There’s a little bit of alert fatigue on this stuff. Online internet privacy/security folks kick up a fuss about a lot of things that I don’t think cause me any harm, and it’s reducing my ability to detect legitimate threats. I can’t constantly evaluate whether something is Google “spying on my web browsing” or “this guy can steal your money”.
Fortunately, the solution of just sticking to mainstream platforms works. If I’m on a Mac with an iPhone, anything that hits me hits half of Americans. I’ll be in a nice big class-action once the damages are widespread.
Interestingly, this disincentivizes niche platforms.
> Fortunately, the solution of just sticking to mainstream platforms works.
Well, it depends. For widespread non-targeted attacks, like the one mentioned in the parent comment, I think using a niche platform is a form of security through obscurity that can actually work, because it's possible the generic exploit you encounter is not designed to work on your non-standard system (like a virtual machine, a hardened configuration, a non-mainstream OS like OpenBSD...). Although this is more difficult on phones, because it's not possible to use some mainstream services on niche platforms due to attestation requirements.
Fortunately, the solution of just sticking to mainstream platforms works. If I’m on a Mac with an iPhone, anything that hits me hits half of Americans. I’ll be in a nice big class-action once the damages are widespread.
Interestingly, this disincentivizes niche platforms.