Reading this, and other recent events, gives me the realisation that we need the successor of UNIX. Nowadays, everything runs UNIX. My iPhone, Android, my Mac, my Ubuntu laptop, my Debian or BSD server, even my e-reader runs some Linux.
On recent systems like iOS & Android applications run pretty isolated. You can't read and write the whole file system (afaik), and you need to have the user tap "yes" to use many system API's (like microphone, camera, etc).
Using UNIX for a desktop computer, you don't really utilise the user system. Everything I run is either as my own user, or as root (when adding/remove packages or doing system updates). Otherwise, it's a singe user system. So any program I run can read all permanent data stored by other programs in my home directory. In effect, all programs have 100% access (except for changing system settings, but why would they care when there is only one user to own?
When I encrypt my drive, I encrypt it all but also unlock it all when logging in. It's inherent to the system that my whole home dir is open when using (except for things I encrypt manually, like GPG mail or other user land things). Defaults matter. That's why Ross's documents were readable to the American government.
I think we need a new OS to take over after UNIX. One that is built up of sandboxed modules. Where each program gets it's own file system, where they can do whatever they want. That file system is, if I wish, encrypted until I chose to open it. It could be encrypted with a public key system, so I can have many FS's opened with one key, or derive keys from a master key.
These small systems could even be virtual machines, I can't say anything about the eventual overhead that would bring.
In short, UNIX is bad because the file system is bound to my user, and anything my user runs has 100% access to everything else I run. The user system is nice, but not practical. If it was, Ross would be a free man.
On recent systems like iOS & Android applications run pretty isolated. You can't read and write the whole file system (afaik), and you need to have the user tap "yes" to use many system API's (like microphone, camera, etc).
Using UNIX for a desktop computer, you don't really utilise the user system. Everything I run is either as my own user, or as root (when adding/remove packages or doing system updates). Otherwise, it's a singe user system. So any program I run can read all permanent data stored by other programs in my home directory. In effect, all programs have 100% access (except for changing system settings, but why would they care when there is only one user to own?
When I encrypt my drive, I encrypt it all but also unlock it all when logging in. It's inherent to the system that my whole home dir is open when using (except for things I encrypt manually, like GPG mail or other user land things). Defaults matter. That's why Ross's documents were readable to the American government.
I think we need a new OS to take over after UNIX. One that is built up of sandboxed modules. Where each program gets it's own file system, where they can do whatever they want. That file system is, if I wish, encrypted until I chose to open it. It could be encrypted with a public key system, so I can have many FS's opened with one key, or derive keys from a master key.
These small systems could even be virtual machines, I can't say anything about the eventual overhead that would bring.
In short, UNIX is bad because the file system is bound to my user, and anything my user runs has 100% access to everything else I run. The user system is nice, but not practical. If it was, Ross would be a free man.