alt Hacker NewsIf they have concerns about the security of their app on some platform, they have the choice to either put "security" into the app, or to trust the platform vendor to provide the security. The correct solution is the first way. Deferring trust to the platform provider is the lazy way.
If their APIs are done correctly, they shouldn't be afraid to expose them.
Replies
nightpool • today at 9:57 PM
How else would you build "security" into the app (in the sense of not allowing third-party modifications of it that would open them up to liability), except relying on hardware attestation that the app has not been modified? That attestation necessarily requires the platform provider to be involved.
You're proving the previous commenter's point. VW doesn't want liability. They do not care about "security" just liability.
When they leave the "security" to the platform they can blame them in a lawsuit.