You can run software on bare metal without an OS. The downside is you have to write everything. That means drivers, networking code, the process abstraction (if you need it), etc.
One thing to remember is an operating system is just another computer program.
You would end up blocking every network then. Almost no one wants malware on their machine or network. Unfortunately, people get hacked and network operators cannot always determine which machines are hacked (hackers are not known for letting people know that they have taken over a machine).
Security is hard and there are no easy solutions. People often do not know they have been hacked or even know if a computer on their network has been hacked. Also, it is often not easy to determine if traffic is legitimate, illegal, malicious, or abusive.
Wire-fraud is a United States legal concept. It's probably not applicable to Germany (although Germany might have its own laws which cover this issue).
> (1) Wer in der Absicht, sich oder einem Dritten einen rechtswidrigen Vermögensvorteil zu verschaffen, das Vermögen eines anderen dadurch beschädigt, daß er durch Vorspiegelung falscher oder durch Entstellung oder Unterdrückung wahrer Tatsachen einen Irrtum erregt oder unterhält, wird mit Freiheitsstrafe bis zu fünf Jahren oder mit Geldstrafe bestraft.
> (2) Der Versuch ist strafbar.
> [...]
> (5) Mit Freiheitsstrafe von einem Jahr bis zu zehn Jahren, in minder schweren Fällen mit Freiheitsstrafe von sechs Monaten bis zu fünf Jahren wird bestraft, wer den Betrug als Mitglied einer Bande, die sich zur fortgesetzten Begehung von Straftaten nach den §§ 263 bis 264 oder 267 bis 269 verbunden hat, gewerbsmäßig begeht.
> § 263a Computerbetrug
> (1) Wer in der Absicht, sich oder einem Dritten einen rechtswidrigen Vermögensvorteil zu verschaffen, das Vermögen eines anderen dadurch beschädigt, daß er das Ergebnis eines Datenverarbeitungsvorgangs durch unrichtige Gestaltung des Programms, durch Verwendung unrichtiger oder unvollständiger Daten, durch unbefugte Verwendung von Daten oder sonst durch unbefugte Einwirkung auf den Ablauf beeinflußt, wird mit Freiheitsstrafe bis zu fünf Jahren oder mit Geldstrafe bestraft.
> [...]
My rough translations:
> Book of criminal law
> § 263 Fraud
> (1) Everyone who, with the intent to create an illegal estate gain for himself or a third party, diminishes the estate of another through the presentation of untrue facts, or the misrepresentation or suppression of true facts to create or sustain an error, shall be punished by incarceration up to 5 years or monetary penalty.
> (2) The attempt is punishable.
> [...]
> (5) With incarceration from one to ten years, in cases of minor severity from six months to five years, shall be punished whoever commits the fraud as the member of a gang, which has banded together to continuously commit crimes as in §263-264 and 267-269, in a business-like fashion.
> § 263a Computer Fraud
> (1) Everyone who, with the intent to create an illegal estate gain for himself or a third party, diminishes the estate of another by influencing the result of a data processing operation through incorrect design of the program, use of incorrect or incomplete data, through unauthorized use of data or through other unauthorized influence upon the operation, shall be punished by incarceration up to five years or monetary penalty.
I wish these companies luck. That being said, I would not recommend working all of the time to almost all people. Here is why:
1. According to Rapid Development or Code Complete (I can't remember which book said this), for most people, working more than 40 hours a week does not increase productivity in the long term. Basically, you can spend more time at work but you will not get more done. There are a few people who this is not true for but those people are rare and they usually are extremely driven because there is something about the project is really really interesting to them.
2. I strongly suspect most humans are just not built to work all of the time. It's not that there is something wrong with them, they just can't deliver more than about 40 hours a week of work. This isn't because they aren't committed, don't care, are lazy, etc. They just can't do it. I think this has to be accepted.
3. I have tried for decades to make the live at work lifestyle work and I have failed. I have repeatedly burnt out. It has taken me decades to realize that it is not a question of what you want to do, it is a question of what you can actually do and what is sustainable. Basically, you or your boss may want you to work 60 hours a week for months on end but that is probably impossible and it's better to accept reality than to keep on trying to do something which does not work.
Note that when I hear employers demanding crunch time, it tells me the leaders do not understand how people work because they don't understand that 99% of their employees probably cannot given them any more than they are already giving. This means crunch time does not improve productivity, but it does make everyone on the team more miserable because they are spending too much time at work and they are wondering why they can't seem to force themselves to get more done.
I am not sure what your point is. If Boeing went bankrupt, someone could buy them and the company would continue running. Also, Boeing is not the most important defense contractor in the US. They don’t make the F35 and they don’t make the new B21 Raider. The world is not going to end if Boeing disappears.
I was in a grocery store just a few months ago and a parent had given their (very young) child a tablet which from the audio was obviously playing fight video content and nothing educational. You can't stop something that's forced on you
I think you under estimate the value of anti-virus. Anti virus software is a good second line of defense. It’s not perfect but it will stop a lot of known malware. This has value.
Security software can have negative value when it increases attack surface[0], shuts down infrastructure[1], impedes productivity or pushes users towards workarounds that make things overall less secure.
I wouldn't consider it a second line of defense - as a rule of thumb, it will only catch old and overused attack vectors, and rarely well.
Anything novel will fly right past it, and it will have false positives. Plastering ineffective or mildly effective security everywhere in the name of "defense in depth" can have negative value as it reduces diligence in applying more relevant security measures that aren't just a random package install.
I see this all the time with VPNs. By having everything behind the company VPN, application security isn't taken as seriously. As a result, lateral access becomes trivial at these companies.
Keeping everything public internet exposed from the start actually results in better security.
Read Travis Ormandy’s take-downs of Sophos or Symantec antivirus software. They are so sloppily written they vastly increase your exposure, including zero-click exploitation by simply receiving a crafted message.
That is not my experience. Every US company I have worked in spent a lot of time training employees to follow the relevant laws. I have even been on teams which had to do work to comply with the European GDPR. The message I have always received is follow the law and don’t break it.
Real life people use AI. A good example of this is the lawyers who submit court filings with AI generated legal citations. The get caught because the citations are fake (the case cited does not exist).
One thing to remember is an operating system is just another computer program.