> Surely you must understand that "security" and "giving users a say in how their phone works" are diametrically opposed?
Absolutely not.
> A phone can't be secure if its sandbox can be bypassed in one tap by the user. You might have a lot of say in how your linux system works, but don't kid yourself into thinking it's secure. It's only one `bash -c "$(curl -fsSL http://...` from getting pwned.
In both cases, yes, a user may choose to bypass a security measure. In most threat models, that's fine. If malware needs me to give it permission to compromise the system, I consider that a secure system.
Absolutely not.
> A phone can't be secure if its sandbox can be bypassed in one tap by the user. You might have a lot of say in how your linux system works, but don't kid yourself into thinking it's secure. It's only one `bash -c "$(curl -fsSL http://...` from getting pwned.
In both cases, yes, a user may choose to bypass a security measure. In most threat models, that's fine. If malware needs me to give it permission to compromise the system, I consider that a secure system.