On the flip side, you can consider that traditional proprietary software installs usually have full access to read and modify your system, often in ways you don't expect or wouldn't consent to. Running in a virtualized environment in a browser significantly reduces access to your system. So if you run a free software local install with proprietary programs running in a jailed browser environment, you are probably more secure than you would be if you had installed them locally.
This is true in theory, in practice not very much.
i believe if the current trend goes on, you'll soon likely have not much on your local machine anymore that would be worth protecting. The philosophy behind devices like the Cromebook or streaming apps like photoshop-in-the-cloud after all only work if all your files are also in the cloud. So if this catches on, expect your Dropbox/Google Drive/etc to turn from a convenient place to backup and move your files to the primary location where you store them.
Even if you have valuable files stored locally, you'd be correct if access to cloud services would really only run through the browser. but check how all recent Android or iOS releases (or really almost all modern consumer OSes) work: most regularly phone home to their respective vendor and are usually heavily locked down - the devices are little more than physical endpoints if the cloud. On such devices, the company that created the device has likely mider access to the system than you.
obviously there are the usual exceptions from the Free Software movement - however for average consumer devices, the trend seems to be clear.
But think this through...if you don't run anything locally then what, exactly, are you protecting on your local system by running things remotely?
Although honestly, for something like photoshop I really don't see a problem. It's a creative tool, and probably isn't producing interesting data for the NSA, et al. The real security concern here is Adobe's, in that they want to protect their software from you, the user. They want to set up an annuity-style revenue stream, and the only way to do that is to protect the binary image of their software. So they did that.
Really, the only objection I would have to this is that it adds a (sometimes rather difficult to meet) requirement that you have a solid internet connection to run what used to be a stand-alone application. More philosophically, I object to the horrible waste this kind of runtime requires, particularly of network bandwidth. Perhaps, though, this is the price of saving the premium proprietary software market.
You are protecting your private information in cloud A from company B. I can trust different groups with different information without giving them all access to the whole set.
While the cartoon is cute, it's wrong. I don't remain logged into services I'm not using. If I'm not doing banking right now, I'm not logged into my bank account. I don't have my browser remember my password, either, so I have to enter it every time I go to their website. I can also locally encrypt data on my drive if I feel it would benefit me. I realize many people are lazy about these things, but I like having the option to not be. (I also don't use many of those services because they are big security risks.)
I know that Randall is focussing on the stored credentials aspect, but the wider picture remains true - local credentials don't matter at all for an average user, because everything that matters is stored and operated remotely.
I should have said "all credentials". The local one may unlock all of the other remote ones. Or you just enter the remote ones directly. Point being, theres a lot to protect. Is a keepassx password a "local credential"?
>On the flip side, you can consider that traditional proprietary software installs usually have full access to read and modify your system, often in ways you don't expect or wouldn't consent to.
Perhaps for non-technical users. For technical users this is a solved problem for a few decades now. You can restrict read/write access for any software in any which way you want.
>Running in a virtualized environment in a browser significantly reduces access to your system.
Why would I want to kill my software performance by running it on an inferior browser platform when the kernel is perfectly capable of compartmentalizing software.
