Dr. Qian is asserting that Android would be less, not more safe if it notarized apps because they could become compromised over time — requiring Google to follow up.
He also suggests users could be desensitized to the new warning screens and just click through. (But doesn’t that apply to any warning screen? What’s the point of mass warning screens at all if we assume desensitization by default?)
And, he suggests, a bad actor could steal the key to sign bad apps, making them look like good ones. He says that’s not just a theoretical risk.
(I’ll point out that a Microsoft signing key got stolen and led to the theft of US government emails.)
Google apologizes for ‘missing the mark’ after Gemini generated racially diverse Nazis
Meet the new Google sign-in page
Google pauses Gemini’s ability to generate AI images of people after diversity errors
Avatar: The Last Airbender is everything that’s disappointing about Netflix’s live-action cartoon shows
Google Gemma: because Google doesn’t want to give away Gemini yet