alt Hacker News> Your parents are more likely to be a victim of a phone call scam than malware, even on PC. There is also no guarantee that malware will not slip through cracks of official stores or signatures.
So what? The lack of perfect security is a terrible argument against better security.
For example, lockpicks exist. Is that a reason to stop locking your house? Our TLS ciphers might eventually be broken. Should we throw away TLS and go back to unencrypted HTTP?
I'm not expecting anything to 100% stop all scams. But modern computer security is a joke. We could do an awful lot better than we are today at keeping people safe from this stuff.
> We already had "best of both worlds", especially on mobile OSes - granular permissions per-app were quite good, and on Android until few years ago root was widely available if you needed it as well
Yes. I want something like this on desktop too - but I want to own the signing keys, of course. It seems strange that this is so controversial.
Replies
This hardly stops anything, app stores are full of malware, and the cost is very high.
It's like having an automated turret on your lawn because sometimes people bring bad snacks to your dinner parties.
I don't think Google play integrity and only allowing installing blessed apps on blessed devices is more secure. I just don't.
Google blesses malware all the time because otherwise they would go bankrupt. They're an ad company, not a security company.
It's not about being defeatist, atleast not for me. It's about what is considered good enough.
Sure, locking down the OS in this way is more secure, but it's also very restrictive and personally I don't think the added security justifies this. Lock picks do exist, but I am still entirely content with a single lock on my front door. I do not need an extra biometric sensor or camera or security representative standing outside my door to check id's of people passing by in order to consider myself reasonably safe.
Maybe this is cultural/geographical, but I've yet to hear of anyone who lost access to their mail or had unauthorized access to their bank account as a result of malware. I'm sure you can find examples, but I do not consider this an attack vector that is prevalent enough to warrant requiring signed apps or preventing manual installation.