A few folk pinged me overnight my time (UK) to say "adb backup" addresses only one exfil vector. That's true, but it's a vector I have the most context on. If I wanted to make all exfil harder my temptation would be to require a factory reset when enabling developer mode.

This would follow the model of unlocking the bootloader; If you enable something which reduces the security of the device you have to wipe the users data, but would be a *huge* behaviour change.

· · Web · 1 · 0 · 0


Yeah thats a real nice way to close all the gaps opened by adb

Obviously has some significant implications for the ease with which developers can get users to help with debugging, although I guess could still enable such functionality with the hope that developers would minimise negative privacy /security implications of stuff that ends up in the logs/bug reports

Then again I guess app developers can take steps to limit user data exposure via adb backup

Sign in to participate in the conversation

The original server operated by the Mastodon gGmbH non-profit