upvote

points

by bigstrat20036 hours ago |
comments
upvoteby NewsaHackO5 hours ago|
next
[-]
Maybe not, but I think that overextending any idea like that in the opposite direction of whatever point you are trying to make at least devolves into a "slippery slope" argument. For instance, is your point that all security on phones that impede freedom of the user (for instance, HTTPS, forced password on initial startup, not allowing apps to access certain parts of the phone without user permissions, verifying boot image signatures) should be removed as well?
reply
upvoteby bigstrat20035 hours ago|
parent|
next
[-]
No, that's not my point at all. Measures such as that are a tool which is in the hands of the user. There is a default restriction which is good enough for most cases, but the user has the ability to open things up further if he needs. What Google is proposing takes control out of the user's hands and makes Google the sole arbiter of what is and is not allowed on the device.
reply
upvoteby NewsaHackO4 hours ago|
parent|
[-]
None of the measures I mentioned are changeable by the user, except possibly sideloading an HTTPS certificate. That's the only way any of those measures even work; if it wasn't set as invariants by the OS, they would be bypassable.

>There is a default restriction which is good enough for most cases, but the user has the ability to open things up further if he needs.

But this is what the other guy's point is. You are defining "good enough for most cases" in a way that he is not, then making the argument that what he says is equivalent to not allowing an alcoholic to buy beer. Why can you set what level is an acceptable amount of restriction, but he can't?

reply
upvoteby array_key_first4 hours ago|
parent|
prev|
[-]
But it's not a slippery slope, because it's not taking it to the next level. It's the same level, just a different thing.
reply
upvoteby h3lp4 hours ago|
prev|
next
[-]
The alcoholic knows the bad outcomes, and chooses to ignore them. The hapless Android user does not understand the negative consequences of sideloading. I think this makes for a substantial differerence between those two.
reply
upvoteby bigbadfeline46 minutes ago|
parent|
[-]
> The hapless Android user does not understand the negative consequences of sideloading.

Then make sideloading disabled by default but enable it when the users tap 7 times on whatever settings item. At that time, explain those "negative consequences" to them, explain them real good, don't spare anything and if they still hit "Yes, continue to enable sideloading" you do that immediately in order to avoid increasing their haplessness with other made-up excuses.

Simple.

reply
upvoteby sheiyei5 hours ago|
prev|
[-]
Protecting from scams isn't protection from the victim themselves. That should be obvious from the fact that very intelligent and technologically literate people too can fall for phishing attacks. Tell me for example, how many people in your life know how a bank would ACTUALLY contact you about a suspected hijacking and what the process should look like? And how about any of the dozens of other cover stories used? Not to mention the situations where the scammers can use literally the same method of first contact as the real thing (eg. spoofed). ...And the fact that for example email clients do their best to help them by obscuring the email address and only showing the display name, because that's obviously a good idea.
reply
upvoteby bigstrat20035 hours ago|
parent|
next
[-]
> Protecting from scams isn't protection from the victim themselves.

That is where we differ. It is, ultimately, the victim of a scam who makes the choice of "yes, this person is trustworthy and I will do what they say". The only way to prevent that is to block the user from having the power to make that decision, which is to say protecting them from themselves.

reply
upvoteby joshuamorton3 hours ago|
parent|
[-]
But the proposal here, requiring developers to register their identities, doesn't actually impact consumers at all. They still have the ability to make the decision about whether or not to trust someone.
reply
upvoteby jrm44 hours ago|
parent|
prev|
[-]
None of these things requires "locking down phones." Every single thing you've mentioned can be done in a smarter way that doesn't involve "individuals aren't allowed to modify the devices they purchase."
reply
upvoteby NewsaHackO4 hours ago|
parent|
[-]
You can't make a statement like that and provide no examples. What are some of your ideas for doing that?
reply