> Right, which goes back to the main point; "total control of your computing environment" fundamentally means that you are responsible for figuring out which applications to trust, based on your own choice of heuristics
Hard disagree. Total control of my computing environment would be to allow an application access to my documents, a space to save a configuration, perhaps my Videos folder or even certain files in that folder. Or conversely, not.
At the moment, none of the desktops give me the ability to set a level of trust for an application. I can't execute Dr. Robotniks Ring Run (or whatever the example was) and be able to specify what it can, or cannot access. There may be a request for permission at a system level access, but that could be explained away as usually is for iApps and Android when requesting some scary sounding permission groups.
And it also doesn't stop malware from accessing my documents. Sometimes my Mac asks if an application is allowed to access Documents, but it isn't consistent.
> they are hidden away inside the settings, and they are not granular.
The switches default to off though, with a prompt on first attempt at accessing the protected resource.
The problem is that they're leaky like a sieve and the permission model and inheritance works is unclear (I once had the Terminal app ask me for permission - does it now mean anything I run from the terminal automatically inherits it - and so on).
Hard disagree. Total control of my computing environment would be to allow an application access to my documents, a space to save a configuration, perhaps my Videos folder or even certain files in that folder. Or conversely, not.
At the moment, none of the desktops give me the ability to set a level of trust for an application. I can't execute Dr. Robotniks Ring Run (or whatever the example was) and be able to specify what it can, or cannot access. There may be a request for permission at a system level access, but that could be explained away as usually is for iApps and Android when requesting some scary sounding permission groups.
And it also doesn't stop malware from accessing my documents. Sometimes my Mac asks if an application is allowed to access Documents, but it isn't consistent.