Comment by josephg
1 month ago
My parents are getting old and they aren't tech savvy. The missing piece here is that I want my parents to have a computer they can safely do their banking on, without leaving them vulnerable to scams and viruses and the like. I like that they have iphones. Doing internet banking on their phone is safer than doing it on their desktop computer. Why is that?
The reason is that the desktop PC security model is deeply flawed. In modern desktop operating systems, we protect user A from user B. But any program running on my computer is - for some reason - completely trusted with my data. Any program I run is allowed to silently edit, delete or steal anything I own. Unless you install special software, you can't even tell if any of this is happening. This makes every transitive dependency of every program on your computer a potential attack vector.
I want computers to be hackable. But I don't also want my computer to be able to be hacked so easily. Right now, I have to choose between doing banking on my (maybe - hopefully - safe) computer. Or doing banking on my definitely safe iphone. What a horrible choice.
Personally I think we need to start making computers that provide the best of both worlds. I want much more control over what code can do on my computer. I also want programs to be able to run in a safe, sandboxed way. But I should be the one in charge of that sandbox. Not Google. Definitely not Apple. But there's currently no desktop environment that provides that ability.
I think the argument against locked down computers (like iphones and androids) would be a lot stronger if linux & friends provided a real alternative that was both safe and secure. If big companies are the only ones which provide a safe computing experience, we're asking for trouble.
Your parents are more likely to be a victim of a phone call scam than malware, even on PC. There is also no guarantee that malware will not slip through cracks of official stores or signatures.
You can also choose to do your banking at the physical branch.
We already had "best of both worlds", especially on mobile OSes - granular permissions per-app were quite good, and on Android until few years ago root was widely available if you needed it as well; these permissions could be locked or frozen if there is concern about users, just like work devices are provisioned with limitations. It all depends on your threat model.
In the netherlands we do not have physical branches anymore. They died out. All banking started to go through browser. This was very sensitive to malware and viruses, so two-factor was added through phones. Then less and less people had PCs because phone provides enough. Now mobile apps for banking is the only way to do banking. Or it is required for MFA. Even if you’re calling with the bank it is used as MFA
So far in Canada... I must reiterate this, so far, this can and has been fought by one thing. Rural life, and nationalism.
There are plenty of places where mobile phones don't work, especially in the summer when there are leaves on the trees. This means SMS won't really work. So for this path, SMS, the bank has an alternative -- call a number on your account with a voice reading the 2FA code. Thus, landlines or VOIP work here.
When it comes to an app, forcing Canadians to use a phone OS controlled by US companies, still has pushback. An example being, the concept of "A Canadian having to use software from a US company, to identify themselves to a Canadian company" is still a hotspot. Especially with the US wanting to annex us.
So this lock in has not yet occurred.
Really, the phone call to a phone number on your account, not using SMS is as solid a protection, as an app running on a phone controlled by a foreign country's company. It's an alternate path. And it solves the whole 'rural person' access.
Many people living in rural areas don't even bother with a phone type device. Some have Kindles. But by buy a phone, if it doesn't work where you live?
This logic, combined with them closing rural banks, means they have to be quite sensitive here. EG, closing rural banks, then making it difficult to do online banking is political poison for our banks.
Same in Sweden, physical bank branches are rare and even they will often require an appointment. All banking is through bank apps or websites, and you use 2FA extensively. Sweden's digital ID system is called BankID because it was made by banks and, initially, for banking, though now BankID is used extensively for all kinds of government and private services.
That doesn't stop scammers. They also keep getting more sophisticated, often using a combination of social engineering and technical skill, and they keep tricking people into giving them money. So unfortunately, while malware is pretty much a non-factor, scammers still thrive.
3 replies →
I still do banking through a random reader at ABN AMRO. I really hope they never get rid of it because I trust that little dumb plastic device 1000% more than my phone.
3 replies →
I wouldn't be surprised if it becomes impossible to even use cash in the Netherlands soon enough. The first year I was here I don't think I did even once. I've been using cash a lot more lately just out of principle and it's annoying - lots of pin-only check out lines, etc.
1 reply →
Phone scams have you install malware. Banks don’t know if you’re on the phone with the scammer, but they would like to detect if you’re using a screen sharing app on the password or transfer screens.
> You can also choose to do your banking at the physical branch
The ones banks that do have physical presence are closing left and right? Also, I don’t think I can money transfers at the physical office of my bank.
> The ones banks that do have physical presence are closing left and right? Also, I don’t think I can money transfers at the physical office of my bank.
It's crazy if you really can't
Also the good old phishing emails/links. So many people are simply unaware when a website is pretending to look like an app/floating window. Even younger people who you'd hope know better are falling for it today. I work on a PC game and players (mostly young adults) are constantly getting their accounts compromised by the same phishing sites that pop up monthly.
AI voice and video cloning scams are also only going to increase. Why would scammers need to get people to install random APKs when they can just impersonate a family member and tell them what to give directly?
To me it seems very much like the classic "think of the children" type argument. It's not going to really fix anything in the end but it will benefit Google.
> Your parents are more likely to be a victim of a phone call scam than malware, even on PC. There is also no guarantee that malware will not slip through cracks of official stores or signatures.
So what? The lack of perfect security is a terrible argument against better security.
For example, lockpicks exist. Is that a reason to stop locking your house? Our TLS ciphers might eventually be broken. Should we throw away TLS and go back to unencrypted HTTP?
I'm not expecting anything to 100% stop all scams. But modern computer security is a joke. We could do an awful lot better than we are today at keeping people safe from this stuff.
> We already had "best of both worlds", especially on mobile OSes - granular permissions per-app were quite good, and on Android until few years ago root was widely available if you needed it as well
Yes. I want something like this on desktop too - but I want to own the signing keys, of course. It seems strange that this is so controversial.
It's not about being defeatist, atleast not for me. It's about what is considered good enough.
Sure, locking down the OS in this way is more secure, but it's also very restrictive and personally I don't think the added security justifies this. Lock picks do exist, but I am still entirely content with a single lock on my front door. I do not need an extra biometric sensor or camera or security representative standing outside my door to check id's of people passing by in order to consider myself reasonably safe.
Maybe this is cultural/geographical, but I've yet to hear of anyone who lost access to their mail or had unauthorized access to their bank account as a result of malware. I'm sure you can find examples, but I do not consider this an attack vector that is prevalent enough to warrant requiring signed apps or preventing manual installation.
I don't think Google play integrity and only allowing installing blessed apps on blessed devices is more secure. I just don't.
Google blesses malware all the time because otherwise they would go bankrupt. They're an ad company, not a security company.
This hardly stops anything, app stores are full of malware, and the cost is very high.
It's like having an automated turret on your lawn because sometimes people bring bad snacks to your dinner parties.
Everything in life is about trade-offs. Certain trade-offs people aren't going to make.
- If you want to run an alternative operating system, you got to learn how it works. That is a trade off not even many tech savvy people want to make.
- There is a trade-off with a desktop OS. I actually like the fact that it isn't super sand-boxed and locked down. I am willing to trade security & safety for control.
> Personally I think we need to start making computers that provide the best of both worlds. I want much more control over what code can do on my computer. I also want programs to be able to run in a safe, sandboxed way. But I should be the one in charge of that sandbox. Not Google. Definitely not Apple. But there's currently no desktop environment that provides that ability.
The market and demand for that is low.
BTW. This does exist with Qubes OS already. However there are a bunch of trade-offs that most people are unlikely to want to make.
https://www.qubes-os.org/
No, not everything is a trade-off. Some things are just good and some are just bad.
A working permission system would be objectively good. By that I mean one where a program called "image-editor" can only access "~/.config/image-editor", and files that you "File > Open". And if you want to bypass that and give it full permissions, it can be as simple as `$ yolo image-editor` or `# echo /usr/bin/image-editor >> /etc/yololist`.
A permission system that protects /usr/bin and /root, while /home/alex, where all my stuff is is a free-for-all, is bad. I know about chroot and Linux namespaces, and SELinux, and QEMU. None of these are an acceptable way to to day-to-day computing, if you actually want to get work done.
No everything is a trade off. That is a reality of life in general.
Anything that is proposed has a cost associated with it (time, money). That always has to be weighed up against any potential benefit.
6 replies →
This is getting a lot better with Flatpaks and Wayland (and its "portal" system to access resources).
> If you want to run an alternative operating system, you got to learn how it works.
The typical user doesn't know how Windows works, and they can run that. These days, users can run a friendly GNU/Linux distribution not knowing how it works. So, disagree with you here.
> The typical user doesn't know how Windows works, and they can run that.
That is because Windows for the most part manages itself and there are enough IT professionals, repairs shops and other third support options (including someone that is good with computers that lives down the road) where people can problems sorted.
This is not the case with Linux.
> These days, users can run a friendly GNU/Linux distribution not knowing how it works. So, disagree with you here.
Sooner or later there will be an issue that will need to be solved with opening up a terminal and entering a set of esoteric commands. I've been using Linux on and off since 2002. I have done a Linux from Scratch build. I have tried most of the distros over the years, everything from Ubuntu to Gentoo.
When people claim that you will never have to know how it works. That is simply incorrect and gives a false impression to new users.
I would rather that other Linux users tell potential users the truth. There is trade off. You get a lot more control over your own computer, but you will need to peek under the hood sooner or later and you maybe be on your own solving problems yourself a lot of the time.
13 replies →
AFAICT the only trade off is there's no support and few apps for Qubes OS. If it was as popular as MacOS or Windows what would the trade off be?
Apps for QubesOS??
exactly, people want all the benefit without the consequences
like if there are OS utopia exist that has all the advantage without the downside then everybody would use that
but people complaining don't live in reality
A lot of it already exists in one form or another and the trade-off for sand-boxing is usability a lot of the time.
It isn't even a freedom vs security. It is usability vs security.
2 replies →
>If you want to run an alternative operating system, you got to learn how it works.
You only need to learn how to start a browser. You're a little behind the times, today browser is the OS.
What happens when the OS that is running the browser fails to update because /boot has run out of room for a new Linux kernel (this happened to me the other week)?
What happens when the browser update fails because the package database got corrupted?
What happens when a lock file stop the whole system updating because of a previous iffy update?
You are going to need to drop to a terminal and fix that issue or reinstall the whole OS.
Either way you are going to need to know something about how the machine works.
1 reply →
It is the other way around. The security model of mobile devices seriously inhibits innovation and we end up with ever the same crappy apps we don't really need.
I also don't believe more people get scammed on PC compared to mobile platforms. Scammers go where the most naive people congregate.
A sensibly configured Linux system is very secure compared to your mobile device. No security model can really shield against user stupidity. The people would need completely different devices as they simply aren't fit to use a computer. My parents are the same, but I won't accept a bad compromise of an OS just because they essentially need other devices.
At some point a user will be asked to allow execution of code they got through some fishy mail. There is no defense against that other than for the user sticking to books.
>A sensibly configured [desktop, i.e., not just a headless server] Linux system is very secure compared to your mobile device.
That is not true. It is understandable that you believe it because it gets repeated a lot, but those repeaters are doing what you are, namely repeating what they heard (and sometimes what they want to be true) without sufficient actual knowledge of what they are talking about.
It is fairly true, what is your definition here? The main attack vector today is malicious mails being opened. These usually don't target linux systems and fail to execute.
Sure, it is circumstancial security, but exploits exist for mobile devices as well.
4 replies →
As is Android has support for multi user more.
Get some real sandboxing, let me install whatever I want in my sandbox.
That's a bare minimum.
I also want "I am an adult" mode where I get to do what I want. If Google wants to flag secure net, fine. Not every thing is going to work.
yeah this whole shit where lets optimize it for the lowest common denominator is stupid. I hate everything about it.
im a older millennial, so i have older parents and young kids. My father could not bother with a smartphone or does not care about internet at all. My mother uses whatsapp and everything after initial year she is quite handy with it. Im not scared about her, im more scared that she is reading AI slop.
My kids are now at the age where a lot of the pears are getting a smartphone for them im not giving them a smartphone. If i give them a smartphone in a year or i will be using parental controls.
Well no, if your parents truly are tech illiterate, I would give them Ubuntu and not an iPhone.
With the iPhone they get the risk of answering to a scam call or scam sms and giving them the access of their bank account.
Ubuntu is almost bullet proof for beginners.
In fact, that's what I've done for my parents and I had to retire the computer and get another one because it's the hardware which became too old after 15 years of running Ubuntu without any problem.
Security for users isn't just about bootloader expoits.
Like the parent said Ubuntu has horrible security. It would be better to just not buy a phone line for the iphone if you don't want phone calls or texts.
It hasn't, security isn't just technical features but a social contract.
Even on an iPhone without a sim card, they can download one of the scam casino games from the appstore and give away a lot of money, on Ubuntu they can't do that.
There's more to security than just bytes.
The threats to your average user isn't a bootloader exploit built by some Israeli firm but privacy breaches, social engineering and scams.
9 replies →
> Any program I run is allowed to silently edit, delete or steal anything I own ... there's currently no desktop environment that provides that ability
Putting aside the philosophical issues, that statement isn't true for a few years now. It's not well known, even in very technical circles like HN, but macOS actually sandboxes every app:
• All apps from outside the app store are always sandboxed to a lesser degree, even if they are old and don't opt-in.
• All apps from outside the app store may opt in to stricter sandboxing for security hardening purposes.
• All apps from the app store are forced to opt-in, must declare their permissions in a fine grained way, and Apple reviews them to make sure they make sense.
To see this is true try downloading a terminal emulator you haven't used before, and then use it to navigate into your Downloads, Photos, Documents etc folders and run "ls". You'll get a permission prompt from the OS telling you the app is requesting access to that folder. If you click deny, ls will return a permission error.
Now try using vim to edit the Info.plist file of something in /Applications. ls will tell you that you have UNIX write permissions, but you'll find you can't actually edit the file. The kernel blocks apps from tampering with each other's files.
Finally, go into the settings and privacy/security area. You can now enable full disk access for the terminal emulator, or a finer grained permission like managing apps. Restart the terminal and permissions work like you'd expect for UNIX again.
Note that you won't see any permission popup in a GUI app if you open the file via the file picker dialog box. That's because the dialog box is a "powerbox" controlled by the OS, so the act of picking the file grants the app permission implicitly. Same for drag and drop, opening via the finder, etc. The permission prompt only appears when an app directly uses syscalls to open a file without some OS-controlled GUI interaction taking place.
So, if you want a desktop OS with a strong sandbox that you actually control, and which has good usability, and a high level of security too, then you should be using macOS. It's the only OS that has managed this transition to all-sandboxed-all-the-time.
> It's the only OS that has managed this transition to all-sandboxed-all-the-time.
Depending on how broadly you define [desktop] OS. There are immutable Linux distributions like Fedora Silverblue or Kinoite where all user apps are run from Flatpak, and so have sandboxing. I'd say it's less mature than MacOS but it's catching up.
Good point, I'd forgotten about all-Flatpak distros.
>It's the only OS that has managed this transition to all-sandboxed-all-the-time.
Apps are all-sandboxed-all-the-time on iOS and Android, too; right?
Right, I should have said only desktop OS.
> think of the elderly
This stuff is not just for the elderly and computer illiterate. It's for you as well. You think they're going to stop?
You're giving up freedom for safety. You will have neither.
> It's for you as well. You think they're going to stop?
No! Which is why I don't want every npm package I install to have unfettered access to my internet connection and to access all my files. If this is being exploited now, I might not even know! How sloppy is that!
> You're giving up freedom for safety.
At the limit, sure, maybe there are tradeoffs between freedom and security. But there's lots of technical solutions that we could build right now that give a lot more safety without losing any freedom at all.
Like sandboxing applications by default. Applications should by default run on my computer with the same permissions as a browser tab. Occasionally applications need more access than that. But that should require explicit privilege escalation rather than being granted to all programs by default. (Why do I need to trust that spotify and davinci resolve won't install keyloggers on my computer? Our computers are so insecure!)
Personally I'd like to see all access to the OS happen through a capability model. This would require changes in the OS and in programming languages. But the upside is it would mean we could fearlessly install software. And if you do it right, even `npm install` could be entirely safe. Here's how we do it: First, all syscalls need to pass unforgable capability tokens. (Eg SeL4). No more "stringy" syscalls. For safe 3rd party dependencies, inside processes we first make an "application capability" that is passed to main(). 3rd party libraries don't get access to any OS objects at all by default. But - if you want to use a 3rd party library to do something (like talk to redis), your program crafts a capability token with access to that specific thing and then passes it to the library as an argument.
Bad:
Good:
This way, the redis library can only make outgoing connections on the specified TCP port. Everything else - including the filesystem - is off limits to this library.
This would require some PL level changes too. Like, it wouldn't be secure if libraries can access arbitrary memory within your process. In a language like rust we'd need to limit unsafe code. (And maybe other stuff?). In GC languages like C# and javascript its easier - though we might need to tweak the standard libraries. And ban (or sandbox) native modules like napi and cgo.
IMO what's needed is less per-app sandboxing, and more per-context.
Think user accounts but for task classes.
If I'm doing development work, I want to be able to chain together a Frankenstein of apps, toolchain, API services and so on, with full access to everything else in that specific context.
But that doesn't need visibility of my email, my banking and accounting software should have visibility to/from neither, and random shareware apps, games and movies should run, like you say, with a browser tab level of permission.
Making this work in practice while keeping performance maximised is harder than it sounds, preventing leaks via buffers or timing attacks of one sort or another (if apps can take screenshots, game over).. for now I use user accounts, but this is becoming less convenient as the major desktop OS and browser vendors try to force tying user accounts to a specific online identity.
1 reply →
> At the limit, sure, maybe there are tradeoffs between freedom and security. But there's lots of technical solutions that we could build right now that give a lot more safety without losing any freedom at all.
Everything you have suggested in this post takes away freedom. There is no solution that doesn't take away freedom / your control. There is always a trade off.
> Like sandboxing applications by default. Applications should by default run on my computer with the same permissions as a browser tab. Occasionally applications need more access than that. But that should require explicit privilege escalation rather than being granted to all programs by default. (Why do I need to trust that spotify and davinci resolve won't install keyloggers on my computer? Our computers are so insecure!)
This already exists on Linux.
I run Discord/Slack in Flatpak. Out of the box the folders and clipboard permissions are restricted. Only the ~/Downloads folder on my PC is accessible to Discord/Slack. You can't drag and drop things into these apps. Which makes sharing content a PITA.
If you don't want to worry about things like keyloggers, you should run an open source OS and use open source programs where you can verify that there are no key loggers. You should also make sure you find out what firmware your keyboard is using (many keyboards themselves have complex micro controllers on them that can be programmed).
20 replies →
It's not a technical problem. It's a social, legal and business problem.
Computers are subversive. They have the power to not only wipe out entire sectors of the economy but also defeat governments and militaries. If you let people run software freely, they can give themselves the power to do things like block ads and copy artificially scarce data at zero cost, directly impacting the bottom line of corporations. And that's when they don't run cryptography, cryptocurrency and anonymization software to escape government control.
So these businesses and governments have every reason in the world to usurp control of your computer. They want computers to only run software that's been authorized by them, so that you can do nothing that harms their interests.
It's not your computer, it's theirs, they're just letting you use it, and only if you follow company and government policy. And it's not at all about your security against external attackers in general, it's about their security against you.
It's got nothing at all to do with "capabilities". It's got everything to do with putting you in digital shackles so that you are forced to live in a dystopian cyberpunk technofeudalist digital fiefdom as a serf who pays and consumes in perpetuity.
Good point. The current security model of desktop OSs sucks. I was recently reminded of this by an issue at work. I'm used to devs having admin rights on their laptops, but here they closed that down: you have to request admin rights for a specific purpose, and then you get them for a week.
I recently requested those rights again because I needed to install something new for a PoC I was working on, and that wasn't allowed anymore. But during onboarding I had those rights and installed homebrew to more easily install dev tools, and homebrew keeps its admin rights to install stuff in a directory owned by admin. So that circumvents this whole security model (and I did, for my PoC).
The problem is that it's all or nothing. Homebrew should have the right only to install in a specific directory. Apps shouldn't automatically get access to potentially sensitive data. Mobile OSs handle that sort of thing more granularly. Desktop OSs should too.
Because the overly restrictive security rules at my work are little more than security theatre when it's so easy to circumvent.
There is software that does exactly that. You install a software kiosk were users can pick from and users don't get admin rights.
Won't satisfy developers for long though because it cannot work.
The problem is that mobile OS security systems isn't fit to develop anything but shit. It is simply no solution for desktop.
Well, one issue with the app store solution at my workplace is that you can still download anything, even if you can't install it. And executables can still be executed even from your downloads folder. Or your personal bin folder. So preventing people from executing unknown apps is not going to work that way.
But then again, we write and execute our own code, so of course we have to be able to execute unknown code.
The whole thing feels like an exercise in futility to me. It would make more sense to specify what rights a specific application should have. Let me approve the external urls it wants to visit, the folders it wants to access, etc. Shield everything else off.
It's not theater, your IT department just isn't implementing it correctly. I recently switched jobs and gave up one macbook pro for another (work issued).
Company A gave me sudo access and I could do anything I wanted.
Company B locks down everything, no sudo, no brew, nothing. But I do get a big VM with root to do anything I want. There is an approved "appstore" of many different varieties of IDEs/tools.
TLDR: Not having brew is not a problem, and /can be/ a better experience if done right.
It took a couple weeks to shift the mental model but I have no problems. The dev experience is quite good because they provide all the libraries you need to do your job.
Interesting. If you don't mind, I have a few questions:
1. Is the "big VM with root" running macOS itself, or a different OS?
2. Do you do any work on the bare metal version of macOS, or do you just start the VM in the morning and do everything from there?
3. How do you experience the performance/UX of the VM?
4. Do you know why Company B IT has set up this VM solution, instead of a plain old MacBook locked down with Apple's enterprise management tools?
5. Can you explain more about the App Store? Is it the actual Apple App Store but restricted to a curated set of apps, or is it a different system? If so, is the store a custom in-house thing or is it provided by a vendor?
2 replies →
There is an app store here too, but lots of vital dev tools simply aren't in there. We should probably make sure they get added.
But you can choose, your parents can have a phone with the "lockdown" setting turned on and I can have it off if I want. How we expose and handle that setting is a UX problem we can solve.
What's wrong with that?
Because parents typically have bad eyes and need big monitors, or they just want to be able to use a computer like we have been for years?
In this case I install Linux Mint. No virus problem. This is a popularity problem: you are more likely to have a sandbox escape on iphone than a virus on PC, because iphone gets more attention.
This is where Linux and Apple's centralized repository method shines.
Social engineering is really where the threat is at these days.
The answer to this is a physical switch on the machine that enables/disables hackability.
Is it really safer on a phone ? Don't banking apps reject latest community Androids builds with all the CVE fixes or Graphene OS yet work totally fine on years old, full of vulnerabilities yet signed official Android ROMs ?
Sadly yes. The average joe is not a target for technical exploits that use CVEs. They are, however, targets for meatsack exploits tricking them in installing crap like remote control software.
What are the stats here, this sounds like pure bs to be honest.
Main way people around me get scammed by far like 90% is social engineering
It will need just one more additional authentication factor and blocking side loading apps on Android - We promise, total security is close! /s
Don’t forget to change your password every week too
I don't think we'll ever have total security. But we still put locks on our doors and send our internet traffic through TLS.
All or nothing thinking is counterproductive.
This argument doesn't contradict the article.
An expensive iPhone ships with iOS and a rigid security model.
If you tap the `about` button 16 times and click a confirmation dialog, you disable certain security mechanisms against arbitrary software installation. Do something else easy but impossible to do accidentally, and you unlock the bootloader. You progressively lose portions of your warranty in doing so.
This is the path I think we should be going down.
Citation please? It’s my understanding that there is no officially approved way to unlock an iPhone.
They’ve had something like that for a long time on Android, and I think it’s a reasonable middle ground between making the platform open and closed. But as far as I know, Apple never did something like that on iOS.
That was my fictional proposal, I wasn't clear enough about that in my post.
All this will do is ensure that if malware does get through the official channels (which it can and regularly does) it will be more widely distributed
Security doesn't need to be 100% effective to add value. The more hoops we make scammers jump through, the fewer people will end up getting scammed.
I know angle grinders exist. I still lock up my bike.
Scams have absolutely nothing to do with anything relevant. Scams happen regardless of whether software is installed in the first place. Social engineering is what most scams are based on. Refusing me banking access because I want to use my phone as a computer brings extra security to nobody.
> I want my parents to have a computer they can safely do their banking on, without leaving them vulnerable to scams and viruses and the like
So you need to install Qubes OS for them?
KISS : Have a separate device to do banking, and ONLY banking on.
(More tech savvy users could instead boot into a different partition.)
What do you mean by "locked down computer." Maybe something like ChromiumOS?
Might be a tough sell for the volunteer open source community ("linux & friends") to work on such an alternative "locked down" computing experience. Free and open source software is usually more focused on unlocking use cases, not locking them up.
That all said, I basically consider macOS to be a locked down computing experience. So that's my solution for older people.
It's not a perfect solution but the Apple closed ecosystem is better designed for the limited use cases of the elderly. Rely on iCloud and built-in Apple approaches to data security as much as possible.
For example, an iMac and an iPhone can get all "adulting" use cases done, including typing/receiving emails, printing documents, online banking, government services, and so on. Apple Passwords plus Face ID helps to simplify password-based security. My biggest issue is getting TOTP-based two-factor adopted. Apple Passwords supports this but I usually have to do remote tech support to get it set up initially. It's also annoying that right now, the current generation of iMacs don't support FaceID, because that would simplify authentication across the two primary platforms (desktop/mobile).
I would never use this setup myself since I like to run F/OSS everywhere as much as possible. But I am realistic about tech expectations for the elderly who just want to live their life with minimal investment in learning about data/software security.
But you're right, along with other commenters, that it's dangerous for society to rely on a monopolist technocorporate overlord (or a pair of overlords forming a de facto duopoly) for the basic administrative tasks of adult living and lawful citizenship.
most reason OSes are insecure is bexause they are designed badly regarding security. they are from a time it wasnt important and most ways of building them also from that same era. its hardly modernized -_-. sure its not the same OS as 20 years back,... it has a lot of layers of junk ontop.
again, no incentive to improve it. its either unpaid work or the OS vendor has a stake in it being insecure. (both exists)
> My parents are getting old and they aren't tech savvy. The missing piece here is that I want my parents to have a computer they can safely do their banking on, without leaving them vulnerable to scams and viruses and the like.
Purists always forget this point :) What is best for 99% of people.
And dumb Euro bureaucrats.
That's what can be achieved by encapsulation/containerization of apps: a la flatpak, snaps, docker or VMs...
I found my parents to install random crappy adware apps from official stores too. What protects their banking application is granular permissions, not root access.
Why not give people the freedom to choose what they want
It will be exploited. Key word above - not tech savvy.
The only reason we have convenient banking, gov and streaming apps today is because of guaranteed and enforced mobile security by big boys Apple and Google. (Google being Ad company is another matter, not relevant here).
10 replies →