One of the things I’ve always liked about Apple technology is that every system feels like it was designed for a specific individual. The more you’re like that individual, the more you like their technology. This isn’t unique to Apple — most technology capabilities are designed for a specific problem space — Apple is just clearer about it. As a security professional, I like to understand who a specific technology is designed for (“The Designed User”) as part of assessing risks involved.
As an example of designed users, take the new Twitter “retweet” functionality. (For those of you new to Twitter: Twitter permits people to post 140-character tweets. Interesting tweets are often “retweeted” by prepending “RT @username (original tweet here)”, sometimes with some commentary appended. Twitter has another setting: whenever someone puts your username into a tweet, you see it.) The new retweet functionality, much maligned, allows a single click to retweet a tweet. The originating user does not see the new tweet.
The “old” retweet function — really, a use created by users — is perfect for the networking user. It often gets used to make a comment on someone else’s tweet, while rebroadcasting it. I want to see every time someone retweets something I said (really, it doesn’t happen that often). But I’m not the target of the new functionality: celebrities are. A large number of retweets are celebrity tweets being rebroadcast by their followers. If you’re in that network, you want to minimize how many times you see the same retweet in your timeline. For those users, the new capability is easier, and far more preferred.
With any capability, we should always ask who the intended audience is as part of understanding the design space the developers were in. This may help us understand why certain security tradeoffs were chosen.