I'm now wondering why the security model of desktop operating systems are so different from the mobile ones. All desktop operating systems seem to practice a user-based security model, while all mobile operating systems are application-based, isolating every application as a separate "user" as per desktop terms.

@PeterCxy Because a desktop's security model is inherited directly from the 1970's time-sharing mainframe systems like Multics and Unix, the only objective of these system is allowing each user to connect via their VT100 and run their programs without affecting other people, damaging system file, or becoming root. Later workstations/desktops shared the same needs.

Protecting a user from the apps, or protecting apps from other apps is only a recent development in today's "there an app for that" world.

@PeterCxy The current problem of (most) desktop's security model:

"If someone steals my laptop while I'm logged in, they can read my email, take my money, and impersonate me to my friends...

But at least they cannot install device drivers without my permissions." 🤣

@niconiconi Thinking about the difference in those "applications" I maybe kinda get it. Nowadays everybody wants to make "app"s, even when they don't actually know what they are doing -- it's just ridiculous from an early desktop point of view that some businessmen today would propose that "we would like to make an app" then just stops, as if any kind of "app" is okay and he/she just wants an "app". Basically to do anything you need an "app". I'm feeling that this is kind of like the web, where you really don't want some random guy's code to be able to extract everything from you within a click.

@niconiconi @PeterCxy And there's a exception called "MIT ITS", it's a timesharing system with absolutely no protection, so any user can do anything he/she wants.

Sign in to participate in the conversation

Yet another excited Mastodon instance.

This node has not a main focus, and I do think it should never have. Read Rules before deciding to join, please.

This instance has an alias domain, ``. Any user on this instance with `` can also be identified using ``, e.g. `@[email protected]` and `@[email protected]` are equivalent. Other Mastodon instances will recognize the alias and redirect to the correct user account.