True, but that kinda misses the point.

One way to look at it: there are many open source projects targeting Android, projects that gain some sense of legitimacy over being open source yet have few (if any) eyes vetting them. Or, perhaps, the project is legitimate but people are getting third-party builds. That is what F-Droid does. That is what the developer of a third-party ROM does. It would not require the resources of a nation state to compromise them. I am not trying to cast a shadow on open source projects or F-Droid here. I am simply using them as an example because I use said software and am familiar with that ecosystem. The same goes for any software obtained outside of the Play Store, and it's likely worse since there is no transparency in those cases. Heck, the same goes for software obtained through the Play Store (but we're probably talking about nation state resources on that front).

Another way to look at it: we are only considering a specific avenue for exploitation here. If you close it off, the criminals will look for others. I would be surprised if they weren't looking for ways to bypass Google's checks. I would be surprised if they weren't looking for weaknesses in popular apps. Then there is social engineering. While convincing someone to install software is likely desirable, it certainly isn't the only approach.

Either way, I don't think Google's approach is solving the problem and I think it is going to do a huge amount of damage. Let's face it: major corporations aren't a paragon of goodness, yet Google's shift is handing them the market.

> Ruining Android for everyone to try to maybe help some rather technologically-hopeless groups of people is the wrong solution.

This isn't about how skilled a person is, it is about tackling social engineering. The article gave the example of someone posing as a relative, it could also be a blackmail scheme, but it could also be the carefully planned takeover of a respected open source project (ahem, xz).

What I am saying is this sort of crime affect anyone. We simply see more of it among the vulnerable because they are the low hanging fruit. Raising the bar will only change who is vulnerable. Society is simply too invested in technology to dissuade criminals. Which is why I don't think this will work, and why I think going nuclear on truly independent developers is going to do more damage than good.

> agree, also they should take into account that their children will be eventually an adult and will be living in such system

We also have to consider that "children" covers anywhere from birth to approximately 18 years old.

It is reasonable to expect a parent or their proxy (e.g. caregivers and teachers) to moderate access to the Internet in the early years. Yet older children and teenagers gradually gain more independence. For example: they are able to go places on their own, get their own phone, etc.. In the physical world, we have laws that recognize this, things like forbidding the sale of alcohol and tobacco to minors. Responsibility is placed on the vendor to check identification when selling such products and the customer's age is suspect. It would be absurd to place responsibility on parents in this case since the most a parent can do is educate their child.

Now I understand the Internet poses problems when it comes to similar transactions. For face to face transactions, appearing old enough is often sufficient (perhaps with a buffer to avoid liability) for access without presenting identification. While it isn't truly anonymous, there are cases where it can be reasonably anonymous. Unfortunately, transactions are mediated by machines on the Internet. You cannot make any assumptions about the other person. Making matters worse: it is extraordinarily difficult to do age verification without disclosing identify information, and to do so in a manner that is easily recorded. Whether that information is provided directly or through a third party is a moot point. It is still being provided.

I don't know how we go about solving this problem, but I do know two things:

- Placing all responsibility into the hands of parents is absurd, and would ultimately prove harmful to adolescents. It is creating a nanny-state where the nanny is the parent. The youth would be unable to gradually gain independence, nor develop an identity independent of their parents' whims.

- We live in a world which is eager to age-gate things that should not be. Sometimes this is for semi-legitimate reasons due to how the Internet is structured. For example: there is no good reasons why children and youth cannot participate in things like discussion forums, but those forums definitely cannot look like the "social media" we have today. Other times it is for despicable reasons, such as making value based judgements based upon ideology. (The left and right are both guilty of this.)