3

Smartphones OSes like Android and iOS come with a lot of security features, one of the most useful to me being app isolation.

In my understanding, each app installed has a space reserved, and can only access its data.

This prevents a malicious app, or an app that gets exploited, from altering or giving away the data it isn't allowed to access.

As basically every program that accesses the Internet has flaws, why don't PC OSes provide this kind of protection ? And could one provide this without breaking compatibility with older programs ?

Hey
  • 1,905
  • 1
  • 16
  • 23
  • For example, https://www.qubes-os.org/tour/#what-is-qubes-os does exactly this, using a set of tools that have been available for ages. – Piskvor left the building Feb 29 '16 at 14:17
  • This isolation does come at a cost though. Not all inter-process communication is necessarily bad. For example, a lot of PC applications allow 3rd party developers to create plugins which are able to provide additional services to the main application, Adobe Photoshop being a good example. This plugin model cannot work in a issolated smartphone style OS. – user1751825 Dec 08 '16 at 03:54
  • @user1751825 doesn't Microsoft Edge support plugins ? Add-ons seem to be able to exist even with proper isolation. – Hey Dec 10 '16 at 18:44

2 Answers2

5

Windows 10 does exactly this. Windows 10 Universal Apps run in isolated mode, just as they would on a phone. However, Windows 10 does also allow regular Windows Applications to be installed. Microsoft created a more locked down OS, Windows RT, which only allowed Universal Apps to be installed, but it proved to be not particularly popular.

user1751825
  • 905
  • 4
  • 10
  • 1
    Not just in Windows 10, but from Windows 8 when it was released in 2012 on. (Of course, uptake of 8 & 8.1 with Windows users wasn't quite tremendous. But the technical foundations were shipped in Windows 8.) – mostlyinformed Feb 29 '16 at 21:44
2

Unix has had chroot since 1979 this has gradually morphed in to containers on Linux.

As basically every program that accesses the Internet has flaws

And security software doesn't? The major contributor to software defects is complexity. Adding more security "features" can undermine the very thing it seeks to to enhance.

symcbean
  • 18,278
  • 39
  • 73