no-quarantine.)

And if you can switch to Linux on the desktop, it's reasonable to approach app sandboxing in an opt-in way. It's nice to be able to do that, especially as some of the UX pain points are still being worked out. It's also nice to know that no matter what nice capabilities your OS offers for securing your system by treating apps as untrusted by default, you'll ultimately be in control.

Sandboxing is also somewhat a separate issue from code signing and notarization, and idk what's even really practically available on the Linux desktop for that. But I'm not really sold on those so much for use of those outside the enterprise. I imagine most people here would opt out of those given the choice.