One of the common security mechanisms in modern operating systems is called sandboxing. This is where the operating system confines each app to its own “sandbox” so that it can’t affect the rest of the system.
From a security standpoint, this is excellent. If an app is infected, it can only pee in its own bed. The rest of the system is unaffected. Unfortunately, it’s not that simple, because multiple apps require access to the same sets of files and various pieces of hardware in order to be of use.
This introduces more complexity for the user. Apps regularly ask for access to certain pieces of the system and the user is stuck having to manage all of this. In many cases, the user doesn’t understand what’s being asked.
Mobile operating systems were some of the first to make this behavior mainstream. I regularly hear from users who are frustrated or overwhelmed by the never-ending barrage of questions. Can my password manager have access to my camera? Should I give my social media app access to my contacts?
Desktop operating systems have also joined the trend and users are commonly frustrated with the fact that App X can’t access Resource Y on their machine. Or the app they downloaded won’t run because it’s not on their operating system vendor’s white list.
Add in the new security chip mess and users are presented with a situation where it’s now possible to render your computer completely useless just by forgetting a password.
We’re slowly moving toward a situation where security is trumping usefulness. Telling a user that the best security you can get is to permanently disconnect your computer from the internet may be technically correct, but it’s not very useful. Very few people can or will do that. But our sandboxing techniques aren’t too far off of that advice. The balance between security and usefulness is off. User frustration is high.
Because of the way we do security, apps have to ask for permissions and hope that users don’t get too frustrated or overwhelmed and just say no. In many cases, the developers also get frustrated and just decide to do it all in one place.
So the user ends up with one app that does multiple things and those things are all confined to a single folder structure. Isolated from the rest of the system. Then they discover another app that does one of those things very well, but it doesn’t have access to the same folder structure as the first app. Now they have a bit of a problem.
For this very reason, I am unable to use iOS, iPadOS or Android for my writing needs. My git client can’t access the same folder structure as my Markdown editor. (And for my fellow geeks out there, don’t talk to me about rooting my device. If it doesn’t work for me as designed, I’ll look elsewhere.)
Here’s an example. I recently picked up a detachable tablet running Chrome OS to see how it would work for me as a writing device. As I’ve mentioned, I like to track my changes and sync my files using git. And I do all my writing in a format called Markdown. So I found an app to manage my git repositories and a nice looking Markdown editor.
However, the apps exhibited the same problem that I found in iOS and Android. Neither one could access the other’s files. I was stuck editing my files with the barebones text editor included with the git app. Or I had to copy the files from the git folder to the Markdown folder, edit them with a better app, then copy them back to the git folder so I could sync them with my repository.
Talk about ridiculous.
Fortunately, Chrome OS allows me to install an integrated Linux VM, which allows me to install Linux apps. All of these apps have access to the same folder structure, which allows me to use my preferred app to edit any given file.
As an aside, the integrated Linux VM made it a great mobile device for my purposes. Without that, I would have returned it.
I see the same problem cropping up in Windows and macOS. And Linux is starting to move toward packaging systems like snaps and flatpaks, both of which cause significant usability problems. At least vendors of desktop operating systems still recognize the fact that users need access to their files. But it has become a confusing pile of permissions.
So I have to ask myself – who benefits from this security structure? Certainly not the users. Maybe in the vague sense that somehow they’re less vulnerable to attack. Maybe. Assuming it’s all been done correctly. But from a usability standpoint, it’s terrible.
Users increasingly encounter situations where they can’t edit their own files with the app of their choice because they didn’t answer a question correctly at some point. Or because one or more of the apps are locked to their own folder structure.
So why have operating system vendors done it this way? I can assure you, it’s not for the users. It’s because of the users. Operating system vendors are protecting themselves from users who download software from questionable sites. Users who turn off their firewall. Users who refuse to apply security updates.
Software vendors’ reputations require better security and tangible actions to prove they’re doing something about it. But it’s not for you. It’s for them.
And while they’re at it, they take the opportunity to push you to their cloud offerings. Don’t worry, they’ll handle it all for you. They sneakily coerce users into their ecosystem so it’s difficult to go elsewhere.
And of course they collect more information about you than any other entity in the history of the human race. The average piece of modern software puts the Nazis to shame with how much information it collects about you.
But hey, it’s secure(-ish)!