Is it possible to allow sideloading and keep users safe?

> The first is that a user has no right to run anyone else's code, if the code owner doesn't want to make it available to them. Consider a bank which has an app. /../ I think the bank has the right to say "your machine is too risky - we don't want our code to run on it."

But should they? Should we also accept Google's browser signing and ban all browsers the bank doesn't like? Am I allowed to accept calls from people they haven't vetted or is it too much of a risk to the bank's bottom line that they might talk me into a scam.

I suppose we should also write off the inevitable privacy and freedom violations in the name of "security".[0] I don't have anything to hide after all.

[0]: https://en.wikipedia.org/wiki/Four_Horsemen_of_the_Infocalyp...

> But should they? Should we also accept Google's browser signing and ban all browsers the bank doesn't like?

If you want to hold the banks liable for fraud committed against you (which is exactly what happens in many countries), then it’s hardly reasonable to say that they’re not allowed to use what ever technical options they can to prevent that fraud.

You can put forward the argument that banks simply shouldn’t be responsible for fraud committed against their customers. But we only need to look at world of cryptocurrencies to see how well that works in reality.