I don't get the point you're trying to make here. We've lost control because there's a serious vulnerability? We've lost control because Apple can patch the OS?
Well its sort of a general thing. We can't even control what runs on our devices and they run so fast you might not even notice something new running. Also stopping hacker from getting in remotely is hard for 24/7 connected devices.
Even on desktop machines (Linux or Mac for me), there are processes running that I don't really know what they are doing. The OS is actually very complex and you could insert another process and it can go and send stuff out and it would be hard to notice. I was also thinking in context of Windows 10 sending out who knows what all the time ( I don't use windows, but I think they called telemetry..).
In the past when everything wasn't connected together and the connections were slower this wasn't as much of an issue. Although that does allow us to patch quickly and easily. Apple sees to it you'll be hounded till you update..
Its doesn't seem easy to fix. Maybe safer languages will lead to less hackable code.
> Even on desktop machines (Linux or Mac for me), there are processes running that I don't really know what they are doing.
That's been the case pretty much since Windows 2000 (or even 98).
> In the past when everything wasn't connected together and the connections were slower this wasn't as much of an issue
Viruses were really bad even when everything was pretty much airgapped. They were not vectors for state-level attacks only because of cultural elements (you weren't walking with an exploitable beacon in your pocket; there was little value in exploiting what were basically glorified typewriters; and established interests weren't taking this sort of thing particularly seriously outside of the US).
> Maybe safer languages will lead to less hackable code.
JavaScript is fairly safe: it runs in a VM, right? Guess what was used to persist this exploit across reboots...
I don't think this is something that we can "fix" at all. Door locks are ridiculously ineffective and exploitable, but very few people feel the need to use anything different. Similarly, computing devices will always be exploitable one way or the other, but people will keep using them; what we can do is to limit the surface attack as much as possible, and to avoid placing everything online (hello, IoT!) just for the hell of it.
Even on desktop machines (Linux or Mac for me), there are processes running that I don't really know what they are doing.
I don't run Linux so I can't comment on that one, but surely there are "simple" Linux distributions that don't start countless unrecognizable processes?
Mac is a hopeless case; a veritable plethora of inexplicable processes.
In contrast, I just logged in to my OpenBSD firewall. I was able to easily recognize everything that was running. The OpenBSD startup procedure is very simple to understand. It's easy to know exactly what processes are started and why.
This happened the moment you bought an iPhone. Not that Android is much better: Apple (and to a certain extent, previous feature phone manufacturers) set the stage for treating consumers as too dumb to use their phones as they like, and the rest of the smartphone arena happily followed suit. There's never been a point in time where I was satisfied with the heavy constraints placed on users by smartphone OS makers. And I'm not approaching this from a Stallmanesque, philosophical perspective, but a plain old ease-of-use one.
One upside of this is that a large percentage of devices are up to date. It's quite a contrast to other platforms (mobile or otherwise). Just how benign is big brother though?
I can't help but think at this point we've totally lost control of our devices..