Comment by vlovich123

I really don’t know what point you’re trying to make. I am 100% in favor of capabilities and think it leads to better decomposed software with better security boundaries (provided the software engineers put in the work to separate components across process boundaries and the APIs make it convenient to do so).

All I said was that capabilities don’t solve the spyware problem and they largely don’t. They help protect you write software that itself can’t be hijacked to become uncontrolled spyware due to a compromise but if I am selling you software with “malware” bundled you’re going to have a hard time isolating the functional and “malware” bits (malware here being defined as software against the users wishes and intents).

You’ve extolled the benefits of it and they’re great and I think I largely agree with all of that, but it’s completely irrelevant to my initial point that it’s not a silver bullet for the vendor intentionally bundling malware into the code they’re distributing.