Ted SpenceLet’s talk about a problem - software cannot be trusted anymore. In the past, if I allowed an app to send me notifications, I’d get alerted for things I wanted to hear about. Now every app uses spurious notifications as a way to artificially boost their daily active user count. I am one by one having to shut off notifications on apps that used to be reliable products. I’ve disabled notifications on linkedin because it keeps sending me ads and random unnecessary alerts.
We fundamentally need a new type of option: the ability to grant software privileges that are completely phony. I need to be able to *pretend* to grant an app the ability to send me notifications, but then to have all those notifications sent into the void. Untrustworthy software should not be able to know what privileges I have granted it.
Daniel Durrans@Tedspence @revk “Yes you can know my location... which I will select from a map while granting the permission”
Royce WilliamsI see the point and agree - just adding some nuance:
In the authentication realm, relatively authentic location is pretty useful. As a defender, reducing the cost of an attacker faking the location of an MFA prompt trigger ... makes things worse. (May still be worth the trade-off, though - YTMMV)
I am Jack's Lost 404@tychotithonus @danieldurrans @Tedspence @revk
I think part of the issue is the paradox that the "only trustworthy companies" are also the ones most heavily engaged in surveillance, ads, and sales of data... sort of like "Hey that's a nice phone you've got there, it'd be a shame if anything happened to it. Just give us ALL of your data, You can trust us" 