Roku Developer Program

Join our online forum to talk to Roku developers and fellow channel creators. Ask questions, share tips with the community, and find helpful resources.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
EnTerr
Roku Guru

Private's Insecurities*

What's wrong with this picture?


For me it seems very obvious - painfully obvious even - that it lacks attribution.
  • Who is the author/publisher?

  • Where is the short description of the app, when one needs it?

It seems to me as if this information was present before (was it?) and now it's not. Or maybe i am wrong but that mostly-empty dialog sure seems ripe to be filled with "Author" and "Description" fields. Which are available.

Roku knows who signed this app, right? Why are they not telling me?! As presented this is more of a "glory hole", where strictly anonymous sex^ is enforced

(*) i toyed with the idea of naming this "Saving Pvt. Channels" but the joke is getting complicated - plus i don't know for sure if someone is trying to get Mr.Channels killed.
(^) SEX is abbreviation for "Software EXchange", you know
0 Kudos
8 REPLIES 8
belltown
Roku Guru

Re: Privates Insecurities*

I don't remember seeing any other details included when adding a private channel. Presumably, you got there from a link on a web page, which should have whatever info you need about who developed the channel and what it does.
0 Kudos
EnTerr
Roku Guru

Re: Privates Insecurities*

"belltown" wrote:
Presumably, you got there from a link on a web page, which should have whatever info you need about who developed the channel and what it does.

You can't presume. One may add channel from my.roku.com via access code "that i heard about on the Internets" - or be linked to add-URL page under false pretense. The least Roku can do is show who the author is.
0 Kudos
belltown
Roku Guru

Re: Private's Insecurities*

I agree that it would be nice if Roku could include author, description, screenshots, date created, etc., etc., for a private channel before a user actually adds the channel. That doesn't necessarily enhance security though, as a rogue hacker could sign up for a fake Roku developer account using a fake e-mail address, stolen credit number, etc., give himself a developer name like "NetflixOfficial" and publish a private channel looking like a Netflix channel that asks for the user's credit card number before proceeding. The user will see a Netflix logo and a developer name of "NetflixOfficial" when adding the channel.

The 'Add Channel' screen should probably come with a big flashing red message and disclaimer regarding the potential ramifications of installing a private channel -- as of right now, it doesn't even tell you that you are installing a private channel. As you said, there are many ways a user could get to the 'Add Channel' screen. I could see a situation where a user thinks they are installing a legitimate Roku channel but ends up with a nefarious private channel instead.
0 Kudos
EnTerr
Roku Guru

Re: Private's Insecurities*

"belltown" wrote:
I agree that it would be nice if Roku could include author, description, screenshots, date created, etc., etc., for a private channel before a user actually adds the channel. That doesn't necessarily enhance security though, as a rogue hacker could ...

But it does "necessarily enhance security". It shows the developer name, which (presumably-enforced-unique) can be traced back by the Co to the originator.

In addition - by naming the creator, a "daylight" (a perceptible space) between RokuCo and the author is created. For example of the bad impression not having the author listed, see the pubic Mormon Channel and CNET - which make me think that Roku Inc is a branch of the Church of Jesus Christ of Latter-day Saints - and that CNET's always-glowing reviews of Roku players cannot be trusted 😛

The "NetflixOfficial" doomsday-scenario you describe is already possible, one can already create scam apps - and i'll argue the lack of "daylight" between the author and the Co. at present is a concern. The idea of having a warning when installing non-public channel is good one - but i'd like to differ on the "big flashing red message" - instead something more tasteful should be used, akin to the "FDA disclaimers"* that OTC vitamins/supplements carry. Something short, non-threatening but clear; like "Caution advised: the description and contents of this private or test channel has not been reviewed nor validated by Roku Inc". In fact, maybe i can mock it up on the snapshot (or am i too lazy?) ...

(*) you know, "These statements have not been evaluated by the FDA. This product is not intended to treat or cure any disease"
0 Kudos
EnTerr
Roku Guru

Re: Private's Insecurities*

Ok, so here is a quick-and-dirty mockup of what add-by-access-code web dialog would make sense:


Based on Roku player's channel details/info screen, which recently suffered a devastating blow by fw 7:


(my apologies to the developer of "Speedtest" - there is nothing wrong with that particular app, used here just to illustrate Pvt. Channels's privates)
0 Kudos
RokuJoel
Binge Watcher

Re: Private's Insecurities*

I passed this thread on to the web team, this is likely to be addressed in the near future.

- Joel
.
0 Kudos
EnTerr
Roku Guru

Re: Private's Insecurities*

"RokuJoel" wrote:
I passed this thread on to the web team, this is likely to be addressed in the near future.

0 Kudos
EnTerr
Roku Guru

Re: Private's Insecurities*

Roku* - any progress on this item?
I tried to add a channel from a twitter link and am still welcomed by the old screen, which doesn't even let me know who the developer is, nor see the description. It's creepy...
0 Kudos
Need Assistance?
Welcome to the Roku Community! Feel free to search our Community for answers or post your question to get help.

Become a Roku Streaming Expert!

Share your expertise, help fellow streamers, and unlock exclusive rewards as part of the Roku Community. Learn more.