Actually, it never occurred to me that a whitelisting model similar to the iPod/iPad model, where apps would have to be authorized by Apple and obtained through an approved channel like the App Store, might be under consideration.Such iDevices carry a lot of computing power, in some respects exceeding the potential of cheap netbooks, but there are many contexts in which power users and corporates will require a lot more choice than such an App Store would give them.
Apparently the rumour mill was, however, churning in that direction. So Mac developer Fernando Valente took the bull by the horns, as it were, went straight to the horse’s mouth – I said mouth – and mailed Steve Jobs to see if there was any truth in the story. And the answer came back “nope”. So that’s that.
But it got me thinking Dr. Alan Solomon, a leading figure in the early days of the antivirus field, has long talked about a semi-hypothetical OS model based on a flavour of Linux so locked down it would be barely usable for power users and IT professionals, but which would be a much safer experience for people whose requirements are less demanding. In fact, there have also been attempts to market “safe” Windows PCs using a protected system partition and a less protected data partition, for instance.
Mobility, physical footprint and telephony aside, doesn’t that population of people who aren’t particularly security-aware or even technology-aware closely resemble the market that’s likeliest to want a small device somewhere between an iPhone/iPod and an iPad/Kindle/netbook as their main computer? (Yes, I understand that we’re talking about quite a range of devices.)
If that’s so, perhaps a device a little closer to a netbook but still based on a paternalist App Store model would meet (most of) that need. As long, that is, as the provider was able to:
- Maintain the integrity of the model without letting applications through that started to pose some form of threat.
- Withstand the pressure to loosen the reins that’s bound to come from those who come to realize they want more choice than they’re given. (Jailbreaking happens for a reason.)
- Resist the temptation to assume that it can maintain perfect security on behalf of its customers at all times, or else write off breaches as the customer’s fault.
- Take responsibility for the customer as well as for the system. Especially when it comes to misleading the customer into thinking he never has to think about his own security. (Read “social engineering target”…)
Congratulations to the iPad, by the way, on now being allowed into Israel…
David Harley FBCS CITP CISSP
Small Blue-Green World
AVIEN Chief Operations Officer