by supertrope 3 days ago

If the important data is in a web app and the Windows PC is effectively a thin client, this lowers the ransom value of the local drive. Of course business disruption in the form of downtime, overtime IT labor cannot be mitigated by just putting everything online.

The next step is just to move to security by design operating systems like ChromeOS where the user is not allowed to run any non-approved executables.

If tricking a single employee can cause an entire company to stall out, it's a process issue. Just like how a single employee should not be able to wire out $100,000.

Ajedi32 3 days ago | [-3 more]

Getting rid of Windows in favor of an OS with a proper application sandbox like Android would solve so, so many security issues, but that's not viable in most cases because so much software depends on the outdated user-based permissions model most desktop OSs are built around.

ArcHound 3 days ago | [-2 more]

Please don't. It's bad enough that companies running windows have all the data on win premises. Dumbing down what the users can do with their machines seems like the end of personal computing.

Ajedi32 3 days ago | [-1 more]

I don't think Android is "dumber" or less capable than Windows. In many ways the application sandbox actually gives owners a lot more control over their devices than a less locked down OS would, allowing them to restrict what information installed applications are allowed to access.

But what I think you're concerned about (and I agree) is that the flip side of that is that giving device owners more control over their apps also gives the OS developers more control, and Google's interests are not always perfectly aligned with the device owner's. There's a much wider market for apps than there is for operating systems, so sometimes app developers' interests will actually be better aligned with the device owner's than the OS developer's interests are.

One possible saving grace here is AOSP. In theory you could have multiple competing AOSP-based desktop OSs, each catering to a slightly different set of users. This would be close to the ideal situation in my opinion. Either that or Chrome, Firefox, Edge, and Ladybird all evolve into full fledged OSs with WASM-based apps.

ArcHound 2 days ago | [-0 more]

I see your point, I do. It seems like all external software is going in the SaaS direction, where the vendor is keeping all of the data, so they are available over an API. So there are genuinely solid cases for Chromebooks.

The issue is how much power this gives to the vendors. I think we should be able to survive a vendor going poof, taking all our data with them. Having a general computing platform capable of mixing files and privileges seems to me like the only way of keeping this capability.