Stuff I Was Wrong About
Sorry, didn't want to write about linux again but I've been thinking about the last post. After I slept on it, I realized it was not up to my standards of accuracy.
First, I made a lot of assertions about what the "average computer user" wants, and I realized crumble-to-dustedly that my assumptions are at least 10 or 15 years out of date. What the average computer user wants in 2025 is phones and tablets. Desktop computers have become a niche category, and what most people in that niche want is a Mac. Non-appliance computers are a niche within a niche, and perhaps that niche is mostly occupied by people who want to get in and know the nuts and bolts of their machine, try out dozens of distros and desktop environments, who relish debugging obscure complex errors. I'm probably even more in the extreme minority than I had assumed. Sorry for the tunnel vision.
Second, passwords. It occured to me that the reason for the password paranoia isn't necessarily to protect the end user from themselves, it's in case of rogue agents in the software ecosystem. If I was logged in as root, and one of the programs I use notifies me of an update, and I install the update, and it turns out one of the developers has a grudge and slipped in some malicious code, they could do a lot of damage if I was running as root all the time.
When commands are executed on the terminal, the terminal doesn't know if the command is coming from me or a program. It's agent-agnostic, it just does what it's told. On one hand, this allows for a lot of flexibility and interoperability between programs, but on the other hand, root access can allow them to interoperate with, like, a lot. I think even the kernel and bootloader and stuff.
Now one of the advantages of Debian is that all of the software in the apt store is very likely to be safe, it's been so thoroughly vetted and tested. And if I only ran software from the repository, I'd probably feel safer running as root.1 But I want to run stuff not in the repository, too. What if one of the developers of Bizhawk is kicked off the team, they get pissed, realize that the admins forgot to revoke their access to the backend,2 and they slipped in a rootkit that made everyone who runs it part of a crypto scam botnet? It would probably need root access to download additional components and perform system functions that allow it to operate undetected. If I'm running as root, it could just do all that. I'd never know. But if I launched bizhawk and it popped up a window asking for my password, I'd know something was up. I could cancel the process before it does any real harm.
Sure, this isn't very likely. Source control tracks every change that's made, and an admin would probably notice and revert the changes pretty quickly, but no project can guarantee perfect 24/7 vigilance and ironclad security. Every project is run by people, and people make mistakes. Raccoons are no exception 🦝
So yeah, mea culpa, security nerds. I'm past the initial wave of software installation, and the password prompts are now infrequent enough that my frustration has subsided. I think I'm going to leave it as-is. (Thanks to Matthew G. for the advice on setting up default root status, I'll keep it in my back pocket if I ever decide to go that route.)