Comment by fc417fc802
6 days ago
It's important to keep separate the parts of the security model mobile did well from the parts it got wrong. Declaring that app developers can decline end user access to app files is unacceptable. I get final say on my device. I get to run as root. Hell, I get to run as ring 0 if that's what I want to do.
IMO, the developers choose what software they want to write. If Microsoft Word decided to remove the "export to PDF" feature, that would be their right. And it would be your right to stop using Microsoft Word. If you want to be root on your system, you are free to install a system that gives you root access.
And that's the part that I believe should be a right: if you buy a smartphone, you own that piece of hardware, and you should be able to install the system you want. But if you are not the one developing that system, you don't get to decide what this system does. Just like you don't get to decide whether Microsoft Word can export to PDF or not.
You're saying that the Android security model shouldn't be illegal. I agree.
I'm saying that despite all they get right, the Android and Apple security models, when foisted on the mass market, are socially and ethically flawed. I'm saying that the end user has a fundamental right to tamper with the software on his own system. Those designing an OS that intentionally thwarts the user's will are in the wrong.
Just because something is legal that doesn't mean doing it is a good thing.
I may be biased, but I have never seen anyone who would want to tamper with the software on their own system and would not be capable of installing an alternative OS, given that their device allows it (e.g. allowing unlocking the bootloader, etc).
For "normies", it feels like the existing security model is actually not that bad. I can't imagine what would happen if everybody was running something without any sandboxing.
2 replies →