Comment by xg15

Good points. Though I there are other options - e.g. build a proof-of-concept in a closed environment, e.g. as an university project, demonstrate it with a small (but still sufficiently large) group of people, so you have witnesses and publish a paper about it.

I know the prevailing wisdom is to always publish your code with a paper, to ensure maximum reproducibility, but this would be a valid case where you DON'T want to make reproducibility easy.

It's essentially the same dilemma that security research already has today: You want active research into vulnerabilities to be able to close them, at the same time you don't want people abusing your research to exploit them.

There is also the point of how feasible such a system would be to deploy on new phones. E.g. if you require a rooted phone and a custom Android image, chances are relatively slim your system will be used in the wild.