It targets that because those old “insecure” SDKs allows people to use their system as something that isn’t a toy. Newer sdk versions refuse to run code that wasn’t included in the apk
Mobile platforms like android and iOS (more specifically GrapheneOS), are leagues ahead of desktop operating systems in terms of security because of these strict policies. and besides, you are treating untrusted code as untrusted code. I don’t see the flaw in that logic.
sure, they could use more apis for accessing system directories and stuff like that securely, but that’s not really in scope. this is for end users. not field deployment on an sbc for something.
It targets that because those old “insecure” SDKs allows people to use their system as something that isn’t a toy. Newer sdk versions refuse to run code that wasn’t included in the apk
Mobile platforms like android and iOS (more specifically GrapheneOS), are leagues ahead of desktop operating systems in terms of security because of these strict policies. and besides, you are treating untrusted code as untrusted code. I don’t see the flaw in that logic.
sure, they could use more apis for accessing system directories and stuff like that securely, but that’s not really in scope. this is for end users. not field deployment on an sbc for something.