well, as someone working in a department that also has Fraud detection responsibilities, the amount of users that lose tons of money because of scam apps, spoofed apps, identity stealing apps, is big. Like insanely big. I am all for it that these apps get significantly harder for the average joe to install or run on their phones.

It's a considerable number well into the 8 figures $/year that we have to cover (Granted this number is not specifically smartphones, also includes desktops, but I know smartphones is the bigger piece nowadays.)

(insuring this is near impossible, there is always a large part risk we have to pay ourselves and cannot cede to a reinsurer)

The problem isn't play protect or whatever the fuck, because 80% of the play store is malware, adware, and spyware anyway.

The problem is actually Google and other big tech.

Let's consider: why are users installing so many apps?

Because, on desktop, this doesn't happen. We don't ask people to download and run an EXE to look at their friends funny cat photos. No, we open the web browser.

The reason we have so many apps on mobile is because we require the malware. Google requires the malware. We need to be able to run privileged and unsandboxed code on users devices and this is the world that Apple and Google have created.

Users shouldn't be fucking downloading apps for 90% of the stuff they do anyway - including the non malicious apps! But they do, because they have no choice.

Think about it. Provide a web interface and miss out on juicy spyware? Or install executables on your customers systems? Apps are far too enticing for big tech.

it's very common in india

> scamming society on billions

so somehow my friends and family got hacked, lost money but don't know about it?

actually i know of one case where my mom got billed for airbnb even tho she didn't book the ticket but pretty sure I had her password in a text file so might've been me that got hacked on my PC.

Airbnb refunded her and then had no more issues. So 1 case in my entire life and it probably wasn't on a mobile device.

You can get hacked without losing money. If you devices gets used in a bot net, if your computer gets used to mine crypto, etc. Your work files gets stolen by hackers and sold to competitors in china, etc.

All those are things normal people wont notice.

> bot net

Fair enough, but besides mail spam which is filterable and DDos for which there are counter services, does it really impose that big of an issue to justify such a strict lockdown?

> mine crypto

Considering how little mining power mobile devices have and how anyone would figure out pretty fast there's a problem with heat / battery issues from it idk if that's really realistic these days. Hard to keep this one hidden while also profitable

> work files gets stolen

I think this has already been solved by corporations on PCs, there are already solutions for locking down a work issues laptop as for phone I think that's rarely an issue since people mostly use it for communications so probably rare for really sensitive info to be on there.

Overall those issues don't really hit me as that critical to impose such measures and there are ways to severely limit impact for people that care about security

In reality plenty of people access their work on a private computer too.

> Considering how little mining power mobile devices have and how anyone would figure out pretty fast there's a problem with heat / battery issues from it idk if that's really realistic these days. Hard to keep this one hidden while also profitable

I mean, check out HiddenMiner, ADB.Miner, HummingBad, WireX…

I agree that this is an overreaction, but the problem is real, and the fact you don’t know anyone who knows they’ve had a malware infection doesn’t mean that that is reality.