On 9/9/2014, 9:53, Stéphanie Ouillon wrote:
I just worry that forcing a factory reset in this scenario is going to
place a big barrier to allowing our users to organically grow from
"users" to "webmaker". That is, they will find it much harder to learn
and hack their phones in ways that we should be should be actively
encouraging.
This 'os-developer' mode is meant for people who want to write and debug
certified apps. This factory reset scenario won't impact web app
developers (privileged, web). Are would-be Gaia developers the target
you're concerned about?
I'm concerned about all users. It may seem like the number of users who
would want to debug certified apps is small, but consider that many
developers start because of the "scratch your own itch" paradigm - that
is, many developers start digging, debugging and hacking because there's
some deficiency in the app that bothers them and that they actually want
to fix. Given that most of their interaction will be with the core
built-in apps, which are mostly (entirely?) certified apps, it makes
sense that most of the itches they will want to scratch will be in this
category.
Since the SIM can be removed and replaced by the attacker's SIM, it
doesn't look like a right candidate. That's why we consider the device
PIN code instead.
Good point, the SIM is probably not the right thing then. I don't have
any better ideas :(
kats
_______________________________________________
dev-b2g mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-b2g
