"Wash me but don't get me wet." (Is this a saying in english?)

I guess you are trying to say: "You can’t have your cake and eat it too." ?!

Also, "want the milk without buying the cow", but I like "don't get me wet" because it highlights not wanting the result without the unpleasant step of the process. Then again, we have "dry cleaning" and ozempic.... https://english.stackexchange.com/questions/429316/wash-me-b...

I'm reminded of a meme involving a dog with a ball: "Please throw? No take. Only throw."

The better answer is to build better OSes with better security models.

I should be able to run a crypto wallet I downloaded from a Kim Jong Un fan site while high and it shouldn’t be able to do anything I don’t give it permission to do.

It’s totally possible. Tabs in a web browser are basically this.

I can do it with VMs but that’s lots of extra steps.

macOS kinda gets there. I've (grudgingly) come to admit that it has by far the best security story of any desktop operating system. Apps require explicit user consent to access the filesystem, peripherals, and other sensitive data (e.x. Discord requests "Input Monitoring" access to determine if you're "actively online" even when unfocused.)

The only place it seems to fall flat is network I/O - LAN access requires permission, but dialing out to the wider Internet does not.

Compare Windows, which has jack (except for bloated anti-malware hooks in NTFS.)

Linux is _trying_ to replicate macOS with Flatpak/XDG portals, but those still need more time in the oven.

Source: I use both a MacBook and a Linux desktop daily.

Web pages have a lot of restrictions even if you consider the gradual adoption of the project Fugu APIs

Isn't that what Qubes is all about?

Yes but IMHO that approach is a hack. “Fix our 1970s OS by putting it in a box in our 1970s OS.”

And by "people" we mean Hollywood. A great deal of this was created to enable DRM, then exploited for other purposes. For instance, it's illegal (by contract) to let a device without Secure Boot play a 4K stream from any mainstream studio. This is why Windows requires Secure Boot.

> This is why Windows requires Secure Boot.

No it isn't, and no it doesn't.

Elaborate?

I am not aware of any concrete evidence that would even suggest that the creation of Secure Boot had anything to do with Hollywood.

And it is quite demonstrable that Windows can function without Secure Boot.

This is the real answer that is rather banal and boring compared to conspiracies of nefarious money harvesting.

95% of people don't know what "Run your own software" means, because to them, the app store lets them chose what apps to install. And they don't get viruses and malware like their 2008 laptop did.

That being said, there absolutely needs to be a mechanism for "lowering the gates" if the user wants full control of the device they own.