On Thu, Nov 13, 2025 at 10:34 AM Peter Gutmann <[email protected]> wrote:
> [0] For example modify the code/operating environment to introduce a security > vulnerability, I'll let you decide whether this qualifies as impractical, > unrealistic, stupid, or several of the above. In a different context, it's practical, realistic, and sometimes a smart choice. Many custom Android ROMs now have a switch in the settings that ignores the window secure flag, and yet another one which prevents them from knowing that a screencast is in progress. >From the app developers' viewpoint (I mean, apps that display something sensitive), it is an intentionally introduced vulnerability in the OS. From the user's viewpoint, it's a useful feature. -- Alexander Patrakov
