This stuff gets scarier and scarier by the day, and honestly, I’m starting to feel a bit helpless/hopeless.
Consider things like proposed DRM schemes in the browser covered by the DMCA. When an attacker starts exploiting, by first breaking the law to find the exploits, and then exploiting them, will we have security experts risking legal action to defend us and inform us of these potential vulnerabilities?
And, though there are teams of lawyers fighting this at every step, we’re going to eventually lose something that’ll have dire consequences on all this, all for a little extra profit and copyright protection. le sigh
Stallman’s Law: While corporations dominate society and write the laws, each advance or change in technology is an opening for them to further restrict or mistreat its users.
Exactly! Organizations like the FSF and EFF are under an immense amount of scrutiny, and also sometimes have trouble fund raising for various reasons. I wonder how many people won’t make donations to the Tor project due to the events that unfolded this year? Or the FSF over the things related to the libreboot controversy? Or the EFF because of something else. This sort of boycott, while potentially (and often) justified, is dangerous, especially when it takes a long time to grow an organizations support system enough to actually make a difference.
Organizations like the FSF and EFF are under an immense amount of scrutiny, and also sometimes have trouble fund raising for various reasons.
Interestingly, one of the reasons is that promoting fundraisers is heavily shunned upon in the FOSS community.
You can raise more money for one wildlife protection fund then for your standard FOSS community org in a day.
I guess it’s completely beyond the pale to suggest abandoning the web.
In favour of…?
Maybe I should say abandon modern web browsers in favor of passive viewers that are small enough to read and understand, but HTTP and its attendant requirements, extensions, and well-documented foibles demonstrate against the enterprise as a whole.
Unfortunately, we’ve arrived at a future where most people (even sophisticated users) can’t seem to imagine a use for a computer that does not involve HTTP, or more specifically, “web apps.” The complexity that enables such shenanigans as described by OP is now a part of the landscape. The next time something like this happens, the same people will re-nail their hands to their foreheads and wonder what can be done until the next parcel of clickbait (not coincidentally, hair of the dog that bit you) dislodges the hands from the foreheads and we abandon the momentary awareness that all of this is insane, continue on as if all of this were acceptable.
As the cycle enters its third decade the debate about whether or not dynamically downloading and executing unknown code in an environment too complex to audit is a good idea has mostly evaporated into arguments about whether or not it’s fair to deprive content providers of a demonstrably harmful (that is, to its users) revenue scheme. Nobody even questions anymore whether or not the foundations of the web, and the toxic influence it has exerted upon what used to be known as computer science, are suitable for human consumption.
In answer to your question: How about a baseline requirement that any candidate replacement system not intrinsically require compromise of the local environment.
The sad thing is people will read your comment and think you are out of touch for valuing the integrity of the user’s system at the expense of ‘features’ like arbitrary code execution.
I don’t think SL’s values are out of touch.
I do think the idea that people will choose security over convenience is out of touch with human behavior.
For instance: I lock my front door, but I don’t usually use the deadbolt, because it’s a (very slight) hassle and the benefit (making it harder to pick the door) doesn’t seem worthwhile (its a safe neighborhood).
Unfortunately, humans don’t intuitively appreciate that the economics of malware are very different to the economics of burglary, and that kind of decision making means you’re certain to have a device controlled by somebody else.
Yes. Yes. This. People will not behave securely if there is an option not to do so, and if that option is even slightly easier. The only way to keep the end-user facing portions of a system secure is to make sure that being secure is the only option.