Personally, I like the first one and wouldn’t use an option to automatically give those permissions to all apps.
Being a power user doesn’t make anyone immune from malware, it just needs to pass some sniff tests. It was by luck that that backdoor in the Linux kernel was found and it’s naive to believe every single malware app is going to be obvious with unrealistic promises and/or bad grammar and spelling. Permissions requests are a clue that an app is doing something it shouldn’t be. And Facebook is considered trusted by many despite an insider even confirming the “talk about something near your phone and fb will advertise it to you” being real.
When you download an app, unless you either wrote it yourself (including all libraries) or have checked the source for open source apps (again including libraries), you can only guess at what it is really doing. And just because an app does what it claims to do doesn’t mean it isn’t doing anything else, so the “well, it does work” test isn’t a great security test.
For the app developers being able to block side loading, it says it uses meta data to enforce that. Couldn’t modders just modify that meta data so that it doesn’t realize X’ app is actually a modified X app? It would need to do something more complex than a checksum or hash to detect it’s the same app.
I mean, I love “fuck Google” bandwagons, but either I’m missing something or this one doesn’t seem like that big of a deal.
Personally, I like the first one and wouldn’t use an option to automatically give those permissions to all apps.
Being a power user doesn’t make anyone immune from malware, it just needs to pass some sniff tests. It was by luck that that backdoor in the Linux kernel was found and it’s naive to believe every single malware app is going to be obvious with unrealistic promises and/or bad grammar and spelling. Permissions requests are a clue that an app is doing something it shouldn’t be. And Facebook is considered trusted by many despite an insider even confirming the “talk about something near your phone and fb will advertise it to you” being real.
When you download an app, unless you either wrote it yourself (including all libraries) or have checked the source for open source apps (again including libraries), you can only guess at what it is really doing. And just because an app does what it claims to do doesn’t mean it isn’t doing anything else, so the “well, it does work” test isn’t a great security test.
For the app developers being able to block side loading, it says it uses meta data to enforce that. Couldn’t modders just modify that meta data so that it doesn’t realize X’ app is actually a modified X app? It would need to do something more complex than a checksum or hash to detect it’s the same app.
I mean, I love “fuck Google” bandwagons, but either I’m missing something or this one doesn’t seem like that big of a deal.