Thoughts On Platform Security Features

Here are some off-the-cuff thoughts on security features that are available, and which I would like to see.

We need a superset of a subset of the union of the security features of “mobile” platforms and “desktop” platforms. Although these are not clearly-defined terms, I’ll try to roughly characterize them by naming examples. Desktop platforms as of 2015 include:

Mobile platforms include:

The web platform seems to straddle the line in some ways.

The key differentiators between the 2 classes of platform are security features and userland APIs. (And the hardware they run on.) Obviously, I’ll focus on security features, and touch on userland APIs only insofar as they affect security.

Here are the security features of mobile platforms that I think we need in all platforms going forward:

By contrast, there are security features desktop platforms have that mobile platforms lack:

Things we still need on both classes of platform, or which I’m not sure we have yet:

I’m sure I’m forgetting something crucial, and that I got at least 1 thing wrong, and that you’ll let me know. :)