> Because when you don't do this, people get scammed out of money.

No, only when you don't do this and nothing else to improve security. You're presenting a false dichotomy.

> If there is a series of buttons you can press to circumvent the anti-scam measures, then the scammers simply walk you through pressing those buttons.

If the scammers can walk somebody through doing all that, why would they stop at just asking them to send money over to them "to safekeep it because of a compromised account" or whatever the social engineering scheme of the week is?

> Because when you don't do this, people get scammed out of money.

I don't care. Society doesn't exist to keep people safe from their own bad decisions.

> Because when you don't do this, people get scammed out of money.

Bullshit. Big tech's war on general purpose computing hasn't stopped scam. It's a pretext for rent seeking and control and you know it. It's the reason we don't have a popular ecosystem of FOSS alternatives on mobile. It's the reason we can't run virtual machines on tablets when the hardware very much can.

If combating scam is a priority of big tech, I know where to start. Get rid of ads! That would actually be enormously effective as it gets rid of the primary entry point of scams.

> If there is a series of buttons you can press to circumvent the anti-scam measures

So the best you can come up with is an imaginary button on phones that can magically circumvent checks that should be implemented server-side? Have you any idea how software works?

Or rig screens such that the buttons do not appear to be what they are. I've seen many a install-this-app ads where cancel isn't cancel.

The average user simply does not have the skill to determine real from fake and any heuristics to do so will be defeated by the scammers. You have to be able to understand what could be done with access, not what's "intended" with the access.

> If there is a series of buttons you can press to circumvent the anti-scam measures, then the scammers simply walk you through pressing those buttons. If you cover them in giant warning labels the scammers simply add explanations into their patter. The buttons must physically not exist, for gullible people to not get scammed out of money.

We shouldn't be protecting someone that gullible at the expense of everyone else who is smart enough to actually read whats on the screen and not fall for such simple scams.

Not that long ago most of this forum was very much against giving up freedoms in favor of catering to the lowest common denominator. What happened?

People need to take responsibility for their own actions and educate themselves, not rely on a lack of freedom to protect them.

No, you can just make a system secure without requiring attestation and stuff like that.

I don't believe in remote attestation anyway. It didn't even say the service is secure. It just proves it's as released by Google. But security doesn't have to rely on a big brother checking things for you. You can have security without it.

You can have integrity checks that allow the user to choose which signing keys to trust. Some PCs with secure boot, and some phones such as Pixel devices support this. GrapheneOS uses it.

In those systems, it won't boot without a good signature, so the user is protected against attacks that break the user's chosen chain of trust.

Remote attestation of consumer devices, e.g. Safetynet is evil.

So wait, the solution for malicious spy ware installed by corporations like Meta is giving ownership of our devices (and consequently all our data) to corporations like Apple?

Got it.

And remember the consequences when Apple starts scanning all your photos and sends a SWAT team to arrest a father who took a picture of his son's rash and sent it to a doctor, because surely he was engaging in child abuse.

I rather have Meta steal info of the 100mln idiots that install their root kits on their devices than have Apple and Google do the same for Billions (with a B) to protect from the former.

False premise...

Well, normal people generally can’t be trusted with cars: in one country of only 3.5% of the humans we kill two jumbo jets worth of people with them every day.

Tylenol is another example. Building materials is a third (building and fire codes are a relatively recent invention). Hell, even penicillin is by prescription only.

Letting the circumstance happen where median people can easily cause externalities through ignorance or carelessness is how we incinerated the planet and destroyed the biosphere as we know it with fossil fuel emissions, because it’s nbd (still even now in 2026, when we know about runaway polar greenhouse curves) to get in your ICE car and drive to the corner store.

When normal people had GP computers, we got botnets millions strong and DDoS in the Tbit/sec range and keyloggers on every hotel lobby computer hooked up to the boarding pass printer. Median people are way safer on the internet now than before.

Have you ever seen government officials talk about tech? I think you'd have to be naive to buy the narrative that they're making such a large policy decision for our security.

Of the few people using rooted phones to begin with, there's even fewer that don't know what they're doing.

Much more likely is this is a decision to get in line with the well documented and rapidly spreading surveillance laws of the past few years.

> But we shouldn't force everyone to make the choices that are best for the people with the least comprehension of what they're doing.

You are acting like it's easy to accidentally root your phone

You can’t freely sell devices to let others self-diagnose medical issues, so this part of your analogy doesn’t hold up in the case of phone sales.

We also limit investing in certain types of investments to so-called “accredited investors” which is just legal jargon for “millionaires”.

I don’t think the point you are trying to make about letting people own-goal is as strong as you think it is. (I would have gone with “roulette is legal”, which is a better one that the investment one, as the accredited investor rule is in all 50 states.)

Because enough people losing their own money in the same way becomes a social ill.

Much in the same way we try to limit physical addiction, which hypothetically only affects the person taking the substance, and gambling (though we're moving backwards on sports betting).

Some hypothetical social ills: 1 If it's a good source of money, it becomes more ubiquitous. This leads to entire illegal markets, which will typically lead to additional crimes, up to and including human trafficking, slavery, organ harvesting, and murder https://en.wikipedia.org/wiki/Scam_center.

2. The victims of scams will often feed shared or even stolen assets into the scam, desperately relying on an eventual return that will never come. This mirrors one of the better known social ills of gambling and addiction.

3. Even for people that never fall victim, defending against scams is tiring, irritating, and damages social fabric. An easy example is how spam cuts down on the utility of phone calls. In general, to be safe you have to be almost irrationally suspicious of anyone being surprisingly friendly, which makes non in-person connections -one of the greatest benefits of the internet - much harder and more dangerous to forge.

What do you think, is that enough reasons?