> How about we avoid all antivirus software, integrate virtualization as a key feature of the UI of our operating system, and completely sandbox all apps.
Flatpak is vendor-neutral, but it will provide the sandbox isolation that may then enable Fedora to ramp up to Atomic Workstation, a fully containerized desktop OS:
This is basically the end-game for Flatpak:
https://blogs.gnome.org/alexl/2017/01/24/the-flatpak-securit...
Flatpak is vendor-neutral, but it will provide the sandbox isolation that may then enable Fedora to ramp up to Atomic Workstation, a fully containerized desktop OS:
https://fedoraproject.org/wiki/Workstation/AtomicWorkstation
Hopefully we will see other Linux distributions integrate the technology as it matures.
FWIW, Microsoft are developing VM-based isolation for the browser:
https://threatpost.com/microsoft-edge-adds-app-guard-browser...