undefined | Better HN

0 pointsklausa7d ago0 comments

>Their developer ToS that absolves them of any sort of liability for anything.

This is... obviously not true?

If you could (somehow) meaningfully damage a car via the app, do you think VW wouldn't be liable because of the Google Play developer ToS?

0 comments

3 comments · 1 top-level

anonymousiam7d ago· 2 in thread

My point was that Google would not be liable. VW cannot evade liability from app misbehavior by using Google Play Protect, so why do they do it?

lan3217d ago

It will look better for the project lead if there's an issue though. You can say that you enabled everything recommended by Google or w/e, following best practices, and still got pwned instead of arguing that your own security model had a tiny little flaw that no one recognized. And it frees up project hours which can either be the difference between doing the project or not doing it and/or allow you to have other project work billed to this project.

theK5d ago

That's definitely a thing in the corporate world. It doesn't even have to be the project lead, sometimes it comes via stakeholders, some times its even well meaning devs. It is a difficult balance to strike if you want to "only be reasonably safe" whereas cargo culting all security features might take a bit of time but you now can say "hey we did everything"
[
]: everything may very well not be a thing but people like to pretend it is

j / k navigate · click thread line to collapse