Skip to main content
“If your drawbridge is down, attackers can just walk right in.”

Dr. Qian is explaining the security concept of “defense in depth,” using a castle with a moat, drawbridge, walls, and guards as an analogy.

You want to introduce multiple layers of defense in case one layer is bypassed by the attacker.”

“We want to grant that [app install] permission only when it is necessary.”

He says the sideloading friction screens follow another principle, “securing the weakest link,” because the weakest link is often the human being who doesn’t think it through.