"belltown" wrote:
I agree that it would be nice if Roku could include author, description, screenshots, date created, etc., etc., for a private channel before a user actually adds the channel. That doesn't necessarily enhance security though, as a rogue hacker could ...
But it does "necessarily enhance security". It shows the developer name, which (presumably-enforced-unique) can be traced back by the Co to the originator.
In addition - by naming the creator, a "daylight" (a perceptible space) between RokuCo and the author is created. For example of the bad impression not having the author listed, see the pubic
Mormon Channel and
CNET - which make me think that Roku Inc is a branch of the Church of Jesus Christ of Latter-day Saints - and that CNET's always-glowing reviews of Roku players cannot be trusted
😛 The "NetflixOfficial" doomsday-scenario you describe is already possible, one can already create scam apps - and i'll argue the lack of "daylight" between the author and the Co. at present is a concern. The idea of having a warning when installing non-public channel is good one - but i'd like to differ on the "big flashing red message" - instead something more tasteful should be used, akin to the "FDA disclaimers"* that OTC vitamins/supplements carry. Something short, non-threatening but clear; like "Caution advised: the description and contents of this private or test channel has not been reviewed nor validated by Roku Inc". In fact, maybe i can mock it up on the snapshot (or am i too lazy?) ...
(*) you know, "These statements have not been evaluated by the FDA. This product is not intended to treat or cure any disease"