đž Archived View for splint.rs âş android.gmi captured on 2024-12-17 at 10:24:15. Gemini links have been rewritten to link to archived content
âŹ ď¸ Previous capture (2024-07-08)
-=-=-=-=-=-=-
The basic idea seems to be that if the user wants to install random, unaudited software, they can safely do so without worry that the application will steal their contacts, record their voice, or otherwise engage in bad behaviour. What keeps the user safe is the ability to allow or deny an app access to these various resources on a case-by-case basis. However, the more detail we add to this story, the stranger it becomes.
Many apps simply wonât work without a lot of permissions, so our would-be insecure messaging app, which then asks for permission to use âthe camera, microphone, access contacts, and make callsâ, remains insecure. The average user cannot make informed decisions about how much to trust an app, and how much to let it access.
The security model on Windows seems comparatively better, as it does not show the false safety-net of discreet applications, leaving the user to only install what they should trust with a vague message about the app ânot being verifiedâ.
Despite the boasts of GrapheneOS that it has âthe best security modelâ, due to so much separation, it doesnât come close to Linuxâ open-source-only package managers. The Linux security model - when working as intended - means that software only goes onto the computer when it goes through the following stages:
1. Someone shows off their app with the source code and a healthy history.
2. Different package-maintainers (all able to audit the code) build the package.
3. The end-user installs the audited software from their app-store.
The difference here parallels someone with amazing home-security letting known criminals into their home, and someone with no security only letting reliable and honest friends into their home. The first person may boast about how much better their security deals with problems, but we all know which house we would rather live in.