> And so trusting third party certificate issuers who currently don't verify websites or their owners and having them now certify apps is a pretty big leap.
That is why you should only do this if you are aware of the consequences.
You put lots of warnings in front, and if after all that they trust the source of the directions, who are we to say otherwise? There's a lot of hubris in assuming we always know better than the user. It may be that in a decade or two people will be a but more knowledgeable about their devices, but I'm afraid we're moving down a path that will make that knowledge mostly useless, since there's now way to express it.
We're at an inflection where in the future we will either retain some control over our devices, or almost none. I'm done arguing for complete control, that's boat seems to have sailed. I'm just trying to influence people to not throw away all their control at this point.
I'm not ignoring it, I just value freedom more. It's easy to make an almost perfectly safe society if we're all willing to give up on fundamental freedoms. I think the best solution preserves some core freedoms while making risky behavior harder. Between desktops and phones we've swung between two wildly different paradigms in the last couple decades. I don't think a bit of moderation on both ends (which is already happening with the OS as we see here) is a bad thing. But so far it seems mostly to be going one direction.
Apple is actually fairly good at making the warnings/process heavy-handed enough that only technical users will follow them.
For instance, the /System folder is not writable unless you reboot into single user or recovery mode, then run commands in a shell.
Several app developers (including Mojang with Minecraft) recommended turning off Gatekeeper to run their apps rather than dealing with developer signing or because they did not want to purchase a signing certificate. Apple eventually removed the option to disable gatekeeper from the UI (but retained it as a shell command).
The 'advanced user' override to run these apps has always been to select 'open' from the finder/context menu - but simply double-clicking on an app will give a failure screen, not an override/consent screen. (Yes - rather than telling users to right-click on their app, third parties told the users to disable app verification and quarantine for the whole system.)
It's really simple: It is not our job to prevent smart people from doing dumb things at all cost.
I find it surprising how lots of people who live in democratic, free societies, still have this urge for authoritarian solutions to every problem.
The history of the judicial system has shown that even incredibly smart people will sign contracts that are clearly to their detriment. Does that mean the appropriate solution is to only allow contracts that have been vetted by MicroLaw incorporated?
Overall, history is full of smart people doing dumb shit. The only way to completely prevent that is draconian authoritarianism. I would think humanity should have understood by now that that doesn't end well.
How do you prevent a user who is not aware of the consequences from throwing their a computer into a lake, we better ensure that all computers are Safe-T-Locked into desks so the user cant hurt themselves.
That is why you should only do this if you are aware of the consequences.