increased proximity causes an exponential increase in exposure (in addition to beam shaping, this is why hugging a mobile phone antenna is a Bad Idea, but standing under one is of little effect).
As I said, phones operate rather close to heads. About half the output is absorbed by the head. It certainly is not focused away. Designers just try to locate the antenna so it's not closer to the head than it has to be.
You're at more danger from the thermal radiation emitted by the phone's electronics being absorbed by your skin than RF radiation absorbed by your brain.
Skin repairs itself much faster than brains. And typically handles damage like "sunburn" better.
Human brains can and do cope with damage, but it's typically more a result of workarounds than repair.
Well I made a mistake too, I forgot Chrome uses Windows crypto stuff (I should have remembered that - dealt with that weeks ago - installing private certs and stuff).
Anyway in theory SSL is good. In practice it's better than nothing, but: 1) Most people just click through the warnings. 2) Governments (and naughty hackers) can get browser trusted CAs to sign their CA certs, and most browsers by default will not warn you. China's CNNIC's cert is signed by Entrust (there may be more). 3) Governments can get Microsoft to sign their certs and IE (and Chrome) by default will not warn you - you can delete a CA's cert from the CA list, and IE will add it back as long as the cert is signed by Microsoft, or by a CA that's signed by Microsoft or a CA that's signed by a CA that's signed by by Microsoft (subject to the certificate's and browser's chaining limits). 4) IE by default has http://en.wikipedia.org/wiki/Web_Proxy_Autodiscovery_Protocol enabled. So an ISP could set a browser to use a proxy without the user knowing. AND I have not checked recently but years ago most browsers did not warn you if they are configured to use a proxy and receive a plain unencrypted "HTTP-302" redirect when they make a CONNECT request. The browser just goes to the redirect URL without warning. This was convenient for my purposes, and for some users but it might not be so good for the users in more security sensitive situations...
So the cynic in me feels that nowadays SSL/TLS/HTTPS is more about making the CAs money, since the browsers by default don't warn you about the crap I mentioned (whereas stuff like SSH would warn you).
The TLS SNI feature is more about not scaring the users but the users should be scared since the browsers aren't really protecting them;).
I find it hard to believe your claim that the IPv6 stuff will be cheaper and more scalable. Where's your evidence? Benchmarks? The IPv4 stuff has been around for decades. ISPs are already using it. Plenty of existing stuff for IPv4 acceleration.
And it certainly won't be more reliable. There are still lots more bugs to be found. For example: how many years did it take for the ISC to reduce the number of security holes and bugs in their IPv4 DHCP server? So you really think the dhcpv6 servers will be much better?
Adding a carrier grade NAT is pretty much proven tech. You know what it breaks and what it does. And what it breaks and does will make the MPAA, RIAA and the Chinese Gov quite happy.
As you already know not all drugs are the same, so lumping all the illegal drugs together is silly. Drugs certainly do kill people.
Marijuana might be relatively safe[1], but many other recreational drugs are not.
There are good reasons why many legal drugs require prescriptions.
[1] And even then it'll likely be not as safe once legalized since 1) mass farms would grow them using phosphate fertilizers and so they'd have more polonium in them than the "organic" sort. Having ash containing polonium stuck in your lungs is bad for you. Maybe marijuana might not concentrate polonium as much as tobacco, but who wants to find out the hard way?;)
soon there will be plenty of people and organizations in the world, starting in Asia, that will be IPv6-only
They might go massive IPv4 NATs first. Especially since: 1) it makes control of the population easier. 2) it makes P2P harder 3) it makes it harder for users to set up their own servers
What tech people see as problems, would be considered benefits by some governments and organizations.
Just because it's non-ionizing radiation doesn't mean it can't damage cells, or alter proteins. Otherwise a microwave oven wouldn't be able to cook stuff. Or people wouldn't have to be careful about radar exposure[1].
Damage cells enough and the odds of cancer go up.
The risks are probably not that high (compared to smoking and some toxins). But the phones often operate rather close to heads. And there are measurable effects ) http://jama.ama-assn.org/content/305/8/808.abstract ). So I'd keep my cellphone usage as low as possible. Maybe some people's brains can take it (or might even do better) but others might not fare so well.
And Mega-corporations don't even need to _pretend_ to uphold the precious US constitution. Or have elections every X years.
Speaking of elections, if anyone believes that voters aren't voting in their best interests at the ballot box every few years, they should also believe that voters will have similar/worse problems voting with their wallets every day.
Those who think eliminating or reducing government will magically solve problems are fools. It is not quantity of Government that is the problem. It is QUALITY that matters. As long as people keep trying to solve the wrong problem the real problem will never be solved.
Ultimately the problem is not the quantity of voters, it is the quality of the voters;).
Yes normal spinning disk drives do suddenly fail completely too, but that normally is a result of abuse. So far what normally happens is you have bad sectors and/or the SMART reporting stuff starts giving you some ominous signs).
If the SMART stuff worked well for SSDs, even if SSDs failed every 3 months or so, many would be happy enough - they'd buy a stack of SSDs (yes really) and swap them in whenever they see the SMART warnings.
Because in most companies managers have more say in deciding whether a programmer gets hired/fired, than programmers have say on whether a manager gets hired/fired;).
And if a programmer had that power over a manager, it's kinda hard for a manager to say "hey just do that or else..."
So only in a few places you'd have star programmers earning bigger bucks than managers. Where everyone knows that they can kick the manager out and the programmer will still churn out world-class stuff. A few managers are actually worth their big bucks. just like a few coaches (I'm sure you've all seen teams full of star players but never getting anywhere, till a good coach comes in).
Lastly you only have one manager per many programmers, so doesn't matter so much if you pay the manager more (as long as you can get rid of those that suck). Whereas if you overpay programmers, you'd be spending a lot more. Most programmers are crap too.
In some jobs you earn twice as much, but end up looking twice as old and feeling twice as old...
And it's not just the hours of work that you should count. It's the hours of free time.
Assuming each day you have 8 hours sleep (laugh, but studies have shown that most people's health suffer if they get less than 7-8 hours), 1 hour for showers etc, work 8 hours, have 1 hour for lunch and 1 hour for dinner, that leaves 5 hours for other stuff.
But if you work 12 hours a day, that leaves only 1 hour for other stuff. So that's 5x less free time on work days (of course you might be one of those who enjoys your work more than your nonwork stuff, but most people don't seem that fortunate/crazy/sad - depends on your POV and work right?;) )
It can make sense if you're in some poor country and you're unlucky to need to do that just to survive. But if you're in a rich, civilized, developed country you better be earning a lot more to be killing yourself off faster;).
Not sure but might also be able to use/abuse stuff like "~Library/Screen Savers"... But hey let the malware authors go figure out the rest for themselves.
I'm not a malware writer but it sure does not seem that hard to write malware that sends spam and does DDoS for OS X. For installing it, pick an exploitable bug (or two) in Safari for "drive by", or take advantage of gullible people ("Your system is infected. You need to run this antivirus scanner. Follow these steps."). Could use perl or ruby (OSX includes stuff like OpenSSL::PKey::RSA which you can use to make it harder for others to take over your botnet)
It's definitely not harder than Windows. I bet many Slashdotters would actually find it easier to write stuff for OS X than Windows - things like perl, python, ruby, bash etc are all built-in. They could churn out a different version every other hour, or even write a program to write different versions...
Would be interesting to see if the security researchers and malware scanners can cope with polymorphic perl:).
We're talking about data centers. So it's not even about giving/creating jobs at all. It's about reducing jobs.
That's the whole idea of automation - cut costs. The computers do most of the work, and you only need a very few to do what the computers can't.
There will be some initial jobs when setting stuff up, even then if there's no airconditioning there won't be "installing and maintaining air conditioning" related jobs either.
The workers making the servers are in places like China, Taiwan, Malaysia, Brazil etc. And if robots ever become cheaper than those workers, those workers will start losing jobs too.
Stick to the pills/lozenges, take them at early onset of symptoms, don't overdose and definitely don't spray your nose with it (or you might damage/lose your sense of smell). May not be a cure, but most subjects would feel better and that's good enough for most people.
RESULTS: Neither the preintervention rate of MRSA colonization or infection (0.56 cases per 1,000 patient-days [95% confidence interval {CI}, 0.49-0.62 cases per 1,000 patient-days]) nor the slope for the rate of MRSA colonization or infection changed significantly after the first intervention. The rate decreased significantly to 0.28 cases per 1,000 patient-days (95% CI, 0.17-0.40 cases per 1,000 patient-days) after the second intervention and to 0.07 cases per 1,000 patient-days (95% CI, 0.06-0.08 cases per 1,000 patient-days) after the third intervention, and the rate remained at a similar level for 8 years. The MRSA bacteremia rate decreased by 80%, whereas the rate of bacteremia due to methicillin-susceptible S. aureus did not change. Eighty-three percent of the MRSA isolates identified were clonally related. All MRSA isolates obtained from healthcare workers were clonally related to those recovered from patients who were in their care. CONCLUSION: Our data indicate that long-term control of endemic MRSA is feasible in tertiary care centers. The use of targeted active surveillance for MRSA in patients and healthcare workers in specific wards (identified by means of analysis of clinical epidemiology data) and the use of decolonization were key to the success of the program.
March 22, 2010 â" A multifaceted infection control program led to a significant decline in methicillin-resistant Staphylococcus aureus (MRSA) cases in Paris-area hospitals with high endemic MRSA rates, according to an article in the March 22 issue of the Archives of Internal Medicine.
It's true that many species of acinetobacter flourish widely in the environment. Thriving colonies have been recovered from soil, cell phones, frozen chicken, wastewater treatment plants, Formica countertops, and even irradiated food
But is it proven that the antibiotic resistant bacteria are due to antibiotic abuse/use in farms?
Couldn't it be due to antibiotic abuse/use in hospitals and homes?
I'm not for farmers abusing antibiotics in farms, but the main problem might be elsewhere. There are so many people who get prescribed antibiotics for colds/flu...
For colds they'd be better off taking a zinc supplement at the onset of the symptoms.
There's already a better paradigm on some phones. Basically the application declares upfront want sort of sandbox/permissions it needs to run. And if that is OK according to the system's settings, the OS will run the app while enforcing the sandbox.
Because the permissions are declared explicitly, it should be much easier for an "expert", or even someone with "common sense" to certify that the sandbox makes sense for the app, and maybe even digitally sign the app and its request.
So an organization (or "The Family Admin") can lock down a computer system so that only apps that request "safe sandbox templates" can run or install.
And the nerds like us, can set our systems up so that we can choose to run an app with a sandbox template of our choice (e.g. guest sandbox - looks like a new machine, no data about you available, no changes affect your "real system", once you're done with the program, it's gone).
That said, people are still going to type in their passwords and send them to the wrong places- the sandbox stuff won't prevent it. I'm not sure of a good way to prevent this. Maybe the OS/browser could keep hashes of the user's passwords and if something typed matches a known password hash but might be sent to an unexpected site/context it can warn the user (are you sure you want to send your "Bank" password to Elbonia?"). Problem is some bank sites use fancy schemes for users to enter their passwords involving onscreen keyboards with some rearranged keys etc.
Slashdot Mirror
increased proximity causes an exponential increase in exposure (in addition to beam shaping, this is why hugging a mobile phone antenna is a Bad Idea, but standing under one is of little effect).
As I said, phones operate rather close to heads. About half the output is absorbed by the head. It certainly is not focused away. Designers just try to locate the antenna so it's not closer to the head than it has to be.
You're at more danger from the thermal radiation emitted by the phone's electronics being absorbed by your skin than RF radiation absorbed by your brain.
Skin repairs itself much faster than brains. And typically handles damage like "sunburn" better.
Human brains can and do cope with damage, but it's typically more a result of workarounds than repair.
Well I made a mistake too, I forgot Chrome uses Windows crypto stuff (I should have remembered that - dealt with that weeks ago - installing private certs and stuff).
Anyway in theory SSL is good. In practice it's better than nothing, but:
1) Most people just click through the warnings.
2) Governments (and naughty hackers) can get browser trusted CAs to sign their CA certs, and most browsers by default will not warn you. China's CNNIC's cert is signed by Entrust (there may be more).
3) Governments can get Microsoft to sign their certs and IE (and Chrome) by default will not warn you - you can delete a CA's cert from the CA list, and IE will add it back as long as the cert is signed by Microsoft, or by a CA that's signed by Microsoft or a CA that's signed by a CA that's signed by by Microsoft (subject to the certificate's and browser's chaining limits).
4) IE by default has http://en.wikipedia.org/wiki/Web_Proxy_Autodiscovery_Protocol enabled. So an ISP could set a browser to use a proxy without the user knowing. AND I have not checked recently but years ago most browsers did not warn you if they are configured to use a proxy and receive a plain unencrypted "HTTP-302" redirect when they make a CONNECT request. The browser just goes to the redirect URL without warning. This was convenient for my purposes, and for some users but it might not be so good for the users in more security sensitive situations...
So the cynic in me feels that nowadays SSL/TLS/HTTPS is more about making the CAs money, since the browsers by default don't warn you about the crap I mentioned (whereas stuff like SSH would warn you).
The TLS SNI feature is more about not scaring the users but the users should be scared since the browsers aren't really protecting them ;).
I find it hard to believe your claim that the IPv6 stuff will be cheaper and more scalable. Where's your evidence? Benchmarks? The IPv4 stuff has been around for decades. ISPs are already using it. Plenty of existing stuff for IPv4 acceleration.
And it certainly won't be more reliable. There are still lots more bugs to be found. For example: how many years did it take for the ISC to reduce the number of security holes and bugs in their IPv4 DHCP server? So you really think the dhcpv6 servers will be much better?
Adding a carrier grade NAT is pretty much proven tech. You know what it breaks and what it does. And what it breaks and does will make the MPAA, RIAA and the Chinese Gov quite happy.
As you already know not all drugs are the same, so lumping all the illegal drugs together is silly. Drugs certainly do kill people.
Marijuana might be relatively safe[1], but many other recreational drugs are not.
There are good reasons why many legal drugs require prescriptions.
[1] And even then it'll likely be not as safe once legalized since ;)
1) mass farms would grow them using phosphate fertilizers and so they'd have more polonium in them than the "organic" sort. Having ash containing polonium stuck in your lungs is bad for you. Maybe marijuana might not concentrate polonium as much as tobacco, but who wants to find out the hard way?
2) Philip Morris et all will include their additives...
http://www.eurekalert.org/pub_releases/2003-07/ohs-orp072403.php
Chrome uses Window's crypto but AFAIK Firefox uses its own SSL stuff - Firefox's CA list is separate from the one in Windows.
In the US they only care about market capitalization.
soon there will be plenty of people and organizations in the world, starting in Asia, that will be IPv6-only
They might go massive IPv4 NATs first. Especially since:
1) it makes control of the population easier.
2) it makes P2P harder
3) it makes it harder for users to set up their own servers
What tech people see as problems, would be considered benefits by some governments and organizations.
That's not a problem. One more reason for people to use Firefox or Google Chrome :).
Just because it's non-ionizing radiation doesn't mean it can't damage cells, or alter proteins. Otherwise a microwave oven wouldn't be able to cook stuff. Or people wouldn't have to be careful about radar exposure[1].
Damage cells enough and the odds of cancer go up.
The risks are probably not that high (compared to smoking and some toxins). But the phones often operate rather close to heads. And there are measurable effects ) http://jama.ama-assn.org/content/305/8/808.abstract ). So I'd keep my cellphone usage as low as possible. Maybe some people's brains can take it (or might even do better) but others might not fare so well.
[1] http://www.ncbi.nlm.nih.gov/pubmed/10926722
Or killing each other in video games, or playing WoW, or posting on facebook/twitter.
Crysis is not a game.
Only about 5 people in the world actually play Crysis. The rest use it as a benchmark or to demo/test stuff.
And Mega-corporations don't even need to _pretend_ to uphold the precious US constitution. Or have elections every X years.
;).
Speaking of elections, if anyone believes that voters aren't voting in their best interests at the ballot box every few years, they should also believe that voters will have similar/worse problems voting with their wallets every day.
Those who think eliminating or reducing government will magically solve problems are fools. It is not quantity of Government that is the problem. It is QUALITY that matters. As long as people keep trying to solve the wrong problem the real problem will never be solved.
Ultimately the problem is not the quantity of voters, it is the quality of the voters
Keep up to date backups of any important data:
http://www.spinics.net/lists/pgsql/msg122280.html
http://www.codinghorror.com/blog/2011/05/the-hot-crazy-solid-state-drive-scale.html
I'm tempted to get an SSD (or two), but the failure rates seem rather high, and the failure modes too often are worse than normal HDDs (drive totally dead or even "time warp" drive rolls back to a state X days ago : http://www.ocztechnologyforum.com/forum/showthread.php?83778-Time-warp-drive-vanishing-after-3-days-data-gone-on-reboot...I-need-3-to-5-users-with-this-issue-to-help ). The time warp failure mode doesn't puzzle me that much, I can think of reasons why it would happen - but it worries me from a design perspective.
Yes normal spinning disk drives do suddenly fail completely too, but that normally is a result of abuse. So far what normally happens is you have bad sectors and/or the SMART reporting stuff starts giving you some ominous signs).
If the SMART stuff worked well for SSDs, even if SSDs failed every 3 months or so, many would be happy enough - they'd buy a stack of SSDs (yes really) and swap them in whenever they see the SMART warnings.
The disadvantage is that they lose about 1% of their energy per hour, if not supplied with power to top it off,
Is that really bad? How much power do UPSes waste when not on battery?
Because in most companies managers have more say in deciding whether a programmer gets hired/fired, than programmers have say on whether a manager gets hired/fired ;).
And if a programmer had that power over a manager, it's kinda hard for a manager to say "hey just do that or else..."
So only in a few places you'd have star programmers earning bigger bucks than managers. Where everyone knows that they can kick the manager out and the programmer will still churn out world-class stuff. A few managers are actually worth their big bucks. just like a few coaches (I'm sure you've all seen teams full of star players but never getting anywhere, till a good coach comes in).
Lastly you only have one manager per many programmers, so doesn't matter so much if you pay the manager more (as long as you can get rid of those that suck). Whereas if you overpay programmers, you'd be spending a lot more. Most programmers are crap too.
In some jobs you earn twice as much, but end up looking twice as old and feeling twice as old...
;) )
;).
And it's not just the hours of work that you should count. It's the hours of free time.
Assuming each day you have 8 hours sleep (laugh, but studies have shown that most people's health suffer if they get less than 7-8 hours), 1 hour for showers etc, work 8 hours, have 1 hour for lunch and 1 hour for dinner, that leaves 5 hours for other stuff.
But if you work 12 hours a day, that leaves only 1 hour for other stuff. So that's 5x less free time on work days (of course you might be one of those who enjoys your work more than your nonwork stuff, but most people don't seem that fortunate/crazy/sad - depends on your POV and work right?
It can make sense if you're in some poor country and you're unlucky to need to do that just to survive. But if you're in a rich, civilized, developed country you better be earning a lot more to be killing yourself off faster
If your bosses know the right people you don't need testing.
They just cancel the transactions if you screw up:
http://money.cnn.com/2010/05/07/markets/explaining_wall_street_turmoil/
Or prosecute the humans who beat your algo:
http://www.computerworlduk.com/news/security/3244186/norwegian-traders-convicted-for-outsmarting-us-stock-broker-algorithm/
Technical know-who trumps technical know-how.
in addition to keeping a self-updater that may eventually pull an update that does allow for the use of an escalation exploit.
Pretty sure it would need root to install even as a start-up item, and it would be pretty visible if it did so.
By default root access is not required to start a process in the background: :).
http://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man5/launchd.plist.5.html
"~/Library/LaunchAgents Per-user agents provided by the user."
http://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man1/crontab.1.html
http://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man1/at.1.html
The above are the proper ways of doing it
Not sure but might also be able to use/abuse stuff like "~Library/Screen Savers"... But hey let the malware authors go figure out the rest for themselves.
I'm not a malware writer but it sure does not seem that hard to write malware that sends spam and does DDoS for OS X. For installing it, pick an exploitable bug (or two) in Safari for "drive by", or take advantage of gullible people ("Your system is infected. You need to run this antivirus scanner. Follow these steps.").
Could use perl or ruby (OSX includes stuff like OpenSSL::PKey::RSA which you can use to make it harder for others to take over your botnet)
It's definitely not harder than Windows. I bet many Slashdotters would actually find it easier to write stuff for OS X than Windows - things like perl, python, ruby, bash etc are all built-in. They could churn out a different version every other hour, or even write a program to write different versions...
Would be interesting to see if the security researchers and malware scanners can cope with polymorphic perl :).
Even priests get paid.
And I heard one of them saying that the benefits are out of this world!
We're talking about data centers. So it's not even about giving/creating jobs at all. It's about reducing jobs.
That's the whole idea of automation - cut costs. The computers do most of the work, and you only need a very few to do what the computers can't.
There will be some initial jobs when setting stuff up, even then if there's no airconditioning there won't be "installing and maintaining air conditioning" related jobs either.
The workers making the servers are in places like China, Taiwan, Malaysia, Brazil etc. And if robots ever become cheaper than those workers, those workers will start losing jobs too.
Maybe it'll be another Brit who claims to be looking for UFOs or aliens...
Note: the medscape link only works if you go via google. So google for "http://www.medscape.com/viewarticle/718935" if you want to read it.
Why do you accuse me of peddling dodgy treatments? Just google for zinc and cold.
It works better than placebo.
http://www.bbc.co.uk/news/health-12462910
http://well.blogs.nytimes.com/2011/02/15/for-cold-virus-zinc-may-edge-out-even-chicken-soup/
http://ods.od.nih.gov/factsheets/Zinc-HealthProfessional/
Stick to the pills/lozenges, take them at early onset of symptoms, don't overdose and definitely don't spray your nose with it (or you might damage/lose your sense of smell). May not be a cure, but most subjects would feel better and that's good enough for most people.
AFAIK doctors in some countries are still prescribing antibiotics to those with colds and flu. Despite being told year after year not to:
http://www.guardian.co.uk/science/2010/mar/20/coughs-colds-cures-treatment-antibiotics
http://www.telegraph.co.uk/health/healthnews/6526575/GPs-told-to-stop-prescribing-antibiotics-for-coughs-and-colds.html
http://www.telegraph.co.uk/news/uknews/1574995/Stop-giving-antibiotics-for-colds-doctors-told.html
My current guess (not enough proof yet :) ) that most people get antibiotic resistant bacteria from hospitals, not farms.
http://www.ncbi.nlm.nih.gov/pubmed/20524852
RESULTS:
Neither the preintervention rate of MRSA colonization or infection (0.56 cases per 1,000 patient-days [95% confidence interval {CI}, 0.49-0.62 cases per 1,000 patient-days]) nor the slope for the rate of MRSA colonization or infection changed significantly after the first intervention. The rate decreased significantly to 0.28 cases per 1,000 patient-days (95% CI, 0.17-0.40 cases per 1,000 patient-days) after the second intervention and to 0.07 cases per 1,000 patient-days (95% CI, 0.06-0.08 cases per 1,000 patient-days) after the third intervention, and the rate remained at a similar level for 8 years. The MRSA bacteremia rate decreased by 80%, whereas the rate of bacteremia due to methicillin-susceptible S. aureus did not change. Eighty-three percent of the MRSA isolates identified were clonally related. All MRSA isolates obtained from healthcare workers were clonally related to those recovered from patients who were in their care.
CONCLUSION:
Our data indicate that long-term control of endemic MRSA is feasible in tertiary care centers. The use of targeted active surveillance for MRSA in patients and healthcare workers in specific wards (identified by means of analysis of clinical epidemiology data) and the use of decolonization were key to the success of the program.
http://www.medscape.com/viewarticle/718935
March 22, 2010 â" A multifaceted infection control program led to a significant decline in methicillin-resistant Staphylococcus aureus (MRSA) cases in Paris-area hospitals with high endemic MRSA rates, according to an article in the March 22 issue of the Archives of Internal Medicine.
There are other superbugs too:
http://www.wired.com/wired/archive/15.02/enemy_pr.html
It's true that many species of acinetobacter flourish widely in the environment. Thriving colonies have been recovered from soil, cell phones, frozen chicken, wastewater treatment plants, Formica countertops, and even irradiated food
But is it proven that the antibiotic resistant bacteria are due to antibiotic abuse/use in farms?
Couldn't it be due to antibiotic abuse/use in hospitals and homes?
I'm not for farmers abusing antibiotics in farms, but the main problem might be elsewhere. There are so many people who get prescribed antibiotics for colds/flu...
For colds they'd be better off taking a zinc supplement at the onset of the symptoms.
There's already a better paradigm on some phones. Basically the application declares upfront want sort of sandbox/permissions it needs to run. And if that is OK according to the system's settings, the OS will run the app while enforcing the sandbox.
Because the permissions are declared explicitly, it should be much easier for an "expert", or even someone with "common sense" to certify that the sandbox makes sense for the app, and maybe even digitally sign the app and its request.
So an organization (or "The Family Admin") can lock down a computer system so that only apps that request "safe sandbox templates" can run or install.
And the nerds like us, can set our systems up so that we can choose to run an app with a sandbox template of our choice (e.g. guest sandbox - looks like a new machine, no data about you available, no changes affect your "real system", once you're done with the program, it's gone).
I proposed something like this to Ubuntu and SuSE years ago: https://bugs.launchpad.net/ubuntu/+bug/156693
https://bugzilla.novell.com/show_bug.cgi?id=308760
That said, people are still going to type in their passwords and send them to the wrong places- the sandbox stuff won't prevent it. I'm not sure of a good way to prevent this. Maybe the OS/browser could keep hashes of the user's passwords and if something typed matches a known password hash but might be sent to an unexpected site/context it can warn the user (are you sure you want to send your "Bank" password to Elbonia?"). Problem is some bank sites use fancy schemes for users to enter their passwords involving onscreen keyboards with some rearranged keys etc.