If you are looking for a smartphone app to solve a problem you have, you most likely will try out multiple apps. You just install them with a single click from the app store or from google play. You have found the right app. Now you just delete the other ones you have tried out which weren’t the right fit. Awesome, your smartphone just works!

Now let’s replay this scenario with a modern computer[0] instead of a smartphone.

The Deployment Problem

So you are looking for a desktop or command line app to solve a problem. You google around because there is no single source of apps, like google play or the app store.

Ok, there is the OS X app store. But the OS X app store is missing so many essential tools. Just try to get vim via the app store.

Well, we could just try to use a package manager - at least that’s a way to get vim. The problem with package managers is that you already need to know which application you are looking for. On the smartphone and with the OS X app store you can just explore the different categories of apps to find the right solution.

So we find the right tool via google and either get it via a package manager if available or we have to download some binary to install it. If we get it via the package manager we might have to build it which takes some time and might fail because of missing dependencies. If we have to install it we have to click “continue” a few times, or if we are lucky, on OS X we can just drag and drop the application onto the hard drive.

Compare this to the single click installation of the smartphone. No build times, no missing dependencies, no clicking a few times and agreeing that some toolbar is installed (looking at you java). It just works.

The Unlimited Freedom Of Applications

Now the desktop application we have installed was not the right tool for the job. We want to get rid of it. So we just uninstall it. But wait, there is no standard way of doing this. Maybe there is some uninstalller, or some uninstall script, maybe make uninstall. On your smartphone there is only one way to uninstall an app.

And then there is of course the issue of files beeing left around after removing a software. If the software has been filling up your home directory with dot-files, it has propably not removed these. You cannot even tell which files are still laying around after removing the software.

The filesystem hierarchy standard specifies where applications should place their files on a unix like system. The standard specifies that application files are stored decentral in different places (e.g. /etc for config files). But in todays world applications ship with many files, thus the decentral way makes removing applications hard and error-prone by design. Also thanks to the cryptic names of the directories (what does etc stands for again?), it is easier to misuse the standard than to use it right. And because of this and the decentral locations, it is hard to find config and other files of a given application when needed.

Another issue is that a running application cannot just write to all the decentral file system directories. It can actually access all the files of other applications. After an application is installed it can do whatever it wants. It can access the internet, it can access the web cam and the microphone, it can read and write your emails. You actually have no idea what the application is doing. On the other hand, on the smartphone the application has to ask for permission first. There you can be sure that the application is not actually watching you via the web cam while you are using it.

This explains why on the smartphone I can easily try out three different apps, while on the computer I actually need to trust the developer of the software to not misuse the filesystem and to not spy on me before I can run it. Even if you can trust the developer, you cannot trust the software because of bugs.

The Solution

On smartphones apps are sandboxed. This is the big difference between computers and smartphones. Sandboxes remove the global state, the filesystem, from the application. This is a big reason why smartphones just work and computers don’t.

The sandbox means that applications cannot fill up your home directory with dot-files. They are not allowed to write to any directory on the filesytem. They only interact with their small self-contained sandbox. The application also cannot access the internet without you allowing it.

If a application is only allowed to write to a single directory, you can easily remove the application by just removing the directory. You can be sure nothing is left around. This also means that you don’t need to look for some uninstaller, some uninstall script or make uninstall. You can just remove it by removing a single directory.

To configure the applications you can be sure that the configuration file is inside the application directory. There is no cryptic location where the config files are located, they have to be inside the application directory. This also means that the application will not fill up the home directory with dot-files.

The sandbox also allows to explore more solutions. You can just try out different applications and be sure that none of them will delete your hard drive or read your emails.

To get the single-click install experience we need to get rid of installers and install scripts. We need a better package manager. A package manager which just works. A package manager where every dependency of a package is explicit. A package manager without global mutable state (e.g. the global PATH), so that installing a package A does not break the already installed package B. Luckily there is one already: the nix package manager.


Smartphones are easy to use. Most of this stems from sandboxes and app stores. Sandboxes allow to try out software with confidence that it will not destroy your system. App stores allow for hassle free installations.

Piping the output of curl to the shell sums up the state of todays package managers, while “Never change a running system” sums up the state of a world without sandboxes, the current state of computer software.

It would be awesome if this would look different in the future.

Thanks for reading :) Follow me on twitter if you’re interested in more of this stuff!

[0] Technically a smartphone can be considered a computer too, but for this post we will make them distinct things.