Comment by dataflow
4 days ago
Not the parent or agreeing/disagreeing with them, but to your question: if you get creative, there are a lot of things you could do, some more unorthodox than others.
Tongue-in-cheek example, just to get the point across: instead of calling it Developer Mode, call it "Scam mode (dangerous)". Require pressing a button that says "Someone might be scamming me right now." Then require the user to type (not paste) in a long sentence like "STOP! DO NOT CONTINUE IF SOMEONE IS TELLING YOU TO DO THIS! THIS IS A SCAM!"... you get the idea. Maybe ask them to type in some Linux command with special symbols to find the contents of some file with a random name. Then require a reboot for good measure and maybe require typing in another bit of text like "If a stranger told me to do this, it's a scam." Basically, make it as ridiculous and obnoxious as possible so that the message gets across loud and clear to anybody who doesn't know what they're doing.
The people falling for social engineering now won't be protected by this either. You could gate the functionality behind verification of an anti-scam awareness and education training and certification course, scammers would coach people through the entire course and the verification step, and people would still be victimized.
> You could gate the functionality behind verification of an anti-scam awareness and education training and certification course, scammers would coach people through the entire course and the verification step, and people would still be victimized.
The problem with this line of reasoning is that it proves too much, which really gets to the heart of the issue.
If people are willing to be led to the slaughterhouse in a blindfold then it's not just installing third party code which is a problem. You can't allow them to use the official bank app on an approved device to transfer money because a scammer could convince them to do it (and then string them along until the dispute window is closed). You can't allow them to read their own email or SMS or they'll give the scammer the code. If the user is willing to follow malicious instructions then the attacker doesn't need the device to be running malicious code. Those users can't be saved by the thing that purportedly exists only to save them.
Whereas if you can expect them to think for two seconds before doing something, what's wrong with letting them make their own choices about what to install?
To add as a sad example, mother of a acquaintance of mine got scammed into withdrawing all her money from an ATM, gave it to the scammer person, then sold her car and apartment (!) and only then became aware of what was happening. And even though she is senior (early 60s) she did work her whole life in a senior engineering role (not IT related). Point is, the social engineering is, and will be to primary tool of scammers, as it was for the entirety of humanity. And no amount of tools and locks will prevent this. To make the argument further - we know that lock-picking exists, and can be very effective, yet we're not rolling out bigger and more complex door locks every year, or mandate people having 15 doors with 10 locks each - we just acknowledge that this tech is not perfect, but good enough. So clearly, the incentive of all these changes can't be "security", it's just plain stupid.
Exactly. They might give them their Gmail password, the 2fa code, their credit card number and cvc, etc etc.
That's unfortunate if true but it isn't a convincing argument to force the rest of society to live in proverbial padded cells. There's a minimum bar here. Some people probably shouldn't have online accounts and aren't responsible enough to manage their own finances. The rest of us are (hopefully at least marginally) functional adults.
This is actually a really interesting problem. Some portion of the public (nerds) are competent to understand what running software even means and the rest (let's call them "sheep") are naive and helpless. A portion of the nerds (Evil Hackers) are easily able to coach any sheep to do any action. Obviously everyone should default to being a Sheep, and obviously it would be ideal if Nerds could have root on their own damn hardware. But how can one ever self-certify that they're actually a Nerd in a way that an Evil Hacker can't coach a Sheep through? "Yes, now at the prompt that says 'Do not use this feature unless you are a software engineer. Especially don't click this button if someone contacts you and asks you to go through this process.'... type 'I am sure I know what I am doing' and click 'Enable dangerous mode.'"
5 replies →
Nothing is perfect, but by what percentage would you think scams that leverage sideloading would drop? 1%? 10%? 50%? 90%? 99%?
Compared the current paradigm, where you already need to enable developer options, allow installation from untrusted sources, and tap through a warning screen for each apk to be installed?
Maybe 10-20%, generously. The people who are falling for it under current protections clearly are not reading anything they're looking at or thinking about security at all, they've fallen for social engineering scams and sincerely believe they're at imminent risk of being arrested by the FBI or that their adult child is about to be killed. They're in fight or flight mode already, not critical thinking and careful deliberation mode.
If you were to rank everyone by gullibility, these people would largely be clustered in the top 1-2% of most gullible people. There is very little you can do to protect these people, realistically.
7 replies →