I'm not too sure about "falling behind Windows", personally. The major lines of defense that Windows appears to rely on are code signing and a signature database, with behavioral AV being a relatively recent creation that still doesn't cover a lot of big holes. (for instance: What if I manage to fake my way through an OV/EV cert or use a leaked one? What if I use polymorphic code obfuscation that can generate hundreds of different signatures, but is also used by "legitimate" programs as DRM?) There's SafeSearch, but many people just click past those warnings anyway.
It's just as easy for a Windows .exe to create a service that runs when you log in as it is for a Linux app to write something to .bashrc - so its not a uniquely Linux problem.
macOS has the big Apple hammer to force developers to comply - Apple has the power to say "from this release on, all permissions need to be requested for or they won't work". Comparing the two companies, Apple uses the big hammer they have to force some compliance from app devs, while Microsoft often tries not to break stuff.
Linux doesn't have a big, central hammer like Apple does, so progress like Flatpak's isolation has to happen in steps, or else you end up in this chicken and egg problem:
- App devs won't support Flatpak with stuff like using portals because Flatpak has a small userbase
- Users won't use Flatpak because it doesn't have apps that they want, and will instead go about doing things the old way
This "we'll give them $HOME for now and let them fix it eventually" is deliberate - you need to drive adoption for Flatpak before apps consider adding special code paths for it. The goal is to eventually fade out $HOME access or severely restrict it, but unfortunately this is the norm.
I've mentioned this on other posts, but this is deliberately why Flatpak's messaging on their website[0] is focused on ease of distribution instead of security. In addition, if you feel like you can put up with an app having a restricted view of the filesystem (for example, you don't think you'll touch anything outside ~/Documents/Models with Blender), you can adjust the sandbox to fit your needs.
Gun violence in the U.S. is a hobby interest of mine as a researcher. Skimming the discussion here, there are several things it would be good to keep in mind:
0) Gun murders in the U.S. are a very low percentage of deaths (0.39%) and preventable deaths (~1.1%, there's some disagreement about what's "preventable"). That's 0.0036% of the population per year gun-murdered. That this statistic is 3x some other country's is irrelevant because 3x a small number is still a small number. If your goal is to prevent untimely deaths, focus on boring things like falls, car accidents, and diabetes.
1) "Mass" shootings are a tiny fraction of all shootings. In the U.S., by firearm murders, it's about 3.5%. And that's using an extremely permissive definition of "mass shooting". Usually 3+ or 4+ people shot, not dead. When most people think about a mass shooting, a gangland shootout doesn't come to mind. The people coming up with these numbers do this on purpose ("advocacy numbers"), and you should be on guard. The distribution over # shot or # dead is telling.
2) Your kids are really safe, and worrying about a child getting shot, training for it, etc. does much more harm than good. We've managed to get child mortality from all causes to be very, very low. Worry about whether your kid is happy, has friends, is fat, has good mentors. This is pretty much exactly like "stranger danger" from the 1980s in the U.S. in a statistical sense, and I would say that contributed to the current regrettable situation where kids aren't allowed to roam free at all.
3) Stuff like the recent mass shootings in Buffalo and Texas makes it in to your minds because it's profitable for news media. Not because it's something you should actually think about or worry about, not because it's a real threat to you or anyone you know, but because it sells advertisements. Real risks to you as an adult reading this in the U.S.A. are traffic accidents, falls, and being too fat.
4) Ppl be like "We banned guns in Scotland and we haven't had a mass shooting since!". Great, but it's like saying I can't drown if I don't get in to the pool. Mostly true, but missing the point. The real number we're concerned with here is premature deaths, or perhaps an overall murder rate. Banning guns might result in a lower murder rate, but there's going to be some substitution (e.g. knives for guns, Glasgow being the "stab capital of Europe"...). Scotland is a very fat, very drunk country. Much more good would have been done for public health by banning Irn Bru and alcohol, but you haven't chosen to do that because people find them rewarding. People find owning guns rewarding too, it's just that the costs end up on the front page of the newspaper (mass shooting) rather than ignored because they're so quotidian (millions of years of life lost due to being comically unhealthy).
5) Don't focus on the type of gun. The fact that AR-15s are used in a lot of "mass" shootings reflects the fact that they're the Toyota Camry of guns. Good value for money, reliable, etc. If you saw a lot of a specific kind of traffic accident, and Toyota Camrys were frequently involved, would you start to scream "Ban the Camrys!"? It doesn't make any sense. The vast majority of gun murders in the U.S. are committed with cheap pistols. <2% are committed with "long arms" of any kind, including AR-15s.
Unlike the author, I think I still like computers, but only in their essence. I like programming, the detective game of debugging, learning new paradigms, getting lost in abstraction, the thrill of watching powerful automation doing it's thing.
But I don't like what computers and the internet have become. Without constant mindful adjustment, all my devices inevitably become attention grabbing pushers of just-so packaged bits of media. I don't let that happen, but that's clearly their essential inclination. Keeping this at bay feels like swatting away the tentacles of some persistent deep sea creature.
I feel everyone's attention span eroding. I feel people packaging themselves for social media, opening their self-image and self-worth to the masses. I see a flood of undifferentiated information, the spread of hysteria and belligerence, the retreat of quietude, humility, and grace.
This is all downside, but lately I'm losing the upside. While I still love the technology underneath it all, more and more I feel like I'm working in the service of something that's driving humanity collectively insane.
It's just as easy for a Windows .exe to create a service that runs when you log in as it is for a Linux app to write something to .bashrc - so its not a uniquely Linux problem.
macOS has the big Apple hammer to force developers to comply - Apple has the power to say "from this release on, all permissions need to be requested for or they won't work". Comparing the two companies, Apple uses the big hammer they have to force some compliance from app devs, while Microsoft often tries not to break stuff.
Linux doesn't have a big, central hammer like Apple does, so progress like Flatpak's isolation has to happen in steps, or else you end up in this chicken and egg problem:
- App devs won't support Flatpak with stuff like using portals because Flatpak has a small userbase - Users won't use Flatpak because it doesn't have apps that they want, and will instead go about doing things the old way
This "we'll give them $HOME for now and let them fix it eventually" is deliberate - you need to drive adoption for Flatpak before apps consider adding special code paths for it. The goal is to eventually fade out $HOME access or severely restrict it, but unfortunately this is the norm.
I've mentioned this on other posts, but this is deliberately why Flatpak's messaging on their website[0] is focused on ease of distribution instead of security. In addition, if you feel like you can put up with an app having a restricted view of the filesystem (for example, you don't think you'll touch anything outside ~/Documents/Models with Blender), you can adjust the sandbox to fit your needs.
[0]: https://flatpak.org/