Comment by walrus01
1 year ago
That's a very good point. I have within recent memory installed my own internal CA that I run on Android devices that I own and trust, and the process on android 11+ is sufficiently daunting that 99.5% of peoples' moms could not do it in one or two clicks. You have to go deep into system settings and manually import the CA. This requires first file-transferring the CA file somewhere onto local /sdcard storage and possibly having a file system explorer app installed to be able to view its location on "disk" and pick it.
As is pointed out in the article, I would presume that Google saw the threat from allowing an app to install and trust a root CA as well, and removed the ability for a "one click" install of a root CA:
"KeyChain.createInstallIntent() stopped working in Android 7 (Nougat). A user would have to manually install the certificate. It would no longer be possible to have Facebook's CA cert installed directly in the app."
I would argue that everyone over the age of 8 can do it with sufficient motivation and quality documentation. $10-20 and the promise of more money doing some low-effort "consumer survey" or providing "extra analytics" is pretty enticing to a massive number of people really struggling in this country.
Despite being hard-up I don't think the vast majority of these low-income individuals would agree to being so egregiously wiretapped and data mined for future political ads on youtube or bundled into some other product without better compensation.