> but this feature is clearly gated behind user permission
You're right that the owner of the device should have the ultimate say. But the sad reality is that most owners aren't necessarily good caretakers of those devices. They don't understand what that permission entails, and they don't actually want to take responsibility for the outcome of the decision. But they will want to hold the manufacturer accountable for the damage.
I can't count how many times I heard people say "this decision should be mine to make" only to follow it up after some time with "somebody should have warned me not to do it". It's human nature and the solution for this can't/won't be technical.
Windows XP was a good example of letting the person decide what's good for their device and it was also the OS with the slowest adoption of updates. People collectively decided that the discomfort of rebooting once in a while was worse than letting malware completely wreck their device and data.
> I can't count how many times I heard people say "this decision should be mine to make" only to follow it up after some time with "somebody should have warned me not to do it".
The correct response, if (as in this case) they were warned, is to say “someone did warn you, pay more attention next time”, then walk away[1].
Just like if a beginner ignores the black piste markets and the “for good skiers only” sign at the top of a slope then complains that they fell over.
It is problematic to create in users an expectation that if they blindly mash at their globally-networked, bank-account-connected devices without paying a modicum of attention to anything that appears on the screen when they do so, that everything will be fine, and if it’s not it’s someone else’s fault.
> The correct response, if (as in this case) they were warned, is to say “someone did warn you, pay more attention next time”, then walk away[1].
In reality, this does far more harm than good. In almost all cases this goes wrong because of the 'little learning is a dangerous thing' problem. People tend to be in two camps:
- Don't care, don't want to fiddle with the thing, the manufacturer has to do everything
- Knowing just enough to break things, but not enough to fix it (and thus it is the fault of the manufacturer)
Other types like the 'I am the owner, I make the rules' crowd are insignificantly small.
This means that in the real world (so not in an echochamber) you only get one scaled and realistic scenario: the user creates problems (for themselves, others), but cannot fix them, and everyone/everything not-user then has to care for them to deal with it.
In an ideal theoretical world we might say that the end-user has to be responsible, and they have to make infinite mistakes and learn everything so they can become good caretakers of their networked systems. But that is not reality, and is not realistic.
Harm reduction isn't always the most important goal, especially when it's other people's harm and reducing it also involves restricting what they can do.
You don't have to allow all users everything, but you should allow those who want, to do as they please.
You can always hide the option behind some kind of mechanism. A mechanism a general user wouldn't use because they don't if the rest works as intended. Those who still do, should suffer the consequences, but this is not the manufacturers' problem. They have all kinds of safeguards to prevent liability because of those "special choices".
People would go to great lengths to follow tutorials on the internet to disable things they were told were bad for them. The less qualified, the more likely that they fell for the "updates are bad, they ruin your computer" narrative. As long as there's an option that can be abused, people will be tricked into allowing it.
This is less relevant for the current discussion about the FireTV and this feature. It's for the more general discussion of being able to do whatever you want on a device you own.
But why should everyone else suffer because of that small fraction?
The real answer: users are captive. For the vendors, they're cattle. And like with any good big farm, it does not matter how much it sucks for the cattle - but it does matter the cattle is safe, because few bad cases can become known and risk your farm getting shut down.
'Krasnol argued for keeping powerful/dangerous features, but making them opt-in (and a bit of a hassle to enable). You countered that there will be "some fraction" of users incapable of not hurting themselves with those features, who "will still stumble upon it anyways and will still refuse to take any responsibility for enabling it". My counter to that is that we shouldn't remove such power features just because "some fraction" may find and misuse them.
That's the should/should not part. The rest is my take on why companies remove those features anyway - they have no incentive to provide anything above bare minimum, especially not when they could be on the hook for "some fraction"'s mishaps.
I didn't raise the 'should/should not part' at all, you are the one who raised the point. I'm focused on actual facts and possibilities in this comment chain.
And as we've seen in the PC space, this will absolutely destroy security as the general population will simply hit "Ok" or "Allow" on any (security) prompt so they can get to their desired goal.
I hate to say it but at some point it is their device and they can install malware if they want to. I think it is good to put up some warnings and make particularly dangerous permissions particularly hard to give. But at some point it is my device and you need to get out of my way.
Yes, but one of the major externalities in this context is security industry smothering every computing platform, turning it from a bicycle for the mind into a TV for the mind.
> the general population will simply hit "Ok" or "Allow" on any (security) prompt so they can get to their desired goal.
So let them? I keep hearing this argument but I have yet to hear a good explanation of why it's a problem or why I should care.
If a thief walks up to someone's door and asks to be let in, and the person opens the door and lets them in, is that a security flaw on the door's part? Should we make doors harder or even impossible to open by their owners to prevent them from letting a criminal in?
Cool, ok… you either learn from your mistakes or you don’t.
Developers aren’t responsible for the general population doing dumb shit, as long as they don’t trick them into it, and it doesn’t happen as a result of bugs in their software.
Imagine if the makers of stoves or kitchen knives believed that they should design out every possible way someone could burn or cut themselves…
“Do you want to let [application] access [the calendar|your photos|files created by other apps]?” seems totally reasonable; stopping users from running programs that do this altogether, not at all.
The biggest problem with it all is: that which OS developers do to “protect users” becomes what application developers use constrain users and prevent them accessing their data, in order to extract more money or control how people use their own devices.
My butterknife doesn’t have the ability to upgrade itself to a chainsaw over the internet. Software has this somewhat unique and autonomous ability; comparing it to static household objects when it comes to manufacturers’ legal obligations (or ethical oughts) doesn’t necessarily make sense.
Normally, I’d agree with you. But over the years I have been thinking that bad practices on internet connected devices ends up being everyone’s problem.
Even that barely helps - try opening the web dev console in your browser on a popular social media site and there are huge warnings telling people not to paste commands in there they have been told to do to "hack Facebook and see nudes from your hot neighbor"
I tend to disagree, at least for many purposes. In the world of mega-apps (WeChat, Facebook, etc), do you really want these apps to be able to ask for or even require permissions like this?
In an older, kinder, gentler era of computing, if I granted a permission to an app [0], it was probably doing something with that permission that I wanted. Nowadays, not so much — apps are generally actively hostile to the user, and even apps that are friendly are frequently purchased by more or less malicious companies that turn them into malware.
[0] Yeah right. There were no permissions. And apps were mostly well behaved because they had no way to call home to the mothership.
> I tend to disagree, at least for many purposes. In the world of mega-apps (WeChat, Facebook, etc), do you really want these apps to be able to ask for or even require permissions like this?
Not really… I want to ban or break up/massively curtail the apps and/or their business models and aggressively police them so that that isn't a thing…
This isn't actually about filesystem permissions. ADB is a debugging tool that seems to have been used by certain applications. It shouldn't be required for any normal app functionality including storage access.
That said this is still a user hostile change. I will never purchase a device that blocks ADB since it's required for several useful things, often related to fixing or working around issues created by the vendors themselves.
It’s my device not the OS or app manufacturer’s!
I’m totally onboard with per-app segregated storage as a default, but this feature is clearly gated behind user permission.