Compared the current paradigm, where you already need to enable developer options, allow installation from untrusted sources, and tap through a warning screen for each apk to be installed?

Maybe 10-20%, generously. The people who are falling for it under current protections clearly are not reading anything they're looking at or thinking about security at all, they've fallen for social engineering scams and sincerely believe they're at imminent risk of being arrested by the FBI or that their adult child is about to be killed. They're in fight or flight mode already, not critical thinking and careful deliberation mode.

If you were to rank everyone by gullibility, these people would largely be clustered in the top 1-2% of most gullible people. There is very little you can do to protect these people, realistically.

▲

Dylan16807 2 hours ago | parent | next [-]

> They're in fight or flight mode already, not critical thinking and careful deliberation mode.

That actually sounds like an argument is favor of this restriction. If someone is in a position of deep trust with the scammer then waiting a day is nothing. But if they're in a panic, not thinking things through or calling anyone for advice, that state probably won't last 24 hours.

▲

dataflow 6 hours ago | parent | prev [-]

I guess I just don't believe your estimate. I think you're grossly underestimating how far we can get through these kinds of approaches.

▲

anonym29 5 hours ago | parent [-]

That's fair, reasonable minds can disagree on the numbers and even magnitude here.

What I would challenge you to consider is this: where do we draw the "good enough" line, where we finally stop sacrificing freedom over the devices we purchased under terms that originally included freedom, control, and ownership at the altar of protecting the vulnerable?

Do scam victims need to be 0.1% of all Android users? 0.01%? 0.0001%? Should this extend to computers too - should local admin become completely unavailable to all Windows users? Should root become unavailable to all Mac users? To all Linux users? Should you be allowed to own technology at all, or merely rent it as a managed service, to protect those who cannot be trusted to own devices without getting scammed?

	▲	dataflow 3 hours ago \| parent [-]
		It really feels like you're replying to a completely different comment than mine? Absolutely nothing you're responding to here is consistent with what I wrote (except your very first sentence)... > What I would challenge you to consider is this: where do we draw the "good enough" line, where we finally stop sacrificing freedom over the devices we purchased under terms that originally included freedom, control, and ownership at the altar of protecting the vulnerable? There's nothing to challenge here. The method I proposed keeps you fully in control and owning your device. Anybody can follow that process if they want. It's not like I said each person has to get approval from Google before enabling developer mode on their phone. > Do scam victims need to be 0.1% of all Android users? 0.01%? 0.0001%? This is not some kind of paradox like you're making it out to be. A very reasonable starting point would be "get this scam rate down to match {that of another less-common scam}". Iterate until/unless new data comes along suggesting otherwise. > Should this extend to computers too - should local admin become completely unavailable to all Windows users? Should root become unavailable to all Mac users? To all Linux users? "Too"?! Where did I ever suggest root should be "completely unavailable" to all Android users? > Should you be allowed to own technology at all, or merely rent it as a managed service, to protect those who cannot be trusted to own devices without getting scammed? Where did I suggest any of this?