(shkspr.mobi)

205 points ColinWright | 1 comments | 30 Aug 25 12:03 UTC | HN request time: 0.232s | source

1. bitbang ◴[30 Aug 25 13:28 UTC] No.45074499[source]▶

Devices should offer a local signing cert, where you can sign an app for that device only. Then make the app signing process enforce binding agreement that you assume all responsibility related to the app.

↑

Is it possible to allow sideloading and keep users safe?